Analysis Overview
SHA256
88093c75834d60df3b4b6f4df642bb28dc749f4bd562f587fa8f9e30e97d3c5c
Threat Level: Likely malicious
The file heavy.exe was found to be: Likely malicious.
Malicious Activity Summary
Renames multiple (55) files with added filename extension
Checks computer location settings
Loads dropped DLL
Executes dropped EXE
Checks whether UAC is enabled
Detects Pyinstaller
Unsigned PE
Enumerates physical storage devices
Checks processor information in registry
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of WriteProcessMemory
Suspicious use of SetWindowsHookEx
Modifies registry class
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-05-09 01:57
Signatures
Detects Pyinstaller
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral5
Detonation Overview
Submitted
2024-05-09 01:55
Reported
2024-05-09 02:07
Platform
win11-20240508-en
Max time kernel
300s
Max time network
305s
Command Line
Signatures
Renames multiple (55) files with added filename extension
Executes dropped EXE
Loads dropped DLL
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "ver"
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\TorBrowser\Tor\tor.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Users\Admin\AppData\Local\Temp\_MEI3962\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI3962\geckodriver.exe --port 50006 --websocket-port 50007
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50007 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilesZzabq
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50007 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilesZzabq
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="2532.0.334140246\1111149166" -parentBuildID 20240416150000 -prefsHandle 1764 -prefMapHandle 1756 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {ce2d5ef0-74fe-4e43-bf49-39ae4d1f75fe} 2532 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="2532.1.1056419786\882346038" -childID 1 -isForBrowser -prefsHandle 2796 -prefMapHandle 2792 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1312 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {3c7d08a7-1119-4182-bfd1-a16d2b9376d4} 2532 tab
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="2532.2.1314494593\1056785656" -childID 2 -isForBrowser -prefsHandle 3184 -prefMapHandle 3180 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1312 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {1a868a19-58e9-4559-8a52-0e85b56ac9ec} 2532 tab
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="2532.3.1462209856\964892130" -childID 3 -isForBrowser -prefsHandle 3452 -prefMapHandle 3616 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1312 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {2e1db6fb-dd2d-4015-bc68-077a2b3a86e1} 2532 tab
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="2532.4.155837713\1431860918" -childID 4 -isForBrowser -prefsHandle 3880 -prefMapHandle 3876 -prefsLen 25287 -prefMapSize 245849 -jsInitHandle 1312 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {a4aec250-eace-4ebf-a26c-5a48e17f917a} 2532 tab
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="2532.5.1039587746\1241586067" -childID 5 -isForBrowser -prefsHandle 4032 -prefMapHandle 4036 -prefsLen 25287 -prefMapSize 245849 -jsInitHandle 1312 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {54c94e01-99bb-4765-9319-93c6390fa91a} 2532 tab
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="2532.6.152228077\1311703595" -childID 6 -isForBrowser -prefsHandle 4224 -prefMapHandle 4228 -prefsLen 25287 -prefMapSize 245849 -jsInitHandle 1312 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {901cf8bc-cd72-427a-8b8a-e6893be3fee1} 2532 tab
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="2532.7.115425407\217635724" -childID 7 -isForBrowser -prefsHandle 4612 -prefMapHandle 3572 -prefsLen 25287 -prefMapSize 245849 -jsInitHandle 1312 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {c6991add-e693-4eb7-98cc-73cc25097b04} 2532 tab
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="2532.8.1077891108\1758298363" -parentBuildID 20240416150000 -prefsHandle 3192 -prefMapHandle 3584 -prefsLen 27557 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {d027c8c0-84f4-4cf9-bc1b-f394d490993f} 2532 rdd
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="2532.9.1120707705\2052674836" -parentBuildID 20240416150000 -sandboxingKind 1 -prefsHandle 4716 -prefMapHandle 3492 -prefsLen 27557 -prefMapSize 245849 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {f3c53f11-aa58-41a1-b975-9a64a25499f9} 2532 utility
C:\Users\Admin\AppData\Local\Temp\_MEI3962\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI3962\geckodriver.exe --port 50006 --websocket-port 50007
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50007 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileuVJgzF
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50007 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileuVJgzF
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="4760.0.899561825\437618548" -parentBuildID 20240416150000 -prefsHandle 1708 -prefMapHandle 1672 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {2f77b275-e8e9-4db1-ac61-9815ac560e55} 4760 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="4760.1.1467569637\1703063044" -childID 1 -isForBrowser -prefsHandle 2676 -prefMapHandle 2424 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1260 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {f12661c9-a32f-4712-909e-e0c9d40e1b9f} 4760 tab
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="4760.2.1295894746\1559641373" -childID 2 -isForBrowser -prefsHandle 3080 -prefMapHandle 3076 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1260 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {97e36e64-6da4-4cc4-bb72-c803dc412884} 4760 tab
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="4760.3.856958683\787993226" -childID 3 -isForBrowser -prefsHandle 3368 -prefMapHandle 3100 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1260 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {e194ffed-4424-40e9-aa42-6272af2db46f} 4760 tab
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="4760.4.1438183607\1667121936" -childID 4 -isForBrowser -prefsHandle 3832 -prefMapHandle 3368 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1260 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {368ac98e-89cf-4100-826c-52eb4d4f7404} 4760 tab
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="4760.5.1713707139\1768669010" -childID 5 -isForBrowser -prefsHandle 3796 -prefMapHandle 3800 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1260 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {20deffbb-698b-4a50-bf0d-d0a1aec98c63} 4760 tab
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="4760.6.141513191\1987964868" -childID 6 -isForBrowser -prefsHandle 3932 -prefMapHandle 3920 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1260 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {8baba055-31eb-4d03-aea0-3822514f9373} 4760 tab
C:\Users\Admin\AppData\Local\Temp\_MEI3962\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI3962\geckodriver.exe --port 50006 --websocket-port 50007
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50007 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileiPJVEP
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50007 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileiPJVEP
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="2940.0.1272179198\521068756" -parentBuildID 20240416150000 -prefsHandle 1700 -prefMapHandle 1680 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {dace6e26-d388-4219-9ba1-04cc4686b92f} 2940 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="2940.1.809427312\1591346241" -childID 1 -isForBrowser -prefsHandle 2820 -prefMapHandle 2816 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1304 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {d5ba2b3b-ea8c-48ee-8201-ac4cb159245f} 2940 tab
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="2940.2.166242400\270094341" -childID 2 -isForBrowser -prefsHandle 2544 -prefMapHandle 2364 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1304 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {4fdbf841-a5bc-4fde-b536-34bbd6f344f2} 2940 tab
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="2940.3.88440404\1197852551" -childID 3 -isForBrowser -prefsHandle 3436 -prefMapHandle 3240 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1304 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {112647f0-ce65-4731-9802-57e0a0b67f04} 2940 tab
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="2940.4.1954707514\1040844890" -childID 4 -isForBrowser -prefsHandle 1460 -prefMapHandle 2496 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1304 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {c38826fa-2b61-44dc-a403-4aef1a46877e} 2940 tab
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="2940.5.719666349\19907209" -childID 5 -isForBrowser -prefsHandle 4032 -prefMapHandle 4028 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1304 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {d806aa29-7b75-48f0-ab91-eddc08a5ef26} 2940 tab
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="2940.6.513531766\1869012979" -childID 6 -isForBrowser -prefsHandle 4144 -prefMapHandle 4148 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1304 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {b9e6d865-ff46-4cda-ab1f-be14882e0a03} 2940 tab
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="2940.7.1832035150\284488849" -childID 7 -isForBrowser -prefsHandle 4496 -prefMapHandle 4468 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1304 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {651ee0a0-8518-4e3d-9744-4682c5ece96f} 2940 tab
C:\Users\Admin\AppData\Local\Temp\_MEI3962\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI3962\geckodriver.exe --port 50006 --websocket-port 50007
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50007 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilekwEHqE
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50007 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilekwEHqE
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="3440.0.633658084\751227363" -parentBuildID 20240416150000 -prefsHandle 1676 -prefMapHandle 1644 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {ce98a699-d12d-46ca-a8f6-f302e51fdde7} 3440 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="3440.1.78687073\397812084" -childID 1 -isForBrowser -prefsHandle 2652 -prefMapHandle 2888 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1252 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {211a49cb-bd06-49cc-9474-ed88e9c49a7c} 3440 tab
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="3440.2.998404612\740521099" -childID 2 -isForBrowser -prefsHandle 2964 -prefMapHandle 2576 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1252 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {0302c900-9567-43da-9e02-be96ddcf8ead} 3440 tab
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="3440.3.1519954509\1600413493" -childID 3 -isForBrowser -prefsHandle 3192 -prefMapHandle 2676 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1252 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {b7bda6a9-a5f2-430d-9c07-d5aab3b5ea8d} 3440 tab
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="3440.4.1956962701\1381095221" -childID 4 -isForBrowser -prefsHandle 3852 -prefMapHandle 1556 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1252 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {537b2561-f181-4bdc-803d-39fb605c59b1} 3440 tab
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="3440.5.574496986\59432241" -childID 5 -isForBrowser -prefsHandle 3928 -prefMapHandle 3932 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1252 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {ef7fe2cc-4334-4368-bb91-04a2833ac2c8} 3440 tab
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="3440.6.585955062\102964110" -childID 6 -isForBrowser -prefsHandle 4124 -prefMapHandle 4128 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1252 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {f536c066-dc14-4711-9a26-ef9a56c64d56} 3440 tab
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="3440.7.1783780269\1274317391" -childID 7 -isForBrowser -prefsHandle 4484 -prefMapHandle 4488 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1252 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {2f16f1aa-e3a6-418b-9842-6ebe5666e902} 3440 tab
C:\Users\Admin\AppData\Local\Temp\_MEI3962\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI3962\geckodriver.exe --port 50006 --websocket-port 50007
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50007 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileHRSRzV
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50007 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileHRSRzV
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="3196.0.996450026\75751817" -parentBuildID 20240416150000 -prefsHandle 1724 -prefMapHandle 1704 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {5a8a121d-b641-4341-9abf-c4b0ac1bfdb2} 3196 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="3196.1.725211935\1728078847" -childID 1 -isForBrowser -prefsHandle 2612 -prefMapHandle 2388 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1308 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {c2611181-4a8e-406d-a0e2-0071cc548497} 3196 tab
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="3196.2.978818285\490579870" -childID 2 -isForBrowser -prefsHandle 3080 -prefMapHandle 3076 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1308 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {be67a8bb-d7dc-4c77-835a-767c7ce81d96} 3196 tab
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="3196.3.1852771027\674661441" -childID 3 -isForBrowser -prefsHandle 3432 -prefMapHandle 3428 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1308 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {7e83cf9b-25d9-4278-bc1e-b89d3fb79850} 3196 tab
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="3196.4.750138065\626548390" -childID 4 -isForBrowser -prefsHandle 3432 -prefMapHandle 3368 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1308 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {5072c3cd-3d86-42b0-abed-6c18bcf34693} 3196 tab
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="3196.5.1293151307\1992667896" -childID 5 -isForBrowser -prefsHandle 3240 -prefMapHandle 3336 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1308 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {f0caf577-f28e-4f2d-9164-a156174592e0} 3196 tab
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="3196.6.892514835\1331878809" -childID 6 -isForBrowser -prefsHandle 4020 -prefMapHandle 4024 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1308 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {f666f6eb-690f-4b91-9648-de5e64a55a14} 3196 tab
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="3196.7.1078504838\1058388402" -childID 7 -isForBrowser -prefsHandle 4432 -prefMapHandle 4436 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1308 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {355bf9cb-19e0-4e44-bf52-ad48238b3568} 3196 tab
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="3196.8.777465102\337601533" -childID 8 -isForBrowser -prefsHandle 4464 -prefMapHandle 4496 -prefsLen 25411 -prefMapSize 245849 -jsInitHandle 1308 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {325e87c9-ded4-497e-b4aa-9170469c4c09} 3196 tab
C:\Users\Admin\AppData\Local\Temp\_MEI3962\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI3962\geckodriver.exe --port 50006 --websocket-port 50007
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50007 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile4cqAaV
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50007 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile4cqAaV
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="2012.0.111215244\2137518880" -parentBuildID 20240416150000 -prefsHandle 1700 -prefMapHandle 1692 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {451597d7-3846-444f-b368-b57e2ed681f6} 2012 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="2012.1.1546038204\796790745" -childID 1 -isForBrowser -prefsHandle 2304 -prefMapHandle 2660 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1312 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {f118532c-85a6-467b-8e74-05314465b92b} 2012 tab
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="2012.2.1146245354\1030949497" -childID 2 -isForBrowser -prefsHandle 3080 -prefMapHandle 3076 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1312 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {4a55e0e3-c833-44c4-bd1c-dbc31291e06d} 2012 tab
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="2012.3.378775057\950605774" -childID 3 -isForBrowser -prefsHandle 3608 -prefMapHandle 3612 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1312 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {aa63c231-c200-4752-9d3f-d64770424cdf} 2012 tab
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="2012.4.867018424\207523418" -childID 4 -isForBrowser -prefsHandle 3096 -prefMapHandle 3132 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1312 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {52af93f7-7e6f-4f07-a5c6-baacbc4dc541} 2012 tab
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="2012.5.99004019\1951686135" -childID 5 -isForBrowser -prefsHandle 3936 -prefMapHandle 3940 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1312 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {a92e7fa4-a9d4-4757-b788-6cec9b620bfa} 2012 tab
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="2012.6.1473115982\449639809" -childID 6 -isForBrowser -prefsHandle 4108 -prefMapHandle 4112 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1312 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {f1d447cb-259a-404a-8897-4e9f47687313} 2012 tab
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="2012.7.1905114580\1896836557" -childID 7 -isForBrowser -prefsHandle 4468 -prefMapHandle 4472 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1312 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {a647420b-1733-4e93-a066-f451d2393807} 2012 tab
C:\Users\Admin\AppData\Local\Temp\_MEI3962\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI3962\geckodriver.exe --port 50006 --websocket-port 50007
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50007 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileQsMpFe
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50007 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileQsMpFe
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="1172.0.505473026\664006257" -parentBuildID 20240416150000 -prefsHandle 1708 -prefMapHandle 1700 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {a8cda449-e423-4232-9838-d048d793edab} 1172 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="1172.1.2023640923\54809284" -childID 1 -isForBrowser -prefsHandle 2484 -prefMapHandle 2780 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1260 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {ea38334d-5f76-44a8-8253-6d44e70c3655} 1172 tab
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="1172.2.262558928\595096391" -childID 2 -isForBrowser -prefsHandle 3164 -prefMapHandle 3060 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1260 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {61ddff15-a7b9-4358-8da6-0cc1831713fd} 1172 tab
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="1172.3.1688265746\1539560933" -childID 3 -isForBrowser -prefsHandle 3040 -prefMapHandle 3128 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1260 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {fc0e18ac-b43b-4998-a499-8f67187624d7} 1172 tab
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="1172.4.1212320272\637706220" -childID 4 -isForBrowser -prefsHandle 3356 -prefMapHandle 1552 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1260 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {55d33f17-8ee8-457e-900c-7e579e681e68} 1172 tab
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="1172.5.1143830620\1184531601" -childID 5 -isForBrowser -prefsHandle 3948 -prefMapHandle 3952 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1260 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {5b2b68a5-7e4f-4c90-9666-473675ef62f5} 1172 tab
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="1172.6.536345821\514053581" -childID 6 -isForBrowser -prefsHandle 4128 -prefMapHandle 4132 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1260 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {01c68aa9-e42f-4de3-ad50-06de7eb76f6f} 1172 tab
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="1172.7.2032940814\1748785371" -childID 7 -isForBrowser -prefsHandle 4532 -prefMapHandle 4568 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1260 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {2d0b9419-76c8-4b4e-8036-262731032901} 1172 tab
C:\Users\Admin\AppData\Local\Temp\_MEI3962\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI3962\geckodriver.exe --port 50006 --websocket-port 50007
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50007 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileTQeKuz
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50007 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileTQeKuz
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="388.0.736251871\1206746532" -parentBuildID 20240416150000 -prefsHandle 1732 -prefMapHandle 1712 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {f810ba61-76fa-4ab2-84a1-8b5302c4808d} 388 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="388.1.620762958\1222403866" -childID 1 -isForBrowser -prefsHandle 2480 -prefMapHandle 2664 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1320 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {811dff9c-3056-4dce-b389-c56ac26e3260} 388 tab
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="388.2.813297375\563129219" -childID 2 -isForBrowser -prefsHandle 3052 -prefMapHandle 3048 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1320 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {b2bf908a-f689-48a6-8027-a70d6e3ad760} 388 tab
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="388.3.233399516\460204478" -childID 3 -isForBrowser -prefsHandle 3408 -prefMapHandle 3180 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1320 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {9e0d9098-99cb-494f-ac2c-33702856522d} 388 tab
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="388.4.1074607716\506080370" -childID 4 -isForBrowser -prefsHandle 3720 -prefMapHandle 3544 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1320 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {268e2eb4-4b23-4722-8f9d-b7cc53277661} 388 tab
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="388.5.805174609\903816605" -childID 5 -isForBrowser -prefsHandle 3936 -prefMapHandle 3932 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1320 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {7dd26bd4-a833-43d7-b6c2-47ed718f37a0} 388 tab
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe" -contentproc --channel="388.6.1302548507\740119351" -childID 6 -isForBrowser -prefsHandle 4032 -prefMapHandle 4036 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1320 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\browser" - {3f88c67f-770b-42a3-91f7-c8fec2e8284f} 388 tab
Network
| Country | Destination | Domain | Proto |
| RU | 185.22.174.119:9001 | tcp | |
| US | 8.8.8.8:53 | 119.174.22.185.in-addr.arpa | udp |
| N/A | 127.0.0.1:50073 | tcp | |
| N/A | 127.0.0.1:50075 | tcp | |
| N/A | 127.0.0.1:50006 | tcp | |
| NL | 141.148.237.212:8081 | tcp | |
| DE | 178.63.173.42:9005 | tcp | |
| US | 8.8.8.8:53 | 42.173.63.178.in-addr.arpa | udp |
| N/A | 127.0.0.1:50006 | tcp | |
| N/A | 127.0.0.1:50214 | tcp | |
| N/A | 127.0.0.1:50222 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:50006 | tcp | |
| N/A | 127.0.0.1:50006 | tcp | |
| N/A | 127.0.0.1:50006 | tcp | |
| N/A | 127.0.0.1:50647 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50655 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50006 | tcp | |
| N/A | 127.0.0.1:50006 | tcp | |
| N/A | 127.0.0.1:50006 | tcp | |
| N/A | 127.0.0.1:50939 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50947 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:50006 | tcp | |
| N/A | 127.0.0.1:50006 | tcp | |
| N/A | 127.0.0.1:50006 | tcp | |
| N/A | 127.0.0.1:51275 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51283 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50006 | tcp | |
| N/A | 127.0.0.1:50006 | tcp | |
| N/A | 127.0.0.1:50006 | tcp | |
| N/A | 127.0.0.1:51580 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51588 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50006 | tcp | |
| N/A | 127.0.0.1:50006 | tcp | |
| N/A | 127.0.0.1:50006 | tcp | |
| N/A | 127.0.0.1:51966 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51974 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:50006 | tcp | |
| N/A | 127.0.0.1:50006 | tcp | |
| N/A | 127.0.0.1:50006 | tcp | |
| N/A | 127.0.0.1:52331 | tcp | |
| N/A | 127.0.0.1:52339 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:50006 | tcp | |
| N/A | 127.0.0.1:50006 | tcp | |
| N/A | 127.0.0.1:50006 | tcp | |
| N/A | 127.0.0.1:52684 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:52692 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\_MEI3962\python38.dll
| MD5 | 26ba25d468a778d37f1a24f4514d9814 |
| SHA1 | b64fe169690557656ede3ae50d3c5a197fea6013 |
| SHA256 | 2f3e368f5bcc1dda5e951682008a509751e6395f7328fd0f02c4e1a11f67c128 |
| SHA512 | 80471bfeeab279ce4adfb9ee1962597fb8e1886b861e31bdff1e3aa0df06d93afeb3a3398e9519bab7152d4bd7d88fa9b328a2d7eb50a91eb60fead268912080 |
C:\Users\Admin\AppData\Local\Temp\_MEI3962\VCRUNTIME140.dll
| MD5 | 4a365ffdbde27954e768358f4a4ce82e |
| SHA1 | a1b31102eee1d2a4ed1290da2038b7b9f6a104a3 |
| SHA256 | 6a0850419432735a98e56857d5cfce97e9d58a947a9863ca6afadd1c7bcab27c |
| SHA512 | 54e4b6287c4d5a165509047262873085f50953af63ca0dcb7649c22aba5b439ab117a7e0d6e7f0a3e51a23e28a255ffd1ca1ddce4b2ea7f87bca1c9b0dbe2722 |
C:\Users\Admin\AppData\Local\Temp\_MEI3962\base_library.zip
| MD5 | 09f7062e078379845347034c2a63943e |
| SHA1 | 9683dd8ef7d72101674850f3db0e05c14039d5fd |
| SHA256 | 7c1c73de4909d11efb20028f4745a9c8494fb4ee8dcf2f049907115def3d2629 |
| SHA512 | a169825e9b0bb995a115134cf1f7b76a96b651acd472dc4ce8473900d8852fc93b9f87a26d2c64f7bb3dd76d5feb01eeb4af4945e0c0b95d5c9c97938fa85b34 |
C:\Users\Admin\AppData\Local\Temp\_MEI3962\libffi-7.dll
| MD5 | eef7981412be8ea459064d3090f4b3aa |
| SHA1 | c60da4830ce27afc234b3c3014c583f7f0a5a925 |
| SHA256 | f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081 |
| SHA512 | dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016 |
C:\Users\Admin\AppData\Local\Temp\_MEI3962\_ctypes.pyd
| MD5 | 291a0a9b63bae00a4222a6df71a22023 |
| SHA1 | 7a6a2aad634ec30e8edb2d2d8d0895c708d84551 |
| SHA256 | 820e840759eed12e19f3c485fd819b065b49d9dc704ae3599a63077416d63324 |
| SHA512 | d43ef6fc2595936b17b0a689a00be04968f11d7c28945af4c3a74589bd05f415bf4cb3b4e22ac496490daff533755999a69d5962ccffd12e09c16130ed57fd09 |
C:\Users\Admin\AppData\Local\Temp\_MEI3962\_bz2.pyd
| MD5 | a49c5f406456b79254eb65d015b81088 |
| SHA1 | cfc2a2a89c63df52947af3610e4d9b8999399c91 |
| SHA256 | ce4ef8ed1e72c1d3a6082d500a17a009eb6e8ed15022bf3b68a22291858feced |
| SHA512 | bbafeff8c101c7425dc9b8789117fe4c5e516d217181d3574d9d81b8fec4b0bd34f1e1fe6e406ae95584dc671f788cd7b05c8d700baf59fbf21de9c902edf7ae |
C:\Users\Admin\AppData\Local\Temp\_MEI3962\_lzma.pyd
| MD5 | cf9fd17b1706f3044a8f74f6d398d5f1 |
| SHA1 | c5cd0debbde042445b9722a676ff36a0ac3959ad |
| SHA256 | 9209ccc60115727b192bf7771551040ca6fdd50f9bf8c3d2eacbfd424e8245e4 |
| SHA512 | 5fe922c00c6f7fd3cd9bc56fc51de1f44adffbdb0afc0583f1bb08008be628b9ac16f8560b0c3ba16138e1cdcaf1c525ef24241bed804804cdeb5961aed6385a |
C:\Users\Admin\AppData\Local\Temp\_MEI3962\_socket.pyd
| MD5 | 4827652de133c83fa1cae839b361856c |
| SHA1 | 182f9a04bdc42766cfd5fb352f2cb22e5c26665e |
| SHA256 | 87832a3b89e2ada8f704a8f066013660d591d9ce01ce901cc57a3b973f0858ba |
| SHA512 | 8d66d68613fdba0820257550de3c39b308b1dce659dca953d10a95ff2cf89c31afe512d30ed44422b31117058dc9fa15279e5ac84694da89b47f99b0ad7e338a |
C:\Users\Admin\AppData\Local\Temp\_MEI3962\_ssl.pyd
| MD5 | d4dfd8c2894670e9f8d6302c09997300 |
| SHA1 | c3a6cc8d8079a06a4cac8950e0baba2b43fb1f8e |
| SHA256 | 0a721fc230eca278a69a2006e13dfa00e698274281378d4df35227e1f68ea3e0 |
| SHA512 | 1422bf45d233e2e3f77dce30ba0123625f2a511f73dfdf42ee093b1755963d9abc371935111c28f0d2c02308c5e82867de2546d871c35e657da32a7182026048 |
C:\Users\Admin\AppData\Local\Temp\_MEI3962\_queue.pyd
| MD5 | dd146e2fa08302496b15118bf47703cf |
| SHA1 | d06813e2fcb30cbb00bb3893f30c2661686cf4b7 |
| SHA256 | 67e4e888559ea2c62ff267b58d7a7e95c2ec361703b5aa232aa8b2a1f96a2051 |
| SHA512 | 5b93a782c9562370fc5b3f289ca422b4d1a1c532e81bd6c95a0063f2e3889ecf828003e42b674439fc7cd0fa72f64ad607bab6910abe9d959a4fb9fb08df263c |
C:\Users\Admin\AppData\Local\Temp\_MEI3962\_hashlib.pyd
| MD5 | 5e5af52f42eaf007e3ac73fd2211f048 |
| SHA1 | 1a981e66ab5b03f4a74a6bac6227cd45df78010b |
| SHA256 | a30cf1a40e0b09610e34be187f1396ac5a44dcfb27bc7ff9b450d1318b694c1b |
| SHA512 | bc37625005c3dad1129b158a2f1e91628d5c973961e0efd61513bb6c7b97d77922809afca8039d08c11903734450bc098c6e7b63655ff1e9881323e5cfd739fd |
C:\Users\Admin\AppData\Local\Temp\_MEI3962\unicodedata.pyd
| MD5 | 601aee84e12b87ca66826dfc7ca57231 |
| SHA1 | 3a7812433ca7d443d4494446a9ced24b6774ceca |
| SHA256 | d8091e62c74e1b2b648086f778c3c41ce01f09661a75ea207d3fea2cf26a8762 |
| SHA512 | 7c2d64623c6cfd66d6729f59909c90aa944e810ff6514c58b2b3142ee90e8660b7ddf7fa187389dd333e47efe8b19e935dd4e9119c15375b69b4880d043877d7 |
C:\Users\Admin\AppData\Local\Temp\_MEI3962\top-1m.csv
| MD5 | ba0857be5e9736dde1f5cc44edd5d21b |
| SHA1 | b130759907909cc97bfe0d9a1fd65b8942c931aa |
| SHA256 | 7800cdef850c31931b2b520a42f858c4feb5ca86d6b3789e6173a02e909595ca |
| SHA512 | 08446902bc588e323b8fc551502ff869be6c2bb64f788d1bebfcc30a04c3e589b0616e84fc55de3d81d7b19b26e690024a442e6a27096808bc613bcecf3f6db4 |
C:\Users\Admin\AppData\Local\Temp\_MEI3962\select.pyd
| MD5 | e21cff76db11c1066fd96af86332b640 |
| SHA1 | e78ef7075c479b1d218132d89bf4bec13d54c06a |
| SHA256 | fcc2e09a2355a5546922874fb4cac92ee00a33c0ed6adbc440d128d1e9f4ec28 |
| SHA512 | e86dba2326ca5ea3f5ef3af2abd3c23d5b29b6211acc865b6be5a51d5c8850b7cda8c069e6f631ac62f2047224c4b675bbe6ac97c7ba781de5b8016ebaffd46f |
C:\Users\Admin\AppData\Local\Temp\_MEI3962\pyexpat.pyd
| MD5 | 2ae23047648257afa90d0ca96811979f |
| SHA1 | 0833cf7ccae477faa4656c74d593d0f59844cadd |
| SHA256 | 5caf51f12406bdb980db1361fab79c51be8cac0a2a0071a083adf4d84f423e95 |
| SHA512 | 13052eb183bb7eb8bb2740ff39f63805b69e920f2e21b482657a9995aa002579a88296b81ec415942511d2ed146689d1868b446f7e698e72da22f5c182706030 |
C:\Users\Admin\AppData\Local\Temp\_MEI3962\nss3.dll
| MD5 | 71747091d34cc634b9ad3c360b45b0a9 |
| SHA1 | 111cf483836f6a392f64bc9398a327be1c43dfc8 |
| SHA256 | 6e69c7c93a9d06c34c5f5429813d3763fe7ae4fb09c1dc5b0f0290b2dd8befcf |
| SHA512 | b911fd3b201a84c7663135c2dbf72e2368d68557181f5e1a32be271b0e73181f34990575fba44002fc92bae7d90caf530b7ec9212d3d022b4526906f0c2eb35a |
C:\Users\Admin\AppData\Local\Temp\_MEI3962\mozglue.dll
| MD5 | 3e4d1ec1d2a6e85593459601b5a0a828 |
| SHA1 | 92ee422285282dcb170cbc7808299d14d8d27963 |
| SHA256 | eefcf97ee8a298c85c9d4d44bb8747c0cca1ef5922e25000814148fd0fbfb2f5 |
| SHA512 | 4fe70fdbf8c902497537fbcda6e96373c636521aba2db52e3047abad37a9b857ab1668f203bcdf2815bbe0c485ec751dd6031043f459fd4af968c5d495e44ba4 |
C:\Users\Admin\AppData\Local\Temp\_MEI3962\mozavutil.dll
| MD5 | 4ecbb73d44518fc2b601a1ac9a38dcad |
| SHA1 | f7c96e85d5b32af8efb784e75164ec4f0c6f4f10 |
| SHA256 | 7f629ecfd36353139e9b067dc5ba84b411ed74132aef01b4430ccb016af46a52 |
| SHA512 | 12946996b2bdd87dd08cf046b37ff21dc23ab336c92d2b42cfa2000743c79524205004623b67505294080f60f9b5433005457f8a385e0461cef2cded6aa3d610 |
C:\Users\Admin\AppData\Local\Temp\_MEI3962\libssl-1_1.dll
| MD5 | 50bcfb04328fec1a22c31c0e39286470 |
| SHA1 | 3a1b78faf34125c7b8d684419fa715c367db3daa |
| SHA256 | fddd0da02dcd41786e9aa04ba17ba391ce39dae6b1f54cfa1e2bb55bc753fce9 |
| SHA512 | 370e6dfd318d905b79baf1808efbf6da58590f00006513bdaaed0c313f6fa6c36f634ea3b05f916cee59f4db25a23dd9e6f64caf3c04a200e78c193027f57685 |
C:\Users\Admin\AppData\Local\Temp\_MEI3962\libcrypto-1_1.dll
| MD5 | 89511df61678befa2f62f5025c8c8448 |
| SHA1 | df3961f833b4964f70fcf1c002d9fd7309f53ef8 |
| SHA256 | 296426e7ce11bc3d1cfa9f2aeb42f60c974da4af3b3efbeb0ba40e92e5299fdf |
| SHA512 | 9af069ea13551a4672fdd4635d3242e017837b76ab2815788148dd4c44b4cf3a650d43ac79cd2122e1e51e01fb5164e71ff81a829395bdb8e50bb50a33f0a668 |
C:\Users\Admin\AppData\Local\Temp\_MEI3962\lgpllibs.dll
| MD5 | 726abf1280adf3129481b94b2bc644c4 |
| SHA1 | 404f69e71296f2d199535e8a6d9fb56707fcbc5f |
| SHA256 | 8969747ecb7dfd4a6dcb9150017e14ebbf90ce558f6fb469f6b558d039e9259a |
| SHA512 | 160b57aa1a28ff35210cf958fd7821aa2cc1cf6fca1ea38d768fa90111826b096518363b00b6818d21743aefd6bbbfa358fbe2fe3afa95edacb330a747c6e5f3 |
C:\Users\Admin\AppData\Local\Temp\_MEI3962\geckodriver.exe
| MD5 | f60c542253cbe94f762e15c7b064b55d |
| SHA1 | 7a32f034217266db6d799893edc976e891a82944 |
| SHA256 | 989c9e22c08924ecb0ce8901889dcb4dc8db33b0b4c8c88ffea38fe89f04c6aa |
| SHA512 | 1a91ba760e9893521e417a4b6ab4a25c1a1d8aadf89ad98a60eb114f65a88f9d2616f3cc102c08b95a0e91d0cb7245ecc2b4fdbbbc17465c57844e6db2b2e8ca |
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\favicons.sqlite
| MD5 | 0351b833a5c095852e821535974441c8 |
| SHA1 | bcbf5c294852c2d80af7862d19791b994aea7706 |
| SHA256 | dd13400afe7ebe5d0be37c951ff961be293b63588cc3635a62fa5f071ab69eef |
| SHA512 | 3eaefe9e400fadf0b947036e15b4dc5c7b42fbbcb716426ba478073eff1e7d7bddf3f72c44dfb5fafe6712d7ea9f2c52c172607d719f238a22e432afdb618b97 |
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | 47539d0337e97e22a728afc2638d461f |
| SHA1 | d97b37079543b33b9b605c787945f809aed66fd6 |
| SHA256 | 262e52c5bbaa9bcd2dfcb4cf7da83a1efa95ebd0299f82031ad31a6ab19405a5 |
| SHA512 | 3810ebe80173d41785a42459fc5c4a8a31e56294f2c03fe99416925a34d242b88023565057201c9b6dcbdb97c8396d8305a723c0e31bb5b560b031b299672d4a |
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\sessionCheckpoints.json
| MD5 | 48fcad918c62db97e9af1dba1d131473 |
| SHA1 | d89381594d3241b0e645033f67572a5d8c166764 |
| SHA256 | dd8349e2789db1125b477971c5d445b6afb2f6ea3b57de65080631040900fe8c |
| SHA512 | 2278d074aab519859188b047c77fe7b4db718e0af237b63e06a1b095d7a1eb4e07d6ea59cab5d7b1325aae0047fadea36eae12a80bfefe112aab85fc18aa1ca3 |
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | ecb1dedf5ef99417494e424ca42eb67f |
| SHA1 | e2a293cbba50c6624e75cdaffe472967f3961023 |
| SHA256 | cccd56daa3559a54db61113fbdb5b6c96649cdd65b5cf14bd442c3f2e3b738be |
| SHA512 | 5ea0645775933d5bd2f913d58e344253a58578c920af95bd0fb81ff4f13a4998a919f0856ffdc97541abf9fc3797558b0f2467bc73214b63c7ce568ba87e550b |
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\.metadata-v2
| MD5 | 7abc816e004d9ed0f292770cfa8876cb |
| SHA1 | 4a1eeb702543f0819ef7c64b9f3bfd53be292106 |
| SHA256 | 2960d61c10694d76f29beca0eb96c06608cf4bbf479811449a39197e8580842e |
| SHA512 | 9883b894e65a426227ea9808b69e2259f206df76bd9bb9e7c0ebd7521acbdad0a92c4a531f739c93b1e53001eca8a1a42e122baa1e1885b11d4ba34aae24961a |
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\ls-archive.sqlite
| MD5 | d277f533f1d77e26d09bb66764bbeea6 |
| SHA1 | 082920ebe7dfb870cf94a99fc601fd5ae8b456ee |
| SHA256 | 3c957f8d69ccfe73b66c28d378bf301bb1bcb0ceb5c59ac0dafeb5787b24f3c3 |
| SHA512 | 510c78685b20a68160d9041d5a55a022a281fc0fd5777f978dc422d132961bf52ac23a0a95ca47b15715641ecb7a39b359da8d00d305c8543d553c00db54747d |
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | cbb1daad9fc48ab13e35fcd3621a5999 |
| SHA1 | 0eec8ece735465aea259f8223762f93fb13a97a0 |
| SHA256 | 8a03ae38ee38cf04dd9a5e2c5563bfd930886cae2170ed4200829288e5c155da |
| SHA512 | 818629d68123ae629bd5a1c7e768ed79707360457be1b7c50f7c59447bf9ee398fe78c925f037649d6b1ca529a9cf3bf8077b6f525f3e88142c56bc7e5451e8b |
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\.metadata-v2
| MD5 | 2c740091198dcf20b9c600791e2bcc3c |
| SHA1 | dd6f376ba9139ddec20ece64da0760054133db96 |
| SHA256 | e39504c71ba91c438c682a8c83c7ecfc5410b853d7788a4c561a8c6e90bdbe59 |
| SHA512 | a677a432a4af6b5ad0131d224d2e4c999c2340a54ba770f9f39429fd28ad05a921fcf65a1b714af5deae2419abcf8ab38472e15f0f8758ccf7b7769a40bafffc |
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\search.json.mozlz4
| MD5 | b6d7fc9b6ebc5f46500acc52bf6c9808 |
| SHA1 | 4fd8111c436d89b83890e98b4cb7d0343e568340 |
| SHA256 | 2bd35c40d02dfca6c685a001287d89c1ec743b8d4d87a0a568c1cbd0b5ba4974 |
| SHA512 | 7e7111112af9448be4da527ae1d76ed93ec1e236dd00db63ff30d93d1f29cd699193e1e2635b110dda3ec36502c25065ef7d1613537451916ea301eb0f3e084b |
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs.js
| MD5 | 8565a303ddc83b03f8662b034597de18 |
| SHA1 | ce6453779eb52055599ddba097a95ab82512ae5b |
| SHA256 | b6ffe8a2973d7050fd5ffcf7ee1c995eef8d8dc5d58cb0a05a6ca0953bd4c6bd |
| SHA512 | 2b667252645b7f1202582beb353fbb2320f81b1f2e42a8327792309709434092a953727b222a5d81bac1482a547a498ca5c9d3d2c772858746cf29d18c684566 |
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\places.sqlite
| MD5 | 2eeb46e1c58ff1cce4ac2d4d725b2cc6 |
| SHA1 | 89aa36e77e51da31fbbfd682a2acc91f6016d275 |
| SHA256 | e99e5ee165f2a0d5d39c5cc5a1d994c0534cf7caf8779f314f0e92b2d59d2b6a |
| SHA512 | 23d5e39c25375ef4a83713f44615078878253411cd6ca6c4a149de915cd491b328046ddd189a113585361faad6a47ebd6ead31f062681ab25b0f2832a988265e |
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\handlers.json
| MD5 | e7a65c5ead519a7b802f991353c26d3d |
| SHA1 | 34cc3c1cf9bd4912dba5fa422010934e46419fa3 |
| SHA256 | 0e5ce92485da953757f615bad034a43032b220da18f8165dd85347851b56b2d2 |
| SHA512 | 2a6034449ba6f5da8a77870ae665064047cea2460aeb4c8c0b62b308a403fdd30648150209aecc31ab1e50b6d9d94a1f51d3d7d50bbf35ec1b742bff2dbe788d |
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions.json
| MD5 | e2e8f9cf938f81b1185086b12c5c9d90 |
| SHA1 | b67c857a7002b3262f09ffc9fa8524c58a01e5b9 |
| SHA256 | a053bba02f38179197090a9a9849aab872af5b09dc61b2f69efb0d8ea2d0f5e2 |
| SHA512 | 3bab571f5c43ff72ce1dd654b584d053cba937a3d3cc4d07cbf57ac7acc821b199b90fab66abc62dbe32e75297143c810c995d87df076e75a583e321d081d87f |
C:\Users\Admin\AppData\Local\Temp\tmpydfp17vh\webdriver-py-profilecopy\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
| MD5 | a3fb2788945937b22e92eeeb30fb4f15 |
| SHA1 | 8cade36d4d5067cd9a094ab2e4b3c786e3c160aa |
| SHA256 | 05b98840b05ef2acbac333543e4b7c3d40fee2ce5fb4e29260b05e2ff6fe24cd |
| SHA512 | 4897aefe3a0efffaa3d92842b42fe223f0b9882031a65bea683f4554d1fec92b8a66ea15c67e9b95c7fc12991cde3245010ccfb91768ba233711ced3412c13bc |
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extension-preferences.json
| MD5 | d2e8aceaa00ad916618bea2eee81aedf |
| SHA1 | 28b26f0db0b4b2504a418983089795761c56e4a1 |
| SHA256 | fc52b830f384921b69b457fed04dfb4239fb08e9fe7d8ac07c4c269bd9f6f622 |
| SHA512 | b6cb1f872dfc024d28524976aca3ad8840943ca0fc212326e8b6ee6fe0a57d5120a6c1da824ab70d7f9ee8dd674bdd32ace038db4d893b893830bf3267c6e59d |
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\datareporting\glean\db\data.safe.bin
| MD5 | b1c8aa9861b461806c9e738511edd6ae |
| SHA1 | fe13c1bbc7e323845cbe6a1bb89259cbd05595f8 |
| SHA256 | 7cea48e7add3340b36f47ba4ea2ded8d6cb0423ffc2a64b44d7e86e0507d6b70 |
| SHA512 | 841a0f8c98dd04dc9a4be2f05c34ecd511388c76d08ca0f415bfb6056166d9a521b8bc2c46b74697f3ecdac5141d1fe6af76dd0689350caca14e9f849ee75a8b |
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\cookies.sqlite
| MD5 | 5caa766855d5613a999f71b7812d6451 |
| SHA1 | ad0d9a52a0d5cc7f11858301dbe47377ed99ee37 |
| SHA256 | 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27 |
| SHA512 | 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba |
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\content-prefs.sqlite
| MD5 | 2ec530a71bdac21f299f9ddb823be222 |
| SHA1 | 5425aaf19c0832cda06be506e88f2435f432d287 |
| SHA256 | ccad2cafe84d27b3be67a87f0e32b7670e451c7ceefce6f2aa38f658976334b3 |
| SHA512 | 94eec8b0f59c68331d9187dd4dd4aa2b2c31d844e72bf707cd9e0c7c72c64982a3babcacf3d09a996422281ac5479ee304b41a577e54a74308d7a31a7d7091d4 |
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\containers.json
| MD5 | 26dd091069531a62061de8ca1c56d46b |
| SHA1 | 6c9daa73f096174f28f86c9bb245cb8a540f5c2d |
| SHA256 | 2cde4e7f9f1c6ab6fcf729370237845c72314a6c6d942fab1989f37e6c610a9a |
| SHA512 | 180d42c642f5d1126efbf89af33f1b4d1aa936aa530834b508eabcf3ec845aad91daa871ee6517e1181910f5720edbc3788d6a4b2455f1255d7b52b95de2d66d |
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\compatibility.ini
| MD5 | e50a617598b0f635e6f9ae4a9d445b78 |
| SHA1 | a372ec393dd6271bd00cf02f894152887765da8b |
| SHA256 | c9053fe76caf2607aa3043fa8b60070956198590dd8aab868145e0644cee30f5 |
| SHA512 | e851c226c38d4a6dfe43074d455fd75483d6c9b4d9521280a64f5b1913a055084d7764f13a8d0a12142a716a4031cc2ca4916c131d41c18a4d7a95128cb03bc0 |
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\addonStartup.json.lz4
| MD5 | 85de06e3d4c6f39404776f3c7162c59b |
| SHA1 | 3e4b8ecebaa9c903d220ee23d367be8e8ba27619 |
| SHA256 | 33d83687f45f4dbe12db0a0ce697cbce2c228d71ed474ad10a839ff7ce95012a |
| SHA512 | 6cd4cac7bd74ac01de30d242b2bc75e7dc2e23c0871250ae8176cc947553dbfc702a2392380acdad6bec355aea6dfa95708af54c560330c36c05bb0f34169963 |
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\xulstore.json
| MD5 | 8d689c06cb844185099c0398a280537e |
| SHA1 | 57073c7526ec37e94bb9db44fedc6d50276f7a6b |
| SHA256 | 96729e9b38f216605ff10715f96f364be32f02e2de23ede7e74b78244605124d |
| SHA512 | 3c7df326c695143915df1068cb2c0f58e93e4881b2c4d94b33948b80e954fbd4cf944ae53b4d15002b79fcdb8e88f8e9cf4c89ca50f56b7cfd8a13ea7dd6fff8 |
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\webappsstore.sqlite
| MD5 | 41c22c9f81a84b1b0e5ee7ec2ff7c545 |
| SHA1 | d12424cba9e4e9124bf3f15e556c562b95c9b6a3 |
| SHA256 | 4ffdc78433817da79ad2e84b26a2ffaf62d8c1baf80421751d752c3d8723328f |
| SHA512 | 8b690c55ae0b25aeede62a09dea1ef6b7daa9880ca63c6d4ce192160daded05fe0dc44b115216ce10523e2ec45991873c249f159fe8608712818f5ead327897b |
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\times.json
| MD5 | 797325af481a14ae243f10d5f24b4a0d |
| SHA1 | 718b6ed3d9d839b8fe0a0e097b9ac5f5770ed5a1 |
| SHA256 | 1d70eaebce1c81e3241ae47deb92aab50f90dd8baa4c7cb5e9f7eb6b1e66abb1 |
| SHA512 | ac9aa2b028bdffe24831ba50894fb48eb70b100f6973875987e24f075a3e9196f96699667eb3a5d2e4f86041d510447c75fe6e55562813451712878a3411c3b1 |
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage.sqlite
| MD5 | 7f2754df6a4a580b15910f449892766d |
| SHA1 | 9dcaad98563ed89781f53941cbc43db5454de7f5 |
| SHA256 | d3765d63c380e5a79296d566b7869c08b1f4e079787176f29cf2ddcd76330654 |
| SHA512 | 25f0205a8c4aed02e9e1f9ecafffb36cb3bb795ef9f06cc12ede9e8b0459ae5b86573b3b4980b92073a59204eaf314cba34c03b99e90ab98f804fe378fe02839 |
C:\Users\Admin\AppData\Roaming\tor\cached-microdesc-consensus
| MD5 | 80e882ce8268212cf4db9fbe44f95336 |
| SHA1 | 85abc152168a20d8db2c6501aa43a97ea72efc8c |
| SHA256 | 32c7fa19bdf922f35368bbda1fd91b30fae89f7e8615c8224901e4e3454ee937 |
| SHA512 | eb6fc2086c0c5b1e2207c675e49713961246559ade42f65f5e1d51e6139e503eacceaa57542664f7161dc320df0403d90bc85e499aa2d0f09c4a3d4236920cd5 |
C:\Users\Admin\AppData\Local\Temp\_MEI3962\Tor Browser\Browser\firefox.exe
| MD5 | 65aa9b0f57d72e4d70e9226322221adc |
| SHA1 | 85fec174d0977afd8c0100c9d9b53c958e1949bf |
| SHA256 | 51b63860fd996d6d5b1753ba6bb7f3a4303f13187fbfecc96ba2b6bae52a7410 |
| SHA512 | f84416a5e9293b8b82993e9424b13d5bb8542d1a379d04f498b60f0b5805626b7c97bcc6f86f6cfd33031b0d65d0ad23ce6d836995b5a481ed29f62ef89b2c85 |
memory/4112-491-0x00007FFD6B0D0000-0x00007FFD6B0D1000-memory.dmp
memory/4112-490-0x00007FFD6BF20000-0x00007FFD6BF21000-memory.dmp
C:\Users\Admin\AppData\Roaming\tor\cached-microdescs.new
| MD5 | 235bc324dbd5f832914ae12cb288e463 |
| SHA1 | bcfc76341e2c4035d2afb732e0ca91b0579e0b03 |
| SHA256 | 2d6e6e20730af7e0992cdd2b3903c8d4a3b1b6f1745689b5538949f0b02eafa7 |
| SHA512 | 7e3115a8fcac90e0bb7d0c34716f401756d81723599a44b17e031c89f690b2da0d5ea8cabd21e2e03df506057e5ce75be62fbbe41614527529aa35ce14641bdf |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilesZzabq\prefs.js
| MD5 | c86254dd4e644dbe515253e944dce467 |
| SHA1 | cd92ce4733e94c0e66987255aec0327c8b977a45 |
| SHA256 | 4c80d0f95fc7ee6d3bada548d25c68a5e2b77261c0922354abbd809a311740ae |
| SHA512 | ad57603b85d6962812a4f16f95fa98327e519f52f8d7df79ee39a576f598564771b709735d083bc9222672a38c412e109c04c8b6070baaf11478ab1f39bc134f |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilesZzabq\extensions.json
| MD5 | 0341024c812f8609f7aa5e0c1215a8f1 |
| SHA1 | 21a771e19a4b5ff35afc0562403014bc365e816a |
| SHA256 | 397865e3dfc81074b9dfaa421d8f04b71c9736b694d57e6847c44e690959c62b |
| SHA512 | 803e7917cbd4f38458c5d3c7f571f2dae4eb4b8469dfc96615a36c2bd9222260c63cd1b53abe44b93e57cc94798513d527b063079f4b2cf690c26d64573f8025 |
memory/2532-573-0x00000238B2250000-0x00000238B2260000-memory.dmp
memory/2532-609-0x00000238A5D60000-0x00000238A5ED0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilesZzabq\prefs.js
| MD5 | 31035496338d9838a08808216ac5a80c |
| SHA1 | 9a36fb6049138e39e620a62e3c8f10dae24a0102 |
| SHA256 | 67f7e4dc1ef835d8026d632f7e8e5ec8995e9adf762828e0baee17ebbd1daaa8 |
| SHA512 | 7daf632087ea7336de80afca20c2feb93267e98028ff5309dd70b9d40784d444999aaa1a7953c8c3cb20aa86a8edcc0e0658c9475419db46a910b844ecf3550c |
memory/2532-665-0x00000238B0F60000-0x00000238B0F70000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilesZzabq\prefs-1.js
| MD5 | bae328573f37b0ba1bc8727a14ab6f0e |
| SHA1 | 28a12fb709efdd8cd4d55d61a6bdd048077f4d69 |
| SHA256 | 14883d5642f659997295b078b0e48b13dad27041680c8dbcdd6c0a6de0d06b31 |
| SHA512 | 21821ba5084557c9bc00cb260530d2746e425cf339825633ed6dfb1d2e6e0c12612bd640c8110404b8137302a147bbc3d1a4c2323121ac56070c89191ec93649 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileuVJgzF\sessionCheckpoints.json
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileuVJgzF\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
memory/4760-916-0x00000214B74C0000-0x00000214B74D0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileuVJgzF\extension-preferences.json
| MD5 | b4298c9a240d6b7b63346daf94013802 |
| SHA1 | 9ce98168437854b51b198c16186c05129f0c273b |
| SHA256 | e120cdbe8994b9c61e74492f0fad161abb5b4e18f64d4b786a8c245ae5a384d5 |
| SHA512 | 545becc42b35be10b4c24fdc38ef6b664d167e4288111f31478f476c2c06794efb802ac0fa2b782cddea1283d295a56053e96520b033258bd596ff6fbb4f1b4c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileuVJgzF\prefs.js
| MD5 | bcb79579b83822a5b1dbd58c21c24e2a |
| SHA1 | b77db9a25a11aa1c04218f5d9db698c121caf916 |
| SHA256 | 32bdd8c2ccab31b9e1fa046b68dc2d336a170bb30f0bffc289d9cb50644db485 |
| SHA512 | def0e449739ed18a048ddc5b03b7daa279c1944b72468b0181c711aaedd2737533a6add575548aeb7b2f1f148f55d141fff89f0e88e622dd6e611eb03adac11c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileuVJgzF\startupCache\webext.sc.lz4
| MD5 | b2a7e6ffa7c1be3654098d930c02d6d5 |
| SHA1 | 23e591348a40d42f93af737affa3803fc3a5447e |
| SHA256 | d8de79472fff3ea43ffd492126433869667d9cca5ac5d187d0fe52a849160593 |
| SHA512 | bda07170039456f15e00aec50ec1dc9f51d77af60f2ca408c20a44bef210d9b95c4d8a699152086eb5c1b60ed140dd25b75d369ae51a675b296c799936c6204a |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileuVJgzF\sessionCheckpoints.json
| MD5 | 99601438ae1349b653fcd00278943f90 |
| SHA1 | 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9 |
| SHA256 | 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a |
| SHA512 | ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileuVJgzF\prefs-1.js
| MD5 | 0300e8d240a61b3be7f14b1bce72d7d4 |
| SHA1 | acd877c915239a257f51ed89b8fffcbd86195662 |
| SHA256 | 826f9b47aaaa66f3b60c599bb8dec545f342a6ada5074cd940e66d3a9ef65b5c |
| SHA512 | 92afc7183cb26de4cce9066c4a3539b5b2a0a133985737ab9b27daf93349b9dd73b131570de54116f3a157763a36037a8953cc0b368a86d33fb308a665039ba1 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileuVJgzF\sessionCheckpoints.json
| MD5 | 65690c43c42921410ec8043e34f09079 |
| SHA1 | 362add4dbd0c978ae222a354a4e8d35563da14b4 |
| SHA256 | 7343d5a46e2fca762305a4f85c45484a49c1607ede8e8c4bd12bedd2327edb8d |
| SHA512 | c0208d51cf1586e75f22764b82c48ecbb42c1ff54aa412a85af13d686e0119b4e49e98450d25c70e3792d3b9c2cda0c5ab0c6931ebaf548693bb970a35ae62b9 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileuVJgzF\sessionCheckpoints.json
| MD5 | 2d87ba02e79c11351c1d478b06ca9b29 |
| SHA1 | 4b0fb1927ca869256e9e2e2d480c3feb8e67e6f1 |
| SHA256 | 16b7be97c92e0b75b9f8a3c22e90177941c7e6e3fbb97c8d46432554429f3524 |
| SHA512 | be7e128c140a88348c3676afc49a143227c013056007406c66a3cae16aae170543ca8a0749136702411f502f2c933891d7dcdde0db81c5733415c818f1668185 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileuVJgzF\xulstore.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileiPJVEP\user.js
| MD5 | 736db8c9b955f72129a6644a9c797093 |
| SHA1 | 59f1c80c407e27ffe85407a82f7b7250c5ee3753 |
| SHA256 | 668694ca0485bfb77e7049bad327ba3f83534f31c1d50744f227c996eab4097f |
| SHA512 | 9916d339304272357ff56976bfcb9fd2d607ccbaa33dc40b88618c9ae31833923d3f2e8288cfc1f0090da90803b5e07404c41182155db2d2345df6f63020f217 |
memory/2940-1191-0x000002566BCB0000-0x000002566BCC0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileiPJVEP\prefs-1.js
| MD5 | 938d0d82cea8361df76d7bcb01af9b2f |
| SHA1 | 623cf7763e63c847196bf0ca4ed22ca6cd473ace |
| SHA256 | 11da51d82f60d2acb88f3b64798ca71ed258883a7f5f2bfecc8bbd00f52253f6 |
| SHA512 | 601fe15971e6d8376a293ccbde7b67325f92132f7e283dad053d8b3c4e64dcf0255c8733522d3245b6fca080c39a0d796cd78b934b46f6f79e809a053271b35d |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileiPJVEP\broadcast-listeners.json
| MD5 | 97c3738563a9448365a735f5f29ed3d5 |
| SHA1 | 15a81433236ca6e6ecc4e1c8d0fdb8523b265c57 |
| SHA256 | 63221253f5c30efa214c2cd2adcf51a9c9f9a2c05f119b00a51c9579825c2c24 |
| SHA512 | ed98f42d5d02ab53a9e50f80b312bed4b5d05d053bec582cf9d619ef91251e86cf4f4d1123c645500fc1dc4673b49a8b7badd3f3a39f565ac643ca4fd0157ae6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileiPJVEP\prefs.js
| MD5 | 6faf4adf089e92dac831ec8e625cdc91 |
| SHA1 | d53e46dd299b73db10404fa73239b952a282473d |
| SHA256 | 46db599e2a5bfa4927a621388401962b0c830b17c2a9a5cfa2e537e70b129d26 |
| SHA512 | 7912c906f3199b35ebc0a75a29e6f1b548ca9f4b44f4f96bc0adb9c7b2bfed527969138f9dd6efc0b142adb290bb47306d89bdc36dc0ec5ba375d8fb9b652dad |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilekwEHqE\startupCache\scriptCache-child-new.bin
| MD5 | f5d1636ce3602881a361d6b4ef15f97c |
| SHA1 | 6976e01e8f57aefc8a626d3b8967aa3a056930f9 |
| SHA256 | 01565f73663b891f84d82db21727226d9d0c622d3a43af33a0aa332ebf56d27c |
| SHA512 | fb0525447422216487f6b2cd6911a831af358f5d8fe97742db91541085e230841bb8a70460ebe29de85fd34020ccf4fd510719fad646338431203f23a14ea0bd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilekwEHqE\prefs-1.js
| MD5 | 9e70a4cdf5d7366b59d241d7e256ce8b |
| SHA1 | 66e12ca3ebfb94f8fcf05e683f12e10defc3eb37 |
| SHA256 | fb66d1f7272518f1fda269a65ce4175376b12b16e90bdc4d72aad208d01fdbae |
| SHA512 | c5bc411a3ad0a326af3d068f323c5caf1350744296951a6a426891644c985830edc7522b118219188a73723acefd534abeda448b11dbe8d379c649f32b791a9a |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileHRSRzV\compatibility.ini
| MD5 | 5c530317c61e9af1699f6563aae04ccd |
| SHA1 | fecc46225f9e2a55ccb229ddd11ca34f5db06ea5 |
| SHA256 | 9f03839c14fb4e9e6ad337b95e7ae079f6e47a76e5a87184da52335db9acb940 |
| SHA512 | 8665b3ceb77f87e3a1f768a68e42554bc0f6ef61ea9313831f27988dddef01d503e811c2c3a4504c97ac697edf56bf258de28afc9c4d15c1dcb1365a2322fac8 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileHRSRzV\WebDriverBiDiServer.json
| MD5 | 0cef5cb2c2455e6fa208a9992e2056f0 |
| SHA1 | 31e90336ba2bb4817e7dc03d7b17db518b912858 |
| SHA256 | 8698fc7ce51b1a39dabdf354ba91970fa5bc48a83d0f4fcfdbb31c03d7040820 |
| SHA512 | 8646e3621f4c679d62020f44c42cecf475474743df5f55da0b64f068e8baebb601dac6a5f09577d4554805118480ce3d39451c24d4ef48129a426ad9d29d316c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileHRSRzV\datareporting\glean\db\data.safe.tmp
| MD5 | 63b1bb87284efe954e1c3ae390e7ee44 |
| SHA1 | 75b297779e1e2a8009276dd8df4507eb57e4e179 |
| SHA256 | b017ee25a7f5c09eb4bf359ca721d67e6e9d9f95f8ce6f741d47f33bde6ef73a |
| SHA512 | f7768cbd7dd80408bd270e5a0dc47df588850203546bbc405adb0b096d00d45010d0fb64d8a6c050c83d81bd313094036f3d3af2916f1328f3899d76fad04895 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileHRSRzV\datareporting\glean\db\data.safe.tmp
| MD5 | 7fba44cb533472c1e260d1f28892d86b |
| SHA1 | 727dce051fc511e000053952d568f77b538107bb |
| SHA256 | 14fb5cda1708000576f35c39c15f80a0c653afaf42ed137a3d31678f94b6e8bf |
| SHA512 | 1330b0f39614a3af2a6f5e1ea558b3f5451a7af20b6f7a704784b139a0ec17a20c8d7b903424cb8020a003319a3d75794e9fe8bc0aeb39e81721b9b2fdb9e031 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileHRSRzV\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | c186d2bec1b2ac77c0308f30e806f02a |
| SHA1 | b1247a53a1d728daae7067dcd34311bdd449ff83 |
| SHA256 | 7668960f5427655b36febbff794fdf931dfae75bf6eca2af492b9923192a9e56 |
| SHA512 | 8328bea992330a9d97f2d24abede5c02b04147c1519dd7ea35a3b92fec4ecceef4116568003b3464b666f5e425eddf507e96557290b54723aa92deb68ba790f7 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileHRSRzV\prefs-1.js
| MD5 | 789c0cb814025a40fa32aeaf941d3859 |
| SHA1 | 3e3fb48ef0f2f941288de70d3b3722728098a60e |
| SHA256 | a76d970fc3657b15211ffb44f2cd927a0fc64d914598af8e51659a36016722d9 |
| SHA512 | 441915b1668a3d800ad5182bd55792fb5e04cc81ab574f9456e99761a835100af25fbd2af814071832df7bbd04fcf4c4f21638755b2bab02d6697443e2cda846 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileHRSRzV\prefs.js
| MD5 | 083e930aa6b75c264c911c04583116c0 |
| SHA1 | b74fd6ddbdc873a8a3dbef5d09fbf627d7538351 |
| SHA256 | 7cc2a04a589dd6bb296f46178b2d7d9a70dc1268db2cf9e5ea1b11fcb81ddd9b |
| SHA512 | c2dc2f99bd9560198c6d62f0b2ab26ddb018652502671b1bef9eff509267bf135015a4cfaed21787910a52aa057ed94cd6d7c82aca34a8ecc851a4c3a397a6cb |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileHRSRzV\prefs.js
| MD5 | aa2742b961083b49e37118f64288aa41 |
| SHA1 | a927c1211c30d4d99f0addffb4d6c018df290ef9 |
| SHA256 | 785a1bbb6b6bfb7d41e533079daf0ebc6011b6f292234b7e74dbaae5cabe2af3 |
| SHA512 | b809483341c7c37b94436056542230b5aadc7395695099b6bd1b2d52cd0b71d9687cbf152b90487ca735efc7824a37d81c9d0b763d584282f0aeffc5a21b5682 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileHRSRzV\storage-sync-v2.sqlite
| MD5 | bff4d6361e4126d963ab7dffdc7550ce |
| SHA1 | e2660c2f00b0aef4a81972c6a6093935d5aa40d5 |
| SHA256 | ad0828e5ff9d4188151772cd9af85827a431d122901486590c5734b62b4af2d2 |
| SHA512 | 8d967c085d343d50a76cf14e88ed2fb742a7195034ddbaacd57d2c47abf0218a5f6878528a8f37c8f3b61496f61b5e254d205003af87a3cf156ba12ea59f65bc |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileHRSRzV\content-prefs.sqlite
| MD5 | b15425d1f21f5708184e35493e63c8a1 |
| SHA1 | e944c1fdf56a3f6a5150b77980e89d48c7b57be2 |
| SHA256 | 7a9012d1846763fe9dcb059035972a023ec29f2b9c03f865f0a6f6df6ef2a6c0 |
| SHA512 | 6b54e30e0a060261bdac98ef818d1053fbabf0d6b8a17efc729942729ed6e6dddb29063b079ddb1dcd1b4edfc85a0311cf821b4b3291372c834a00733456423f |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile4cqAaV\datareporting\glean\db\data.safe.tmp
| MD5 | 1c3c58f7838dde7f753614d170f110fc |
| SHA1 | c17e5a486cecaddd6ced7217d298306850a87f48 |
| SHA256 | 81c14432135b2a50dc505904e87781864ca561efef9e94baeca3704d04e6db3d |
| SHA512 | 9f6e9bcb0bba9e2ce3d7dabe03b061e3fda3f6d7b0249ecf4dbc145dc78844386d047ee2ac95656a025ef808cd0fc451204dc98a1981cf2729091761661a3b49 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile4cqAaV\startupCache\scriptCache-child-new.bin
| MD5 | 2724d7dd31542eea53805994d9290cd8 |
| SHA1 | 7b5d8536b060269d79848eaa6e2362333bc0f8ec |
| SHA256 | 72f0d983fa1c2017f7402b19caf50305d7bd8001ed4e7797bc3dc0528f3081a1 |
| SHA512 | 6ea98f95ca46f2b83081b546bf6238de11a829853105233bb29cf9ceeb69ace8c69ae90e94c9b5143f91f05713cfbf82f63265733f6233ecf5acb867758c1ee0 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile4cqAaV\prefs.js
| MD5 | 76cfdc8bbf727541688a9479aae18d21 |
| SHA1 | 7fd73779e33bfd5b86c71bbef846e042ae96e2fa |
| SHA256 | 86c77497af9c92c899fce54b056f49f38d4088b76fc5537f8610ca68d8ac1b6c |
| SHA512 | 06afeafc52634f792a143fb7aec55f65c9262aeb3a32810bbf2ee36c6cc8cec820064f9f839878b4caffa5437e1f23f302ff4ce4cb75997209b98238bab92345 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile4cqAaV\prefs-1.js
| MD5 | 0a0fd03da2b5068ef6aef11fbb265c79 |
| SHA1 | 0338ff0ea65d520c0f777669911405a54232dec2 |
| SHA256 | c5669ff0d89a2d5517f64df4d3bb48c42d77439aa04934a7fe48c672f833500b |
| SHA512 | 5aee22a71ad45945ad601edbbd058e18e3c7bde1d14ba4a5883f0fa3a081984bc970f1b120e0f9796a778e4f173e7d8273dcb784a652c79244a6431503940ebb |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileQsMpFe\datareporting\glean\db\data.safe.tmp
| MD5 | 7d3d11283370585b060d50a12715851a |
| SHA1 | 3a05d9b7daa2d377d95e7a5f3e8e7a8f705938e3 |
| SHA256 | 86bff840e1bec67b7c91f97f4d37e3a638c5fdc7b56aae210b01745f292347b9 |
| SHA512 | a185a956e7105ad5a903d5d0e780df9421cf7b84ef1f83f7e9f3ab81bf683b440f23e55df4bbd52d60e89af467b5fc949bf1faa7810c523b98c7c2361fde010e |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileQsMpFe\prefs.js
| MD5 | cd35d450caececc6a4e90b219e6d1efd |
| SHA1 | 6facf90f0c53d765d53745c10822d4fe961b11d7 |
| SHA256 | 65cf1f30eaaf5718fc909c2dda1c565bf1e970ef2705dbc78094c9cbf3137d2e |
| SHA512 | 1f54c72c7d9aac79b21d19e347618afd66bbfbe1e3a589cb324f658742798a7c9ded8c2db22baad8389cfd817d0fd6ea7dfd8463f02e2655be1a6fc95a512b5a |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileQsMpFe\prefs-1.js
| MD5 | c39f6ee7f1844bf46d6bd5c8f1975c72 |
| SHA1 | db6e797f26ceb93dac564e66d578f7965c72ec48 |
| SHA256 | fa9a5cb591f9b32f0e4c1f4206d5f558c2aebfea6f10a4738e4147aaac1256cf |
| SHA512 | bf4f9b9c179d909e3ad0c225d8d980d4a065b280838010e36c674dc54ec4485363db0aaa560dc1ba5a96b4ac5e1b8f48cec83f25204fd1a1a41e4052a068b744 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileTQeKuz\prefs.js
| MD5 | e83b17daf00912551d1077b7f8a3b308 |
| SHA1 | 6ef80d866bfb4d157a135dee3cc2a831b6ce2749 |
| SHA256 | 2a966cdfe1eb8dcd9c7018e4b5b740a0cd271ac87ac8a5ead7a7d4049a452718 |
| SHA512 | eb27c184ae18c29e21627241973c9cf792e72a4b1ccc6370d931912b26819d98cb61494ab592bf621fd645fe51ca65b6d972a64eaf26771903cc57b17bdebaab |
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-09 01:55
Reported
2024-05-09 02:07
Platform
win10v2004-20240426-en
Max time kernel
300s
Max time network
309s
Command Line
Signatures
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-3906287020-2915474608-1755617787-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3906287020-2915474608-1755617787-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3906287020-2915474608-1755617787-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3906287020-2915474608-1755617787-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3906287020-2915474608-1755617787-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3906287020-2915474608-1755617787-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3906287020-2915474608-1755617787-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3906287020-2915474608-1755617787-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "ver"
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\TorBrowser\Tor\tor.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Users\Admin\AppData\Local\Temp\_MEI27442\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI27442\geckodriver.exe --port 64182 --websocket-port 64183
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 64183 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileojfhFg
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 64183 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileojfhFg
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="3688.0.1161922978\458088799" -parentBuildID 20240416150000 -prefsHandle 1696 -prefMapHandle 1688 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {2b77ed1d-8b32-40cb-9491-0a221f87cef6} 3688 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="3688.1.474096133\1764229965" -childID 1 -isForBrowser -prefsHandle 2868 -prefMapHandle 2696 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1256 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {b5e0a874-de63-4d9b-8501-678ef0845d39} 3688 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="3688.2.2096248785\158200846" -childID 2 -isForBrowser -prefsHandle 3172 -prefMapHandle 3168 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1256 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {d172aa59-467b-4d71-8111-ab8594cd2f42} 3688 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="3688.3.291428809\1965726658" -childID 3 -isForBrowser -prefsHandle 3744 -prefMapHandle 3680 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1256 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {a69bb560-4b8d-47f8-882d-2bf4332b09d3} 3688 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="3688.4.605759363\1427446696" -childID 4 -isForBrowser -prefsHandle 3852 -prefMapHandle 3848 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1256 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {5acb1824-313a-438e-a396-a404f3fd8339} 3688 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="3688.5.396599306\721619725" -childID 5 -isForBrowser -prefsHandle 4052 -prefMapHandle 4056 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1256 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {63ff3846-74f4-4d37-bcdf-5ed35f4645ec} 3688 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="3688.6.788798427\966272956" -childID 6 -isForBrowser -prefsHandle 4124 -prefMapHandle 4128 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1256 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {f63791a4-9c39-4602-8089-8dba0b5ac750} 3688 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="3688.7.1781926022\1345696122" -childID 7 -isForBrowser -prefsHandle 4488 -prefMapHandle 4612 -prefsLen 25367 -prefMapSize 245849 -jsInitHandle 1256 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {dc0bb604-8e79-420a-85c8-7b9d64def4bb} 3688 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="3688.8.819179957\1024184717" -childID 8 -isForBrowser -prefsHandle 4764 -prefMapHandle 3728 -prefsLen 25491 -prefMapSize 245849 -jsInitHandle 1256 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {855a9280-fea1-41d7-800b-248d56cc31e3} 3688 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27442\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI27442\geckodriver.exe --port 64182 --websocket-port 64183
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 64183 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile67w4qN
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 64183 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile67w4qN
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="2680.0.815853299\2050471695" -parentBuildID 20240416150000 -prefsHandle 1668 -prefMapHandle 1660 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {aa6b3d9c-d677-4d67-80ae-c584a23d58c7} 2680 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="2680.1.1677943224\4971072" -childID 1 -isForBrowser -prefsHandle 2328 -prefMapHandle 2468 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1220 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {45066e6f-d0f3-4f74-8a50-d31fdf9ecb51} 2680 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="2680.2.1579585162\2087004720" -childID 2 -isForBrowser -prefsHandle 3184 -prefMapHandle 3180 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1220 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {6b8a8ba5-f52d-4fde-8ee8-320dc6d089c0} 2680 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="2680.3.625031424\1391322908" -childID 3 -isForBrowser -prefsHandle 3264 -prefMapHandle 3268 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1220 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {a613c8b0-ffb6-4428-8c1c-ea5633b3997a} 2680 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="2680.4.1973831206\269492184" -childID 4 -isForBrowser -prefsHandle 3848 -prefMapHandle 1444 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1220 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {1bcac0d5-a4c1-4a58-b7e2-036698e0ce0a} 2680 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="2680.5.2082505139\379518717" -childID 5 -isForBrowser -prefsHandle 4012 -prefMapHandle 4016 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1220 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {b0bd4118-85e9-436a-a1d7-268172e63d83} 2680 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="2680.6.444121120\1990192006" -childID 6 -isForBrowser -prefsHandle 4064 -prefMapHandle 4068 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1220 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {691f9a49-c8dc-4832-941a-e6d3943b0a5b} 2680 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="2680.7.516934036\885954112" -childID 7 -isForBrowser -prefsHandle 4516 -prefMapHandle 3392 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1220 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {6ae5b24c-0e27-49ea-b86b-ce71f27736f7} 2680 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27442\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI27442\geckodriver.exe --port 64182 --websocket-port 64183
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 64183 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileUOl0dC
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 64183 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileUOl0dC
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="3956.0.704052743\2057972274" -parentBuildID 20240416150000 -prefsHandle 1660 -prefMapHandle 1652 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {b84da1a7-0218-421e-877d-e567807aec8c} 3956 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="3956.1.270554499\1662731407" -childID 1 -isForBrowser -prefsHandle 2352 -prefMapHandle 2320 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1304 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {557fb627-00c1-431f-9008-f185413cb329} 3956 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="3956.2.1914346378\1636133741" -childID 2 -isForBrowser -prefsHandle 3184 -prefMapHandle 3180 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1304 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {4e49a955-bf2d-45aa-af48-bc32f456773b} 3956 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="3956.3.1598930282\940796550" -childID 3 -isForBrowser -prefsHandle 2268 -prefMapHandle 3188 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1304 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {8ca56d3e-8d6d-4493-99c4-553f1d5d2690} 3956 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="3956.4.820740236\640038252" -childID 4 -isForBrowser -prefsHandle 3300 -prefMapHandle 3304 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1304 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {6e71c1f1-a408-41f3-9af3-2036ffd1883e} 3956 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="3956.5.1535265056\647386109" -childID 5 -isForBrowser -prefsHandle 4072 -prefMapHandle 4068 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1304 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {f051a8ab-f8fd-43d1-8375-5e221ec1ce7b} 3956 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="3956.6.264269120\111539145" -childID 6 -isForBrowser -prefsHandle 4180 -prefMapHandle 4184 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1304 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {71b6b8d9-3a98-45b0-ba0c-d7a2027a0088} 3956 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="3956.7.1127774483\71846253" -childID 7 -isForBrowser -prefsHandle 4672 -prefMapHandle 4668 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1304 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {8e325178-cb13-4334-ba78-9587aa6edca3} 3956 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="3956.8.730049888\141936388" -parentBuildID 20240416150000 -prefsHandle 4372 -prefMapHandle 4768 -prefsLen 27362 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {86e88d02-a7cc-44a5-96dc-6183a562e843} 3956 rdd
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="3956.9.582974169\1827530371" -parentBuildID 20240416150000 -sandboxingKind 1 -prefsHandle 4960 -prefMapHandle 4956 -prefsLen 27362 -prefMapSize 245849 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {d0bc9d70-3ff0-4539-9719-d7c5a1fd3053} 3956 utility
C:\Users\Admin\AppData\Local\Temp\_MEI27442\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI27442\geckodriver.exe --port 64182 --websocket-port 64183
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 64183 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileW7nxkN
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 64183 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileW7nxkN
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="4716.0.627485461\517498259" -parentBuildID 20240416150000 -prefsHandle 1676 -prefMapHandle 1668 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {eed1ece2-2a0e-44ab-9d1b-1b87f010f87d} 4716 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="4716.1.346452984\777655454" -childID 1 -isForBrowser -prefsHandle 2652 -prefMapHandle 2648 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1236 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {5e1c3caf-17af-4210-bd06-43224b44868e} 4716 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="4716.2.862534057\620403206" -childID 2 -isForBrowser -prefsHandle 3196 -prefMapHandle 3192 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1236 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {cf075fea-ec9d-46ec-93e1-50266da20d2d} 4716 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="4716.3.45702728\354462812" -childID 3 -isForBrowser -prefsHandle 3272 -prefMapHandle 3260 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1236 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {fb00e2f6-bdcc-4584-8878-e1e72d1b4a43} 4716 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="4716.4.419197776\1312108319" -childID 4 -isForBrowser -prefsHandle 3924 -prefMapHandle 4056 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1236 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {2597e10a-b6bd-411d-bb39-fd7e758ddb88} 4716 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="4716.5.1747761186\716294812" -childID 5 -isForBrowser -prefsHandle 4172 -prefMapHandle 4180 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1236 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {fd5db653-7607-4be9-8249-91a681c7c758} 4716 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="4716.6.1324001673\949420912" -childID 6 -isForBrowser -prefsHandle 4316 -prefMapHandle 4312 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1236 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {57d014c7-5475-4338-bbf9-10573d57bd62} 4716 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="4716.7.752682673\195241248" -childID 7 -isForBrowser -prefsHandle 4804 -prefMapHandle 4808 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1236 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {8ef78abd-8cd4-47f5-9174-0865d90454b4} 4716 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="4716.8.1127472073\1666395915" -childID 8 -isForBrowser -prefsHandle 8996 -prefMapHandle 9000 -prefsLen 25367 -prefMapSize 245849 -jsInitHandle 1236 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {223cf45f-995b-4e05-94d1-42d314346c3d} 4716 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27442\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI27442\geckodriver.exe --port 64182 --websocket-port 64183
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 64183 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile1QGFZ0
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 64183 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile1QGFZ0
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="4152.0.1379517794\1054279076" -parentBuildID 20240416150000 -prefsHandle 1676 -prefMapHandle 1668 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {4ee37065-8221-40f0-8b3a-2ac672a05156} 4152 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="4152.1.24313643\387669594" -childID 1 -isForBrowser -prefsHandle 2580 -prefMapHandle 2596 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1256 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {0fa6e69e-aff7-425c-883e-82a5e6c951b3} 4152 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="4152.2.1148386152\1866970491" -childID 2 -isForBrowser -prefsHandle 3196 -prefMapHandle 3192 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1256 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {1cebc39c-68c9-4030-8647-ee1329b7d91b} 4152 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="4152.3.992221347\1865703848" -childID 3 -isForBrowser -prefsHandle 3204 -prefMapHandle 2268 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1256 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {24f206c7-bf6c-443a-9db9-60eba752e1ca} 4152 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="4152.4.420097510\1830282208" -childID 4 -isForBrowser -prefsHandle 3688 -prefMapHandle 3684 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1256 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {c7fee869-8da2-4789-aaf5-d52b0a1077dd} 4152 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="4152.5.292815694\60703883" -childID 5 -isForBrowser -prefsHandle 3868 -prefMapHandle 3872 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1256 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {dea0d69a-cb98-497b-955b-147215c87d36} 4152 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="4152.6.2034699258\993907623" -childID 6 -isForBrowser -prefsHandle 4048 -prefMapHandle 3924 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1256 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {be13311c-e273-447b-b7a0-c6538ca04c54} 4152 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="4152.7.1962855198\619081303" -childID 7 -isForBrowser -prefsHandle 4596 -prefMapHandle 4620 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1256 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {406dc34d-8028-432e-8ba2-8eca76e84e15} 4152 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27442\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI27442\geckodriver.exe --port 64182 --websocket-port 64183
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 64183 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileiNdekp
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 64183 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileiNdekp
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="5384.0.1545748850\1922339355" -parentBuildID 20240416150000 -prefsHandle 1668 -prefMapHandle 1660 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {39706cf6-5146-49d5-862e-d244edb9e1ef} 5384 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="5384.1.1163968813\1359578269" -childID 1 -isForBrowser -prefsHandle 2460 -prefMapHandle 2636 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1304 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {ea7affe7-45ad-474c-9879-53ba8d382882} 5384 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="5384.2.976765167\822908647" -childID 2 -isForBrowser -prefsHandle 3180 -prefMapHandle 3176 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1304 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {1b5e357e-0f70-48d1-8087-2c842727e4e7} 5384 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="5384.3.1014945851\415235126" -childID 3 -isForBrowser -prefsHandle 3536 -prefMapHandle 3520 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1304 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {16683825-22b5-44e8-a6a8-e9a037eab843} 5384 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="5384.4.1922361472\1519046473" -childID 4 -isForBrowser -prefsHandle 3876 -prefMapHandle 3580 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1304 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {bf750d12-5f6d-4d1e-90f4-14dcaea49137} 5384 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="5384.5.1482250166\624834474" -childID 5 -isForBrowser -prefsHandle 3264 -prefMapHandle 3268 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1304 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {ea8a84b7-267b-4951-9078-2a6ade8a9b65} 5384 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="5384.6.1661087168\134113129" -childID 6 -isForBrowser -prefsHandle 3212 -prefMapHandle 3080 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1304 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {0e698c2c-d334-4461-8fe9-7f6474b598bb} 5384 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="5384.7.682628603\1943999945" -childID 7 -isForBrowser -prefsHandle 4644 -prefMapHandle 4640 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1304 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {22991098-a0fc-422b-9aa6-863efb729949} 5384 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27442\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI27442\geckodriver.exe --port 64182 --websocket-port 64183
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 64183 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileaiUPc3
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 64183 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileaiUPc3
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="5056.0.2142295342\526413682" -parentBuildID 20240416150000 -prefsHandle 1692 -prefMapHandle 1684 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {70635955-0c61-493f-a811-0723e95de3a0} 5056 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="5056.1.856128409\901707554" -childID 1 -isForBrowser -prefsHandle 2508 -prefMapHandle 2516 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1288 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {f25cd223-6888-48f6-a28d-750ad14968c5} 5056 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="5056.2.1548398869\1298340566" -childID 2 -isForBrowser -prefsHandle 3172 -prefMapHandle 3168 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1288 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {63846e44-9d1d-4856-a9f9-46fe40646230} 5056 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="5056.3.1783647602\1141808827" -childID 3 -isForBrowser -prefsHandle 3240 -prefMapHandle 3224 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1288 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {d34d36bb-4ff3-4698-811c-cf78b86a8aba} 5056 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="5056.4.1156034656\2142125529" -childID 4 -isForBrowser -prefsHandle 3844 -prefMapHandle 3840 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1288 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {04b976b7-1e09-45b3-873d-b1e71433726a} 5056 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="5056.5.473840477\279474197" -childID 5 -isForBrowser -prefsHandle 4064 -prefMapHandle 4060 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1288 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {f209e8f3-7127-4ca3-afcc-d1efbbcff864} 5056 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="5056.6.1598803408\737731265" -childID 6 -isForBrowser -prefsHandle 4224 -prefMapHandle 4228 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1288 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {35504a5e-dd99-4209-8fa2-74a92ecfb334} 5056 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe" -contentproc --channel="5056.7.1567050755\993187422" -childID 7 -isForBrowser -prefsHandle 4676 -prefMapHandle 4672 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1288 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\browser" - {d451e9b8-26b7-4a0f-82f2-b09d6b075e6e} 5056 tab
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| BE | 2.17.196.177:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 177.196.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.156.103.20.in-addr.arpa | udp |
| BE | 2.17.196.177:443 | www.bing.com | tcp |
| N/A | 127.0.0.1:64285 | tcp | |
| N/A | 127.0.0.1:64287 | tcp | |
| FR | 178.33.36.64:9090 | tcp | |
| US | 8.8.8.8:53 | 64.36.33.178.in-addr.arpa | udp |
| N/A | 127.0.0.1:64182 | tcp | |
| DE | 88.99.248.158:9001 | tcp | |
| DE | 144.76.3.182:9090 | tcp | |
| US | 8.8.8.8:53 | 158.248.99.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 182.3.76.144.in-addr.arpa | udp |
| N/A | 127.0.0.1:64182 | tcp | |
| N/A | 127.0.0.1:64390 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:64398 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | udp | |
| N/A | 127.0.0.1:9151 | tcp | |
| US | 8.8.8.8:53 | udp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| US | 8.8.8.8:53 | 103.169.127.40.in-addr.arpa | udp |
| N/A | 127.0.0.1:9151 | tcp | |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| US | 8.8.8.8:53 | 77.190.18.2.in-addr.arpa | udp |
| N/A | 127.0.0.1:9050 | tcp | |
| US | 8.8.8.8:53 | 205.47.74.20.in-addr.arpa | udp |
| N/A | 127.0.0.1:64182 | tcp | |
| N/A | 127.0.0.1:64182 | tcp | |
| N/A | 127.0.0.1:64182 | tcp | |
| N/A | 127.0.0.1:64772 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:64780 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| US | 8.8.8.8:53 | 29.243.111.52.in-addr.arpa | udp |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 26.35.223.20.in-addr.arpa | udp |
| N/A | 127.0.0.1:64182 | tcp | |
| N/A | 127.0.0.1:64182 | tcp | |
| N/A | 127.0.0.1:64182 | tcp | |
| N/A | 127.0.0.1:65097 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:65105 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:64182 | tcp | |
| N/A | 127.0.0.1:64182 | tcp | |
| N/A | 127.0.0.1:64182 | tcp | |
| N/A | 127.0.0.1:65458 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:65466 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:64182 | tcp | |
| N/A | 127.0.0.1:64182 | tcp | |
| N/A | 127.0.0.1:64182 | tcp | |
| N/A | 127.0.0.1:49443 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:49451 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:64182 | tcp | |
| N/A | 127.0.0.1:64182 | tcp | |
| N/A | 127.0.0.1:64182 | tcp | |
| N/A | 127.0.0.1:49761 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:49769 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:64182 | tcp | |
| N/A | 127.0.0.1:64182 | tcp | |
| N/A | 127.0.0.1:64182 | tcp | |
| N/A | 127.0.0.1:50142 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50150 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\_MEI27442\python38.dll
| MD5 | 26ba25d468a778d37f1a24f4514d9814 |
| SHA1 | b64fe169690557656ede3ae50d3c5a197fea6013 |
| SHA256 | 2f3e368f5bcc1dda5e951682008a509751e6395f7328fd0f02c4e1a11f67c128 |
| SHA512 | 80471bfeeab279ce4adfb9ee1962597fb8e1886b861e31bdff1e3aa0df06d93afeb3a3398e9519bab7152d4bd7d88fa9b328a2d7eb50a91eb60fead268912080 |
C:\Users\Admin\AppData\Local\Temp\_MEI27442\VCRUNTIME140.dll
| MD5 | 4a365ffdbde27954e768358f4a4ce82e |
| SHA1 | a1b31102eee1d2a4ed1290da2038b7b9f6a104a3 |
| SHA256 | 6a0850419432735a98e56857d5cfce97e9d58a947a9863ca6afadd1c7bcab27c |
| SHA512 | 54e4b6287c4d5a165509047262873085f50953af63ca0dcb7649c22aba5b439ab117a7e0d6e7f0a3e51a23e28a255ffd1ca1ddce4b2ea7f87bca1c9b0dbe2722 |
C:\Users\Admin\AppData\Local\Temp\_MEI27442\base_library.zip
| MD5 | 09f7062e078379845347034c2a63943e |
| SHA1 | 9683dd8ef7d72101674850f3db0e05c14039d5fd |
| SHA256 | 7c1c73de4909d11efb20028f4745a9c8494fb4ee8dcf2f049907115def3d2629 |
| SHA512 | a169825e9b0bb995a115134cf1f7b76a96b651acd472dc4ce8473900d8852fc93b9f87a26d2c64f7bb3dd76d5feb01eeb4af4945e0c0b95d5c9c97938fa85b34 |
C:\Users\Admin\AppData\Local\Temp\_MEI27442\_ctypes.pyd
| MD5 | 291a0a9b63bae00a4222a6df71a22023 |
| SHA1 | 7a6a2aad634ec30e8edb2d2d8d0895c708d84551 |
| SHA256 | 820e840759eed12e19f3c485fd819b065b49d9dc704ae3599a63077416d63324 |
| SHA512 | d43ef6fc2595936b17b0a689a00be04968f11d7c28945af4c3a74589bd05f415bf4cb3b4e22ac496490daff533755999a69d5962ccffd12e09c16130ed57fd09 |
C:\Users\Admin\AppData\Local\Temp\_MEI27442\libffi-7.dll
| MD5 | eef7981412be8ea459064d3090f4b3aa |
| SHA1 | c60da4830ce27afc234b3c3014c583f7f0a5a925 |
| SHA256 | f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081 |
| SHA512 | dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016 |
C:\Users\Admin\AppData\Local\Temp\_MEI27442\_bz2.pyd
| MD5 | a49c5f406456b79254eb65d015b81088 |
| SHA1 | cfc2a2a89c63df52947af3610e4d9b8999399c91 |
| SHA256 | ce4ef8ed1e72c1d3a6082d500a17a009eb6e8ed15022bf3b68a22291858feced |
| SHA512 | bbafeff8c101c7425dc9b8789117fe4c5e516d217181d3574d9d81b8fec4b0bd34f1e1fe6e406ae95584dc671f788cd7b05c8d700baf59fbf21de9c902edf7ae |
C:\Users\Admin\AppData\Local\Temp\_MEI27442\_lzma.pyd
| MD5 | cf9fd17b1706f3044a8f74f6d398d5f1 |
| SHA1 | c5cd0debbde042445b9722a676ff36a0ac3959ad |
| SHA256 | 9209ccc60115727b192bf7771551040ca6fdd50f9bf8c3d2eacbfd424e8245e4 |
| SHA512 | 5fe922c00c6f7fd3cd9bc56fc51de1f44adffbdb0afc0583f1bb08008be628b9ac16f8560b0c3ba16138e1cdcaf1c525ef24241bed804804cdeb5961aed6385a |
C:\Users\Admin\AppData\Local\Temp\_MEI27442\geckodriver.exe
| MD5 | f60c542253cbe94f762e15c7b064b55d |
| SHA1 | 7a32f034217266db6d799893edc976e891a82944 |
| SHA256 | 989c9e22c08924ecb0ce8901889dcb4dc8db33b0b4c8c88ffea38fe89f04c6aa |
| SHA512 | 1a91ba760e9893521e417a4b6ab4a25c1a1d8aadf89ad98a60eb114f65a88f9d2616f3cc102c08b95a0e91d0cb7245ecc2b4fdbbbc17465c57844e6db2b2e8ca |
C:\Users\Admin\AppData\Local\Temp\_MEI27442\libcrypto-1_1.dll
| MD5 | 89511df61678befa2f62f5025c8c8448 |
| SHA1 | df3961f833b4964f70fcf1c002d9fd7309f53ef8 |
| SHA256 | 296426e7ce11bc3d1cfa9f2aeb42f60c974da4af3b3efbeb0ba40e92e5299fdf |
| SHA512 | 9af069ea13551a4672fdd4635d3242e017837b76ab2815788148dd4c44b4cf3a650d43ac79cd2122e1e51e01fb5164e71ff81a829395bdb8e50bb50a33f0a668 |
C:\Users\Admin\AppData\Local\Temp\_MEI27442\lgpllibs.dll
| MD5 | 726abf1280adf3129481b94b2bc644c4 |
| SHA1 | 404f69e71296f2d199535e8a6d9fb56707fcbc5f |
| SHA256 | 8969747ecb7dfd4a6dcb9150017e14ebbf90ce558f6fb469f6b558d039e9259a |
| SHA512 | 160b57aa1a28ff35210cf958fd7821aa2cc1cf6fca1ea38d768fa90111826b096518363b00b6818d21743aefd6bbbfa358fbe2fe3afa95edacb330a747c6e5f3 |
C:\Users\Admin\AppData\Local\Temp\_MEI27442\mozavutil.dll
| MD5 | 4ecbb73d44518fc2b601a1ac9a38dcad |
| SHA1 | f7c96e85d5b32af8efb784e75164ec4f0c6f4f10 |
| SHA256 | 7f629ecfd36353139e9b067dc5ba84b411ed74132aef01b4430ccb016af46a52 |
| SHA512 | 12946996b2bdd87dd08cf046b37ff21dc23ab336c92d2b42cfa2000743c79524205004623b67505294080f60f9b5433005457f8a385e0461cef2cded6aa3d610 |
C:\Users\Admin\AppData\Local\Temp\_MEI27442\libssl-1_1.dll
| MD5 | 50bcfb04328fec1a22c31c0e39286470 |
| SHA1 | 3a1b78faf34125c7b8d684419fa715c367db3daa |
| SHA256 | fddd0da02dcd41786e9aa04ba17ba391ce39dae6b1f54cfa1e2bb55bc753fce9 |
| SHA512 | 370e6dfd318d905b79baf1808efbf6da58590f00006513bdaaed0c313f6fa6c36f634ea3b05f916cee59f4db25a23dd9e6f64caf3c04a200e78c193027f57685 |
C:\Users\Admin\AppData\Local\Temp\_MEI27442\mozglue.dll
| MD5 | 3e4d1ec1d2a6e85593459601b5a0a828 |
| SHA1 | 92ee422285282dcb170cbc7808299d14d8d27963 |
| SHA256 | eefcf97ee8a298c85c9d4d44bb8747c0cca1ef5922e25000814148fd0fbfb2f5 |
| SHA512 | 4fe70fdbf8c902497537fbcda6e96373c636521aba2db52e3047abad37a9b857ab1668f203bcdf2815bbe0c485ec751dd6031043f459fd4af968c5d495e44ba4 |
C:\Users\Admin\AppData\Local\Temp\_MEI27442\nss3.dll
| MD5 | 71747091d34cc634b9ad3c360b45b0a9 |
| SHA1 | 111cf483836f6a392f64bc9398a327be1c43dfc8 |
| SHA256 | 6e69c7c93a9d06c34c5f5429813d3763fe7ae4fb09c1dc5b0f0290b2dd8befcf |
| SHA512 | b911fd3b201a84c7663135c2dbf72e2368d68557181f5e1a32be271b0e73181f34990575fba44002fc92bae7d90caf530b7ec9212d3d022b4526906f0c2eb35a |
C:\Users\Admin\AppData\Local\Temp\_MEI27442\pyexpat.pyd
| MD5 | 2ae23047648257afa90d0ca96811979f |
| SHA1 | 0833cf7ccae477faa4656c74d593d0f59844cadd |
| SHA256 | 5caf51f12406bdb980db1361fab79c51be8cac0a2a0071a083adf4d84f423e95 |
| SHA512 | 13052eb183bb7eb8bb2740ff39f63805b69e920f2e21b482657a9995aa002579a88296b81ec415942511d2ed146689d1868b446f7e698e72da22f5c182706030 |
C:\Users\Admin\AppData\Local\Temp\_MEI27442\select.pyd
| MD5 | e21cff76db11c1066fd96af86332b640 |
| SHA1 | e78ef7075c479b1d218132d89bf4bec13d54c06a |
| SHA256 | fcc2e09a2355a5546922874fb4cac92ee00a33c0ed6adbc440d128d1e9f4ec28 |
| SHA512 | e86dba2326ca5ea3f5ef3af2abd3c23d5b29b6211acc865b6be5a51d5c8850b7cda8c069e6f631ac62f2047224c4b675bbe6ac97c7ba781de5b8016ebaffd46f |
C:\Users\Admin\AppData\Local\Temp\_MEI27442\top-1m.csv
| MD5 | ba0857be5e9736dde1f5cc44edd5d21b |
| SHA1 | b130759907909cc97bfe0d9a1fd65b8942c931aa |
| SHA256 | 7800cdef850c31931b2b520a42f858c4feb5ca86d6b3789e6173a02e909595ca |
| SHA512 | 08446902bc588e323b8fc551502ff869be6c2bb64f788d1bebfcc30a04c3e589b0616e84fc55de3d81d7b19b26e690024a442e6a27096808bc613bcecf3f6db4 |
C:\Users\Admin\AppData\Local\Temp\_MEI27442\_hashlib.pyd
| MD5 | 5e5af52f42eaf007e3ac73fd2211f048 |
| SHA1 | 1a981e66ab5b03f4a74a6bac6227cd45df78010b |
| SHA256 | a30cf1a40e0b09610e34be187f1396ac5a44dcfb27bc7ff9b450d1318b694c1b |
| SHA512 | bc37625005c3dad1129b158a2f1e91628d5c973961e0efd61513bb6c7b97d77922809afca8039d08c11903734450bc098c6e7b63655ff1e9881323e5cfd739fd |
C:\Users\Admin\AppData\Local\Temp\_MEI27442\_ssl.pyd
| MD5 | d4dfd8c2894670e9f8d6302c09997300 |
| SHA1 | c3a6cc8d8079a06a4cac8950e0baba2b43fb1f8e |
| SHA256 | 0a721fc230eca278a69a2006e13dfa00e698274281378d4df35227e1f68ea3e0 |
| SHA512 | 1422bf45d233e2e3f77dce30ba0123625f2a511f73dfdf42ee093b1755963d9abc371935111c28f0d2c02308c5e82867de2546d871c35e657da32a7182026048 |
C:\Users\Admin\AppData\Local\Temp\_MEI27442\_socket.pyd
| MD5 | 4827652de133c83fa1cae839b361856c |
| SHA1 | 182f9a04bdc42766cfd5fb352f2cb22e5c26665e |
| SHA256 | 87832a3b89e2ada8f704a8f066013660d591d9ce01ce901cc57a3b973f0858ba |
| SHA512 | 8d66d68613fdba0820257550de3c39b308b1dce659dca953d10a95ff2cf89c31afe512d30ed44422b31117058dc9fa15279e5ac84694da89b47f99b0ad7e338a |
C:\Users\Admin\AppData\Local\Temp\_MEI27442\_queue.pyd
| MD5 | dd146e2fa08302496b15118bf47703cf |
| SHA1 | d06813e2fcb30cbb00bb3893f30c2661686cf4b7 |
| SHA256 | 67e4e888559ea2c62ff267b58d7a7e95c2ec361703b5aa232aa8b2a1f96a2051 |
| SHA512 | 5b93a782c9562370fc5b3f289ca422b4d1a1c532e81bd6c95a0063f2e3889ecf828003e42b674439fc7cd0fa72f64ad607bab6910abe9d959a4fb9fb08df263c |
C:\Users\Admin\AppData\Local\Temp\_MEI27442\unicodedata.pyd
| MD5 | 601aee84e12b87ca66826dfc7ca57231 |
| SHA1 | 3a7812433ca7d443d4494446a9ced24b6774ceca |
| SHA256 | d8091e62c74e1b2b648086f778c3c41ce01f09661a75ea207d3fea2cf26a8762 |
| SHA512 | 7c2d64623c6cfd66d6729f59909c90aa944e810ff6514c58b2b3142ee90e8660b7ddf7fa187389dd333e47efe8b19e935dd4e9119c15375b69b4880d043877d7 |
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\addonStartup.json.lz4
| MD5 | 85de06e3d4c6f39404776f3c7162c59b |
| SHA1 | 3e4b8ecebaa9c903d220ee23d367be8e8ba27619 |
| SHA256 | 33d83687f45f4dbe12db0a0ce697cbce2c228d71ed474ad10a839ff7ce95012a |
| SHA512 | 6cd4cac7bd74ac01de30d242b2bc75e7dc2e23c0871250ae8176cc947553dbfc702a2392380acdad6bec355aea6dfa95708af54c560330c36c05bb0f34169963 |
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\webappsstore.sqlite
| MD5 | 41c22c9f81a84b1b0e5ee7ec2ff7c545 |
| SHA1 | d12424cba9e4e9124bf3f15e556c562b95c9b6a3 |
| SHA256 | 4ffdc78433817da79ad2e84b26a2ffaf62d8c1baf80421751d752c3d8723328f |
| SHA512 | 8b690c55ae0b25aeede62a09dea1ef6b7daa9880ca63c6d4ce192160daded05fe0dc44b115216ce10523e2ec45991873c249f159fe8608712818f5ead327897b |
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | 47539d0337e97e22a728afc2638d461f |
| SHA1 | d97b37079543b33b9b605c787945f809aed66fd6 |
| SHA256 | 262e52c5bbaa9bcd2dfcb4cf7da83a1efa95ebd0299f82031ad31a6ab19405a5 |
| SHA512 | 3810ebe80173d41785a42459fc5c4a8a31e56294f2c03fe99416925a34d242b88023565057201c9b6dcbdb97c8396d8305a723c0e31bb5b560b031b299672d4a |
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\xulstore.json
| MD5 | 8d689c06cb844185099c0398a280537e |
| SHA1 | 57073c7526ec37e94bb9db44fedc6d50276f7a6b |
| SHA256 | 96729e9b38f216605ff10715f96f364be32f02e2de23ede7e74b78244605124d |
| SHA512 | 3c7df326c695143915df1068cb2c0f58e93e4881b2c4d94b33948b80e954fbd4cf944ae53b4d15002b79fcdb8e88f8e9cf4c89ca50f56b7cfd8a13ea7dd6fff8 |
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\times.json
| MD5 | 797325af481a14ae243f10d5f24b4a0d |
| SHA1 | 718b6ed3d9d839b8fe0a0e097b9ac5f5770ed5a1 |
| SHA256 | 1d70eaebce1c81e3241ae47deb92aab50f90dd8baa4c7cb5e9f7eb6b1e66abb1 |
| SHA512 | ac9aa2b028bdffe24831ba50894fb48eb70b100f6973875987e24f075a3e9196f96699667eb3a5d2e4f86041d510447c75fe6e55562813451712878a3411c3b1 |
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage.sqlite
| MD5 | 7f2754df6a4a580b15910f449892766d |
| SHA1 | 9dcaad98563ed89781f53941cbc43db5454de7f5 |
| SHA256 | d3765d63c380e5a79296d566b7869c08b1f4e079787176f29cf2ddcd76330654 |
| SHA512 | 25f0205a8c4aed02e9e1f9ecafffb36cb3bb795ef9f06cc12ede9e8b0459ae5b86573b3b4980b92073a59204eaf314cba34c03b99e90ab98f804fe378fe02839 |
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | ecb1dedf5ef99417494e424ca42eb67f |
| SHA1 | e2a293cbba50c6624e75cdaffe472967f3961023 |
| SHA256 | cccd56daa3559a54db61113fbdb5b6c96649cdd65b5cf14bd442c3f2e3b738be |
| SHA512 | 5ea0645775933d5bd2f913d58e344253a58578c920af95bd0fb81ff4f13a4998a919f0856ffdc97541abf9fc3797558b0f2467bc73214b63c7ce568ba87e550b |
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\.metadata-v2
| MD5 | 7abc816e004d9ed0f292770cfa8876cb |
| SHA1 | 4a1eeb702543f0819ef7c64b9f3bfd53be292106 |
| SHA256 | 2960d61c10694d76f29beca0eb96c06608cf4bbf479811449a39197e8580842e |
| SHA512 | 9883b894e65a426227ea9808b69e2259f206df76bd9bb9e7c0ebd7521acbdad0a92c4a531f739c93b1e53001eca8a1a42e122baa1e1885b11d4ba34aae24961a |
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\ls-archive.sqlite
| MD5 | d277f533f1d77e26d09bb66764bbeea6 |
| SHA1 | 082920ebe7dfb870cf94a99fc601fd5ae8b456ee |
| SHA256 | 3c957f8d69ccfe73b66c28d378bf301bb1bcb0ceb5c59ac0dafeb5787b24f3c3 |
| SHA512 | 510c78685b20a68160d9041d5a55a022a281fc0fd5777f978dc422d132961bf52ac23a0a95ca47b15715641ecb7a39b359da8d00d305c8543d553c00db54747d |
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | cbb1daad9fc48ab13e35fcd3621a5999 |
| SHA1 | 0eec8ece735465aea259f8223762f93fb13a97a0 |
| SHA256 | 8a03ae38ee38cf04dd9a5e2c5563bfd930886cae2170ed4200829288e5c155da |
| SHA512 | 818629d68123ae629bd5a1c7e768ed79707360457be1b7c50f7c59447bf9ee398fe78c925f037649d6b1ca529a9cf3bf8077b6f525f3e88142c56bc7e5451e8b |
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\.metadata-v2
| MD5 | 2c740091198dcf20b9c600791e2bcc3c |
| SHA1 | dd6f376ba9139ddec20ece64da0760054133db96 |
| SHA256 | e39504c71ba91c438c682a8c83c7ecfc5410b853d7788a4c561a8c6e90bdbe59 |
| SHA512 | a677a432a4af6b5ad0131d224d2e4c999c2340a54ba770f9f39429fd28ad05a921fcf65a1b714af5deae2419abcf8ab38472e15f0f8758ccf7b7769a40bafffc |
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\sessionCheckpoints.json
| MD5 | 48fcad918c62db97e9af1dba1d131473 |
| SHA1 | d89381594d3241b0e645033f67572a5d8c166764 |
| SHA256 | dd8349e2789db1125b477971c5d445b6afb2f6ea3b57de65080631040900fe8c |
| SHA512 | 2278d074aab519859188b047c77fe7b4db718e0af237b63e06a1b095d7a1eb4e07d6ea59cab5d7b1325aae0047fadea36eae12a80bfefe112aab85fc18aa1ca3 |
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\search.json.mozlz4
| MD5 | b6d7fc9b6ebc5f46500acc52bf6c9808 |
| SHA1 | 4fd8111c436d89b83890e98b4cb7d0343e568340 |
| SHA256 | 2bd35c40d02dfca6c685a001287d89c1ec743b8d4d87a0a568c1cbd0b5ba4974 |
| SHA512 | 7e7111112af9448be4da527ae1d76ed93ec1e236dd00db63ff30d93d1f29cd699193e1e2635b110dda3ec36502c25065ef7d1613537451916ea301eb0f3e084b |
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs.js
| MD5 | 8565a303ddc83b03f8662b034597de18 |
| SHA1 | ce6453779eb52055599ddba097a95ab82512ae5b |
| SHA256 | b6ffe8a2973d7050fd5ffcf7ee1c995eef8d8dc5d58cb0a05a6ca0953bd4c6bd |
| SHA512 | 2b667252645b7f1202582beb353fbb2320f81b1f2e42a8327792309709434092a953727b222a5d81bac1482a547a498ca5c9d3d2c772858746cf29d18c684566 |
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\places.sqlite
| MD5 | 2eeb46e1c58ff1cce4ac2d4d725b2cc6 |
| SHA1 | 89aa36e77e51da31fbbfd682a2acc91f6016d275 |
| SHA256 | e99e5ee165f2a0d5d39c5cc5a1d994c0534cf7caf8779f314f0e92b2d59d2b6a |
| SHA512 | 23d5e39c25375ef4a83713f44615078878253411cd6ca6c4a149de915cd491b328046ddd189a113585361faad6a47ebd6ead31f062681ab25b0f2832a988265e |
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\handlers.json
| MD5 | e7a65c5ead519a7b802f991353c26d3d |
| SHA1 | 34cc3c1cf9bd4912dba5fa422010934e46419fa3 |
| SHA256 | 0e5ce92485da953757f615bad034a43032b220da18f8165dd85347851b56b2d2 |
| SHA512 | 2a6034449ba6f5da8a77870ae665064047cea2460aeb4c8c0b62b308a403fdd30648150209aecc31ab1e50b6d9d94a1f51d3d7d50bbf35ec1b742bff2dbe788d |
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\favicons.sqlite
| MD5 | 0351b833a5c095852e821535974441c8 |
| SHA1 | bcbf5c294852c2d80af7862d19791b994aea7706 |
| SHA256 | dd13400afe7ebe5d0be37c951ff961be293b63588cc3635a62fa5f071ab69eef |
| SHA512 | 3eaefe9e400fadf0b947036e15b4dc5c7b42fbbcb716426ba478073eff1e7d7bddf3f72c44dfb5fafe6712d7ea9f2c52c172607d719f238a22e432afdb618b97 |
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions.json
| MD5 | e2e8f9cf938f81b1185086b12c5c9d90 |
| SHA1 | b67c857a7002b3262f09ffc9fa8524c58a01e5b9 |
| SHA256 | a053bba02f38179197090a9a9849aab872af5b09dc61b2f69efb0d8ea2d0f5e2 |
| SHA512 | 3bab571f5c43ff72ce1dd654b584d053cba937a3d3cc4d07cbf57ac7acc821b199b90fab66abc62dbe32e75297143c810c995d87df076e75a583e321d081d87f |
C:\Users\Admin\AppData\Local\Temp\tmp0noxpysf\webdriver-py-profilecopy\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
| MD5 | a3fb2788945937b22e92eeeb30fb4f15 |
| SHA1 | 8cade36d4d5067cd9a094ab2e4b3c786e3c160aa |
| SHA256 | 05b98840b05ef2acbac333543e4b7c3d40fee2ce5fb4e29260b05e2ff6fe24cd |
| SHA512 | 4897aefe3a0efffaa3d92842b42fe223f0b9882031a65bea683f4554d1fec92b8a66ea15c67e9b95c7fc12991cde3245010ccfb91768ba233711ced3412c13bc |
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extension-preferences.json
| MD5 | d2e8aceaa00ad916618bea2eee81aedf |
| SHA1 | 28b26f0db0b4b2504a418983089795761c56e4a1 |
| SHA256 | fc52b830f384921b69b457fed04dfb4239fb08e9fe7d8ac07c4c269bd9f6f622 |
| SHA512 | b6cb1f872dfc024d28524976aca3ad8840943ca0fc212326e8b6ee6fe0a57d5120a6c1da824ab70d7f9ee8dd674bdd32ace038db4d893b893830bf3267c6e59d |
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\datareporting\glean\db\data.safe.bin
| MD5 | b1c8aa9861b461806c9e738511edd6ae |
| SHA1 | fe13c1bbc7e323845cbe6a1bb89259cbd05595f8 |
| SHA256 | 7cea48e7add3340b36f47ba4ea2ded8d6cb0423ffc2a64b44d7e86e0507d6b70 |
| SHA512 | 841a0f8c98dd04dc9a4be2f05c34ecd511388c76d08ca0f415bfb6056166d9a521b8bc2c46b74697f3ecdac5141d1fe6af76dd0689350caca14e9f849ee75a8b |
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\cookies.sqlite
| MD5 | 5caa766855d5613a999f71b7812d6451 |
| SHA1 | ad0d9a52a0d5cc7f11858301dbe47377ed99ee37 |
| SHA256 | 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27 |
| SHA512 | 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba |
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\content-prefs.sqlite
| MD5 | 2ec530a71bdac21f299f9ddb823be222 |
| SHA1 | 5425aaf19c0832cda06be506e88f2435f432d287 |
| SHA256 | ccad2cafe84d27b3be67a87f0e32b7670e451c7ceefce6f2aa38f658976334b3 |
| SHA512 | 94eec8b0f59c68331d9187dd4dd4aa2b2c31d844e72bf707cd9e0c7c72c64982a3babcacf3d09a996422281ac5479ee304b41a577e54a74308d7a31a7d7091d4 |
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\containers.json
| MD5 | 26dd091069531a62061de8ca1c56d46b |
| SHA1 | 6c9daa73f096174f28f86c9bb245cb8a540f5c2d |
| SHA256 | 2cde4e7f9f1c6ab6fcf729370237845c72314a6c6d942fab1989f37e6c610a9a |
| SHA512 | 180d42c642f5d1126efbf89af33f1b4d1aa936aa530834b508eabcf3ec845aad91daa871ee6517e1181910f5720edbc3788d6a4b2455f1255d7b52b95de2d66d |
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\compatibility.ini
| MD5 | e50a617598b0f635e6f9ae4a9d445b78 |
| SHA1 | a372ec393dd6271bd00cf02f894152887765da8b |
| SHA256 | c9053fe76caf2607aa3043fa8b60070956198590dd8aab868145e0644cee30f5 |
| SHA512 | e851c226c38d4a6dfe43074d455fd75483d6c9b4d9521280a64f5b1913a055084d7764f13a8d0a12142a716a4031cc2ca4916c131d41c18a4d7a95128cb03bc0 |
C:\Users\Admin\AppData\Roaming\tor\cached-microdesc-consensus.tmp
| MD5 | 80e882ce8268212cf4db9fbe44f95336 |
| SHA1 | 85abc152168a20d8db2c6501aa43a97ea72efc8c |
| SHA256 | 32c7fa19bdf922f35368bbda1fd91b30fae89f7e8615c8224901e4e3454ee937 |
| SHA512 | eb6fc2086c0c5b1e2207c675e49713961246559ade42f65f5e1d51e6139e503eacceaa57542664f7161dc320df0403d90bc85e499aa2d0f09c4a3d4236920cd5 |
C:\Users\Admin\AppData\Local\Temp\_MEI27442\Tor Browser\Browser\firefox.exe
| MD5 | 65aa9b0f57d72e4d70e9226322221adc |
| SHA1 | 85fec174d0977afd8c0100c9d9b53c958e1949bf |
| SHA256 | 51b63860fd996d6d5b1753ba6bb7f3a4303f13187fbfecc96ba2b6bae52a7410 |
| SHA512 | f84416a5e9293b8b82993e9424b13d5bb8542d1a379d04f498b60f0b5805626b7c97bcc6f86f6cfd33031b0d65d0ad23ce6d836995b5a481ed29f62ef89b2c85 |
memory/5652-491-0x00007FFAC2F20000-0x00007FFAC2F21000-memory.dmp
memory/5652-490-0x00007FFAC2600000-0x00007FFAC2601000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileojfhFg\extensions.json
| MD5 | 5c844e7b2474c286e05c4dbe58f5a91e |
| SHA1 | 3f1cc1f8a195ed48f1a44dd11edecda97ea633cb |
| SHA256 | b19f73159607bba6e39e19c3017b30f804026c62a637182c42e04d5a0bc45c2d |
| SHA512 | 867c7f4454d3d4c2bdcd0851a3159c6de4d168b7c7e5826e643c8ddf6b309baa25da490ff4e2e95d07581f30707847749bad2963a21950d625d4bcdc91b0c6d9 |
memory/3688-557-0x0000022D302A0000-0x0000022D302B0000-memory.dmp
memory/3688-591-0x0000022D24D10000-0x0000022D24E80000-memory.dmp
C:\Users\Admin\AppData\Roaming\tor\cached-microdescs.new
| MD5 | f11094894551ced57b6ef47cedec390f |
| SHA1 | 7f651c7afecabdce41210e95e234755e5fea75c6 |
| SHA256 | ce1cd131a81b0d79e7c99ea5b81e823954c0dbff6c89b6311d2a1a948f904431 |
| SHA512 | 2c7c1938935356213d25a18a3f93f51417ef1fed44f67c4543602e42bdf7f99013620ef60fcaa73e4c1b071b67c2d03419cc7748587ad34f3346eb25c7432cc0 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileojfhFg\prefs-1.js
| MD5 | 279c439a6edb356ac7720288bdf306b8 |
| SHA1 | 849154f958b5768b3441652ac571064c043eebc0 |
| SHA256 | 0d50fd88794c8ae734d6d357907139019975b8da0ad6b3fecf0f0c64baee8dd8 |
| SHA512 | b9ab95f9fa76468bbd790cf1186687a1e9bf7a6621dae6ba9bdc89e869ca588d3c1e2ff647e9465b725b63a841f091b8895d2e29813c3073206a39204c0a5b6a |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileojfhFg\prefs-1.js
| MD5 | d73f6334c595a315ced53db459b0ea0d |
| SHA1 | 7c45b0fde1c1944dff2e8f56ac27ad15a45e9389 |
| SHA256 | b90a17c7916f0dd85dde04d97d737d79f19cad988004bf663852deb043a3c2fb |
| SHA512 | cf3bb2755e36e7abd866c5ac432c1c504c036a257d5915e80038f5502359c16fdd39eab558f27df8efe7561b4052472a598ecea20c39fc5c463bd81873d29c90 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile67w4qN\sessionCheckpoints.json
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile67w4qN\prefs-1.js
| MD5 | b95e9440b134feb137aa5ab06988b2c4 |
| SHA1 | c85a72ae26e98749b34dc3a768869f65dedd66f6 |
| SHA256 | d5933963679f1edca0b480303ec99189ec36c9e0a49ba600c0a03904537f54b2 |
| SHA512 | 8098ae1a9c838cc009762eab584fdda8a0c59ec7f90eea02cd60699392fd9ffcba66625d68c5091e255b10bf186974e67fd78e628e10ca8492458bb462af7775 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile67w4qN\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile67w4qN\extension-preferences.json
| MD5 | b4298c9a240d6b7b63346daf94013802 |
| SHA1 | 9ce98168437854b51b198c16186c05129f0c273b |
| SHA256 | e120cdbe8994b9c61e74492f0fad161abb5b4e18f64d4b786a8c245ae5a384d5 |
| SHA512 | 545becc42b35be10b4c24fdc38ef6b664d167e4288111f31478f476c2c06794efb802ac0fa2b782cddea1283d295a56053e96520b033258bd596ff6fbb4f1b4c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile67w4qN\prefs.js
| MD5 | 63dcf132215c772bf4327f4ff3cd12a0 |
| SHA1 | 1ac3078795f7d9a38e282b532de3f053fe9ad989 |
| SHA256 | 4fe9471cf21d002b4dc0b786b16f003df06213b850770f4758d64ccdd2de3272 |
| SHA512 | d9e82422b6ba34eae8773c2c1a4adef1b4305e08a3fdd65cb993813394a713f7d195887dd8ca3acda5f31a312ed917ef65f0d0740c11f19e0e1b4254041e1d45 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile67w4qN\startupCache\webext.sc.lz4
| MD5 | e1b04492125e4e5d30f96d735e522e1c |
| SHA1 | c804d162ccfce195f4b4a396d3a6bc142310924d |
| SHA256 | 3de6191509d542b147e94cc16a764f6fc180652c17e57cf2e51ceca74af4f4f5 |
| SHA512 | f3bf19c44b9006071bef0e46d5505c3f0cc4d91a5b909bc01af0361b315e9ed4be9fc22bb2ad0df952a00af687662957c0b30338b4b9285f94761601e3c5b9f0 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile67w4qN\sessionCheckpoints.json
| MD5 | 99601438ae1349b653fcd00278943f90 |
| SHA1 | 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9 |
| SHA256 | 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a |
| SHA512 | ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile67w4qN\prefs-1.js
| MD5 | d8e97e706b9d952d39a903c857004851 |
| SHA1 | 4e30646d36528948e1365edac9677f8d7641d571 |
| SHA256 | 0f57d06a60411647605e1b5380a9987e48831924963545281c4fd3e43a91763f |
| SHA512 | 1ed770aa9f8e587ffaa2add134c27c228172de85cd734e667be1f96161f642708bfceae49541dc42e2bad8fbbfb16288abf36c160ad785b37809dec391493291 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile67w4qN\sessionCheckpoints.json
| MD5 | 65690c43c42921410ec8043e34f09079 |
| SHA1 | 362add4dbd0c978ae222a354a4e8d35563da14b4 |
| SHA256 | 7343d5a46e2fca762305a4f85c45484a49c1607ede8e8c4bd12bedd2327edb8d |
| SHA512 | c0208d51cf1586e75f22764b82c48ecbb42c1ff54aa412a85af13d686e0119b4e49e98450d25c70e3792d3b9c2cda0c5ab0c6931ebaf548693bb970a35ae62b9 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile67w4qN\sessionCheckpoints.json.tmp
| MD5 | 29ce37dc02c78bbe2e5284d350fae004 |
| SHA1 | bab97d5908ea6592aef6b46cee1ded6f34693fa2 |
| SHA256 | 1bfee61e2f346959c53aa41add4b02d2b05c86c9f19ffefe1018f4a964bf4693 |
| SHA512 | 53a9eb746e193c088210d8eaa6218d988f3a67ee4cb21844d682ff0178db040932404f5ce2f3cf8b4576313ba0ec33c04ca288c3412bfa5df7dd8230cc2068bb |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile67w4qN\sessionCheckpoints.json
| MD5 | 2d87ba02e79c11351c1d478b06ca9b29 |
| SHA1 | 4b0fb1927ca869256e9e2e2d480c3feb8e67e6f1 |
| SHA256 | 16b7be97c92e0b75b9f8a3c22e90177941c7e6e3fbb97c8d46432554429f3524 |
| SHA512 | be7e128c140a88348c3676afc49a143227c013056007406c66a3cae16aae170543ca8a0749136702411f502f2c933891d7dcdde0db81c5733415c818f1668185 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile67w4qN\xulstore.json.tmp
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileUOl0dC\user.js
| MD5 | 736db8c9b955f72129a6644a9c797093 |
| SHA1 | 59f1c80c407e27ffe85407a82f7b7250c5ee3753 |
| SHA256 | 668694ca0485bfb77e7049bad327ba3f83534f31c1d50744f227c996eab4097f |
| SHA512 | 9916d339304272357ff56976bfcb9fd2d607ccbaa33dc40b88618c9ae31833923d3f2e8288cfc1f0090da90803b5e07404c41182155db2d2345df6f63020f217 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileUOl0dC\startupCache\scriptCache-child-new.bin
| MD5 | 2724d7dd31542eea53805994d9290cd8 |
| SHA1 | 7b5d8536b060269d79848eaa6e2362333bc0f8ec |
| SHA256 | 72f0d983fa1c2017f7402b19caf50305d7bd8001ed4e7797bc3dc0528f3081a1 |
| SHA512 | 6ea98f95ca46f2b83081b546bf6238de11a829853105233bb29cf9ceeb69ace8c69ae90e94c9b5143f91f05713cfbf82f63265733f6233ecf5acb867758c1ee0 |
memory/3956-1245-0x0000013898830000-0x0000013898840000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileUOl0dC\prefs-1.js
| MD5 | 8d00d28d6b21a6d73d53835d76a4d351 |
| SHA1 | 697d092d429be684fb0885b06b2006dee5acdb33 |
| SHA256 | 395fc8fb962774a2cef0db14f6605665deea8b34f269473f6738cb18a58aaaa4 |
| SHA512 | 35fc493069497fce6a0d46d64c3cc5f4f4eeeb5ffc38a330814b30cb0846c4309cef70bbc8e156ac9c503bca2459e59873b0c85090817b2c66cf0f7a727f4c62 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileUOl0dC\broadcast-listeners.json
| MD5 | 97c3738563a9448365a735f5f29ed3d5 |
| SHA1 | 15a81433236ca6e6ecc4e1c8d0fdb8523b265c57 |
| SHA256 | 63221253f5c30efa214c2cd2adcf51a9c9f9a2c05f119b00a51c9579825c2c24 |
| SHA512 | ed98f42d5d02ab53a9e50f80b312bed4b5d05d053bec582cf9d619ef91251e86cf4f4d1123c645500fc1dc4673b49a8b7badd3f3a39f565ac643ca4fd0157ae6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileW7nxkN\datareporting\glean\db\data.safe.tmp
| MD5 | 63b1bb87284efe954e1c3ae390e7ee44 |
| SHA1 | 75b297779e1e2a8009276dd8df4507eb57e4e179 |
| SHA256 | b017ee25a7f5c09eb4bf359ca721d67e6e9d9f95f8ce6f741d47f33bde6ef73a |
| SHA512 | f7768cbd7dd80408bd270e5a0dc47df588850203546bbc405adb0b096d00d45010d0fb64d8a6c050c83d81bd313094036f3d3af2916f1328f3899d76fad04895 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileW7nxkN\datareporting\glean\db\data.safe.tmp
| MD5 | 7fba44cb533472c1e260d1f28892d86b |
| SHA1 | 727dce051fc511e000053952d568f77b538107bb |
| SHA256 | 14fb5cda1708000576f35c39c15f80a0c653afaf42ed137a3d31678f94b6e8bf |
| SHA512 | 1330b0f39614a3af2a6f5e1ea558b3f5451a7af20b6f7a704784b139a0ec17a20c8d7b903424cb8020a003319a3d75794e9fe8bc0aeb39e81721b9b2fdb9e031 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileW7nxkN\prefs-1.js
| MD5 | a8ce1f9f51214ece60ffa0160e024847 |
| SHA1 | 54f1c2813da95ef8bbfeb1afdb0d4689757a63ba |
| SHA256 | f72e9e80c00eb5e43a21c14e5c5f4a465e75d2f22b4d2090f3c30edcfb55097f |
| SHA512 | f2d9e25d5dda0bc85b9cc206b2cb339a81a44288449ef215f8fde5ec7c70103947374355ab43576924c2aadfe42c63c24f22a1f80c490229afe6ccb970a729d6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileW7nxkN\prefs-1.js
| MD5 | edbdda96940d79cedddf6523f62cac4c |
| SHA1 | 7c7721b17cd2fc8603752a50425795b1b24202c7 |
| SHA256 | 864cc2a02fce90ee91155360e8c51ac1bbaec18db1e43d70beb39e7208834e72 |
| SHA512 | 2da7e610b1479ee6737014da3851f3ecfa7f21a502c5bcc3af5c6ae78d803c2367fbe708f7c131cbc55c3ed3cd1bac5e9147f3a08cee955f12c83b92ff98b662 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile1QGFZ0\compatibility.ini
| MD5 | 68a75b9fa03515733528599f34e02b02 |
| SHA1 | 83e77fd96c95d3e85a14ab7ae5db80cb28eb16bf |
| SHA256 | cd0f99d1e8103f4ee8c1bb00fe0d794cd3a4f220347ae356458c46cda81adc1f |
| SHA512 | 6b82a5c0d5ab06528acd1c9f369d4d1aaaf72d7bd840e5d86dbd74a72f241b710a513b521ea0edd1e25f39e3f39cd76310dcf1cd56d82ca6005771cd938735d4 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile1QGFZ0\WebDriverBiDiServer.json
| MD5 | d59b815dfdb2a457ac53c083abbb9fc8 |
| SHA1 | 1170536d332d03cc8f6513eaac79bd0c99e22568 |
| SHA256 | d86b2cdadfb0901ed537765895cdba4e51e7299749be0e13283af6b15f3c89c8 |
| SHA512 | bc086400540d7e13d598c4b33091de427bd7d0181db36efc28b9706f07faf05a55a74e3ffff3e72585364b088b15f13fc1313e4c0e5612f8c442855ff2b2b2a3 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile1QGFZ0\datareporting\glean\db\data.safe.tmp
| MD5 | c58234a092f9d899f0a623e28a4ab9db |
| SHA1 | 7398261b70453661c8b84df12e2bde7cbc07474b |
| SHA256 | eaec709a98b57cd9c054a205f9bfa76c7424db2845c077822804f31e16ac134c |
| SHA512 | ae2724fc45a8d9d26e43d86bcc7e20f398d8ab4e251e89550087ace1311c4d2571392f2f0bed78da211fcb28766779c1853b80742faa69f722b2c44c283569fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile1QGFZ0\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | dd74d91c69ff9c2f49c7469da1aa204c |
| SHA1 | ecd366a477afb488da9670b955ef41bf3a8c2f5f |
| SHA256 | 5b4ae811e042e7a6b6d90e401dfbbbafea985be1d85ba207e310ade36b442202 |
| SHA512 | 13af79238acad671213ba5558f6cd0bb8b1320efe6ff36ec44d820a471692b5eb7a709a53ab125eca3caafb72278d408e1667513d0103ec7fa28288ef17093aa |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile1QGFZ0\prefs.js
| MD5 | 9517b1882e17339f3a0b86e429d5865b |
| SHA1 | 480269d3a57376e54bbb3caf8dea9d86a22b2b25 |
| SHA256 | fedc90edde421ee5baefec60de22d79a93720478a7ae0519c3a603767f03d803 |
| SHA512 | 9435ec63bae4172599bdb31836af6d0fc7babb5aed2d0c67d54ea52722db02d2ae828106019c9eebba9cb035306ae87232905c26392ff2f7fe1e21a26eeb8229 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile1QGFZ0\prefs-1.js
| MD5 | 4f62d21eca93ad1822ac6256adc5072f |
| SHA1 | f46d32f7daa52b6aebfde744517ca3dd573bde7c |
| SHA256 | 39b363c76b65864822a7659497eb753a343164b1d29bd8c94ef0fa3033d1cec2 |
| SHA512 | e699f426dde858dd18278f3247dccb87da74469e8138d6fa9855e77d3af1740c701cc553a3fbeb97fdbc02f1979f658f92c2947d528877ed31859d8ee42dd2f0 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile1QGFZ0\storage-sync-v2.sqlite
| MD5 | bff4d6361e4126d963ab7dffdc7550ce |
| SHA1 | e2660c2f00b0aef4a81972c6a6093935d5aa40d5 |
| SHA256 | ad0828e5ff9d4188151772cd9af85827a431d122901486590c5734b62b4af2d2 |
| SHA512 | 8d967c085d343d50a76cf14e88ed2fb742a7195034ddbaacd57d2c47abf0218a5f6878528a8f37c8f3b61496f61b5e254d205003af87a3cf156ba12ea59f65bc |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile1QGFZ0\content-prefs.sqlite
| MD5 | b15425d1f21f5708184e35493e63c8a1 |
| SHA1 | e944c1fdf56a3f6a5150b77980e89d48c7b57be2 |
| SHA256 | 7a9012d1846763fe9dcb059035972a023ec29f2b9c03f865f0a6f6df6ef2a6c0 |
| SHA512 | 6b54e30e0a060261bdac98ef818d1053fbabf0d6b8a17efc729942729ed6e6dddb29063b079ddb1dcd1b4edfc85a0311cf821b4b3291372c834a00733456423f |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileiNdekp\datareporting\glean\db\data.safe.tmp
| MD5 | 1c3c58f7838dde7f753614d170f110fc |
| SHA1 | c17e5a486cecaddd6ced7217d298306850a87f48 |
| SHA256 | 81c14432135b2a50dc505904e87781864ca561efef9e94baeca3704d04e6db3d |
| SHA512 | 9f6e9bcb0bba9e2ce3d7dabe03b061e3fda3f6d7b0249ecf4dbc145dc78844386d047ee2ac95656a025ef808cd0fc451204dc98a1981cf2729091761661a3b49 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileiNdekp\prefs.js
| MD5 | 640ab54f17c453ee67ab97b86dfa6db7 |
| SHA1 | 3831922c7cc54fbf10596e6d4d0d74ba61229b4a |
| SHA256 | 958dd6fc22b3a19e1d6f23955ca47601eff41fa2907ec24c83e6751da9f8e696 |
| SHA512 | 2003516f26a82d31e2122ab66f2f894424e52a6925cd635444cd31ab5f30eac51b3ab9693f560a0fa2533247c28473e6129cd4b60a4d76cbce0d8c1fdae47806 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileiNdekp\prefs-1.js
| MD5 | 650457c22735ae95b400343d3947d405 |
| SHA1 | c662bb83b085f0ea8acb20cd6ca6615612af59eb |
| SHA256 | ec4942de5c2fe857ad7f4640f12601003e60c3780ee80d7cb4454ce27bbfb32d |
| SHA512 | 7b8cd64a19766897cc6cc62fbe69be3b79b5e8ce240d7ecd9c555e4a7752bfdf259420876897fb9ec83e831e5a3c76ae49f04f8e2126cbe698ba6da1f0a36ba5 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileiNdekp\prefs-1.js
| MD5 | 6b5604e26b4a60cf94df965cd3e12592 |
| SHA1 | 5e6b4e255525e1c60b2c8782e1a3de43c8543b70 |
| SHA256 | 7e60a31cc65c1c93c95a4dafcf42b6ecb5f491befe6ea192084985af9baae931 |
| SHA512 | 34fa11afa82bb50500da1d5aa60a5b59af0dacf76945c58dbb187bac210545fbc6dbc041348194291ae1129aa99355041f4fe05f54f40359f6babe39532b3b6a |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileaiUPc3\prefs-1.js
| MD5 | 93a4cafa19baba05cd88a441f7ff6700 |
| SHA1 | 3f9c8469dc526ec54824897f55122c8bdefff170 |
| SHA256 | 7041b594296666c9afc24fee9517fa602dab1093c0f61b270a5f820466536afb |
| SHA512 | e3db9aa51faf2460d878e270c0fe3e8d0705de96555fafefc1c28cdae0c5ea6b58c5fe0872add8acabdbc6ac3be1a831bcdfa431f02d98b5b521580ffdfede7a |
Analysis: behavioral2
Detonation Overview
Submitted
2024-05-09 01:55
Reported
2024-05-09 02:07
Platform
win7-20231129-en
Max time kernel
294s
Max time network
308s
Command Line
Signatures
Executes dropped EXE
Loads dropped DLL
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel | C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel | C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel | C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel | C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel | C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "ver"
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\TorBrowser\Tor\tor.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Users\Admin\AppData\Local\Temp\_MEI30522\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI30522\geckodriver.exe --port 49454 --websocket-port 49455
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 49455 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileh1S79a
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 49455 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileh1S79a
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2848.0.1507944050\1040922613" -parentBuildID 20240416150000 -prefsHandle 1212 -prefMapHandle 1204 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\browser" - {6e984581-1344-4323-a493-578f5c4f1ca8} 2848 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2848.1.124626725\1707978048" -childID 1 -isForBrowser -prefsHandle 2052 -prefMapHandle 1988 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 864 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\browser" - {67ee6b2c-d0db-4a7c-b575-77d9fb7efcce} 2848 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2848.2.1373916078\194988442" -childID 2 -isForBrowser -prefsHandle 2336 -prefMapHandle 2396 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 864 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\browser" - {e552b777-23aa-490e-9b95-974998154e4a} 2848 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2848.3.1239125446\1286397374" -childID 3 -isForBrowser -prefsHandle 2340 -prefMapHandle 2592 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 864 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\browser" - {b2cb3722-d0f0-4918-9abf-cc70ed685ebd} 2848 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2848.4.1624298320\2128845312" -childID 4 -isForBrowser -prefsHandle 2736 -prefMapHandle 2788 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 864 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\browser" - {91294f92-0971-423e-aa36-e98079eead21} 2848 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2848.5.1877048812\1357081659" -childID 5 -isForBrowser -prefsHandle 2932 -prefMapHandle 2936 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 864 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\browser" - {f326dced-39dc-43fd-8afc-6fe216cbab3a} 2848 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2848.6.707634545\459828798" -childID 6 -isForBrowser -prefsHandle 3092 -prefMapHandle 3096 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 864 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\browser" - {e21d403c-1915-4015-96b8-31f6d7023d57} 2848 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2848.7.259702572\1881333046" -childID 7 -isForBrowser -prefsHandle 2836 -prefMapHandle 2292 -prefsLen 25412 -prefMapSize 245849 -jsInitHandle 864 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\browser" - {bb4edacf-25c0-4893-b8b1-3b77a4b6c311} 2848 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30522\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI30522\geckodriver.exe --port 49454 --websocket-port 49455
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 49455 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofiletU9KMS
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 49455 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofiletU9KMS
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2716.0.643265916\47105594" -parentBuildID 20240416150000 -prefsHandle 1184 -prefMapHandle 1164 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\browser" - {3b634e97-5117-4937-acd4-480928695173} 2716 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2716.1.815459964\1059590653" -childID 1 -isForBrowser -prefsHandle 952 -prefMapHandle 948 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 844 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\browser" - {d9603872-c245-4e98-a9f2-6dd3b3bedf59} 2716 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2716.2.1734705463\409389142" -childID 2 -isForBrowser -prefsHandle 2216 -prefMapHandle 2232 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 844 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\browser" - {a26e8a5a-87eb-4d58-ab13-89b9b7d8074e} 2716 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2716.3.2071868380\758200237" -childID 3 -isForBrowser -prefsHandle 2220 -prefMapHandle 2352 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 844 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\browser" - {5e6fc0fb-f6be-49ad-8c10-2c9c68585dc9} 2716 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2716.4.1170655158\311221578" -childID 4 -isForBrowser -prefsHandle 2836 -prefMapHandle 2832 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 844 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\browser" - {dc18ffe2-97b5-4bf0-9f82-76326f9d565e} 2716 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2716.5.1150601445\726160388" -childID 5 -isForBrowser -prefsHandle 2964 -prefMapHandle 2968 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 844 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\browser" - {16618a32-5da3-4d69-82c6-72315b01d330} 2716 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2716.6.1587436038\1385446482" -childID 6 -isForBrowser -prefsHandle 3100 -prefMapHandle 3104 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 844 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\browser" - {09f9d4cb-a623-401b-95da-8ae03a8c70b6} 2716 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2716.7.1452264739\1063222181" -childID 7 -isForBrowser -prefsHandle 3488 -prefMapHandle 3484 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 844 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\browser" - {728c8e9c-3096-4183-b624-aa3b7acac04c} 2716 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30522\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI30522\geckodriver.exe --port 49454 --websocket-port 49455
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 49455 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZUEj3f
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 49455 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZUEj3f
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2940.0.338973269\706941868" -parentBuildID 20240416150000 -prefsHandle 1212 -prefMapHandle 1204 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\browser" - {7531c4d4-0e73-420d-9833-5309a58ed115} 2940 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2940.1.1438879494\922141231" -childID 1 -isForBrowser -prefsHandle 884 -prefMapHandle 1628 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 888 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\browser" - {672041a8-370d-40ce-9c62-7511126daf4c} 2940 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2940.2.461562387\631293048" -childID 2 -isForBrowser -prefsHandle 2036 -prefMapHandle 2024 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 888 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\browser" - {b304706a-29c3-407d-91bd-c4357c76448e} 2940 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2940.3.1538827172\937694626" -childID 3 -isForBrowser -prefsHandle 2256 -prefMapHandle 2464 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 888 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\browser" - {3d1ffb4c-ae1a-4138-8b79-c70e434eb2d3} 2940 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2940.4.273873091\254990288" -childID 4 -isForBrowser -prefsHandle 2792 -prefMapHandle 2788 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 888 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\browser" - {6a4eab6f-8590-403f-8615-2ffc52026c02} 2940 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2940.5.1376122520\1863089931" -childID 5 -isForBrowser -prefsHandle 2904 -prefMapHandle 2908 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 888 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\browser" - {902f707f-e77d-43ad-9a5e-db55d5933236} 2940 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2940.6.435314889\1619388101" -childID 6 -isForBrowser -prefsHandle 3060 -prefMapHandle 3064 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 888 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\browser" - {7f16aabc-0076-4a15-83d9-168b62874afa} 2940 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30522\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI30522\geckodriver.exe --port 49454 --websocket-port 49455
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 49455 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileYnKMSO
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 49455 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileYnKMSO
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2920.0.467988182\1264977758" -parentBuildID 20240416150000 -prefsHandle 1184 -prefMapHandle 1176 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\browser" - {9c19e7b0-62e7-45be-822e-f536721aac5c} 2920 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2920.1.1316861812\775232107" -childID 1 -isForBrowser -prefsHandle 940 -prefMapHandle 1944 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 876 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\browser" - {2ddc5320-b804-45a6-be5c-552249b81f32} 2920 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2920.2.115554594\1361679154" -childID 2 -isForBrowser -prefsHandle 2360 -prefMapHandle 2364 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 876 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\browser" - {216ff4db-48fe-403b-9a09-10bbc3605af8} 2920 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2920.3.256826243\103605300" -childID 3 -isForBrowser -prefsHandle 2356 -prefMapHandle 2436 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 876 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\browser" - {a3997763-3695-4836-9f87-fdf84589954f} 2920 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2920.4.247435871\1094482041" -childID 4 -isForBrowser -prefsHandle 2804 -prefMapHandle 2800 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 876 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\browser" - {c705ff94-e51c-4bbc-8865-68012bd49fac} 2920 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2920.5.1174876440\767696927" -childID 5 -isForBrowser -prefsHandle 2928 -prefMapHandle 2932 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 876 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\browser" - {cc956a40-a1a0-4cfe-976c-5e1530fde8b6} 2920 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2920.6.1255883425\861230458" -childID 6 -isForBrowser -prefsHandle 3076 -prefMapHandle 3080 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 876 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\browser" - {51639114-d4b0-4b75-a7b2-958a20eb44f0} 2920 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2920.7.474702292\689813110" -childID 7 -isForBrowser -prefsHandle 3240 -prefMapHandle 3236 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 876 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\browser" - {73d741b4-9945-424e-8abc-04190a622a78} 2920 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30522\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI30522\geckodriver.exe --port 49454 --websocket-port 49455
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 49455 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile5BKDhZ
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 49455 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile5BKDhZ
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2684.0.896403885\1666666681" -parentBuildID 20240416150000 -prefsHandle 1208 -prefMapHandle 1200 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\browser" - {6a603369-0081-4420-b85c-a9bdccd89cbf} 2684 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2684.1.954530194\2118808044" -childID 1 -isForBrowser -prefsHandle 1860 -prefMapHandle 2044 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 820 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\browser" - {7c5b8a94-1f7f-4f3a-a1ac-ea88a0a0ecb0} 2684 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2684.2.972891234\1957419398" -childID 2 -isForBrowser -prefsHandle 2272 -prefMapHandle 2268 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 820 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\browser" - {0e7525e6-c9e4-4f55-b33a-1710d14bb6a8} 2684 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2684.3.840806368\1539390525" -childID 3 -isForBrowser -prefsHandle 2596 -prefMapHandle 2600 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 820 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\browser" - {3fcbb052-c5c1-48bf-8fa6-e9f80e6cf98c} 2684 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2684.4.786797400\629422104" -childID 4 -isForBrowser -prefsHandle 2828 -prefMapHandle 2824 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 820 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\browser" - {d481e9b0-f869-44ad-9e8d-da798efe64c5} 2684 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2684.5.1112844308\1217481300" -childID 5 -isForBrowser -prefsHandle 2944 -prefMapHandle 2948 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 820 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\browser" - {3b5e977f-75d9-4dd3-a12b-7b2ff7bc4938} 2684 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2684.6.588088784\650139007" -childID 6 -isForBrowser -prefsHandle 3000 -prefMapHandle 3004 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 820 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\browser" - {cff92037-899e-4ce7-b402-a0c2eb27feb0} 2684 tab
Network
| Country | Destination | Domain | Proto |
| IN | 194.195.115.114:9001 | tcp | |
| US | 199.249.230.74:443 | tcp | |
| DE | 85.215.42.225:9001 | tcp | |
| US | 38.154.239.242:443 | tcp | |
| N/A | 127.0.0.1:49507 | tcp | |
| N/A | 127.0.0.1:49538 | tcp | |
| N/A | 127.0.0.1:49454 | tcp | |
| N/A | 127.0.0.1:49454 | tcp | |
| N/A | 127.0.0.1:49651 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:49686 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:49454 | tcp | |
| N/A | 127.0.0.1:49454 | tcp | |
| N/A | 127.0.0.1:49454 | tcp | |
| N/A | 127.0.0.1:50198 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50233 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:49454 | tcp | |
| N/A | 127.0.0.1:49454 | tcp | |
| N/A | 127.0.0.1:49454 | tcp | |
| N/A | 127.0.0.1:50705 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50740 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:49454 | tcp | |
| N/A | 127.0.0.1:49454 | tcp | |
| N/A | 127.0.0.1:49454 | tcp | |
| N/A | 127.0.0.1:51178 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51213 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:49454 | tcp | |
| N/A | 127.0.0.1:49454 | tcp | |
| N/A | 127.0.0.1:49454 | tcp | |
| N/A | 127.0.0.1:51686 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51721 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\_MEI30522\python38.dll
| MD5 | 26ba25d468a778d37f1a24f4514d9814 |
| SHA1 | b64fe169690557656ede3ae50d3c5a197fea6013 |
| SHA256 | 2f3e368f5bcc1dda5e951682008a509751e6395f7328fd0f02c4e1a11f67c128 |
| SHA512 | 80471bfeeab279ce4adfb9ee1962597fb8e1886b861e31bdff1e3aa0df06d93afeb3a3398e9519bab7152d4bd7d88fa9b328a2d7eb50a91eb60fead268912080 |
\Users\Admin\AppData\Local\Temp\_MEI30522\VCRUNTIME140.dll
| MD5 | 4a365ffdbde27954e768358f4a4ce82e |
| SHA1 | a1b31102eee1d2a4ed1290da2038b7b9f6a104a3 |
| SHA256 | 6a0850419432735a98e56857d5cfce97e9d58a947a9863ca6afadd1c7bcab27c |
| SHA512 | 54e4b6287c4d5a165509047262873085f50953af63ca0dcb7649c22aba5b439ab117a7e0d6e7f0a3e51a23e28a255ffd1ca1ddce4b2ea7f87bca1c9b0dbe2722 |
\Users\Admin\AppData\Local\Temp\_MEI30522\libffi-7.dll
| MD5 | eef7981412be8ea459064d3090f4b3aa |
| SHA1 | c60da4830ce27afc234b3c3014c583f7f0a5a925 |
| SHA256 | f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081 |
| SHA512 | dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016 |
C:\Users\Admin\AppData\Local\Temp\_MEI30522\pyexpat.pyd
| MD5 | 2ae23047648257afa90d0ca96811979f |
| SHA1 | 0833cf7ccae477faa4656c74d593d0f59844cadd |
| SHA256 | 5caf51f12406bdb980db1361fab79c51be8cac0a2a0071a083adf4d84f423e95 |
| SHA512 | 13052eb183bb7eb8bb2740ff39f63805b69e920f2e21b482657a9995aa002579a88296b81ec415942511d2ed146689d1868b446f7e698e72da22f5c182706030 |
C:\Users\Admin\AppData\Local\Temp\_MEI30522\_ssl.pyd
| MD5 | d4dfd8c2894670e9f8d6302c09997300 |
| SHA1 | c3a6cc8d8079a06a4cac8950e0baba2b43fb1f8e |
| SHA256 | 0a721fc230eca278a69a2006e13dfa00e698274281378d4df35227e1f68ea3e0 |
| SHA512 | 1422bf45d233e2e3f77dce30ba0123625f2a511f73dfdf42ee093b1755963d9abc371935111c28f0d2c02308c5e82867de2546d871c35e657da32a7182026048 |
\Users\Admin\AppData\Local\Temp\_MEI30522\libcrypto-1_1.dll
| MD5 | 89511df61678befa2f62f5025c8c8448 |
| SHA1 | df3961f833b4964f70fcf1c002d9fd7309f53ef8 |
| SHA256 | 296426e7ce11bc3d1cfa9f2aeb42f60c974da4af3b3efbeb0ba40e92e5299fdf |
| SHA512 | 9af069ea13551a4672fdd4635d3242e017837b76ab2815788148dd4c44b4cf3a650d43ac79cd2122e1e51e01fb5164e71ff81a829395bdb8e50bb50a33f0a668 |
\Users\Admin\AppData\Local\Temp\_MEI30522\libssl-1_1.dll
| MD5 | 50bcfb04328fec1a22c31c0e39286470 |
| SHA1 | 3a1b78faf34125c7b8d684419fa715c367db3daa |
| SHA256 | fddd0da02dcd41786e9aa04ba17ba391ce39dae6b1f54cfa1e2bb55bc753fce9 |
| SHA512 | 370e6dfd318d905b79baf1808efbf6da58590f00006513bdaaed0c313f6fa6c36f634ea3b05f916cee59f4db25a23dd9e6f64caf3c04a200e78c193027f57685 |
\Users\Admin\AppData\Local\Temp\_MEI30522\_queue.pyd
| MD5 | dd146e2fa08302496b15118bf47703cf |
| SHA1 | d06813e2fcb30cbb00bb3893f30c2661686cf4b7 |
| SHA256 | 67e4e888559ea2c62ff267b58d7a7e95c2ec361703b5aa232aa8b2a1f96a2051 |
| SHA512 | 5b93a782c9562370fc5b3f289ca422b4d1a1c532e81bd6c95a0063f2e3889ecf828003e42b674439fc7cd0fa72f64ad607bab6910abe9d959a4fb9fb08df263c |
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\containers.json
| MD5 | 26dd091069531a62061de8ca1c56d46b |
| SHA1 | 6c9daa73f096174f28f86c9bb245cb8a540f5c2d |
| SHA256 | 2cde4e7f9f1c6ab6fcf729370237845c72314a6c6d942fab1989f37e6c610a9a |
| SHA512 | 180d42c642f5d1126efbf89af33f1b4d1aa936aa530834b508eabcf3ec845aad91daa871ee6517e1181910f5720edbc3788d6a4b2455f1255d7b52b95de2d66d |
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\places.sqlite
| MD5 | 2eeb46e1c58ff1cce4ac2d4d725b2cc6 |
| SHA1 | 89aa36e77e51da31fbbfd682a2acc91f6016d275 |
| SHA256 | e99e5ee165f2a0d5d39c5cc5a1d994c0534cf7caf8779f314f0e92b2d59d2b6a |
| SHA512 | 23d5e39c25375ef4a83713f44615078878253411cd6ca6c4a149de915cd491b328046ddd189a113585361faad6a47ebd6ead31f062681ab25b0f2832a988265e |
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\xulstore.json
| MD5 | 8d689c06cb844185099c0398a280537e |
| SHA1 | 57073c7526ec37e94bb9db44fedc6d50276f7a6b |
| SHA256 | 96729e9b38f216605ff10715f96f364be32f02e2de23ede7e74b78244605124d |
| SHA512 | 3c7df326c695143915df1068cb2c0f58e93e4881b2c4d94b33948b80e954fbd4cf944ae53b4d15002b79fcdb8e88f8e9cf4c89ca50f56b7cfd8a13ea7dd6fff8 |
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\webappsstore.sqlite
| MD5 | 41c22c9f81a84b1b0e5ee7ec2ff7c545 |
| SHA1 | d12424cba9e4e9124bf3f15e556c562b95c9b6a3 |
| SHA256 | 4ffdc78433817da79ad2e84b26a2ffaf62d8c1baf80421751d752c3d8723328f |
| SHA512 | 8b690c55ae0b25aeede62a09dea1ef6b7daa9880ca63c6d4ce192160daded05fe0dc44b115216ce10523e2ec45991873c249f159fe8608712818f5ead327897b |
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\times.json
| MD5 | 797325af481a14ae243f10d5f24b4a0d |
| SHA1 | 718b6ed3d9d839b8fe0a0e097b9ac5f5770ed5a1 |
| SHA256 | 1d70eaebce1c81e3241ae47deb92aab50f90dd8baa4c7cb5e9f7eb6b1e66abb1 |
| SHA512 | ac9aa2b028bdffe24831ba50894fb48eb70b100f6973875987e24f075a3e9196f96699667eb3a5d2e4f86041d510447c75fe6e55562813451712878a3411c3b1 |
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage.sqlite
| MD5 | 7f2754df6a4a580b15910f449892766d |
| SHA1 | 9dcaad98563ed89781f53941cbc43db5454de7f5 |
| SHA256 | d3765d63c380e5a79296d566b7869c08b1f4e079787176f29cf2ddcd76330654 |
| SHA512 | 25f0205a8c4aed02e9e1f9ecafffb36cb3bb795ef9f06cc12ede9e8b0459ae5b86573b3b4980b92073a59204eaf314cba34c03b99e90ab98f804fe378fe02839 |
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | ecb1dedf5ef99417494e424ca42eb67f |
| SHA1 | e2a293cbba50c6624e75cdaffe472967f3961023 |
| SHA256 | cccd56daa3559a54db61113fbdb5b6c96649cdd65b5cf14bd442c3f2e3b738be |
| SHA512 | 5ea0645775933d5bd2f913d58e344253a58578c920af95bd0fb81ff4f13a4998a919f0856ffdc97541abf9fc3797558b0f2467bc73214b63c7ce568ba87e550b |
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\.metadata-v2
| MD5 | 7abc816e004d9ed0f292770cfa8876cb |
| SHA1 | 4a1eeb702543f0819ef7c64b9f3bfd53be292106 |
| SHA256 | 2960d61c10694d76f29beca0eb96c06608cf4bbf479811449a39197e8580842e |
| SHA512 | 9883b894e65a426227ea9808b69e2259f206df76bd9bb9e7c0ebd7521acbdad0a92c4a531f739c93b1e53001eca8a1a42e122baa1e1885b11d4ba34aae24961a |
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\ls-archive.sqlite
| MD5 | d277f533f1d77e26d09bb66764bbeea6 |
| SHA1 | 082920ebe7dfb870cf94a99fc601fd5ae8b456ee |
| SHA256 | 3c957f8d69ccfe73b66c28d378bf301bb1bcb0ceb5c59ac0dafeb5787b24f3c3 |
| SHA512 | 510c78685b20a68160d9041d5a55a022a281fc0fd5777f978dc422d132961bf52ac23a0a95ca47b15715641ecb7a39b359da8d00d305c8543d553c00db54747d |
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | cbb1daad9fc48ab13e35fcd3621a5999 |
| SHA1 | 0eec8ece735465aea259f8223762f93fb13a97a0 |
| SHA256 | 8a03ae38ee38cf04dd9a5e2c5563bfd930886cae2170ed4200829288e5c155da |
| SHA512 | 818629d68123ae629bd5a1c7e768ed79707360457be1b7c50f7c59447bf9ee398fe78c925f037649d6b1ca529a9cf3bf8077b6f525f3e88142c56bc7e5451e8b |
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\.metadata-v2
| MD5 | 2c740091198dcf20b9c600791e2bcc3c |
| SHA1 | dd6f376ba9139ddec20ece64da0760054133db96 |
| SHA256 | e39504c71ba91c438c682a8c83c7ecfc5410b853d7788a4c561a8c6e90bdbe59 |
| SHA512 | a677a432a4af6b5ad0131d224d2e4c999c2340a54ba770f9f39429fd28ad05a921fcf65a1b714af5deae2419abcf8ab38472e15f0f8758ccf7b7769a40bafffc |
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\sessionCheckpoints.json
| MD5 | 48fcad918c62db97e9af1dba1d131473 |
| SHA1 | d89381594d3241b0e645033f67572a5d8c166764 |
| SHA256 | dd8349e2789db1125b477971c5d445b6afb2f6ea3b57de65080631040900fe8c |
| SHA512 | 2278d074aab519859188b047c77fe7b4db718e0af237b63e06a1b095d7a1eb4e07d6ea59cab5d7b1325aae0047fadea36eae12a80bfefe112aab85fc18aa1ca3 |
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\search.json.mozlz4
| MD5 | b6d7fc9b6ebc5f46500acc52bf6c9808 |
| SHA1 | 4fd8111c436d89b83890e98b4cb7d0343e568340 |
| SHA256 | 2bd35c40d02dfca6c685a001287d89c1ec743b8d4d87a0a568c1cbd0b5ba4974 |
| SHA512 | 7e7111112af9448be4da527ae1d76ed93ec1e236dd00db63ff30d93d1f29cd699193e1e2635b110dda3ec36502c25065ef7d1613537451916ea301eb0f3e084b |
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs.js
| MD5 | 8565a303ddc83b03f8662b034597de18 |
| SHA1 | ce6453779eb52055599ddba097a95ab82512ae5b |
| SHA256 | b6ffe8a2973d7050fd5ffcf7ee1c995eef8d8dc5d58cb0a05a6ca0953bd4c6bd |
| SHA512 | 2b667252645b7f1202582beb353fbb2320f81b1f2e42a8327792309709434092a953727b222a5d81bac1482a547a498ca5c9d3d2c772858746cf29d18c684566 |
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\handlers.json
| MD5 | e7a65c5ead519a7b802f991353c26d3d |
| SHA1 | 34cc3c1cf9bd4912dba5fa422010934e46419fa3 |
| SHA256 | 0e5ce92485da953757f615bad034a43032b220da18f8165dd85347851b56b2d2 |
| SHA512 | 2a6034449ba6f5da8a77870ae665064047cea2460aeb4c8c0b62b308a403fdd30648150209aecc31ab1e50b6d9d94a1f51d3d7d50bbf35ec1b742bff2dbe788d |
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\favicons.sqlite
| MD5 | 0351b833a5c095852e821535974441c8 |
| SHA1 | bcbf5c294852c2d80af7862d19791b994aea7706 |
| SHA256 | dd13400afe7ebe5d0be37c951ff961be293b63588cc3635a62fa5f071ab69eef |
| SHA512 | 3eaefe9e400fadf0b947036e15b4dc5c7b42fbbcb716426ba478073eff1e7d7bddf3f72c44dfb5fafe6712d7ea9f2c52c172607d719f238a22e432afdb618b97 |
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions.json
| MD5 | e2e8f9cf938f81b1185086b12c5c9d90 |
| SHA1 | b67c857a7002b3262f09ffc9fa8524c58a01e5b9 |
| SHA256 | a053bba02f38179197090a9a9849aab872af5b09dc61b2f69efb0d8ea2d0f5e2 |
| SHA512 | 3bab571f5c43ff72ce1dd654b584d053cba937a3d3cc4d07cbf57ac7acc821b199b90fab66abc62dbe32e75297143c810c995d87df076e75a583e321d081d87f |
\Users\Admin\AppData\Local\Temp\_MEI30522\geckodriver.exe
| MD5 | f60c542253cbe94f762e15c7b064b55d |
| SHA1 | 7a32f034217266db6d799893edc976e891a82944 |
| SHA256 | 989c9e22c08924ecb0ce8901889dcb4dc8db33b0b4c8c88ffea38fe89f04c6aa |
| SHA512 | 1a91ba760e9893521e417a4b6ab4a25c1a1d8aadf89ad98a60eb114f65a88f9d2616f3cc102c08b95a0e91d0cb7245ecc2b4fdbbbc17465c57844e6db2b2e8ca |
C:\Users\Admin\AppData\Local\Temp\tmpei4layng\webdriver-py-profilecopy\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
| MD5 | a3fb2788945937b22e92eeeb30fb4f15 |
| SHA1 | 8cade36d4d5067cd9a094ab2e4b3c786e3c160aa |
| SHA256 | 05b98840b05ef2acbac333543e4b7c3d40fee2ce5fb4e29260b05e2ff6fe24cd |
| SHA512 | 4897aefe3a0efffaa3d92842b42fe223f0b9882031a65bea683f4554d1fec92b8a66ea15c67e9b95c7fc12991cde3245010ccfb91768ba233711ced3412c13bc |
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extension-preferences.json
| MD5 | d2e8aceaa00ad916618bea2eee81aedf |
| SHA1 | 28b26f0db0b4b2504a418983089795761c56e4a1 |
| SHA256 | fc52b830f384921b69b457fed04dfb4239fb08e9fe7d8ac07c4c269bd9f6f622 |
| SHA512 | b6cb1f872dfc024d28524976aca3ad8840943ca0fc212326e8b6ee6fe0a57d5120a6c1da824ab70d7f9ee8dd674bdd32ace038db4d893b893830bf3267c6e59d |
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\datareporting\glean\db\data.safe.bin
| MD5 | b1c8aa9861b461806c9e738511edd6ae |
| SHA1 | fe13c1bbc7e323845cbe6a1bb89259cbd05595f8 |
| SHA256 | 7cea48e7add3340b36f47ba4ea2ded8d6cb0423ffc2a64b44d7e86e0507d6b70 |
| SHA512 | 841a0f8c98dd04dc9a4be2f05c34ecd511388c76d08ca0f415bfb6056166d9a521b8bc2c46b74697f3ecdac5141d1fe6af76dd0689350caca14e9f849ee75a8b |
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\cookies.sqlite
| MD5 | 5caa766855d5613a999f71b7812d6451 |
| SHA1 | ad0d9a52a0d5cc7f11858301dbe47377ed99ee37 |
| SHA256 | 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27 |
| SHA512 | 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba |
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\content-prefs.sqlite
| MD5 | 2ec530a71bdac21f299f9ddb823be222 |
| SHA1 | 5425aaf19c0832cda06be506e88f2435f432d287 |
| SHA256 | ccad2cafe84d27b3be67a87f0e32b7670e451c7ceefce6f2aa38f658976334b3 |
| SHA512 | 94eec8b0f59c68331d9187dd4dd4aa2b2c31d844e72bf707cd9e0c7c72c64982a3babcacf3d09a996422281ac5479ee304b41a577e54a74308d7a31a7d7091d4 |
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\compatibility.ini
| MD5 | e50a617598b0f635e6f9ae4a9d445b78 |
| SHA1 | a372ec393dd6271bd00cf02f894152887765da8b |
| SHA256 | c9053fe76caf2607aa3043fa8b60070956198590dd8aab868145e0644cee30f5 |
| SHA512 | e851c226c38d4a6dfe43074d455fd75483d6c9b4d9521280a64f5b1913a055084d7764f13a8d0a12142a716a4031cc2ca4916c131d41c18a4d7a95128cb03bc0 |
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\addonStartup.json.lz4
| MD5 | 85de06e3d4c6f39404776f3c7162c59b |
| SHA1 | 3e4b8ecebaa9c903d220ee23d367be8e8ba27619 |
| SHA256 | 33d83687f45f4dbe12db0a0ce697cbce2c228d71ed474ad10a839ff7ce95012a |
| SHA512 | 6cd4cac7bd74ac01de30d242b2bc75e7dc2e23c0871250ae8176cc947553dbfc702a2392380acdad6bec355aea6dfa95708af54c560330c36c05bb0f34169963 |
C:\Users\Admin\AppData\Local\Temp\_MEI30522\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | 47539d0337e97e22a728afc2638d461f |
| SHA1 | d97b37079543b33b9b605c787945f809aed66fd6 |
| SHA256 | 262e52c5bbaa9bcd2dfcb4cf7da83a1efa95ebd0299f82031ad31a6ab19405a5 |
| SHA512 | 3810ebe80173d41785a42459fc5c4a8a31e56294f2c03fe99416925a34d242b88023565057201c9b6dcbdb97c8396d8305a723c0e31bb5b560b031b299672d4a |
\Users\Admin\AppData\Local\Temp\_MEI30522\select.pyd
| MD5 | e21cff76db11c1066fd96af86332b640 |
| SHA1 | e78ef7075c479b1d218132d89bf4bec13d54c06a |
| SHA256 | fcc2e09a2355a5546922874fb4cac92ee00a33c0ed6adbc440d128d1e9f4ec28 |
| SHA512 | e86dba2326ca5ea3f5ef3af2abd3c23d5b29b6211acc865b6be5a51d5c8850b7cda8c069e6f631ac62f2047224c4b675bbe6ac97c7ba781de5b8016ebaffd46f |
\Users\Admin\AppData\Local\Temp\_MEI30522\_socket.pyd
| MD5 | 4827652de133c83fa1cae839b361856c |
| SHA1 | 182f9a04bdc42766cfd5fb352f2cb22e5c26665e |
| SHA256 | 87832a3b89e2ada8f704a8f066013660d591d9ce01ce901cc57a3b973f0858ba |
| SHA512 | 8d66d68613fdba0820257550de3c39b308b1dce659dca953d10a95ff2cf89c31afe512d30ed44422b31117058dc9fa15279e5ac84694da89b47f99b0ad7e338a |
\Users\Admin\AppData\Local\Temp\_MEI30522\_hashlib.pyd
| MD5 | 5e5af52f42eaf007e3ac73fd2211f048 |
| SHA1 | 1a981e66ab5b03f4a74a6bac6227cd45df78010b |
| SHA256 | a30cf1a40e0b09610e34be187f1396ac5a44dcfb27bc7ff9b450d1318b694c1b |
| SHA512 | bc37625005c3dad1129b158a2f1e91628d5c973961e0efd61513bb6c7b97d77922809afca8039d08c11903734450bc098c6e7b63655ff1e9881323e5cfd739fd |
C:\Users\Admin\AppData\Local\Temp\_MEI30522\unicodedata.pyd
| MD5 | 601aee84e12b87ca66826dfc7ca57231 |
| SHA1 | 3a7812433ca7d443d4494446a9ced24b6774ceca |
| SHA256 | d8091e62c74e1b2b648086f778c3c41ce01f09661a75ea207d3fea2cf26a8762 |
| SHA512 | 7c2d64623c6cfd66d6729f59909c90aa944e810ff6514c58b2b3142ee90e8660b7ddf7fa187389dd333e47efe8b19e935dd4e9119c15375b69b4880d043877d7 |
C:\Users\Admin\AppData\Local\Temp\_MEI30522\top-1m.csv
| MD5 | ba0857be5e9736dde1f5cc44edd5d21b |
| SHA1 | b130759907909cc97bfe0d9a1fd65b8942c931aa |
| SHA256 | 7800cdef850c31931b2b520a42f858c4feb5ca86d6b3789e6173a02e909595ca |
| SHA512 | 08446902bc588e323b8fc551502ff869be6c2bb64f788d1bebfcc30a04c3e589b0616e84fc55de3d81d7b19b26e690024a442e6a27096808bc613bcecf3f6db4 |
C:\Users\Admin\AppData\Local\Temp\_MEI30522\nss3.dll
| MD5 | 71747091d34cc634b9ad3c360b45b0a9 |
| SHA1 | 111cf483836f6a392f64bc9398a327be1c43dfc8 |
| SHA256 | 6e69c7c93a9d06c34c5f5429813d3763fe7ae4fb09c1dc5b0f0290b2dd8befcf |
| SHA512 | b911fd3b201a84c7663135c2dbf72e2368d68557181f5e1a32be271b0e73181f34990575fba44002fc92bae7d90caf530b7ec9212d3d022b4526906f0c2eb35a |
C:\Users\Admin\AppData\Local\Temp\_MEI30522\mozglue.dll
| MD5 | 3e4d1ec1d2a6e85593459601b5a0a828 |
| SHA1 | 92ee422285282dcb170cbc7808299d14d8d27963 |
| SHA256 | eefcf97ee8a298c85c9d4d44bb8747c0cca1ef5922e25000814148fd0fbfb2f5 |
| SHA512 | 4fe70fdbf8c902497537fbcda6e96373c636521aba2db52e3047abad37a9b857ab1668f203bcdf2815bbe0c485ec751dd6031043f459fd4af968c5d495e44ba4 |
C:\Users\Admin\AppData\Local\Temp\_MEI30522\mozavutil.dll
| MD5 | 4ecbb73d44518fc2b601a1ac9a38dcad |
| SHA1 | f7c96e85d5b32af8efb784e75164ec4f0c6f4f10 |
| SHA256 | 7f629ecfd36353139e9b067dc5ba84b411ed74132aef01b4430ccb016af46a52 |
| SHA512 | 12946996b2bdd87dd08cf046b37ff21dc23ab336c92d2b42cfa2000743c79524205004623b67505294080f60f9b5433005457f8a385e0461cef2cded6aa3d610 |
C:\Users\Admin\AppData\Local\Temp\_MEI30522\lgpllibs.dll
| MD5 | 726abf1280adf3129481b94b2bc644c4 |
| SHA1 | 404f69e71296f2d199535e8a6d9fb56707fcbc5f |
| SHA256 | 8969747ecb7dfd4a6dcb9150017e14ebbf90ce558f6fb469f6b558d039e9259a |
| SHA512 | 160b57aa1a28ff35210cf958fd7821aa2cc1cf6fca1ea38d768fa90111826b096518363b00b6818d21743aefd6bbbfa358fbe2fe3afa95edacb330a747c6e5f3 |
\Users\Admin\AppData\Local\Temp\_MEI30522\_lzma.pyd
| MD5 | cf9fd17b1706f3044a8f74f6d398d5f1 |
| SHA1 | c5cd0debbde042445b9722a676ff36a0ac3959ad |
| SHA256 | 9209ccc60115727b192bf7771551040ca6fdd50f9bf8c3d2eacbfd424e8245e4 |
| SHA512 | 5fe922c00c6f7fd3cd9bc56fc51de1f44adffbdb0afc0583f1bb08008be628b9ac16f8560b0c3ba16138e1cdcaf1c525ef24241bed804804cdeb5961aed6385a |
\Users\Admin\AppData\Local\Temp\_MEI30522\_bz2.pyd
| MD5 | a49c5f406456b79254eb65d015b81088 |
| SHA1 | cfc2a2a89c63df52947af3610e4d9b8999399c91 |
| SHA256 | ce4ef8ed1e72c1d3a6082d500a17a009eb6e8ed15022bf3b68a22291858feced |
| SHA512 | bbafeff8c101c7425dc9b8789117fe4c5e516d217181d3574d9d81b8fec4b0bd34f1e1fe6e406ae95584dc671f788cd7b05c8d700baf59fbf21de9c902edf7ae |
\Users\Admin\AppData\Local\Temp\_MEI30522\_ctypes.pyd
| MD5 | 291a0a9b63bae00a4222a6df71a22023 |
| SHA1 | 7a6a2aad634ec30e8edb2d2d8d0895c708d84551 |
| SHA256 | 820e840759eed12e19f3c485fd819b065b49d9dc704ae3599a63077416d63324 |
| SHA512 | d43ef6fc2595936b17b0a689a00be04968f11d7c28945af4c3a74589bd05f415bf4cb3b4e22ac496490daff533755999a69d5962ccffd12e09c16130ed57fd09 |
C:\Users\Admin\AppData\Local\Temp\_MEI30522\base_library.zip
| MD5 | 09f7062e078379845347034c2a63943e |
| SHA1 | 9683dd8ef7d72101674850f3db0e05c14039d5fd |
| SHA256 | 7c1c73de4909d11efb20028f4745a9c8494fb4ee8dcf2f049907115def3d2629 |
| SHA512 | a169825e9b0bb995a115134cf1f7b76a96b651acd472dc4ce8473900d8852fc93b9f87a26d2c64f7bb3dd76d5feb01eeb4af4945e0c0b95d5c9c97938fa85b34 |
C:\Users\Admin\AppData\Roaming\tor\cached-microdesc-consensus.tmp
| MD5 | 80e882ce8268212cf4db9fbe44f95336 |
| SHA1 | 85abc152168a20d8db2c6501aa43a97ea72efc8c |
| SHA256 | 32c7fa19bdf922f35368bbda1fd91b30fae89f7e8615c8224901e4e3454ee937 |
| SHA512 | eb6fc2086c0c5b1e2207c675e49713961246559ade42f65f5e1d51e6139e503eacceaa57542664f7161dc320df0403d90bc85e499aa2d0f09c4a3d4236920cd5 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileh1S79a\extensions.json
| MD5 | f099f062bb5a614301889373e8123eb2 |
| SHA1 | 185bf4d1e8efa4ad3589f37184780b375a0e9f34 |
| SHA256 | d07dc199e4b94bb1e6126425671011846248e093ee1440750c9c2bfb6b1192a8 |
| SHA512 | 5f8663ee3373eb37b12f9846e758fa3088392f43cc1aa860ec84df4f340cbdced0621beccb0d8ac7e899afc367a686d1283c7a8cd1ba7a110174ac3b15da9168 |
C:\Users\Admin\AppData\Roaming\tor\cached-microdescs.new
| MD5 | 15b844d1d3b9894a007edd9b96be1ec4 |
| SHA1 | 365ebaa624a758eabcdc30c6f44c6b3587e59b35 |
| SHA256 | 935a8096963ce233d28c235e6e3bff6ba218f56b9604863ee882ea62d9c04626 |
| SHA512 | 86e55a81d5bc0d5b3389c8ea5571005df39d3abdc61260e0584730dba5f24301530e315adda9ccc7126eaca71c58bc8c487b95fdd638240c0208533129eb0790 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileh1S79a\prefs-1.js
| MD5 | 1cdee888acf2f8e82ee398b2182ab5e8 |
| SHA1 | ca78f05db34545b11573230706b4885be68e9ae0 |
| SHA256 | 8573a5bac98e1ae50d0e1c018eba7c887c85bde9835f4bfb2b484f88f175c53f |
| SHA512 | 95be87420e7989e1664e26d5a37816b75f2181d0da14276e3aa58f772571006eea9938da12435752e8f994f29c950ab6392b604874e333f0b749017b9ad93943 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileh1S79a\prefs-1.js
| MD5 | d3fd9e2cf242bf62d8d08db922abce38 |
| SHA1 | 28f35331f100e135d6be43806ced6eae7564412c |
| SHA256 | cc2b68af7c18e101d3c9129f50454ec58aa8317c37960fde5a2883bed74853be |
| SHA512 | 4a03abbd9f147e413e241a829ef3a15d4c0f7451aa64aeb6dcb90eaeb2250247433e25837baa1da58fcb5119cd454f409ae4a2a193e70ff660c16de24eeb04f8 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofiletU9KMS\sessionCheckpoints.json
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofiletU9KMS\prefs-1.js
| MD5 | a3b4252d87ef4d930010226c25360f56 |
| SHA1 | 19c2d4bd61a3f689e0f82df339694d37f553764a |
| SHA256 | 148d92fcdc8712a0d3f6685b8c4b48a128ae650eac3c476125475d040b471316 |
| SHA512 | 2e2ef4baf1fe850b190985b045d7d3ecfe6fe9f5c9fc9b7491abb67d4f3e4fd8473fbe34c7f7a31c5200cd3c6041aad3240aa2f1f69d6baf32ce6ffab8444cf7 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofiletU9KMS\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofiletU9KMS\extension-preferences.json
| MD5 | b4298c9a240d6b7b63346daf94013802 |
| SHA1 | 9ce98168437854b51b198c16186c05129f0c273b |
| SHA256 | e120cdbe8994b9c61e74492f0fad161abb5b4e18f64d4b786a8c245ae5a384d5 |
| SHA512 | 545becc42b35be10b4c24fdc38ef6b664d167e4288111f31478f476c2c06794efb802ac0fa2b782cddea1283d295a56053e96520b033258bd596ff6fbb4f1b4c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofiletU9KMS\prefs.js
| MD5 | 51baa8abbc65bcb9a45b9190f806929c |
| SHA1 | fe55018ee5862dc2e8e474562874185c71933a67 |
| SHA256 | 6ea3bc69a589c8af25742128eebc1a57c5ae7357a8a9cbf41f87f360a353f69b |
| SHA512 | 01a344cbb214ceed88adf949c4e97a0b92cff1797279fc30df716e5ef22d5bf443b638aa4f261a124d6d2afd3782d4b7f5b03a8067a4ab84946295adbffcec7b |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofiletU9KMS\prefs-1.js
| MD5 | 73ec4ea7e6a03a9682688358b15f60f6 |
| SHA1 | df627a21742d7d794d72b855da19a38569df7fe7 |
| SHA256 | 5819739f4e3245876274836f256ec758eb97a6954c814de76e65e4b441f3b0ad |
| SHA512 | 64e4c5e686b7b637346fe74fffb0e84d5629790405d983709c1323c6d537558ce332beaba467c9d40576e9210ff8c94c2cf4f2fef7628736e45f708e236e38c3 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofiletU9KMS\startupCache\webext.sc.lz4
| MD5 | 5e68d00ed2f920245a318b054b30a8bd |
| SHA1 | 3cd7642670650ca1a2d68be52c446869fb6485be |
| SHA256 | 5aef38abee475c5c1d2e034f164d136578b12180a79338238079239882246611 |
| SHA512 | d45f5fb3c8e6d74dc7dae1641231c64f7233b944d99c8691690f07f9d18981ea035a58a0cf1ca2b74fe16474df9d7d0bb3593d0c16299ad32c3b6094cb44a21c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofiletU9KMS\sessionCheckpoints.json
| MD5 | 99601438ae1349b653fcd00278943f90 |
| SHA1 | 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9 |
| SHA256 | 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a |
| SHA512 | ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofiletU9KMS\prefs-1.js
| MD5 | fafc2c59613865ff13868c09b608c9a6 |
| SHA1 | 1b9dc4d7c05253f1bc6b99f5b89878042980b0b3 |
| SHA256 | 1537601e44b38950aa992442632cd6bfdf8d8198bfaf8a30fba10c9f4dbaab1b |
| SHA512 | 2028b70da709eaaab9e9de92936ebf9040393b81dcbb0a7516c30a9e4c5e57fb1343e171ce8b22c5550588e3647ca4d706df166a271b30f5621ecdc2b5e7b119 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofiletU9KMS\sessionCheckpoints.json
| MD5 | 65690c43c42921410ec8043e34f09079 |
| SHA1 | 362add4dbd0c978ae222a354a4e8d35563da14b4 |
| SHA256 | 7343d5a46e2fca762305a4f85c45484a49c1607ede8e8c4bd12bedd2327edb8d |
| SHA512 | c0208d51cf1586e75f22764b82c48ecbb42c1ff54aa412a85af13d686e0119b4e49e98450d25c70e3792d3b9c2cda0c5ab0c6931ebaf548693bb970a35ae62b9 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofiletU9KMS\sessionCheckpoints.json
| MD5 | 2d87ba02e79c11351c1d478b06ca9b29 |
| SHA1 | 4b0fb1927ca869256e9e2e2d480c3feb8e67e6f1 |
| SHA256 | 16b7be97c92e0b75b9f8a3c22e90177941c7e6e3fbb97c8d46432554429f3524 |
| SHA512 | be7e128c140a88348c3676afc49a143227c013056007406c66a3cae16aae170543ca8a0749136702411f502f2c933891d7dcdde0db81c5733415c818f1668185 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofiletU9KMS\sessionCheckpoints.json.tmp
| MD5 | 29ce37dc02c78bbe2e5284d350fae004 |
| SHA1 | bab97d5908ea6592aef6b46cee1ded6f34693fa2 |
| SHA256 | 1bfee61e2f346959c53aa41add4b02d2b05c86c9f19ffefe1018f4a964bf4693 |
| SHA512 | 53a9eb746e193c088210d8eaa6218d988f3a67ee4cb21844d682ff0178db040932404f5ce2f3cf8b4576313ba0ec33c04ca288c3412bfa5df7dd8230cc2068bb |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofiletU9KMS\xulstore.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofiletU9KMS\datareporting\glean\db\data.safe.tmp
| MD5 | 7fba44cb533472c1e260d1f28892d86b |
| SHA1 | 727dce051fc511e000053952d568f77b538107bb |
| SHA256 | 14fb5cda1708000576f35c39c15f80a0c653afaf42ed137a3d31678f94b6e8bf |
| SHA512 | 1330b0f39614a3af2a6f5e1ea558b3f5451a7af20b6f7a704784b139a0ec17a20c8d7b903424cb8020a003319a3d75794e9fe8bc0aeb39e81721b9b2fdb9e031 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZUEj3f\user.js
| MD5 | 736db8c9b955f72129a6644a9c797093 |
| SHA1 | 59f1c80c407e27ffe85407a82f7b7250c5ee3753 |
| SHA256 | 668694ca0485bfb77e7049bad327ba3f83534f31c1d50744f227c996eab4097f |
| SHA512 | 9916d339304272357ff56976bfcb9fd2d607ccbaa33dc40b88618c9ae31833923d3f2e8288cfc1f0090da90803b5e07404c41182155db2d2345df6f63020f217 |
memory/2940-1685-0x000000000ADD0000-0x000000000ADE0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZUEj3f\startupCache\scriptCache-child-new.bin
| MD5 | 2724d7dd31542eea53805994d9290cd8 |
| SHA1 | 7b5d8536b060269d79848eaa6e2362333bc0f8ec |
| SHA256 | 72f0d983fa1c2017f7402b19caf50305d7bd8001ed4e7797bc3dc0528f3081a1 |
| SHA512 | 6ea98f95ca46f2b83081b546bf6238de11a829853105233bb29cf9ceeb69ace8c69ae90e94c9b5143f91f05713cfbf82f63265733f6233ecf5acb867758c1ee0 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZUEj3f\prefs-1.js
| MD5 | aeb75a4643fb3a2ca1ac709bf3490c53 |
| SHA1 | f5b883f9e9429715e1e319bf999ca5bdf63105f6 |
| SHA256 | 5b48a0561b8dab9c616d866eaecc9f2c4ba2fada3374149c367e4cb16b0ccd9c |
| SHA512 | 783b50f4ce658532a767d120ab63573f27159da767b83dfcce6243225904ed0f59f9572d3546de3ededd28dba00185af6ca4f5d0505b456d0ade8894e0914f2d |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZUEj3f\broadcast-listeners.json
| MD5 | 97c3738563a9448365a735f5f29ed3d5 |
| SHA1 | 15a81433236ca6e6ecc4e1c8d0fdb8523b265c57 |
| SHA256 | 63221253f5c30efa214c2cd2adcf51a9c9f9a2c05f119b00a51c9579825c2c24 |
| SHA512 | ed98f42d5d02ab53a9e50f80b312bed4b5d05d053bec582cf9d619ef91251e86cf4f4d1123c645500fc1dc4673b49a8b7badd3f3a39f565ac643ca4fd0157ae6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZUEj3f\prefs-1.js
| MD5 | 2657be1b419d43f07878d3adecbd3cfd |
| SHA1 | b4c6b991b63b21050c85b2d51d2c6c91e194fef4 |
| SHA256 | c852baec4cd865c2835d32093d0eab5ee48c3ac1a880f4d6047af5d72a5d4754 |
| SHA512 | 3acdfdd99e1fc3ed59a825884014ecc2e5ed62dcd881c8aafb9c2bab96b9a15a2a7f199c17aabf522ecd33fe7ae81ef10dac7f31fa528d43700ae7a6c0ef11b4 |
memory/2920-2129-0x0000000008A60000-0x0000000008A70000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileYnKMSO\datareporting\glean\db\data.safe.tmp
| MD5 | 1c3c58f7838dde7f753614d170f110fc |
| SHA1 | c17e5a486cecaddd6ced7217d298306850a87f48 |
| SHA256 | 81c14432135b2a50dc505904e87781864ca561efef9e94baeca3704d04e6db3d |
| SHA512 | 9f6e9bcb0bba9e2ce3d7dabe03b061e3fda3f6d7b0249ecf4dbc145dc78844386d047ee2ac95656a025ef808cd0fc451204dc98a1981cf2729091761661a3b49 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileYnKMSO\prefs-1.js
| MD5 | 95fd4a1250a586c1a1dc23e363e76d95 |
| SHA1 | cd76636f701106015cb64fe1afd8035e4a9821a6 |
| SHA256 | 74a19a38a88cc0958fad94d51126b6124b960b3e821edded8a36fb67eb32c182 |
| SHA512 | 232b98b12be9c9b0518acef8aaae4d69898f77f13587888313d6290f8316d68363acc33b12e132c5322cc671edc815f1f5065176849d180a13dad518c5434ce3 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileYnKMSO\prefs-1.js
| MD5 | 96ff87fcdff5bc21e561d030eab65387 |
| SHA1 | 98a52982adf9e0ea48dd84b17357a8b40618dd7c |
| SHA256 | a3947aad95dd3cd823f8192149734c424ccc8b266c6cada9a0829bbc72436e40 |
| SHA512 | 1f99e954f6b9e273745652ebd4ed2a7bd1995fa0c95fde5cd2cd5118ebe39deb837467faf6b77c0eb9a1b4aaa8587e7ee7a6d97598f008ca4ad712ccd05a080a |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile5BKDhZ\compatibility.ini
| MD5 | 82daa5f7dbc3b29db915f1542f0a10b3 |
| SHA1 | 098cf7d8857d9fdf5ba8166a44db8a4f23a57ceb |
| SHA256 | b0b5521ba1733db154a6975aa44aadeaa428f5b80fea8065b7bbf359ccb0db0b |
| SHA512 | d6072023f433d6b1f45e2731683645364e479b71a9838748b95d9bb37769dfe3acf55bc8d9899ca2a848a0b7cf4c8d81360d255fca7fa95c79a17d12de47db71 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile5BKDhZ\WebDriverBiDiServer.json
| MD5 | 9f8c9e3ab6c18101c12fcb4a662c9786 |
| SHA1 | 736e389b63c2e3600ccf209c3e4d4b29379a3bac |
| SHA256 | 44237dbb748e6f5487c76559399479647117122135e7bfd6faade9bc1c028c91 |
| SHA512 | 4e4c913914cf4d8bfc2ccda4234be9ca34fc4d606eedba7b7f1d1261c1c0345ec6b3ca8b8d05e5d5fe41d6500934fe3b1bb91861770a76e6d1ba6db5f7768866 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile5BKDhZ\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | aad247196cc610734bb6a48af5cbd495 |
| SHA1 | b9c8d3016249817fb48781b062bcdd6a26e93b7e |
| SHA256 | dfee50819cf884da2ca3357609567bbb778bbbb3a8261c98e98f052b0a2fdd41 |
| SHA512 | 8ebcb36577a819b5633d78fc1c0a6c21bc4fbe61f72ef209c0f6d43e39cd9d9a21126827213f13c66d748c1f4dd82a3bb271c60e3172a73e81b3ea41e33cb54a |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile5BKDhZ\prefs-1.js
| MD5 | 9daf9f31429138601bb69d7070a45a9c |
| SHA1 | 81906607391ff8042b93a48c8db509e3e76cea57 |
| SHA256 | 1d5382d0675db7bd03715506c1a5bb0a930282cd34ca290b506f50afe0e5a066 |
| SHA512 | 73d590cd2208fe3517e3bdaa3e42f25d3b9a98a7df04e114792b4344f52560b67a9704879dcb2aa10f95249f1a5efe22ace023b1a098f8c0f1389bc0554b444a |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile5BKDhZ\prefs-1.js
| MD5 | 7731c2230fcc522f9da2283533aee3a7 |
| SHA1 | 6eb4b0699afa8c8a008de6dd67d2f0a77d68a5ec |
| SHA256 | a0709f9f1ea7b3993330c4aa9afa174eeac14922776477d331e4783edd5765d9 |
| SHA512 | 86d7fd5f53620c90c689e02b779bd8b48c9d96dcd04448ee1cf39c10ba481b1ce8b2ae38ce5c336b6ce59b27918c310cd0b98cc1b7d7e0a3251d8ef783a92633 |
Analysis: behavioral3
Detonation Overview
Submitted
2024-05-09 01:55
Reported
2024-05-09 02:07
Platform
win10-20240404-en
Max time kernel
300s
Max time network
305s
Command Line
Signatures
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "ver"
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\TorBrowser\Tor\tor.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Users\Admin\AppData\Local\Temp\_MEI50762\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI50762\geckodriver.exe --port 50042 --websocket-port 50043
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50043 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileBNbqKa
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50043 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileBNbqKa
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4452.0.527375873\6473749" -parentBuildID 20240416150000 -prefsHandle 1456 -prefMapHandle 1444 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {dab87504-3365-4ecc-90c7-bde6a1959686} 4452 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4452.1.1683123206\964916022" -childID 1 -isForBrowser -prefsHandle 2064 -prefMapHandle 2044 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {a423357d-3210-41b2-8cca-00f7af439447} 4452 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4452.2.752861045\1605721969" -childID 2 -isForBrowser -prefsHandle 2936 -prefMapHandle 2932 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {9a242f6f-ba57-4dd2-af84-969a6dec98e0} 4452 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4452.3.1547267710\1961303762" -childID 3 -isForBrowser -prefsHandle 3428 -prefMapHandle 3432 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {ca750e2e-7315-4db6-a066-10d8307eb82f} 4452 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4452.4.962675777\1346045304" -childID 4 -isForBrowser -prefsHandle 3356 -prefMapHandle 3372 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {eac14a8f-3445-46ad-b432-51a87cd0ee60} 4452 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4452.5.1428316238\417359423" -childID 5 -isForBrowser -prefsHandle 3244 -prefMapHandle 3228 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {dff842fd-05b3-4c93-a56d-5128715e1693} 4452 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4452.6.885861865\1234819630" -childID 6 -isForBrowser -prefsHandle 3780 -prefMapHandle 3828 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {f006e71f-668b-4610-8e59-d989bddee5b6} 4452 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4452.7.746868352\1159956866" -childID 7 -isForBrowser -prefsHandle 4244 -prefMapHandle 3560 -prefsLen 25536 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {e8c49500-589d-4757-97c7-a453a797d959} 4452 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4452.8.705404122\1073313105" -childID 8 -isForBrowser -prefsHandle 8216 -prefMapHandle 8232 -prefsLen 25536 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {2a73730c-5224-47ce-aca9-dde38dd7214f} 4452 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4452.9.253132635\1005879886" -childID 9 -isForBrowser -prefsHandle 7940 -prefMapHandle 8204 -prefsLen 25580 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {d3e16567-f3e8-42e0-ad52-8acdbe2c26fa} 4452 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4452.10.832398840\151543761" -childID 10 -isForBrowser -prefsHandle 8444 -prefMapHandle 7980 -prefsLen 25580 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {1f9fc838-1997-4b1e-9c0a-b61c3cfddc09} 4452 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4452.11.1613673429\90244890" -childID 11 -isForBrowser -prefsHandle 3264 -prefMapHandle 7692 -prefsLen 25580 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {1f48a1bf-30dc-4432-9f2b-1b20421ec716} 4452 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4452.12.1949313874\854858903" -childID 12 -isForBrowser -prefsHandle 7444 -prefMapHandle 7460 -prefsLen 25580 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {c6e65b77-ab8a-47d9-927e-13babdb398a6} 4452 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50762\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI50762\geckodriver.exe --port 50042 --websocket-port 50043
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50043 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilelUbEc7
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50043 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilelUbEc7
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="6136.0.846520349\1064876581" -parentBuildID 20240416150000 -prefsHandle 1448 -prefMapHandle 1436 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {4f7ed18d-6c04-4ba0-bc67-e772a0c0a32d} 6136 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="6136.1.851600340\1144980334" -childID 1 -isForBrowser -prefsHandle 2280 -prefMapHandle 2484 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1132 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {4c4acff2-dcba-41ec-ac5b-cbea46463c61} 6136 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="6136.2.1821077745\761836967" -childID 2 -isForBrowser -prefsHandle 2932 -prefMapHandle 2928 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1132 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {e9b17f9a-a4a9-48ae-a36b-11b393407728} 6136 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="6136.3.443222528\2125949475" -childID 3 -isForBrowser -prefsHandle 3160 -prefMapHandle 3220 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1132 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {6c25bdae-cd8f-4e69-9338-2be93894aad6} 6136 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="6136.4.35484287\1839425211" -childID 4 -isForBrowser -prefsHandle 3608 -prefMapHandle 3588 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1132 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {e0651290-3cf9-4c77-9f1c-4311fe0d3ecf} 6136 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="6136.5.1981823178\779852324" -childID 5 -isForBrowser -prefsHandle 3772 -prefMapHandle 2292 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1132 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {c65ce0d3-477c-4ab1-a7c6-abd37e485f52} 6136 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="6136.6.1908150165\534175749" -childID 6 -isForBrowser -prefsHandle 3828 -prefMapHandle 3832 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1132 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {477476b8-0362-4025-b106-9ce6005fe329} 6136 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="6136.7.1725142218\1566979188" -childID 7 -isForBrowser -prefsHandle 4268 -prefMapHandle 3028 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1132 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {d5e380af-dff5-4a29-8d00-55e1d1e089e4} 6136 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50762\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI50762\geckodriver.exe --port 50042 --websocket-port 50043
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50043 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilenFu5q4
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50043 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilenFu5q4
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1120.0.780577231\1141668876" -parentBuildID 20240416150000 -prefsHandle 1488 -prefMapHandle 1472 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {bab313c2-4b66-4175-9b2f-5541b33a2dd6} 1120 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1120.1.1059984471\938794768" -childID 1 -isForBrowser -prefsHandle 2116 -prefMapHandle 2772 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {8e2153d2-56d9-4f48-8bdf-17bb535dc48a} 1120 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1120.2.605080646\796181784" -childID 2 -isForBrowser -prefsHandle 3016 -prefMapHandle 3012 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {b3812d81-6a33-4799-9b5e-3c85e865ffcb} 1120 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1120.3.1799610722\782059140" -childID 3 -isForBrowser -prefsHandle 3136 -prefMapHandle 3132 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {6bd3e930-e513-4b36-91ce-83174bc66212} 1120 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1120.4.1196478439\633215904" -childID 4 -isForBrowser -prefsHandle 3640 -prefMapHandle 3636 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {7df6ab28-d1ba-421d-b672-b36ee64ee4fa} 1120 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1120.5.1678283835\1470954464" -childID 5 -isForBrowser -prefsHandle 3828 -prefMapHandle 3832 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {61aabe89-fbe2-4274-bea1-9367b4363083} 1120 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1120.6.1262529699\1613877846" -childID 6 -isForBrowser -prefsHandle 3988 -prefMapHandle 3992 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {92b1ff1a-d503-47ab-bcd7-7854543ea1ac} 1120 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1120.7.1539961127\111928133" -childID 7 -isForBrowser -prefsHandle 4164 -prefMapHandle 3812 -prefsLen 25412 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {244736ad-9aeb-4fb5-b1d6-c785a94b6e9a} 1120 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50762\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI50762\geckodriver.exe --port 50042 --websocket-port 50043
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50043 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileVZyCh1
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50043 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileVZyCh1
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4516.0.65978790\2080313882" -parentBuildID 20240416150000 -prefsHandle 1468 -prefMapHandle 1456 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {7f00d338-2057-4279-a940-db0ff1b02467} 4516 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4516.1.1872980531\2025637026" -childID 1 -isForBrowser -prefsHandle 2516 -prefMapHandle 2512 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1120 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {72c33be7-637b-48df-b2a1-7cec6949cf02} 4516 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4516.2.1252636839\701040208" -childID 2 -isForBrowser -prefsHandle 2952 -prefMapHandle 2948 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1120 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {07a46efc-db3b-4faf-8c3d-2b8cf4ed478d} 4516 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4516.3.2119927250\1393282864" -childID 3 -isForBrowser -prefsHandle 3120 -prefMapHandle 2960 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1120 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {434e9639-e25c-4430-be03-f657e1bbc24d} 4516 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4516.4.1195804120\1342409601" -childID 4 -isForBrowser -prefsHandle 3644 -prefMapHandle 3640 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1120 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {ff9f4b85-ac4e-4812-8791-3ddc9d17983f} 4516 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4516.5.763765398\744806629" -childID 5 -isForBrowser -prefsHandle 3776 -prefMapHandle 3780 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1120 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {ab7a95c2-ff31-44dc-bdb1-61a4709d56ca} 4516 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4516.6.1346913061\314958499" -childID 6 -isForBrowser -prefsHandle 3960 -prefMapHandle 3964 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1120 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {2982940f-6f9f-438c-aea4-256eb047585f} 4516 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4516.7.773792529\36849563" -childID 7 -isForBrowser -prefsHandle 4272 -prefMapHandle 4248 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1120 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {7131c44b-3f8e-4322-8e67-45c6d9f9f666} 4516 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4516.8.59629208\1875412874" -parentBuildID 20240416150000 -prefsHandle 8548 -prefMapHandle 8552 -prefsLen 27558 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {9abe9a2a-7a77-44a5-857d-72664b3a623c} 4516 rdd
C:\Users\Admin\AppData\Local\Temp\_MEI50762\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI50762\geckodriver.exe --port 50042 --websocket-port 50043
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50043 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileS0y3vM
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50043 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileS0y3vM
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4024.0.913995930\1937513440" -parentBuildID 20240416150000 -prefsHandle 1488 -prefMapHandle 1464 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {560fdad3-0895-4bda-b103-7ed480a0db40} 4024 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4024.1.528414953\1631244014" -childID 1 -isForBrowser -prefsHandle 2624 -prefMapHandle 2644 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {56de1d14-5bd3-429b-8c61-b136e7c9f79c} 4024 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4024.2.1308370231\1803166763" -childID 2 -isForBrowser -prefsHandle 2652 -prefMapHandle 2648 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {5920a292-8406-4987-acb9-d804689f7e67} 4024 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4024.3.300583225\189376779" -childID 3 -isForBrowser -prefsHandle 3208 -prefMapHandle 2652 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {e9d85778-bc6a-44fb-a13b-7be564e5d031} 4024 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4024.4.1994971123\845395327" -childID 4 -isForBrowser -prefsHandle 3440 -prefMapHandle 1352 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {0423010b-0ce1-430e-9360-8593329aeeaa} 4024 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4024.5.1585814139\957243231" -childID 5 -isForBrowser -prefsHandle 3588 -prefMapHandle 3592 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {ede98fd6-c49f-424b-aadd-ece75b142c9c} 4024 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4024.6.99846612\1404872138" -childID 6 -isForBrowser -prefsHandle 3776 -prefMapHandle 3780 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {8b12419b-70c3-4c1e-9fab-648d28255760} 4024 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4024.7.511777750\1531151402" -childID 7 -isForBrowser -prefsHandle 4316 -prefMapHandle 4320 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {5d2fbd4a-526e-4aa7-a227-a285bfc2f797} 4024 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50762\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI50762\geckodriver.exe --port 50042 --websocket-port 50043
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50043 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileHMU3Dj
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50043 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileHMU3Dj
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="5668.0.1669934317\1653169562" -parentBuildID 20240416150000 -prefsHandle 1480 -prefMapHandle 1464 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {d99120aa-65ca-4f2c-bb16-70c52c63a8af} 5668 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="5668.1.295232145\1148205236" -childID 1 -isForBrowser -prefsHandle 2460 -prefMapHandle 2456 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1144 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {5e9b9d65-bf83-41db-bc4e-6ca69096d88c} 5668 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="5668.2.1296938947\1086694685" -childID 2 -isForBrowser -prefsHandle 2952 -prefMapHandle 2948 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1144 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {24ac7e4a-707c-45db-8605-307c33d76bd5} 5668 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="5668.3.501858498\1802121781" -childID 3 -isForBrowser -prefsHandle 2968 -prefMapHandle 2972 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1144 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {cdb4b64f-43cb-4c03-b7ca-66313ce76647} 5668 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="5668.4.1395855914\1630016417" -childID 4 -isForBrowser -prefsHandle 3648 -prefMapHandle 3644 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1144 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {c82d2aa6-c00e-4d26-bd2b-ddf76a3a3b8f} 5668 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="5668.5.671908087\1928659415" -childID 5 -isForBrowser -prefsHandle 3776 -prefMapHandle 3780 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1144 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {f5a9cb42-1c2f-4d31-b2bf-d813cf8d0c6c} 5668 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="5668.6.887244817\1893942370" -childID 6 -isForBrowser -prefsHandle 4040 -prefMapHandle 4036 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1144 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {595009b7-c88a-48aa-824f-8f9c0764b4d6} 5668 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="5668.7.2011096920\1589259242" -childID 7 -isForBrowser -prefsHandle 4416 -prefMapHandle 4420 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1144 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {0edd0c45-cd01-4090-8983-aba07fb306ea} 5668 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50762\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI50762\geckodriver.exe --port 50042 --websocket-port 50043
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50043 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileMXfwJh
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50043 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileMXfwJh
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4900.0.241334610\693012607" -parentBuildID 20240416150000 -prefsHandle 1484 -prefMapHandle 1472 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {1220a5e9-5bcf-4a79-bc20-f6369c747f3c} 4900 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4900.1.1320556544\31568839" -childID 1 -isForBrowser -prefsHandle 2664 -prefMapHandle 2688 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1068 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {42214a25-b23b-4fca-b4aa-db9168d69c09} 4900 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4900.2.115798053\964127924" -childID 2 -isForBrowser -prefsHandle 2956 -prefMapHandle 2952 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1068 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {f007ade4-ee59-4f35-9ffa-8ca3835994d9} 4900 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4900.3.229329784\1960765069" -childID 3 -isForBrowser -prefsHandle 2972 -prefMapHandle 2988 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1068 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {b9787087-c48f-454f-9df8-67e5200b560f} 4900 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4900.4.2073578488\1223493622" -childID 4 -isForBrowser -prefsHandle 3596 -prefMapHandle 3588 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1068 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {f5e38a11-c9cd-4f3e-85a4-26aceeddce89} 4900 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4900.5.334076105\1316913695" -childID 5 -isForBrowser -prefsHandle 3760 -prefMapHandle 3764 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1068 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {2d58a52d-c9d0-4d37-853d-34c159d5e26a} 4900 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4900.6.903127401\1338810172" -childID 6 -isForBrowser -prefsHandle 3944 -prefMapHandle 3948 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1068 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {b39ced59-0e24-4434-a216-a5fb5ef071f7} 4900 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4900.7.1957737897\920626170" -childID 7 -isForBrowser -prefsHandle 4392 -prefMapHandle 4396 -prefsLen 25412 -prefMapSize 245849 -jsInitHandle 1068 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\browser" - {51b775dc-bbf1-4848-bef2-4878fda1fce1} 4900 tab
Network
| Country | Destination | Domain | Proto |
| US | 23.108.55.71:443 | tcp | |
| US | 8.8.8.8:53 | 71.55.108.23.in-addr.arpa | udp |
| US | 38.175.201.167:9001 | tcp | |
| GB | 181.215.32.162:443 | tcp | |
| US | 8.8.8.8:53 | 162.32.215.181.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 167.201.175.38.in-addr.arpa | udp |
| N/A | 127.0.0.1:50145 | tcp | |
| N/A | 127.0.0.1:50147 | tcp | |
| N/A | 127.0.0.1:50042 | tcp | |
| N/A | 127.0.0.1:50042 | tcp | |
| N/A | 127.0.0.1:50240 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50248 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:50042 | tcp | |
| US | 8.8.8.8:53 | 29.243.111.52.in-addr.arpa | udp |
| N/A | 127.0.0.1:50042 | tcp | |
| N/A | 127.0.0.1:50042 | tcp | |
| N/A | 127.0.0.1:50654 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50662 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50042 | tcp | |
| N/A | 127.0.0.1:50042 | tcp | |
| N/A | 127.0.0.1:50042 | tcp | |
| N/A | 127.0.0.1:50954 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50962 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| US | 8.8.8.8:53 | 131.72.42.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| N/A | 127.0.0.1:50042 | tcp | |
| N/A | 127.0.0.1:50042 | tcp | |
| N/A | 127.0.0.1:50042 | tcp | |
| N/A | 127.0.0.1:51259 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51267 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:50042 | tcp | |
| N/A | 127.0.0.1:50042 | tcp | |
| N/A | 127.0.0.1:50042 | tcp | |
| N/A | 127.0.0.1:51621 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51629 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:50042 | tcp | |
| N/A | 127.0.0.1:50042 | tcp | |
| N/A | 127.0.0.1:50042 | tcp | |
| N/A | 127.0.0.1:51888 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51896 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50042 | tcp | |
| N/A | 127.0.0.1:50042 | tcp | |
| N/A | 127.0.0.1:50042 | tcp | |
| N/A | 127.0.0.1:52166 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:52174 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\_MEI50762\python38.dll
| MD5 | 26ba25d468a778d37f1a24f4514d9814 |
| SHA1 | b64fe169690557656ede3ae50d3c5a197fea6013 |
| SHA256 | 2f3e368f5bcc1dda5e951682008a509751e6395f7328fd0f02c4e1a11f67c128 |
| SHA512 | 80471bfeeab279ce4adfb9ee1962597fb8e1886b861e31bdff1e3aa0df06d93afeb3a3398e9519bab7152d4bd7d88fa9b328a2d7eb50a91eb60fead268912080 |
C:\Users\Admin\AppData\Local\Temp\_MEI50762\base_library.zip
| MD5 | 09f7062e078379845347034c2a63943e |
| SHA1 | 9683dd8ef7d72101674850f3db0e05c14039d5fd |
| SHA256 | 7c1c73de4909d11efb20028f4745a9c8494fb4ee8dcf2f049907115def3d2629 |
| SHA512 | a169825e9b0bb995a115134cf1f7b76a96b651acd472dc4ce8473900d8852fc93b9f87a26d2c64f7bb3dd76d5feb01eeb4af4945e0c0b95d5c9c97938fa85b34 |
\Users\Admin\AppData\Local\Temp\_MEI50762\VCRUNTIME140.dll
| MD5 | 4a365ffdbde27954e768358f4a4ce82e |
| SHA1 | a1b31102eee1d2a4ed1290da2038b7b9f6a104a3 |
| SHA256 | 6a0850419432735a98e56857d5cfce97e9d58a947a9863ca6afadd1c7bcab27c |
| SHA512 | 54e4b6287c4d5a165509047262873085f50953af63ca0dcb7649c22aba5b439ab117a7e0d6e7f0a3e51a23e28a255ffd1ca1ddce4b2ea7f87bca1c9b0dbe2722 |
\Users\Admin\AppData\Local\Temp\_MEI50762\libffi-7.dll
| MD5 | eef7981412be8ea459064d3090f4b3aa |
| SHA1 | c60da4830ce27afc234b3c3014c583f7f0a5a925 |
| SHA256 | f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081 |
| SHA512 | dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016 |
\Users\Admin\AppData\Local\Temp\_MEI50762\_bz2.pyd
| MD5 | a49c5f406456b79254eb65d015b81088 |
| SHA1 | cfc2a2a89c63df52947af3610e4d9b8999399c91 |
| SHA256 | ce4ef8ed1e72c1d3a6082d500a17a009eb6e8ed15022bf3b68a22291858feced |
| SHA512 | bbafeff8c101c7425dc9b8789117fe4c5e516d217181d3574d9d81b8fec4b0bd34f1e1fe6e406ae95584dc671f788cd7b05c8d700baf59fbf21de9c902edf7ae |
\Users\Admin\AppData\Local\Temp\_MEI50762\_hashlib.pyd
| MD5 | 5e5af52f42eaf007e3ac73fd2211f048 |
| SHA1 | 1a981e66ab5b03f4a74a6bac6227cd45df78010b |
| SHA256 | a30cf1a40e0b09610e34be187f1396ac5a44dcfb27bc7ff9b450d1318b694c1b |
| SHA512 | bc37625005c3dad1129b158a2f1e91628d5c973961e0efd61513bb6c7b97d77922809afca8039d08c11903734450bc098c6e7b63655ff1e9881323e5cfd739fd |
C:\Users\Admin\AppData\Local\Temp\_MEI50762\_ssl.pyd
| MD5 | d4dfd8c2894670e9f8d6302c09997300 |
| SHA1 | c3a6cc8d8079a06a4cac8950e0baba2b43fb1f8e |
| SHA256 | 0a721fc230eca278a69a2006e13dfa00e698274281378d4df35227e1f68ea3e0 |
| SHA512 | 1422bf45d233e2e3f77dce30ba0123625f2a511f73dfdf42ee093b1755963d9abc371935111c28f0d2c02308c5e82867de2546d871c35e657da32a7182026048 |
C:\Users\Admin\AppData\Local\Temp\_MEI50762\_socket.pyd
| MD5 | 4827652de133c83fa1cae839b361856c |
| SHA1 | 182f9a04bdc42766cfd5fb352f2cb22e5c26665e |
| SHA256 | 87832a3b89e2ada8f704a8f066013660d591d9ce01ce901cc57a3b973f0858ba |
| SHA512 | 8d66d68613fdba0820257550de3c39b308b1dce659dca953d10a95ff2cf89c31afe512d30ed44422b31117058dc9fa15279e5ac84694da89b47f99b0ad7e338a |
C:\Users\Admin\AppData\Local\Temp\_MEI50762\_queue.pyd
| MD5 | dd146e2fa08302496b15118bf47703cf |
| SHA1 | d06813e2fcb30cbb00bb3893f30c2661686cf4b7 |
| SHA256 | 67e4e888559ea2c62ff267b58d7a7e95c2ec361703b5aa232aa8b2a1f96a2051 |
| SHA512 | 5b93a782c9562370fc5b3f289ca422b4d1a1c532e81bd6c95a0063f2e3889ecf828003e42b674439fc7cd0fa72f64ad607bab6910abe9d959a4fb9fb08df263c |
C:\Users\Admin\AppData\Local\Temp\_MEI50762\unicodedata.pyd
| MD5 | 601aee84e12b87ca66826dfc7ca57231 |
| SHA1 | 3a7812433ca7d443d4494446a9ced24b6774ceca |
| SHA256 | d8091e62c74e1b2b648086f778c3c41ce01f09661a75ea207d3fea2cf26a8762 |
| SHA512 | 7c2d64623c6cfd66d6729f59909c90aa944e810ff6514c58b2b3142ee90e8660b7ddf7fa187389dd333e47efe8b19e935dd4e9119c15375b69b4880d043877d7 |
C:\Users\Admin\AppData\Local\Temp\_MEI50762\top-1m.csv
| MD5 | ba0857be5e9736dde1f5cc44edd5d21b |
| SHA1 | b130759907909cc97bfe0d9a1fd65b8942c931aa |
| SHA256 | 7800cdef850c31931b2b520a42f858c4feb5ca86d6b3789e6173a02e909595ca |
| SHA512 | 08446902bc588e323b8fc551502ff869be6c2bb64f788d1bebfcc30a04c3e589b0616e84fc55de3d81d7b19b26e690024a442e6a27096808bc613bcecf3f6db4 |
C:\Users\Admin\AppData\Local\Temp\_MEI50762\select.pyd
| MD5 | e21cff76db11c1066fd96af86332b640 |
| SHA1 | e78ef7075c479b1d218132d89bf4bec13d54c06a |
| SHA256 | fcc2e09a2355a5546922874fb4cac92ee00a33c0ed6adbc440d128d1e9f4ec28 |
| SHA512 | e86dba2326ca5ea3f5ef3af2abd3c23d5b29b6211acc865b6be5a51d5c8850b7cda8c069e6f631ac62f2047224c4b675bbe6ac97c7ba781de5b8016ebaffd46f |
C:\Users\Admin\AppData\Local\Temp\_MEI50762\pyexpat.pyd
| MD5 | 2ae23047648257afa90d0ca96811979f |
| SHA1 | 0833cf7ccae477faa4656c74d593d0f59844cadd |
| SHA256 | 5caf51f12406bdb980db1361fab79c51be8cac0a2a0071a083adf4d84f423e95 |
| SHA512 | 13052eb183bb7eb8bb2740ff39f63805b69e920f2e21b482657a9995aa002579a88296b81ec415942511d2ed146689d1868b446f7e698e72da22f5c182706030 |
C:\Users\Admin\AppData\Local\Temp\_MEI50762\nss3.dll
| MD5 | 71747091d34cc634b9ad3c360b45b0a9 |
| SHA1 | 111cf483836f6a392f64bc9398a327be1c43dfc8 |
| SHA256 | 6e69c7c93a9d06c34c5f5429813d3763fe7ae4fb09c1dc5b0f0290b2dd8befcf |
| SHA512 | b911fd3b201a84c7663135c2dbf72e2368d68557181f5e1a32be271b0e73181f34990575fba44002fc92bae7d90caf530b7ec9212d3d022b4526906f0c2eb35a |
C:\Users\Admin\AppData\Local\Temp\_MEI50762\mozglue.dll
| MD5 | 3e4d1ec1d2a6e85593459601b5a0a828 |
| SHA1 | 92ee422285282dcb170cbc7808299d14d8d27963 |
| SHA256 | eefcf97ee8a298c85c9d4d44bb8747c0cca1ef5922e25000814148fd0fbfb2f5 |
| SHA512 | 4fe70fdbf8c902497537fbcda6e96373c636521aba2db52e3047abad37a9b857ab1668f203bcdf2815bbe0c485ec751dd6031043f459fd4af968c5d495e44ba4 |
C:\Users\Admin\AppData\Local\Temp\_MEI50762\mozavutil.dll
| MD5 | 4ecbb73d44518fc2b601a1ac9a38dcad |
| SHA1 | f7c96e85d5b32af8efb784e75164ec4f0c6f4f10 |
| SHA256 | 7f629ecfd36353139e9b067dc5ba84b411ed74132aef01b4430ccb016af46a52 |
| SHA512 | 12946996b2bdd87dd08cf046b37ff21dc23ab336c92d2b42cfa2000743c79524205004623b67505294080f60f9b5433005457f8a385e0461cef2cded6aa3d610 |
C:\Users\Admin\AppData\Local\Temp\_MEI50762\libssl-1_1.dll
| MD5 | 50bcfb04328fec1a22c31c0e39286470 |
| SHA1 | 3a1b78faf34125c7b8d684419fa715c367db3daa |
| SHA256 | fddd0da02dcd41786e9aa04ba17ba391ce39dae6b1f54cfa1e2bb55bc753fce9 |
| SHA512 | 370e6dfd318d905b79baf1808efbf6da58590f00006513bdaaed0c313f6fa6c36f634ea3b05f916cee59f4db25a23dd9e6f64caf3c04a200e78c193027f57685 |
C:\Users\Admin\AppData\Local\Temp\_MEI50762\libcrypto-1_1.dll
| MD5 | 89511df61678befa2f62f5025c8c8448 |
| SHA1 | df3961f833b4964f70fcf1c002d9fd7309f53ef8 |
| SHA256 | 296426e7ce11bc3d1cfa9f2aeb42f60c974da4af3b3efbeb0ba40e92e5299fdf |
| SHA512 | 9af069ea13551a4672fdd4635d3242e017837b76ab2815788148dd4c44b4cf3a650d43ac79cd2122e1e51e01fb5164e71ff81a829395bdb8e50bb50a33f0a668 |
C:\Users\Admin\AppData\Local\Temp\_MEI50762\lgpllibs.dll
| MD5 | 726abf1280adf3129481b94b2bc644c4 |
| SHA1 | 404f69e71296f2d199535e8a6d9fb56707fcbc5f |
| SHA256 | 8969747ecb7dfd4a6dcb9150017e14ebbf90ce558f6fb469f6b558d039e9259a |
| SHA512 | 160b57aa1a28ff35210cf958fd7821aa2cc1cf6fca1ea38d768fa90111826b096518363b00b6818d21743aefd6bbbfa358fbe2fe3afa95edacb330a747c6e5f3 |
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\places.sqlite
| MD5 | 2eeb46e1c58ff1cce4ac2d4d725b2cc6 |
| SHA1 | 89aa36e77e51da31fbbfd682a2acc91f6016d275 |
| SHA256 | e99e5ee165f2a0d5d39c5cc5a1d994c0534cf7caf8779f314f0e92b2d59d2b6a |
| SHA512 | 23d5e39c25375ef4a83713f44615078878253411cd6ca6c4a149de915cd491b328046ddd189a113585361faad6a47ebd6ead31f062681ab25b0f2832a988265e |
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | cbb1daad9fc48ab13e35fcd3621a5999 |
| SHA1 | 0eec8ece735465aea259f8223762f93fb13a97a0 |
| SHA256 | 8a03ae38ee38cf04dd9a5e2c5563bfd930886cae2170ed4200829288e5c155da |
| SHA512 | 818629d68123ae629bd5a1c7e768ed79707360457be1b7c50f7c59447bf9ee398fe78c925f037649d6b1ca529a9cf3bf8077b6f525f3e88142c56bc7e5451e8b |
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\.metadata-v2
| MD5 | 7abc816e004d9ed0f292770cfa8876cb |
| SHA1 | 4a1eeb702543f0819ef7c64b9f3bfd53be292106 |
| SHA256 | 2960d61c10694d76f29beca0eb96c06608cf4bbf479811449a39197e8580842e |
| SHA512 | 9883b894e65a426227ea9808b69e2259f206df76bd9bb9e7c0ebd7521acbdad0a92c4a531f739c93b1e53001eca8a1a42e122baa1e1885b11d4ba34aae24961a |
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\ls-archive.sqlite
| MD5 | d277f533f1d77e26d09bb66764bbeea6 |
| SHA1 | 082920ebe7dfb870cf94a99fc601fd5ae8b456ee |
| SHA256 | 3c957f8d69ccfe73b66c28d378bf301bb1bcb0ceb5c59ac0dafeb5787b24f3c3 |
| SHA512 | 510c78685b20a68160d9041d5a55a022a281fc0fd5777f978dc422d132961bf52ac23a0a95ca47b15715641ecb7a39b359da8d00d305c8543d553c00db54747d |
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\.metadata-v2
| MD5 | 2c740091198dcf20b9c600791e2bcc3c |
| SHA1 | dd6f376ba9139ddec20ece64da0760054133db96 |
| SHA256 | e39504c71ba91c438c682a8c83c7ecfc5410b853d7788a4c561a8c6e90bdbe59 |
| SHA512 | a677a432a4af6b5ad0131d224d2e4c999c2340a54ba770f9f39429fd28ad05a921fcf65a1b714af5deae2419abcf8ab38472e15f0f8758ccf7b7769a40bafffc |
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\sessionCheckpoints.json
| MD5 | 48fcad918c62db97e9af1dba1d131473 |
| SHA1 | d89381594d3241b0e645033f67572a5d8c166764 |
| SHA256 | dd8349e2789db1125b477971c5d445b6afb2f6ea3b57de65080631040900fe8c |
| SHA512 | 2278d074aab519859188b047c77fe7b4db718e0af237b63e06a1b095d7a1eb4e07d6ea59cab5d7b1325aae0047fadea36eae12a80bfefe112aab85fc18aa1ca3 |
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\search.json.mozlz4
| MD5 | b6d7fc9b6ebc5f46500acc52bf6c9808 |
| SHA1 | 4fd8111c436d89b83890e98b4cb7d0343e568340 |
| SHA256 | 2bd35c40d02dfca6c685a001287d89c1ec743b8d4d87a0a568c1cbd0b5ba4974 |
| SHA512 | 7e7111112af9448be4da527ae1d76ed93ec1e236dd00db63ff30d93d1f29cd699193e1e2635b110dda3ec36502c25065ef7d1613537451916ea301eb0f3e084b |
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs.js
| MD5 | 8565a303ddc83b03f8662b034597de18 |
| SHA1 | ce6453779eb52055599ddba097a95ab82512ae5b |
| SHA256 | b6ffe8a2973d7050fd5ffcf7ee1c995eef8d8dc5d58cb0a05a6ca0953bd4c6bd |
| SHA512 | 2b667252645b7f1202582beb353fbb2320f81b1f2e42a8327792309709434092a953727b222a5d81bac1482a547a498ca5c9d3d2c772858746cf29d18c684566 |
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\handlers.json
| MD5 | e7a65c5ead519a7b802f991353c26d3d |
| SHA1 | 34cc3c1cf9bd4912dba5fa422010934e46419fa3 |
| SHA256 | 0e5ce92485da953757f615bad034a43032b220da18f8165dd85347851b56b2d2 |
| SHA512 | 2a6034449ba6f5da8a77870ae665064047cea2460aeb4c8c0b62b308a403fdd30648150209aecc31ab1e50b6d9d94a1f51d3d7d50bbf35ec1b742bff2dbe788d |
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\favicons.sqlite
| MD5 | 0351b833a5c095852e821535974441c8 |
| SHA1 | bcbf5c294852c2d80af7862d19791b994aea7706 |
| SHA256 | dd13400afe7ebe5d0be37c951ff961be293b63588cc3635a62fa5f071ab69eef |
| SHA512 | 3eaefe9e400fadf0b947036e15b4dc5c7b42fbbcb716426ba478073eff1e7d7bddf3f72c44dfb5fafe6712d7ea9f2c52c172607d719f238a22e432afdb618b97 |
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions.json
| MD5 | e2e8f9cf938f81b1185086b12c5c9d90 |
| SHA1 | b67c857a7002b3262f09ffc9fa8524c58a01e5b9 |
| SHA256 | a053bba02f38179197090a9a9849aab872af5b09dc61b2f69efb0d8ea2d0f5e2 |
| SHA512 | 3bab571f5c43ff72ce1dd654b584d053cba937a3d3cc4d07cbf57ac7acc821b199b90fab66abc62dbe32e75297143c810c995d87df076e75a583e321d081d87f |
C:\Users\Admin\AppData\Local\Temp\tmpvv2r_k8k\webdriver-py-profilecopy\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
| MD5 | a3fb2788945937b22e92eeeb30fb4f15 |
| SHA1 | 8cade36d4d5067cd9a094ab2e4b3c786e3c160aa |
| SHA256 | 05b98840b05ef2acbac333543e4b7c3d40fee2ce5fb4e29260b05e2ff6fe24cd |
| SHA512 | 4897aefe3a0efffaa3d92842b42fe223f0b9882031a65bea683f4554d1fec92b8a66ea15c67e9b95c7fc12991cde3245010ccfb91768ba233711ced3412c13bc |
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extension-preferences.json
| MD5 | d2e8aceaa00ad916618bea2eee81aedf |
| SHA1 | 28b26f0db0b4b2504a418983089795761c56e4a1 |
| SHA256 | fc52b830f384921b69b457fed04dfb4239fb08e9fe7d8ac07c4c269bd9f6f622 |
| SHA512 | b6cb1f872dfc024d28524976aca3ad8840943ca0fc212326e8b6ee6fe0a57d5120a6c1da824ab70d7f9ee8dd674bdd32ace038db4d893b893830bf3267c6e59d |
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\datareporting\glean\db\data.safe.bin
| MD5 | b1c8aa9861b461806c9e738511edd6ae |
| SHA1 | fe13c1bbc7e323845cbe6a1bb89259cbd05595f8 |
| SHA256 | 7cea48e7add3340b36f47ba4ea2ded8d6cb0423ffc2a64b44d7e86e0507d6b70 |
| SHA512 | 841a0f8c98dd04dc9a4be2f05c34ecd511388c76d08ca0f415bfb6056166d9a521b8bc2c46b74697f3ecdac5141d1fe6af76dd0689350caca14e9f849ee75a8b |
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\cookies.sqlite
| MD5 | 5caa766855d5613a999f71b7812d6451 |
| SHA1 | ad0d9a52a0d5cc7f11858301dbe47377ed99ee37 |
| SHA256 | 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27 |
| SHA512 | 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba |
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\content-prefs.sqlite
| MD5 | 2ec530a71bdac21f299f9ddb823be222 |
| SHA1 | 5425aaf19c0832cda06be506e88f2435f432d287 |
| SHA256 | ccad2cafe84d27b3be67a87f0e32b7670e451c7ceefce6f2aa38f658976334b3 |
| SHA512 | 94eec8b0f59c68331d9187dd4dd4aa2b2c31d844e72bf707cd9e0c7c72c64982a3babcacf3d09a996422281ac5479ee304b41a577e54a74308d7a31a7d7091d4 |
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\times.json
| MD5 | 797325af481a14ae243f10d5f24b4a0d |
| SHA1 | 718b6ed3d9d839b8fe0a0e097b9ac5f5770ed5a1 |
| SHA256 | 1d70eaebce1c81e3241ae47deb92aab50f90dd8baa4c7cb5e9f7eb6b1e66abb1 |
| SHA512 | ac9aa2b028bdffe24831ba50894fb48eb70b100f6973875987e24f075a3e9196f96699667eb3a5d2e4f86041d510447c75fe6e55562813451712878a3411c3b1 |
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\containers.json
| MD5 | 26dd091069531a62061de8ca1c56d46b |
| SHA1 | 6c9daa73f096174f28f86c9bb245cb8a540f5c2d |
| SHA256 | 2cde4e7f9f1c6ab6fcf729370237845c72314a6c6d942fab1989f37e6c610a9a |
| SHA512 | 180d42c642f5d1126efbf89af33f1b4d1aa936aa530834b508eabcf3ec845aad91daa871ee6517e1181910f5720edbc3788d6a4b2455f1255d7b52b95de2d66d |
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\compatibility.ini
| MD5 | e50a617598b0f635e6f9ae4a9d445b78 |
| SHA1 | a372ec393dd6271bd00cf02f894152887765da8b |
| SHA256 | c9053fe76caf2607aa3043fa8b60070956198590dd8aab868145e0644cee30f5 |
| SHA512 | e851c226c38d4a6dfe43074d455fd75483d6c9b4d9521280a64f5b1913a055084d7764f13a8d0a12142a716a4031cc2ca4916c131d41c18a4d7a95128cb03bc0 |
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\addonStartup.json.lz4
| MD5 | 85de06e3d4c6f39404776f3c7162c59b |
| SHA1 | 3e4b8ecebaa9c903d220ee23d367be8e8ba27619 |
| SHA256 | 33d83687f45f4dbe12db0a0ce697cbce2c228d71ed474ad10a839ff7ce95012a |
| SHA512 | 6cd4cac7bd74ac01de30d242b2bc75e7dc2e23c0871250ae8176cc947553dbfc702a2392380acdad6bec355aea6dfa95708af54c560330c36c05bb0f34169963 |
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | 47539d0337e97e22a728afc2638d461f |
| SHA1 | d97b37079543b33b9b605c787945f809aed66fd6 |
| SHA256 | 262e52c5bbaa9bcd2dfcb4cf7da83a1efa95ebd0299f82031ad31a6ab19405a5 |
| SHA512 | 3810ebe80173d41785a42459fc5c4a8a31e56294f2c03fe99416925a34d242b88023565057201c9b6dcbdb97c8396d8305a723c0e31bb5b560b031b299672d4a |
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage.sqlite
| MD5 | 7f2754df6a4a580b15910f449892766d |
| SHA1 | 9dcaad98563ed89781f53941cbc43db5454de7f5 |
| SHA256 | d3765d63c380e5a79296d566b7869c08b1f4e079787176f29cf2ddcd76330654 |
| SHA512 | 25f0205a8c4aed02e9e1f9ecafffb36cb3bb795ef9f06cc12ede9e8b0459ae5b86573b3b4980b92073a59204eaf314cba34c03b99e90ab98f804fe378fe02839 |
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | ecb1dedf5ef99417494e424ca42eb67f |
| SHA1 | e2a293cbba50c6624e75cdaffe472967f3961023 |
| SHA256 | cccd56daa3559a54db61113fbdb5b6c96649cdd65b5cf14bd442c3f2e3b738be |
| SHA512 | 5ea0645775933d5bd2f913d58e344253a58578c920af95bd0fb81ff4f13a4998a919f0856ffdc97541abf9fc3797558b0f2467bc73214b63c7ce568ba87e550b |
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\xulstore.json
| MD5 | 8d689c06cb844185099c0398a280537e |
| SHA1 | 57073c7526ec37e94bb9db44fedc6d50276f7a6b |
| SHA256 | 96729e9b38f216605ff10715f96f364be32f02e2de23ede7e74b78244605124d |
| SHA512 | 3c7df326c695143915df1068cb2c0f58e93e4881b2c4d94b33948b80e954fbd4cf944ae53b4d15002b79fcdb8e88f8e9cf4c89ca50f56b7cfd8a13ea7dd6fff8 |
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\webappsstore.sqlite
| MD5 | 41c22c9f81a84b1b0e5ee7ec2ff7c545 |
| SHA1 | d12424cba9e4e9124bf3f15e556c562b95c9b6a3 |
| SHA256 | 4ffdc78433817da79ad2e84b26a2ffaf62d8c1baf80421751d752c3d8723328f |
| SHA512 | 8b690c55ae0b25aeede62a09dea1ef6b7daa9880ca63c6d4ce192160daded05fe0dc44b115216ce10523e2ec45991873c249f159fe8608712818f5ead327897b |
C:\Users\Admin\AppData\Local\Temp\_MEI50762\geckodriver.exe
| MD5 | f60c542253cbe94f762e15c7b064b55d |
| SHA1 | 7a32f034217266db6d799893edc976e891a82944 |
| SHA256 | 989c9e22c08924ecb0ce8901889dcb4dc8db33b0b4c8c88ffea38fe89f04c6aa |
| SHA512 | 1a91ba760e9893521e417a4b6ab4a25c1a1d8aadf89ad98a60eb114f65a88f9d2616f3cc102c08b95a0e91d0cb7245ecc2b4fdbbbc17465c57844e6db2b2e8ca |
\Users\Admin\AppData\Local\Temp\_MEI50762\_lzma.pyd
| MD5 | cf9fd17b1706f3044a8f74f6d398d5f1 |
| SHA1 | c5cd0debbde042445b9722a676ff36a0ac3959ad |
| SHA256 | 9209ccc60115727b192bf7771551040ca6fdd50f9bf8c3d2eacbfd424e8245e4 |
| SHA512 | 5fe922c00c6f7fd3cd9bc56fc51de1f44adffbdb0afc0583f1bb08008be628b9ac16f8560b0c3ba16138e1cdcaf1c525ef24241bed804804cdeb5961aed6385a |
\Users\Admin\AppData\Local\Temp\_MEI50762\_ctypes.pyd
| MD5 | 291a0a9b63bae00a4222a6df71a22023 |
| SHA1 | 7a6a2aad634ec30e8edb2d2d8d0895c708d84551 |
| SHA256 | 820e840759eed12e19f3c485fd819b065b49d9dc704ae3599a63077416d63324 |
| SHA512 | d43ef6fc2595936b17b0a689a00be04968f11d7c28945af4c3a74589bd05f415bf4cb3b4e22ac496490daff533755999a69d5962ccffd12e09c16130ed57fd09 |
C:\Users\Admin\AppData\Local\Temp\_MEI50762\Tor Browser\Browser\firefox.exe
| MD5 | 65aa9b0f57d72e4d70e9226322221adc |
| SHA1 | 85fec174d0977afd8c0100c9d9b53c958e1949bf |
| SHA256 | 51b63860fd996d6d5b1753ba6bb7f3a4303f13187fbfecc96ba2b6bae52a7410 |
| SHA512 | f84416a5e9293b8b82993e9424b13d5bb8542d1a379d04f498b60f0b5805626b7c97bcc6f86f6cfd33031b0d65d0ad23ce6d836995b5a481ed29f62ef89b2c85 |
C:\Users\Admin\AppData\Roaming\tor\cached-microdesc-consensus.tmp
| MD5 | 80e882ce8268212cf4db9fbe44f95336 |
| SHA1 | 85abc152168a20d8db2c6501aa43a97ea72efc8c |
| SHA256 | 32c7fa19bdf922f35368bbda1fd91b30fae89f7e8615c8224901e4e3454ee937 |
| SHA512 | eb6fc2086c0c5b1e2207c675e49713961246559ade42f65f5e1d51e6139e503eacceaa57542664f7161dc320df0403d90bc85e499aa2d0f09c4a3d4236920cd5 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileBNbqKa\extensions.json
| MD5 | d83ea73064e17df1483c122195d83ca7 |
| SHA1 | 9169257133f6633477b25fc897a9e066505d60e3 |
| SHA256 | 2ad7fca21543ced8739642cb388e49ec0d38a617f811fd7cf52036b0640dc7a3 |
| SHA512 | ac09215a2423f950a2ba9023947855ee7b9c433558300bf4184c59f019b055164b6905dcafc83b142d8fe63e8e48a40bb0d606fd9aaa86805b03bbaa2f9ae859 |
memory/4452-533-0x0000021D9FFC0000-0x0000021D9FFD0000-memory.dmp
C:\Users\Admin\AppData\Roaming\tor\cached-microdescs.new
| MD5 | 51e9e9102d39163379ff7277217ca03a |
| SHA1 | c16187785a3866faaf3b949468ff6742e6975052 |
| SHA256 | edb768688dbc5146b3f9e2e97bbc1861107cc4008ea6feb5b8ed1553bce45560 |
| SHA512 | 7ad859648c0b45969d13f8192a62c348bc9be87259bd39edff1b55956f9262a705bf5cbe9125b39ecb317b5f1b9240b16bea3b622ad56bdcc35de6697cd483b7 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileBNbqKa\prefs-1.js
| MD5 | c0436d873c4b9d9f9165d19405822665 |
| SHA1 | 4b04242dc434dd91845e253954792c82d94264b9 |
| SHA256 | 6a3bbdf89c7c0165b1aa11a7929081b5f2425d2c242b14c1d478b51d84f42bed |
| SHA512 | 7e1e3d5327fae9a6b898f94ba8c9229417f580b6102fc6723b91ffb16378bef37ac28d2bc5ee19aa902d0f01567d54f10e68aaabd8e4d488fb30055a9349eec7 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileBNbqKa\prefs-1.js
| MD5 | 5a15aa57fbc61378aa7103c407f9d6c5 |
| SHA1 | 88782bd428057f84fa08520e3b4ed1ee61314f66 |
| SHA256 | d77c83682e67973b43c040d5d0744c2c490f8a96140c2086acf274159fe4ea98 |
| SHA512 | 9f82b8551c9b29223ad471b25458109249d6f7ae2c87fc5f9af9fcc1986e4a0afbd43cacd2f4427202a03e040acb2290c5e6e94ecb068b15bdf045890d1a3515 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilelUbEc7\sessionCheckpoints.json
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilelUbEc7\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilelUbEc7\extension-preferences.json
| MD5 | b4298c9a240d6b7b63346daf94013802 |
| SHA1 | 9ce98168437854b51b198c16186c05129f0c273b |
| SHA256 | e120cdbe8994b9c61e74492f0fad161abb5b4e18f64d4b786a8c245ae5a384d5 |
| SHA512 | 545becc42b35be10b4c24fdc38ef6b664d167e4288111f31478f476c2c06794efb802ac0fa2b782cddea1283d295a56053e96520b033258bd596ff6fbb4f1b4c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilelUbEc7\startupCache\webext.sc.lz4
| MD5 | 1b799cc5b6cf681cfa54d37c8ce8cb06 |
| SHA1 | 2f0fae44eb2fe74542df923e37f0c7e23a74fd17 |
| SHA256 | ce654b3257aec215ee980682aa6a48628dac50252a09301efe8686ff3f406a03 |
| SHA512 | 10263e878623c9375095f150a83e5fe42fb5feccea139e107d37b2337f0c68c4f8a47952247d7e8517876a12dcd696202b8ecdf115577c0e416a489a280451d3 |
memory/6136-915-0x0000017AF67E0000-0x0000017AF6950000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilelUbEc7\prefs-1.js
| MD5 | 4da8e77eb4c4e86d0fdcafa2acc2a174 |
| SHA1 | b1b67d1265aa2184f4aee6a738e7e07e86e6b1e0 |
| SHA256 | 2e6536d156552ef63a87e7c76d6c1f602db96a8345441c0682fff7a037ac3c62 |
| SHA512 | dff9360452cd054944f0a27c002a76f6ab3c151118b8d660124a63ee887e9bc7468c0bc6cffd94eebef1cab47686837a802e9c85848f710c566fb5c82588646a |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilelUbEc7\broadcast-listeners.json
| MD5 | 97c3738563a9448365a735f5f29ed3d5 |
| SHA1 | 15a81433236ca6e6ecc4e1c8d0fdb8523b265c57 |
| SHA256 | 63221253f5c30efa214c2cd2adcf51a9c9f9a2c05f119b00a51c9579825c2c24 |
| SHA512 | ed98f42d5d02ab53a9e50f80b312bed4b5d05d053bec582cf9d619ef91251e86cf4f4d1123c645500fc1dc4673b49a8b7badd3f3a39f565ac643ca4fd0157ae6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilelUbEc7\sessionCheckpoints.json
| MD5 | 99601438ae1349b653fcd00278943f90 |
| SHA1 | 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9 |
| SHA256 | 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a |
| SHA512 | ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilelUbEc7\sessionCheckpoints.json
| MD5 | 65690c43c42921410ec8043e34f09079 |
| SHA1 | 362add4dbd0c978ae222a354a4e8d35563da14b4 |
| SHA256 | 7343d5a46e2fca762305a4f85c45484a49c1607ede8e8c4bd12bedd2327edb8d |
| SHA512 | c0208d51cf1586e75f22764b82c48ecbb42c1ff54aa412a85af13d686e0119b4e49e98450d25c70e3792d3b9c2cda0c5ab0c6931ebaf548693bb970a35ae62b9 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilelUbEc7\sessionCheckpoints.json.tmp
| MD5 | 29ce37dc02c78bbe2e5284d350fae004 |
| SHA1 | bab97d5908ea6592aef6b46cee1ded6f34693fa2 |
| SHA256 | 1bfee61e2f346959c53aa41add4b02d2b05c86c9f19ffefe1018f4a964bf4693 |
| SHA512 | 53a9eb746e193c088210d8eaa6218d988f3a67ee4cb21844d682ff0178db040932404f5ce2f3cf8b4576313ba0ec33c04ca288c3412bfa5df7dd8230cc2068bb |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilelUbEc7\sessionCheckpoints.json
| MD5 | 2d87ba02e79c11351c1d478b06ca9b29 |
| SHA1 | 4b0fb1927ca869256e9e2e2d480c3feb8e67e6f1 |
| SHA256 | 16b7be97c92e0b75b9f8a3c22e90177941c7e6e3fbb97c8d46432554429f3524 |
| SHA512 | be7e128c140a88348c3676afc49a143227c013056007406c66a3cae16aae170543ca8a0749136702411f502f2c933891d7dcdde0db81c5733415c818f1668185 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilelUbEc7\xulstore.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilenFu5q4\user.js
| MD5 | 736db8c9b955f72129a6644a9c797093 |
| SHA1 | 59f1c80c407e27ffe85407a82f7b7250c5ee3753 |
| SHA256 | 668694ca0485bfb77e7049bad327ba3f83534f31c1d50744f227c996eab4097f |
| SHA512 | 9916d339304272357ff56976bfcb9fd2d607ccbaa33dc40b88618c9ae31833923d3f2e8288cfc1f0090da90803b5e07404c41182155db2d2345df6f63020f217 |
memory/1120-1134-0x000001A1F3DA0000-0x000001A1F3DB0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilenFu5q4\startupCache\scriptCache-child-new.bin
| MD5 | 2724d7dd31542eea53805994d9290cd8 |
| SHA1 | 7b5d8536b060269d79848eaa6e2362333bc0f8ec |
| SHA256 | 72f0d983fa1c2017f7402b19caf50305d7bd8001ed4e7797bc3dc0528f3081a1 |
| SHA512 | 6ea98f95ca46f2b83081b546bf6238de11a829853105233bb29cf9ceeb69ace8c69ae90e94c9b5143f91f05713cfbf82f63265733f6233ecf5acb867758c1ee0 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilenFu5q4\prefs-1.js
| MD5 | 2566090075850c6af15474e23d441cd3 |
| SHA1 | f1d8794624333ab98052ac797b0805f1256bbba7 |
| SHA256 | c6b0624d67861e79f549e977adfc6cc03ef095ec5ca0a6eb3c9f7956c52af269 |
| SHA512 | a82f99627df1372ca74a01a5c39a42815ff8eda9b89748dfe4a48a3e55257213cf8a61cef2541b8a5786d9d509bfa0d0121a91b67dd25684c02866076be38a41 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilenFu5q4\prefs-1.js
| MD5 | 1b632e9576243c803ed50de8011c2d66 |
| SHA1 | 4994173c07e2a0ec3398ad4d770c6b12a83e17c0 |
| SHA256 | 6d720f57b591abe1dab5940fa48aa99dfc999fe52c1c0d3a093dcfd10067122b |
| SHA512 | 7efeabe90b83c83f468aed555c3decd3559759200c7ac2ffc7262289d9b0741d50bfbff9f427617ecaff485613d30d1fd1399d1d184dc7ec27ed151e2cb5a68f |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilenFu5q4\prefs.js
| MD5 | 7601ca1dc56d34985bf809f8138881a2 |
| SHA1 | 911b92a9c7fdc92b63d046ae1e7aed0627869686 |
| SHA256 | 8c3f04504032bad9409cad3cdc988cac876a26ab32886861980e4ba19beaf5b1 |
| SHA512 | 303a5e292d07411baf26bf48200adfdd7aa496b268377ff0e9aef785c78d384ee4d8e7d6eee45eab6fb336f13c8b8220e5d82356e05ca2dd1bba5ad3b22c9ac2 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilenFu5q4\datareporting\glean\db\data.safe.tmp
| MD5 | 63b1bb87284efe954e1c3ae390e7ee44 |
| SHA1 | 75b297779e1e2a8009276dd8df4507eb57e4e179 |
| SHA256 | b017ee25a7f5c09eb4bf359ca721d67e6e9d9f95f8ce6f741d47f33bde6ef73a |
| SHA512 | f7768cbd7dd80408bd270e5a0dc47df588850203546bbc405adb0b096d00d45010d0fb64d8a6c050c83d81bd313094036f3d3af2916f1328f3899d76fad04895 |
memory/4516-1409-0x0000011EF8C00000-0x0000011EF8C10000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileVZyCh1\prefs-1.js
| MD5 | b52dde7ec7f55bead63e67edae476328 |
| SHA1 | 1cd67598d867a308b1a1387250fea1157bec8058 |
| SHA256 | f124661f79cc4c4921f61eda0888a8df63825420c36e69e7158f2667643a73cc |
| SHA512 | f42f7f4312cac8610038ead8d51fe1c57b26d2b08642a562458ff9b85648aca5aaba2b769305c8bf5dfa0b293deefa9950e8d66fbd34226f37a571b6370cddaa |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileVZyCh1\prefs-1.js
| MD5 | e9a6ae742291604491bc66d8ad02658f |
| SHA1 | 109def425655229169cb1db8bce94a37bd021626 |
| SHA256 | 7fe5f7e93318bd1b0b842584753b75dbca13769769727d7177710e0c0014e9a8 |
| SHA512 | 2cbd35049577f6bcad09c7e6e980946107481aac94404409ab693b1be37c0ee8128f1957f92638132ef5973d5ab5aafa875b9411daf9a9f2d22caee96ecf1eb3 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileVZyCh1\datareporting\glean\db\data.safe.tmp
| MD5 | 1c3c58f7838dde7f753614d170f110fc |
| SHA1 | c17e5a486cecaddd6ced7217d298306850a87f48 |
| SHA256 | 81c14432135b2a50dc505904e87781864ca561efef9e94baeca3704d04e6db3d |
| SHA512 | 9f6e9bcb0bba9e2ce3d7dabe03b061e3fda3f6d7b0249ecf4dbc145dc78844386d047ee2ac95656a025ef808cd0fc451204dc98a1981cf2729091761661a3b49 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileS0y3vM\compatibility.ini
| MD5 | 3cd014bd7c707512bdc36efca4c5e9eb |
| SHA1 | db7d8302e43e7f0bcc7960d70c5a51e823a0ef9c |
| SHA256 | b2caa665590e0dcfa9dd288cd539c0592ff33e7037bb33531e9b2d535514e784 |
| SHA512 | fa503c511f9a0a8152cc1d274b6c98c91a6c871c794bb7a4ceb71dc946d760df770da798e9542f2f92b52c964c8fc0764c7fc40ed3bfef034ab90dedf0100a77 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileS0y3vM\WebDriverBiDiServer.json
| MD5 | 9a67ae82d235120f39c697257eadfebf |
| SHA1 | a82d5409dbda1f3c5d69b7d2c298c0f4a2afb34f |
| SHA256 | 2f18d89da280aa8b6b54c71f381d916d2b0737030bf45e4dcaea1fea553bf325 |
| SHA512 | eb3657be34dc5297986b65283b1610a663834b394e84798f7090a4cc81da9aee0fc6016dceda7da9cffd820d80b6bd2ba9d13683ec983e8325ef4786fbb03506 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileS0y3vM\datareporting\glean\db\data.safe.tmp
| MD5 | 7d3d11283370585b060d50a12715851a |
| SHA1 | 3a05d9b7daa2d377d95e7a5f3e8e7a8f705938e3 |
| SHA256 | 86bff840e1bec67b7c91f97f4d37e3a638c5fdc7b56aae210b01745f292347b9 |
| SHA512 | a185a956e7105ad5a903d5d0e780df9421cf7b84ef1f83f7e9f3ab81bf683b440f23e55df4bbd52d60e89af467b5fc949bf1faa7810c523b98c7c2361fde010e |
memory/4024-1685-0x00000118D8770000-0x00000118D8780000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileS0y3vM\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | 139fc2f2fb0cb2af2f15228e454bac04 |
| SHA1 | 65a80dda15ebc3a29c350e31b4ff7ce1ddca7762 |
| SHA256 | 323235aeda6c68beec9f901afc73a34dc75d0fd5fbabd27c2fbcb0a9f3569334 |
| SHA512 | 8448f669970c83b167edca46bb8b2237fa0c15108b639fab12e51866d662d33b3cf88f8ba100c69430836ce0b19db76c150fe35dbcfe32940f043eb6ba4092f3 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileS0y3vM\prefs-1.js
| MD5 | acc68bfef97cc3eab36ea25b69c5c3aa |
| SHA1 | f86ae567ff040bbbfd3c5c9b5d09ffb55b91574e |
| SHA256 | 3b537973781da3417559f8d85d9fcdfcd49e46901452cc76ccb3cbfa35baa710 |
| SHA512 | ffa0e8875075081208f4d9827ecab6de3ca4f3f04983b886fc634610880378384d0fd84c05d1eac3e2f55924e5d00f20b108e79e0e3c715d114b4dab6bd68881 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileS0y3vM\storage-sync-v2.sqlite
| MD5 | bff4d6361e4126d963ab7dffdc7550ce |
| SHA1 | e2660c2f00b0aef4a81972c6a6093935d5aa40d5 |
| SHA256 | ad0828e5ff9d4188151772cd9af85827a431d122901486590c5734b62b4af2d2 |
| SHA512 | 8d967c085d343d50a76cf14e88ed2fb742a7195034ddbaacd57d2c47abf0218a5f6878528a8f37c8f3b61496f61b5e254d205003af87a3cf156ba12ea59f65bc |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileS0y3vM\content-prefs.sqlite
| MD5 | b15425d1f21f5708184e35493e63c8a1 |
| SHA1 | e944c1fdf56a3f6a5150b77980e89d48c7b57be2 |
| SHA256 | 7a9012d1846763fe9dcb059035972a023ec29f2b9c03f865f0a6f6df6ef2a6c0 |
| SHA512 | 6b54e30e0a060261bdac98ef818d1053fbabf0d6b8a17efc729942729ed6e6dddb29063b079ddb1dcd1b4edfc85a0311cf821b4b3291372c834a00733456423f |
memory/5668-1927-0x000002B8C4240000-0x000002B8C4250000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileHMU3Dj\prefs-1.js
| MD5 | c027656c62e9fbd2c6ea1b0f451b576d |
| SHA1 | 18db21becd8164a54f8f48d169945a33d59c3ac8 |
| SHA256 | 29a83a8b9c5b43e7f3e39a13d5d1c4f5b56dac8ece78e8d2f73404bfa02fcaf4 |
| SHA512 | 1cdd0855a58999f0b13620a2e9577bf5b4382eca051cf5f52d8390d0ea04f5ba76b0e791cf743430c9cd4761999e978a2b8a4d2c1af20ff51e92220aaac1f371 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileHMU3Dj\datareporting\glean\db\data.safe.tmp
| MD5 | c58234a092f9d899f0a623e28a4ab9db |
| SHA1 | 7398261b70453661c8b84df12e2bde7cbc07474b |
| SHA256 | eaec709a98b57cd9c054a205f9bfa76c7424db2845c077822804f31e16ac134c |
| SHA512 | ae2724fc45a8d9d26e43d86bcc7e20f398d8ab4e251e89550087ace1311c4d2571392f2f0bed78da211fcb28766779c1853b80742faa69f722b2c44c283569fd |
memory/4900-2173-0x0000029F990F0000-0x0000029F99100000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileMXfwJh\prefs-1.js
| MD5 | 8de63ca9e5304fab832f228ca6108b81 |
| SHA1 | 83d81abd7647c5838c8da0b66b094086fce143b7 |
| SHA256 | abdcb56f6ec3e3220927e73b1f7cbe916b052683e133dad389e728d9b814ff83 |
| SHA512 | 1cc92562a262fc39da0729ba8b0b9ede68e6655b30553f696a070e21353c44460c1e1da6c60894ce71a923354417b8c6d32f468ae694a5fb8390159e6eda957c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileMXfwJh\prefs-1.js
| MD5 | 788f921d25f0d5542771d679c2fe4616 |
| SHA1 | bc68a754f42f2b14bc8b3077fd2410dbdf20b976 |
| SHA256 | 018d01d8477a7a20adfd8731684a2bd63e9fa868b233dda32e68ead6b6fc9955 |
| SHA512 | 2b61f9294b611ab7942d4efa5aebb85232b7b55cb7b218d4863017d71eff616160a837f3dfbbfa7d5efeda2f415dd9ef30ed3741e9e5179bc040dc3cc055387c |
Analysis: behavioral4
Detonation Overview
Submitted
2024-05-09 01:55
Reported
2024-05-09 02:07
Platform
win10v2004-20240508-en
Max time kernel
294s
Max time network
309s
Command Line
Signatures
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "ver"
C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\TorBrowser\Tor\tor.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Users\Admin\AppData\Local\Temp\_MEI16762\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI16762\geckodriver.exe --port 49458 --websocket-port 49459
C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 49459 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileaHuexS
C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 49459 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileaHuexS
C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe" -contentproc --channel="3264.0.1830746952\1723027362" -parentBuildID 20240416150000 -prefsHandle 1660 -prefMapHandle 1652 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\browser" - {06a7e4ef-8394-47df-aa7d-9a5b68a6e8e4} 3264 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe" -contentproc --channel="3264.1.960299718\1975676863" -childID 1 -isForBrowser -prefsHandle 2700 -prefMapHandle 2696 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1228 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\browser" - {feb84d23-b6e2-41f3-9bb1-27038393b827} 3264 tab
C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe" -contentproc --channel="3264.2.1040003507\1215217650" -childID 2 -isForBrowser -prefsHandle 3216 -prefMapHandle 3212 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1228 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\browser" - {4cae7caa-fc8e-4be5-a482-5da2031262d6} 3264 tab
C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe" -contentproc --channel="3264.3.19045231\1259092946" -childID 3 -isForBrowser -prefsHandle 3464 -prefMapHandle 3440 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1228 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\browser" - {14ad15f4-94cf-482f-bddb-c8517b9c8a1e} 3264 tab
C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe" -contentproc --channel="3264.4.1165047259\815210096" -childID 4 -isForBrowser -prefsHandle 3712 -prefMapHandle 3388 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1228 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\browser" - {e9efae2d-6222-449f-bc0b-8df93e1f0978} 3264 tab
C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe" -contentproc --channel="3264.5.764080560\1366790055" -childID 5 -isForBrowser -prefsHandle 3500 -prefMapHandle 3484 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1228 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\browser" - {6562fc0b-00bb-4a9c-9005-8888501eaa4d} 3264 tab
C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe" -contentproc --channel="3264.6.470532591\450847306" -childID 6 -isForBrowser -prefsHandle 3844 -prefMapHandle 3868 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1228 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\browser" - {8c32b251-17e3-47a9-bd9e-bbd81fa8ec7d} 3264 tab
C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe" -contentproc --channel="3264.7.472922738\844216686" -childID 7 -isForBrowser -prefsHandle 1432 -prefMapHandle 4764 -prefsLen 25491 -prefMapSize 245849 -jsInitHandle 1228 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\browser" - {f899be9b-a3b4-44fc-b82f-de0905397426} 3264 tab
C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe" -contentproc --channel="3264.8.17664426\1101849330" -childID 8 -isForBrowser -prefsHandle 4404 -prefMapHandle 4256 -prefsLen 25491 -prefMapSize 245849 -jsInitHandle 1228 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\browser" - {f651059f-6b1a-477c-a068-58a96adac637} 3264 tab
C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe" -contentproc --channel="3264.9.179969382\897889985" -parentBuildID 20240416150000 -prefsHandle 4884 -prefMapHandle 4860 -prefsLen 27675 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\browser" - {28d803df-939e-4f24-9a6b-a8809d0bb9d1} 3264 rdd
C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe" -contentproc --channel="3264.10.74660809\986326091" -parentBuildID 20240416150000 -sandboxingKind 1 -prefsHandle 4752 -prefMapHandle 4572 -prefsLen 27675 -prefMapSize 245849 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\browser" - {7d06e82f-e0b7-4d02-b36a-e26702a71798} 3264 utility
C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe" -contentproc --channel="3264.11.720147486\805826781" -childID 9 -isForBrowser -prefsHandle 8876 -prefMapHandle 4880 -prefsLen 25535 -prefMapSize 245849 -jsInitHandle 1228 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\browser" - {bfde1a98-f88f-482b-833f-f885d8a15435} 3264 tab
C:\Users\Admin\AppData\Local\Temp\_MEI16762\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI16762\geckodriver.exe --port 49458 --websocket-port 49459
C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 49459 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileo1VIhG
C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 49459 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileo1VIhG
C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2448.0.814419373\1237821454" -parentBuildID 20240416150000 -prefsHandle 1668 -prefMapHandle 1660 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\browser" - {a28402ab-18b2-46d5-aeea-17bf500ebccd} 2448 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2448.1.1235037556\1466136128" -childID 1 -isForBrowser -prefsHandle 2708 -prefMapHandle 2868 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1280 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\browser" - {2235e2e1-73dc-457b-a76c-0765e85e72b9} 2448 tab
C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2448.2.1134528528\257534424" -childID 2 -isForBrowser -prefsHandle 3192 -prefMapHandle 3188 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1280 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\browser" - {fa1ab9b1-d3c0-48b6-94c6-d1c69dbf4396} 2448 tab
C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2448.3.558974338\1861814058" -childID 3 -isForBrowser -prefsHandle 3316 -prefMapHandle 3328 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1280 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\browser" - {a606a253-442b-4443-95ad-819702442f24} 2448 tab
C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2448.4.1233709321\356404988" -childID 4 -isForBrowser -prefsHandle 3804 -prefMapHandle 3808 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1280 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\browser" - {910fc5e2-9113-44c1-a5bd-34a05846cf27} 2448 tab
C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2448.5.1497389295\408357906" -childID 5 -isForBrowser -prefsHandle 3792 -prefMapHandle 3772 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1280 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\browser" - {424c18f5-f77b-4af5-85be-7895b17e4510} 2448 tab
C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2448.6.2105692364\2028237135" -childID 6 -isForBrowser -prefsHandle 4060 -prefMapHandle 4064 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1280 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\browser" - {457da87e-cd9d-4c3f-9372-46dd27d3d766} 2448 tab
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| BE | 2.17.196.177:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 68.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 55.36.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 177.196.17.2.in-addr.arpa | udp |
| BE | 2.17.196.177:443 | www.bing.com | tcp |
| LU | 107.189.5.7:9100 | tcp | |
| US | 8.8.8.8:53 | 7.5.189.107.in-addr.arpa | udp |
| N/A | 127.0.0.1:49538 | tcp | |
| N/A | 127.0.0.1:49542 | tcp | |
| N/A | 127.0.0.1:49458 | tcp | |
| MD | 45.93.9.212:443 | tcp | |
| CH | 213.144.135.21:9001 | tcp | |
| US | 8.8.8.8:53 | 21.135.144.213.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 212.9.93.45.in-addr.arpa | udp |
| N/A | 127.0.0.1:49458 | tcp | |
| N/A | 127.0.0.1:49673 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:49681 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:49458 | tcp | |
| N/A | 127.0.0.1:49458 | tcp | |
| N/A | 127.0.0.1:49458 | tcp | |
| N/A | 127.0.0.1:50247 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50255 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\_MEI16762\python38.dll
| MD5 | 26ba25d468a778d37f1a24f4514d9814 |
| SHA1 | b64fe169690557656ede3ae50d3c5a197fea6013 |
| SHA256 | 2f3e368f5bcc1dda5e951682008a509751e6395f7328fd0f02c4e1a11f67c128 |
| SHA512 | 80471bfeeab279ce4adfb9ee1962597fb8e1886b861e31bdff1e3aa0df06d93afeb3a3398e9519bab7152d4bd7d88fa9b328a2d7eb50a91eb60fead268912080 |
C:\Users\Admin\AppData\Local\Temp\_MEI16762\VCRUNTIME140.dll
| MD5 | 4a365ffdbde27954e768358f4a4ce82e |
| SHA1 | a1b31102eee1d2a4ed1290da2038b7b9f6a104a3 |
| SHA256 | 6a0850419432735a98e56857d5cfce97e9d58a947a9863ca6afadd1c7bcab27c |
| SHA512 | 54e4b6287c4d5a165509047262873085f50953af63ca0dcb7649c22aba5b439ab117a7e0d6e7f0a3e51a23e28a255ffd1ca1ddce4b2ea7f87bca1c9b0dbe2722 |
C:\Users\Admin\AppData\Local\Temp\_MEI16762\base_library.zip
| MD5 | 09f7062e078379845347034c2a63943e |
| SHA1 | 9683dd8ef7d72101674850f3db0e05c14039d5fd |
| SHA256 | 7c1c73de4909d11efb20028f4745a9c8494fb4ee8dcf2f049907115def3d2629 |
| SHA512 | a169825e9b0bb995a115134cf1f7b76a96b651acd472dc4ce8473900d8852fc93b9f87a26d2c64f7bb3dd76d5feb01eeb4af4945e0c0b95d5c9c97938fa85b34 |
C:\Users\Admin\AppData\Local\Temp\_MEI16762\_ctypes.pyd
| MD5 | 291a0a9b63bae00a4222a6df71a22023 |
| SHA1 | 7a6a2aad634ec30e8edb2d2d8d0895c708d84551 |
| SHA256 | 820e840759eed12e19f3c485fd819b065b49d9dc704ae3599a63077416d63324 |
| SHA512 | d43ef6fc2595936b17b0a689a00be04968f11d7c28945af4c3a74589bd05f415bf4cb3b4e22ac496490daff533755999a69d5962ccffd12e09c16130ed57fd09 |
C:\Users\Admin\AppData\Local\Temp\_MEI16762\libffi-7.dll
| MD5 | eef7981412be8ea459064d3090f4b3aa |
| SHA1 | c60da4830ce27afc234b3c3014c583f7f0a5a925 |
| SHA256 | f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081 |
| SHA512 | dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016 |
C:\Users\Admin\AppData\Local\Temp\_MEI16762\_bz2.pyd
| MD5 | a49c5f406456b79254eb65d015b81088 |
| SHA1 | cfc2a2a89c63df52947af3610e4d9b8999399c91 |
| SHA256 | ce4ef8ed1e72c1d3a6082d500a17a009eb6e8ed15022bf3b68a22291858feced |
| SHA512 | bbafeff8c101c7425dc9b8789117fe4c5e516d217181d3574d9d81b8fec4b0bd34f1e1fe6e406ae95584dc671f788cd7b05c8d700baf59fbf21de9c902edf7ae |
C:\Users\Admin\AppData\Local\Temp\_MEI16762\_lzma.pyd
| MD5 | cf9fd17b1706f3044a8f74f6d398d5f1 |
| SHA1 | c5cd0debbde042445b9722a676ff36a0ac3959ad |
| SHA256 | 9209ccc60115727b192bf7771551040ca6fdd50f9bf8c3d2eacbfd424e8245e4 |
| SHA512 | 5fe922c00c6f7fd3cd9bc56fc51de1f44adffbdb0afc0583f1bb08008be628b9ac16f8560b0c3ba16138e1cdcaf1c525ef24241bed804804cdeb5961aed6385a |
C:\Users\Admin\AppData\Local\Temp\_MEI16762\geckodriver.exe
| MD5 | f60c542253cbe94f762e15c7b064b55d |
| SHA1 | 7a32f034217266db6d799893edc976e891a82944 |
| SHA256 | 989c9e22c08924ecb0ce8901889dcb4dc8db33b0b4c8c88ffea38fe89f04c6aa |
| SHA512 | 1a91ba760e9893521e417a4b6ab4a25c1a1d8aadf89ad98a60eb114f65a88f9d2616f3cc102c08b95a0e91d0cb7245ecc2b4fdbbbc17465c57844e6db2b2e8ca |
C:\Users\Admin\AppData\Local\Temp\_MEI16762\_ssl.pyd
| MD5 | d4dfd8c2894670e9f8d6302c09997300 |
| SHA1 | c3a6cc8d8079a06a4cac8950e0baba2b43fb1f8e |
| SHA256 | 0a721fc230eca278a69a2006e13dfa00e698274281378d4df35227e1f68ea3e0 |
| SHA512 | 1422bf45d233e2e3f77dce30ba0123625f2a511f73dfdf42ee093b1755963d9abc371935111c28f0d2c02308c5e82867de2546d871c35e657da32a7182026048 |
C:\Users\Admin\AppData\Local\Temp\_MEI16762\_socket.pyd
| MD5 | 4827652de133c83fa1cae839b361856c |
| SHA1 | 182f9a04bdc42766cfd5fb352f2cb22e5c26665e |
| SHA256 | 87832a3b89e2ada8f704a8f066013660d591d9ce01ce901cc57a3b973f0858ba |
| SHA512 | 8d66d68613fdba0820257550de3c39b308b1dce659dca953d10a95ff2cf89c31afe512d30ed44422b31117058dc9fa15279e5ac84694da89b47f99b0ad7e338a |
C:\Users\Admin\AppData\Local\Temp\_MEI16762\_queue.pyd
| MD5 | dd146e2fa08302496b15118bf47703cf |
| SHA1 | d06813e2fcb30cbb00bb3893f30c2661686cf4b7 |
| SHA256 | 67e4e888559ea2c62ff267b58d7a7e95c2ec361703b5aa232aa8b2a1f96a2051 |
| SHA512 | 5b93a782c9562370fc5b3f289ca422b4d1a1c532e81bd6c95a0063f2e3889ecf828003e42b674439fc7cd0fa72f64ad607bab6910abe9d959a4fb9fb08df263c |
C:\Users\Admin\AppData\Local\Temp\_MEI16762\unicodedata.pyd
| MD5 | 601aee84e12b87ca66826dfc7ca57231 |
| SHA1 | 3a7812433ca7d443d4494446a9ced24b6774ceca |
| SHA256 | d8091e62c74e1b2b648086f778c3c41ce01f09661a75ea207d3fea2cf26a8762 |
| SHA512 | 7c2d64623c6cfd66d6729f59909c90aa944e810ff6514c58b2b3142ee90e8660b7ddf7fa187389dd333e47efe8b19e935dd4e9119c15375b69b4880d043877d7 |
C:\Users\Admin\AppData\Local\Temp\_MEI16762\top-1m.csv
| MD5 | ba0857be5e9736dde1f5cc44edd5d21b |
| SHA1 | b130759907909cc97bfe0d9a1fd65b8942c931aa |
| SHA256 | 7800cdef850c31931b2b520a42f858c4feb5ca86d6b3789e6173a02e909595ca |
| SHA512 | 08446902bc588e323b8fc551502ff869be6c2bb64f788d1bebfcc30a04c3e589b0616e84fc55de3d81d7b19b26e690024a442e6a27096808bc613bcecf3f6db4 |
C:\Users\Admin\AppData\Local\Temp\_MEI16762\_hashlib.pyd
| MD5 | 5e5af52f42eaf007e3ac73fd2211f048 |
| SHA1 | 1a981e66ab5b03f4a74a6bac6227cd45df78010b |
| SHA256 | a30cf1a40e0b09610e34be187f1396ac5a44dcfb27bc7ff9b450d1318b694c1b |
| SHA512 | bc37625005c3dad1129b158a2f1e91628d5c973961e0efd61513bb6c7b97d77922809afca8039d08c11903734450bc098c6e7b63655ff1e9881323e5cfd739fd |
C:\Users\Admin\AppData\Local\Temp\_MEI16762\select.pyd
| MD5 | e21cff76db11c1066fd96af86332b640 |
| SHA1 | e78ef7075c479b1d218132d89bf4bec13d54c06a |
| SHA256 | fcc2e09a2355a5546922874fb4cac92ee00a33c0ed6adbc440d128d1e9f4ec28 |
| SHA512 | e86dba2326ca5ea3f5ef3af2abd3c23d5b29b6211acc865b6be5a51d5c8850b7cda8c069e6f631ac62f2047224c4b675bbe6ac97c7ba781de5b8016ebaffd46f |
C:\Users\Admin\AppData\Local\Temp\_MEI16762\libssl-1_1.dll
| MD5 | 50bcfb04328fec1a22c31c0e39286470 |
| SHA1 | 3a1b78faf34125c7b8d684419fa715c367db3daa |
| SHA256 | fddd0da02dcd41786e9aa04ba17ba391ce39dae6b1f54cfa1e2bb55bc753fce9 |
| SHA512 | 370e6dfd318d905b79baf1808efbf6da58590f00006513bdaaed0c313f6fa6c36f634ea3b05f916cee59f4db25a23dd9e6f64caf3c04a200e78c193027f57685 |
C:\Users\Admin\AppData\Local\Temp\_MEI16762\libcrypto-1_1.dll
| MD5 | 89511df61678befa2f62f5025c8c8448 |
| SHA1 | df3961f833b4964f70fcf1c002d9fd7309f53ef8 |
| SHA256 | 296426e7ce11bc3d1cfa9f2aeb42f60c974da4af3b3efbeb0ba40e92e5299fdf |
| SHA512 | 9af069ea13551a4672fdd4635d3242e017837b76ab2815788148dd4c44b4cf3a650d43ac79cd2122e1e51e01fb5164e71ff81a829395bdb8e50bb50a33f0a668 |
C:\Users\Admin\AppData\Local\Temp\_MEI16762\pyexpat.pyd
| MD5 | 2ae23047648257afa90d0ca96811979f |
| SHA1 | 0833cf7ccae477faa4656c74d593d0f59844cadd |
| SHA256 | 5caf51f12406bdb980db1361fab79c51be8cac0a2a0071a083adf4d84f423e95 |
| SHA512 | 13052eb183bb7eb8bb2740ff39f63805b69e920f2e21b482657a9995aa002579a88296b81ec415942511d2ed146689d1868b446f7e698e72da22f5c182706030 |
C:\Users\Admin\AppData\Local\Temp\_MEI16762\nss3.dll
| MD5 | 71747091d34cc634b9ad3c360b45b0a9 |
| SHA1 | 111cf483836f6a392f64bc9398a327be1c43dfc8 |
| SHA256 | 6e69c7c93a9d06c34c5f5429813d3763fe7ae4fb09c1dc5b0f0290b2dd8befcf |
| SHA512 | b911fd3b201a84c7663135c2dbf72e2368d68557181f5e1a32be271b0e73181f34990575fba44002fc92bae7d90caf530b7ec9212d3d022b4526906f0c2eb35a |
C:\Users\Admin\AppData\Local\Temp\_MEI16762\mozglue.dll
| MD5 | 3e4d1ec1d2a6e85593459601b5a0a828 |
| SHA1 | 92ee422285282dcb170cbc7808299d14d8d27963 |
| SHA256 | eefcf97ee8a298c85c9d4d44bb8747c0cca1ef5922e25000814148fd0fbfb2f5 |
| SHA512 | 4fe70fdbf8c902497537fbcda6e96373c636521aba2db52e3047abad37a9b857ab1668f203bcdf2815bbe0c485ec751dd6031043f459fd4af968c5d495e44ba4 |
C:\Users\Admin\AppData\Local\Temp\_MEI16762\mozavutil.dll
| MD5 | 4ecbb73d44518fc2b601a1ac9a38dcad |
| SHA1 | f7c96e85d5b32af8efb784e75164ec4f0c6f4f10 |
| SHA256 | 7f629ecfd36353139e9b067dc5ba84b411ed74132aef01b4430ccb016af46a52 |
| SHA512 | 12946996b2bdd87dd08cf046b37ff21dc23ab336c92d2b42cfa2000743c79524205004623b67505294080f60f9b5433005457f8a385e0461cef2cded6aa3d610 |
C:\Users\Admin\AppData\Local\Temp\_MEI16762\lgpllibs.dll
| MD5 | 726abf1280adf3129481b94b2bc644c4 |
| SHA1 | 404f69e71296f2d199535e8a6d9fb56707fcbc5f |
| SHA256 | 8969747ecb7dfd4a6dcb9150017e14ebbf90ce558f6fb469f6b558d039e9259a |
| SHA512 | 160b57aa1a28ff35210cf958fd7821aa2cc1cf6fca1ea38d768fa90111826b096518363b00b6818d21743aefd6bbbfa358fbe2fe3afa95edacb330a747c6e5f3 |
C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\addonStartup.json.lz4
| MD5 | 85de06e3d4c6f39404776f3c7162c59b |
| SHA1 | 3e4b8ecebaa9c903d220ee23d367be8e8ba27619 |
| SHA256 | 33d83687f45f4dbe12db0a0ce697cbce2c228d71ed474ad10a839ff7ce95012a |
| SHA512 | 6cd4cac7bd74ac01de30d242b2bc75e7dc2e23c0871250ae8176cc947553dbfc702a2392380acdad6bec355aea6dfa95708af54c560330c36c05bb0f34169963 |
C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
| MD5 | a3fb2788945937b22e92eeeb30fb4f15 |
| SHA1 | 8cade36d4d5067cd9a094ab2e4b3c786e3c160aa |
| SHA256 | 05b98840b05ef2acbac333543e4b7c3d40fee2ce5fb4e29260b05e2ff6fe24cd |
| SHA512 | 4897aefe3a0efffaa3d92842b42fe223f0b9882031a65bea683f4554d1fec92b8a66ea15c67e9b95c7fc12991cde3245010ccfb91768ba233711ced3412c13bc |
C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs.js
| MD5 | 8565a303ddc83b03f8662b034597de18 |
| SHA1 | ce6453779eb52055599ddba097a95ab82512ae5b |
| SHA256 | b6ffe8a2973d7050fd5ffcf7ee1c995eef8d8dc5d58cb0a05a6ca0953bd4c6bd |
| SHA512 | 2b667252645b7f1202582beb353fbb2320f81b1f2e42a8327792309709434092a953727b222a5d81bac1482a547a498ca5c9d3d2c772858746cf29d18c684566 |
C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\search.json.mozlz4
| MD5 | b6d7fc9b6ebc5f46500acc52bf6c9808 |
| SHA1 | 4fd8111c436d89b83890e98b4cb7d0343e568340 |
| SHA256 | 2bd35c40d02dfca6c685a001287d89c1ec743b8d4d87a0a568c1cbd0b5ba4974 |
| SHA512 | 7e7111112af9448be4da527ae1d76ed93ec1e236dd00db63ff30d93d1f29cd699193e1e2635b110dda3ec36502c25065ef7d1613537451916ea301eb0f3e084b |
C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\places.sqlite
| MD5 | 2eeb46e1c58ff1cce4ac2d4d725b2cc6 |
| SHA1 | 89aa36e77e51da31fbbfd682a2acc91f6016d275 |
| SHA256 | e99e5ee165f2a0d5d39c5cc5a1d994c0534cf7caf8779f314f0e92b2d59d2b6a |
| SHA512 | 23d5e39c25375ef4a83713f44615078878253411cd6ca6c4a149de915cd491b328046ddd189a113585361faad6a47ebd6ead31f062681ab25b0f2832a988265e |
C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\handlers.json
| MD5 | e7a65c5ead519a7b802f991353c26d3d |
| SHA1 | 34cc3c1cf9bd4912dba5fa422010934e46419fa3 |
| SHA256 | 0e5ce92485da953757f615bad034a43032b220da18f8165dd85347851b56b2d2 |
| SHA512 | 2a6034449ba6f5da8a77870ae665064047cea2460aeb4c8c0b62b308a403fdd30648150209aecc31ab1e50b6d9d94a1f51d3d7d50bbf35ec1b742bff2dbe788d |
C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\favicons.sqlite
| MD5 | 0351b833a5c095852e821535974441c8 |
| SHA1 | bcbf5c294852c2d80af7862d19791b994aea7706 |
| SHA256 | dd13400afe7ebe5d0be37c951ff961be293b63588cc3635a62fa5f071ab69eef |
| SHA512 | 3eaefe9e400fadf0b947036e15b4dc5c7b42fbbcb716426ba478073eff1e7d7bddf3f72c44dfb5fafe6712d7ea9f2c52c172607d719f238a22e432afdb618b97 |
C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions.json
| MD5 | e2e8f9cf938f81b1185086b12c5c9d90 |
| SHA1 | b67c857a7002b3262f09ffc9fa8524c58a01e5b9 |
| SHA256 | a053bba02f38179197090a9a9849aab872af5b09dc61b2f69efb0d8ea2d0f5e2 |
| SHA512 | 3bab571f5c43ff72ce1dd654b584d053cba937a3d3cc4d07cbf57ac7acc821b199b90fab66abc62dbe32e75297143c810c995d87df076e75a583e321d081d87f |
C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extension-preferences.json
| MD5 | d2e8aceaa00ad916618bea2eee81aedf |
| SHA1 | 28b26f0db0b4b2504a418983089795761c56e4a1 |
| SHA256 | fc52b830f384921b69b457fed04dfb4239fb08e9fe7d8ac07c4c269bd9f6f622 |
| SHA512 | b6cb1f872dfc024d28524976aca3ad8840943ca0fc212326e8b6ee6fe0a57d5120a6c1da824ab70d7f9ee8dd674bdd32ace038db4d893b893830bf3267c6e59d |
C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\datareporting\glean\db\data.safe.bin
| MD5 | b1c8aa9861b461806c9e738511edd6ae |
| SHA1 | fe13c1bbc7e323845cbe6a1bb89259cbd05595f8 |
| SHA256 | 7cea48e7add3340b36f47ba4ea2ded8d6cb0423ffc2a64b44d7e86e0507d6b70 |
| SHA512 | 841a0f8c98dd04dc9a4be2f05c34ecd511388c76d08ca0f415bfb6056166d9a521b8bc2c46b74697f3ecdac5141d1fe6af76dd0689350caca14e9f849ee75a8b |
C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\sessionCheckpoints.json
| MD5 | 48fcad918c62db97e9af1dba1d131473 |
| SHA1 | d89381594d3241b0e645033f67572a5d8c166764 |
| SHA256 | dd8349e2789db1125b477971c5d445b6afb2f6ea3b57de65080631040900fe8c |
| SHA512 | 2278d074aab519859188b047c77fe7b4db718e0af237b63e06a1b095d7a1eb4e07d6ea59cab5d7b1325aae0047fadea36eae12a80bfefe112aab85fc18aa1ca3 |
C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | 47539d0337e97e22a728afc2638d461f |
| SHA1 | d97b37079543b33b9b605c787945f809aed66fd6 |
| SHA256 | 262e52c5bbaa9bcd2dfcb4cf7da83a1efa95ebd0299f82031ad31a6ab19405a5 |
| SHA512 | 3810ebe80173d41785a42459fc5c4a8a31e56294f2c03fe99416925a34d242b88023565057201c9b6dcbdb97c8396d8305a723c0e31bb5b560b031b299672d4a |
C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\.metadata-v2
| MD5 | 7abc816e004d9ed0f292770cfa8876cb |
| SHA1 | 4a1eeb702543f0819ef7c64b9f3bfd53be292106 |
| SHA256 | 2960d61c10694d76f29beca0eb96c06608cf4bbf479811449a39197e8580842e |
| SHA512 | 9883b894e65a426227ea9808b69e2259f206df76bd9bb9e7c0ebd7521acbdad0a92c4a531f739c93b1e53001eca8a1a42e122baa1e1885b11d4ba34aae24961a |
C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\ls-archive.sqlite
| MD5 | d277f533f1d77e26d09bb66764bbeea6 |
| SHA1 | 082920ebe7dfb870cf94a99fc601fd5ae8b456ee |
| SHA256 | 3c957f8d69ccfe73b66c28d378bf301bb1bcb0ceb5c59ac0dafeb5787b24f3c3 |
| SHA512 | 510c78685b20a68160d9041d5a55a022a281fc0fd5777f978dc422d132961bf52ac23a0a95ca47b15715641ecb7a39b359da8d00d305c8543d553c00db54747d |
C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | cbb1daad9fc48ab13e35fcd3621a5999 |
| SHA1 | 0eec8ece735465aea259f8223762f93fb13a97a0 |
| SHA256 | 8a03ae38ee38cf04dd9a5e2c5563bfd930886cae2170ed4200829288e5c155da |
| SHA512 | 818629d68123ae629bd5a1c7e768ed79707360457be1b7c50f7c59447bf9ee398fe78c925f037649d6b1ca529a9cf3bf8077b6f525f3e88142c56bc7e5451e8b |
C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\.metadata-v2
| MD5 | 2c740091198dcf20b9c600791e2bcc3c |
| SHA1 | dd6f376ba9139ddec20ece64da0760054133db96 |
| SHA256 | e39504c71ba91c438c682a8c83c7ecfc5410b853d7788a4c561a8c6e90bdbe59 |
| SHA512 | a677a432a4af6b5ad0131d224d2e4c999c2340a54ba770f9f39429fd28ad05a921fcf65a1b714af5deae2419abcf8ab38472e15f0f8758ccf7b7769a40bafffc |
C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\cookies.sqlite
| MD5 | 5caa766855d5613a999f71b7812d6451 |
| SHA1 | ad0d9a52a0d5cc7f11858301dbe47377ed99ee37 |
| SHA256 | 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27 |
| SHA512 | 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba |
C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\content-prefs.sqlite
| MD5 | 2ec530a71bdac21f299f9ddb823be222 |
| SHA1 | 5425aaf19c0832cda06be506e88f2435f432d287 |
| SHA256 | ccad2cafe84d27b3be67a87f0e32b7670e451c7ceefce6f2aa38f658976334b3 |
| SHA512 | 94eec8b0f59c68331d9187dd4dd4aa2b2c31d844e72bf707cd9e0c7c72c64982a3babcacf3d09a996422281ac5479ee304b41a577e54a74308d7a31a7d7091d4 |
C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\containers.json
| MD5 | 26dd091069531a62061de8ca1c56d46b |
| SHA1 | 6c9daa73f096174f28f86c9bb245cb8a540f5c2d |
| SHA256 | 2cde4e7f9f1c6ab6fcf729370237845c72314a6c6d942fab1989f37e6c610a9a |
| SHA512 | 180d42c642f5d1126efbf89af33f1b4d1aa936aa530834b508eabcf3ec845aad91daa871ee6517e1181910f5720edbc3788d6a4b2455f1255d7b52b95de2d66d |
C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\compatibility.ini
| MD5 | e50a617598b0f635e6f9ae4a9d445b78 |
| SHA1 | a372ec393dd6271bd00cf02f894152887765da8b |
| SHA256 | c9053fe76caf2607aa3043fa8b60070956198590dd8aab868145e0644cee30f5 |
| SHA512 | e851c226c38d4a6dfe43074d455fd75483d6c9b4d9521280a64f5b1913a055084d7764f13a8d0a12142a716a4031cc2ca4916c131d41c18a4d7a95128cb03bc0 |
C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\webappsstore.sqlite
| MD5 | 41c22c9f81a84b1b0e5ee7ec2ff7c545 |
| SHA1 | d12424cba9e4e9124bf3f15e556c562b95c9b6a3 |
| SHA256 | 4ffdc78433817da79ad2e84b26a2ffaf62d8c1baf80421751d752c3d8723328f |
| SHA512 | 8b690c55ae0b25aeede62a09dea1ef6b7daa9880ca63c6d4ce192160daded05fe0dc44b115216ce10523e2ec45991873c249f159fe8608712818f5ead327897b |
C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\times.json
| MD5 | 797325af481a14ae243f10d5f24b4a0d |
| SHA1 | 718b6ed3d9d839b8fe0a0e097b9ac5f5770ed5a1 |
| SHA256 | 1d70eaebce1c81e3241ae47deb92aab50f90dd8baa4c7cb5e9f7eb6b1e66abb1 |
| SHA512 | ac9aa2b028bdffe24831ba50894fb48eb70b100f6973875987e24f075a3e9196f96699667eb3a5d2e4f86041d510447c75fe6e55562813451712878a3411c3b1 |
C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\xulstore.json
| MD5 | 8d689c06cb844185099c0398a280537e |
| SHA1 | 57073c7526ec37e94bb9db44fedc6d50276f7a6b |
| SHA256 | 96729e9b38f216605ff10715f96f364be32f02e2de23ede7e74b78244605124d |
| SHA512 | 3c7df326c695143915df1068cb2c0f58e93e4881b2c4d94b33948b80e954fbd4cf944ae53b4d15002b79fcdb8e88f8e9cf4c89ca50f56b7cfd8a13ea7dd6fff8 |
C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage.sqlite
| MD5 | 7f2754df6a4a580b15910f449892766d |
| SHA1 | 9dcaad98563ed89781f53941cbc43db5454de7f5 |
| SHA256 | d3765d63c380e5a79296d566b7869c08b1f4e079787176f29cf2ddcd76330654 |
| SHA512 | 25f0205a8c4aed02e9e1f9ecafffb36cb3bb795ef9f06cc12ede9e8b0459ae5b86573b3b4980b92073a59204eaf314cba34c03b99e90ab98f804fe378fe02839 |
C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | ecb1dedf5ef99417494e424ca42eb67f |
| SHA1 | e2a293cbba50c6624e75cdaffe472967f3961023 |
| SHA256 | cccd56daa3559a54db61113fbdb5b6c96649cdd65b5cf14bd442c3f2e3b738be |
| SHA512 | 5ea0645775933d5bd2f913d58e344253a58578c920af95bd0fb81ff4f13a4998a919f0856ffdc97541abf9fc3797558b0f2467bc73214b63c7ce568ba87e550b |
C:\Users\Admin\AppData\Roaming\tor\cached-microdesc-consensus.tmp
| MD5 | 80e882ce8268212cf4db9fbe44f95336 |
| SHA1 | 85abc152168a20d8db2c6501aa43a97ea72efc8c |
| SHA256 | 32c7fa19bdf922f35368bbda1fd91b30fae89f7e8615c8224901e4e3454ee937 |
| SHA512 | eb6fc2086c0c5b1e2207c675e49713961246559ade42f65f5e1d51e6139e503eacceaa57542664f7161dc320df0403d90bc85e499aa2d0f09c4a3d4236920cd5 |
C:\Users\Admin\AppData\Local\Temp\_MEI16762\Tor Browser\Browser\firefox.exe
| MD5 | 65aa9b0f57d72e4d70e9226322221adc |
| SHA1 | 85fec174d0977afd8c0100c9d9b53c958e1949bf |
| SHA256 | 51b63860fd996d6d5b1753ba6bb7f3a4303f13187fbfecc96ba2b6bae52a7410 |
| SHA512 | f84416a5e9293b8b82993e9424b13d5bb8542d1a379d04f498b60f0b5805626b7c97bcc6f86f6cfd33031b0d65d0ad23ce6d836995b5a481ed29f62ef89b2c85 |
memory/4460-492-0x00007FFA90F10000-0x00007FFA90F11000-memory.dmp
memory/4460-491-0x00007FFA912B0000-0x00007FFA912B1000-memory.dmp
memory/4948-517-0x000001F64B600000-0x000001F64B6AD000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileaHuexS\prefs.js
| MD5 | 5170af22f388665f5392b95a0e8b58d4 |
| SHA1 | 9c9e72777fca9054b62d95bca2efd68df3e62af6 |
| SHA256 | cce83dacb6141005d3cb7f2a19dcfa4d69327d68327a1e63d25e6ca55e312d2f |
| SHA512 | 22ffe4386c5ed135ee6b79429443f0b60fbcc95c771c67143938703956e18fd465e7fc221a45ed5eba7d7ef3aa0a320d9e4b17141c5eec9776649b427fcbfaac |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileaHuexS\extensions.json
| MD5 | e5e0fb65225977157f4a240b263ea79f |
| SHA1 | 05381cd19713965a0d136618a8a66f4c889a4c5d |
| SHA256 | 59337e6a99a5b42bacce9737aef0511c9507ad0a2b7935c9574a1ed6f706996a |
| SHA512 | 4a9dc8178461758f4dbbbd1ad1e8e8b445b4f7e5a97eab5353a1b373e273d599b878c7eafcb58ebe02f5273686d6ddb3fc5260828a52c5ac7b2b3a49663130ed |
C:\Users\Admin\AppData\Roaming\tor\cached-microdescs.new
| MD5 | 99d9bdc5a0a9a0c9e68b89adf6d0fa1b |
| SHA1 | 49ff01c7107f7058608418ffe66c8758c7f2c1a5 |
| SHA256 | 666edec3ca1572adf6256f15c56445b7a9220ee08b8eb59f4f7e52e364fef607 |
| SHA512 | 662c111a82c955a27db07657b831273b1d57fac370f4c126e64459c80af3238386251526ae6951db4606bda497849e133cc4b825a1bf06758f3d9cd6e0b9a74b |
memory/4460-606-0x0000018600410000-0x00000186004BD000-memory.dmp
memory/3252-623-0x0000023A5AB00000-0x0000023A5ABAD000-memory.dmp
memory/4444-624-0x0000015460400000-0x00000154604AD000-memory.dmp
memory/5040-622-0x000001A73F5F0000-0x000001A73F69D000-memory.dmp
memory/1468-621-0x000002D955350000-0x000002D9553FD000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileaHuexS\prefs-1.js
| MD5 | 25850f8c8dc92627e55eeab4f110ede6 |
| SHA1 | 2bd8f4c9cf47b77e300a65c18773a9df1a731c30 |
| SHA256 | 3e4c10a06de821b8a297c0e9ebf7e2634308b5b0bc34b3ce9f2c21001254111c |
| SHA512 | 01e0f73815505ea2fa1beabf64ced0485fa46ed6f47d4d0852539c2176f47809961ebb1b5e3ca697659fce03087ccab44a0207449adda727117d9a0afd7a65c6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileaHuexS\prefs-1.js
| MD5 | 7b5feafb47db2864cc99776604017020 |
| SHA1 | a78e00ccea944f6790f77ba230e1d26642c47a6e |
| SHA256 | 43b671ffaf8d8f00ce0ff928e6e20782bc185f267708a4edae7e33c9c1b7efe2 |
| SHA512 | 066ea5fbe11554c70cb96b36163f1f547bc6910a178ac6cfdcb204a9dd5d2c6b68a23728c5b8d429d324a64c9b6b4e29c5935cca44941509f8aaea6e04cd4972 |
memory/4184-706-0x000001C659500000-0x000001C6595AD000-memory.dmp
memory/5076-730-0x000001E87ABC0000-0x000001E87AC6D000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileaHuexS\prefs.js
| MD5 | 968aa5d757a59b45b7c509893be272e3 |
| SHA1 | c44e521c514d6421362114970148b69d3b37c7b3 |
| SHA256 | 28ff19353aca2b4453d749117866298fcf3dd6a28850527a913f85ab68f6a622 |
| SHA512 | 148ecbf70e40b651e58ea7b38da7c74ff4c5e975b075019d49c8fbe8d621e27c31b60af78094ee9c77cd677c49b309f08e4227f7e383ec76bf457304bc45a8d0 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileo1VIhG\sessionCheckpoints.json
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileo1VIhG\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileo1VIhG\extension-preferences.json
| MD5 | b4298c9a240d6b7b63346daf94013802 |
| SHA1 | 9ce98168437854b51b198c16186c05129f0c273b |
| SHA256 | e120cdbe8994b9c61e74492f0fad161abb5b4e18f64d4b786a8c245ae5a384d5 |
| SHA512 | 545becc42b35be10b4c24fdc38ef6b664d167e4288111f31478f476c2c06794efb802ac0fa2b782cddea1283d295a56053e96520b033258bd596ff6fbb4f1b4c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileo1VIhG\startupCache\webext.sc.lz4
| MD5 | 1b799cc5b6cf681cfa54d37c8ce8cb06 |
| SHA1 | 2f0fae44eb2fe74542df923e37f0c7e23a74fd17 |
| SHA256 | ce654b3257aec215ee980682aa6a48628dac50252a09301efe8686ff3f406a03 |
| SHA512 | 10263e878623c9375095f150a83e5fe42fb5feccea139e107d37b2337f0c68c4f8a47952247d7e8517876a12dcd696202b8ecdf115577c0e416a489a280451d3 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileo1VIhG\prefs-1.js
| MD5 | 92fcb4d33ec3c4915cb37addff5316e2 |
| SHA1 | fb7b3cec164a366caae63a9eef3650beb30b075d |
| SHA256 | b65bb4ef4a23899fd38e31e52887325232d913dd1e700f44fcdb15e3953edd48 |
| SHA512 | 4831b03b5a35a0f0142251a847b3fd08dc517dc8a08fadafe3d42b18511ebb6dfd795e26d9bab66fd64271a50856f0ba89d0d621c3447fbfab2e705bd78f47a6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileo1VIhG\broadcast-listeners.json
| MD5 | 97c3738563a9448365a735f5f29ed3d5 |
| SHA1 | 15a81433236ca6e6ecc4e1c8d0fdb8523b265c57 |
| SHA256 | 63221253f5c30efa214c2cd2adcf51a9c9f9a2c05f119b00a51c9579825c2c24 |
| SHA512 | ed98f42d5d02ab53a9e50f80b312bed4b5d05d053bec582cf9d619ef91251e86cf4f4d1123c645500fc1dc4673b49a8b7badd3f3a39f565ac643ca4fd0157ae6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileo1VIhG\prefs-1.js
| MD5 | 4f9933eb3d301ab99322605375b7ecd4 |
| SHA1 | 3fcfec331fbf9e18df32fe0a236432ac69ea3a6c |
| SHA256 | 5e41e6177fba00bbcb07caa9b4de01b1529c4cdb70ff895c747cc402c3877f98 |
| SHA512 | 68b072e3461b26028eb15b14fdf08a36663b6a3bf1900c71df9f55fee300f5ac1bfc07ded101d209636cb022799f970127c7462256e703240fe405c721b7f615 |