Analysis Overview
SHA256
88093c75834d60df3b4b6f4df642bb28dc749f4bd562f587fa8f9e30e97d3c5c
Threat Level: Shows suspicious behavior
The file heavy.exe was found to be: Shows suspicious behavior.
Malicious Activity Summary
Checks computer location settings
Executes dropped EXE
Loads dropped DLL
Checks whether UAC is enabled
Enumerates physical storage devices
Detects Pyinstaller
Unsigned PE
Suspicious use of WriteProcessMemory
Suspicious use of SetWindowsHookEx
Suspicious use of AdjustPrivilegeToken
Checks processor information in registry
Modifies registry class
Suspicious use of FindShellTrayWindow
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-05-09 01:57
Signatures
Detects Pyinstaller
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-09 01:55
Reported
2024-05-09 02:07
Platform
win10-20240404-en
Max time kernel
300s
Max time network
300s
Command Line
Signatures
Executes dropped EXE
Loads dropped DLL
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "ver"
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\TorBrowser\Tor\tor.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Users\Admin\AppData\Local\Temp\_MEI50842\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI50842\geckodriver.exe --port 50041 --websocket-port 50042
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50042 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileyVVWMJ
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50042 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileyVVWMJ
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe" -contentproc --channel="1380.0.1806232360\1924176675" -parentBuildID 20240416150000 -prefsHandle 1492 -prefMapHandle 1480 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\browser" - {1be9fda4-15b2-45f2-abd7-fe1cc0e5fde7} 1380 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe" -contentproc --channel="1380.1.442611907\1080111274" -childID 1 -isForBrowser -prefsHandle 2320 -prefMapHandle 2228 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\browser" - {f7e59a66-1d61-4b08-8d5b-ac9d7fc1cb9b} 1380 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe" -contentproc --channel="1380.2.1472973081\894935327" -childID 2 -isForBrowser -prefsHandle 2964 -prefMapHandle 2960 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\browser" - {dc09ac8a-36dd-49a6-a8a1-4aea9239a328} 1380 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe" -contentproc --channel="1380.3.195725214\291940684" -childID 3 -isForBrowser -prefsHandle 3160 -prefMapHandle 3328 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\browser" - {cd961dcd-598c-4006-95af-d14910e37bf4} 1380 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe" -contentproc --channel="1380.4.358627953\1564528238" -childID 4 -isForBrowser -prefsHandle 2080 -prefMapHandle 2408 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\browser" - {538ef817-55dc-4f3a-9bd3-a35cbebcf060} 1380 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe" -contentproc --channel="1380.5.840625722\1434475533" -childID 5 -isForBrowser -prefsHandle 3864 -prefMapHandle 3868 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\browser" - {4646bc96-9a27-4c10-a761-32854d5a4520} 1380 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe" -contentproc --channel="1380.6.780638971\1506332735" -childID 6 -isForBrowser -prefsHandle 4044 -prefMapHandle 4048 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\browser" - {2fd562d0-fa92-446c-bc0e-eb68305931c3} 1380 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50842\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI50842\geckodriver.exe --port 50041 --websocket-port 50042
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50042 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile9gj48S
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50042 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile9gj48S
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe" -contentproc --channel="1076.0.1448682224\194047871" -parentBuildID 20240416150000 -prefsHandle 1488 -prefMapHandle 1480 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\browser" - {d2a3d003-3bd2-4be9-bb15-81c1791ba711} 1076 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe" -contentproc --channel="1076.1.1441691162\902959796" -childID 1 -isForBrowser -prefsHandle 2384 -prefMapHandle 2480 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1072 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\browser" - {776d6065-3f76-445b-acbb-9fcafc876974} 1076 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe" -contentproc --channel="1076.2.487907195\354215416" -childID 2 -isForBrowser -prefsHandle 3116 -prefMapHandle 3024 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1072 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\browser" - {440335e9-6983-4c38-9917-aa9251a0f772} 1076 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe" -contentproc --channel="1076.3.1976931579\961462560" -childID 3 -isForBrowser -prefsHandle 3148 -prefMapHandle 3164 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1072 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\browser" - {b03d1795-7379-466d-bdb4-4630b71302bd} 1076 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe" -contentproc --channel="1076.4.1221422375\805484040" -childID 4 -isForBrowser -prefsHandle 1348 -prefMapHandle 1356 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1072 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\browser" - {29417103-3a97-49cc-bd93-c4a1b083de25} 1076 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe" -contentproc --channel="1076.5.1524766276\629969248" -childID 5 -isForBrowser -prefsHandle 3776 -prefMapHandle 3772 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1072 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\browser" - {b1e0a310-11d7-4076-8a4f-23abce4f0013} 1076 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe" -contentproc --channel="1076.6.1577677780\1498768896" -childID 6 -isForBrowser -prefsHandle 3960 -prefMapHandle 3956 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1072 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\browser" - {b59b0bc9-a000-4807-adaa-7beeb0aec7a8} 1076 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50842\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI50842\geckodriver.exe --port 50041 --websocket-port 50042
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50042 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileJmsger
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50042 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileJmsger
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe" -contentproc --channel="3344.0.1390059492\354033349" -parentBuildID 20240416150000 -prefsHandle 1492 -prefMapHandle 1480 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\browser" - {4ea99b35-6230-4bb7-b609-9621720e0017} 3344 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe" -contentproc --channel="3344.1.1928138336\346049658" -childID 1 -isForBrowser -prefsHandle 2676 -prefMapHandle 2696 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\browser" - {217184c2-bb14-4b59-befa-ce5a7ce543c5} 3344 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe" -contentproc --channel="3344.2.1557860269\1519630985" -childID 2 -isForBrowser -prefsHandle 2924 -prefMapHandle 2920 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\browser" - {9429df52-c922-4dab-973a-269df6f4faaf} 3344 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe" -contentproc --channel="3344.3.1335261831\1421582006" -childID 3 -isForBrowser -prefsHandle 3596 -prefMapHandle 3600 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\browser" - {944cd4e2-bd10-4b60-9ffc-97e40bc9e3c8} 3344 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe" -contentproc --channel="3344.4.1421643050\6605282" -childID 4 -isForBrowser -prefsHandle 2944 -prefMapHandle 2956 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\browser" - {4fc0c9b6-b794-43a4-b232-14046fdff2a5} 3344 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe" -contentproc --channel="3344.5.999006509\602519082" -childID 5 -isForBrowser -prefsHandle 3308 -prefMapHandle 3304 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\browser" - {27cec1c7-acef-4c7f-8465-326c1f062bd1} 3344 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe" -contentproc --channel="3344.6.37209802\765928312" -childID 6 -isForBrowser -prefsHandle 2888 -prefMapHandle 3328 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\browser" - {70f06ce8-06e4-4597-9f27-faca1488bda1} 3344 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50842\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI50842\geckodriver.exe --port 50041 --websocket-port 50042
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50042 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilelUTitf
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50042 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilelUTitf
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe" -contentproc --channel="3480.0.318748491\1912138896" -parentBuildID 20240416150000 -prefsHandle 1464 -prefMapHandle 1456 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\browser" - {fb68610d-1f74-44c6-aa43-d8db422b83b0} 3480 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe" -contentproc --channel="3480.1.1549971699\1111648438" -childID 1 -isForBrowser -prefsHandle 2388 -prefMapHandle 2596 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\browser" - {ce542194-d60b-4e5a-ba80-b8ac03dc2e54} 3480 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe" -contentproc --channel="3480.2.1042162956\1434184777" -childID 2 -isForBrowser -prefsHandle 2972 -prefMapHandle 2968 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\browser" - {0553f16c-2db3-4b85-9ffa-b5e3a11516f8} 3480 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe" -contentproc --channel="3480.3.1454748665\873270849" -childID 3 -isForBrowser -prefsHandle 3320 -prefMapHandle 3296 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\browser" - {f41102a3-2a85-47d8-beb4-85db7f686176} 3480 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe" -contentproc --channel="3480.4.2036786990\1688272797" -childID 4 -isForBrowser -prefsHandle 3748 -prefMapHandle 1352 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\browser" - {5e4ed310-87bb-4a8e-91f7-60f17dc3078c} 3480 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe" -contentproc --channel="3480.5.796946308\1495971287" -childID 5 -isForBrowser -prefsHandle 2992 -prefMapHandle 2984 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\browser" - {a149052b-cd46-4a02-93f4-4a237a68a5e3} 3480 tab
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe" -contentproc --channel="3480.6.901823452\167513637" -childID 6 -isForBrowser -prefsHandle 3864 -prefMapHandle 3868 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\browser" - {0eacddcf-1d3a-4e4a-930a-f770bb10a71f} 3480 tab
Network
| Country | Destination | Domain | Proto |
| US | 199.249.230.159:443 | tcp | |
| DE | 45.15.157.177:443 | tcp | |
| US | 8.8.8.8:53 | 177.157.15.45.in-addr.arpa | udp |
| DE | 185.254.96.139:9000 | tcp | |
| DE | 81.7.10.19:8080 | tcp | |
| DE | 185.254.96.139:9000 | tcp | |
| DE | 185.254.96.139:9000 | tcp | |
| DE | 185.254.96.139:9000 | tcp | |
| N/A | 127.0.0.1:50144 | tcp | |
| N/A | 127.0.0.1:50146 | tcp | |
| N/A | 127.0.0.1:50041 | tcp | |
| N/A | 127.0.0.1:50041 | tcp | |
| N/A | 127.0.0.1:50240 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50248 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| US | 8.8.8.8:53 | udp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| US | 8.8.8.8:53 | udp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50041 | tcp | |
| N/A | 127.0.0.1:50041 | tcp | |
| N/A | 127.0.0.1:50041 | tcp | |
| N/A | 127.0.0.1:50554 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50562 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| US | 8.8.8.8:53 | 131.72.42.20.in-addr.arpa | udp |
| DE | 184.174.38.53:9001 | tcp | |
| DE | 81.7.10.19:8080 | tcp | |
| US | 8.8.8.8:53 | 53.38.174.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| N/A | 127.0.0.1:50041 | tcp | |
| N/A | 127.0.0.1:50041 | tcp | |
| N/A | 127.0.0.1:50041 | tcp | |
| N/A | 127.0.0.1:50847 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50855 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50041 | tcp | |
| N/A | 127.0.0.1:50041 | tcp | |
| N/A | 127.0.0.1:50041 | tcp | |
| N/A | 127.0.0.1:51144 | tcp | |
| N/A | 127.0.0.1:51152 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp |
Files
\Users\Admin\AppData\Local\Temp\_MEI50842\python38.dll
| MD5 | 26ba25d468a778d37f1a24f4514d9814 |
| SHA1 | b64fe169690557656ede3ae50d3c5a197fea6013 |
| SHA256 | 2f3e368f5bcc1dda5e951682008a509751e6395f7328fd0f02c4e1a11f67c128 |
| SHA512 | 80471bfeeab279ce4adfb9ee1962597fb8e1886b861e31bdff1e3aa0df06d93afeb3a3398e9519bab7152d4bd7d88fa9b328a2d7eb50a91eb60fead268912080 |
\Users\Admin\AppData\Local\Temp\_MEI50842\_ctypes.pyd
| MD5 | 291a0a9b63bae00a4222a6df71a22023 |
| SHA1 | 7a6a2aad634ec30e8edb2d2d8d0895c708d84551 |
| SHA256 | 820e840759eed12e19f3c485fd819b065b49d9dc704ae3599a63077416d63324 |
| SHA512 | d43ef6fc2595936b17b0a689a00be04968f11d7c28945af4c3a74589bd05f415bf4cb3b4e22ac496490daff533755999a69d5962ccffd12e09c16130ed57fd09 |
C:\Users\Admin\AppData\Local\Temp\_MEI50842\libffi-7.dll
| MD5 | eef7981412be8ea459064d3090f4b3aa |
| SHA1 | c60da4830ce27afc234b3c3014c583f7f0a5a925 |
| SHA256 | f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081 |
| SHA512 | dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016 |
C:\Users\Admin\AppData\Local\Temp\_MEI50842\_hashlib.pyd
| MD5 | 5e5af52f42eaf007e3ac73fd2211f048 |
| SHA1 | 1a981e66ab5b03f4a74a6bac6227cd45df78010b |
| SHA256 | a30cf1a40e0b09610e34be187f1396ac5a44dcfb27bc7ff9b450d1318b694c1b |
| SHA512 | bc37625005c3dad1129b158a2f1e91628d5c973961e0efd61513bb6c7b97d77922809afca8039d08c11903734450bc098c6e7b63655ff1e9881323e5cfd739fd |
\Users\Admin\AppData\Local\Temp\_MEI50842\libcrypto-1_1.dll
| MD5 | 22f805d81bb63c361749aa058a2c2f3c |
| SHA1 | 721c3f519b4c8235d13805cf78433955b5762a94 |
| SHA256 | 43740842e5fb5053106300fd1abc1eec7f8dc967331169ca7f866ebfda0f7cb3 |
| SHA512 | 731727624516f2cd9d61ed7df0af1cd99b93a5047ad83e39a8aee7e9804f88482f1d486d0adb5b75c2cf05612dd566ddb7b8a4a4b49bd395cb298c7ed17de61e |
\Users\Admin\AppData\Local\Temp\_MEI50842\select.pyd
| MD5 | e21cff76db11c1066fd96af86332b640 |
| SHA1 | e78ef7075c479b1d218132d89bf4bec13d54c06a |
| SHA256 | fcc2e09a2355a5546922874fb4cac92ee00a33c0ed6adbc440d128d1e9f4ec28 |
| SHA512 | e86dba2326ca5ea3f5ef3af2abd3c23d5b29b6211acc865b6be5a51d5c8850b7cda8c069e6f631ac62f2047224c4b675bbe6ac97c7ba781de5b8016ebaffd46f |
\Users\Admin\AppData\Local\Temp\_MEI50842\libssl-1_1.dll
| MD5 | 50bcfb04328fec1a22c31c0e39286470 |
| SHA1 | 3a1b78faf34125c7b8d684419fa715c367db3daa |
| SHA256 | fddd0da02dcd41786e9aa04ba17ba391ce39dae6b1f54cfa1e2bb55bc753fce9 |
| SHA512 | 370e6dfd318d905b79baf1808efbf6da58590f00006513bdaaed0c313f6fa6c36f634ea3b05f916cee59f4db25a23dd9e6f64caf3c04a200e78c193027f57685 |
\Users\Admin\AppData\Local\Temp\_MEI50842\_queue.pyd
| MD5 | dd146e2fa08302496b15118bf47703cf |
| SHA1 | d06813e2fcb30cbb00bb3893f30c2661686cf4b7 |
| SHA256 | 67e4e888559ea2c62ff267b58d7a7e95c2ec361703b5aa232aa8b2a1f96a2051 |
| SHA512 | 5b93a782c9562370fc5b3f289ca422b4d1a1c532e81bd6c95a0063f2e3889ecf828003e42b674439fc7cd0fa72f64ad607bab6910abe9d959a4fb9fb08df263c |
\Users\Admin\AppData\Local\Temp\_MEI50842\_ssl.pyd
| MD5 | d4dfd8c2894670e9f8d6302c09997300 |
| SHA1 | c3a6cc8d8079a06a4cac8950e0baba2b43fb1f8e |
| SHA256 | 0a721fc230eca278a69a2006e13dfa00e698274281378d4df35227e1f68ea3e0 |
| SHA512 | 1422bf45d233e2e3f77dce30ba0123625f2a511f73dfdf42ee093b1755963d9abc371935111c28f0d2c02308c5e82867de2546d871c35e657da32a7182026048 |
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extension-preferences.json
| MD5 | d2e8aceaa00ad916618bea2eee81aedf |
| SHA1 | 28b26f0db0b4b2504a418983089795761c56e4a1 |
| SHA256 | fc52b830f384921b69b457fed04dfb4239fb08e9fe7d8ac07c4c269bd9f6f622 |
| SHA512 | b6cb1f872dfc024d28524976aca3ad8840943ca0fc212326e8b6ee6fe0a57d5120a6c1da824ab70d7f9ee8dd674bdd32ace038db4d893b893830bf3267c6e59d |
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | 539c0dcf91a5398eacf892e6f45faa1a |
| SHA1 | 71abb831fce501f8d0f765d638b632131db73c52 |
| SHA256 | 73456efd35a10c83ee2f44c68db1c2b62be38cab4e50ecac16a87e682d9c68fb |
| SHA512 | 29675ee62c29134d2fa116b3a00527df3a17c967dca7db7f7763c45ea5c9f0376e702c444c1f21f23fdd9b4b384ba2c732b987ddff8ef3dd9c39af265a7dd967 |
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\xulstore.json
| MD5 | 8d689c06cb844185099c0398a280537e |
| SHA1 | 57073c7526ec37e94bb9db44fedc6d50276f7a6b |
| SHA256 | 96729e9b38f216605ff10715f96f364be32f02e2de23ede7e74b78244605124d |
| SHA512 | 3c7df326c695143915df1068cb2c0f58e93e4881b2c4d94b33948b80e954fbd4cf944ae53b4d15002b79fcdb8e88f8e9cf4c89ca50f56b7cfd8a13ea7dd6fff8 |
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\webappsstore.sqlite
| MD5 | 41c22c9f81a84b1b0e5ee7ec2ff7c545 |
| SHA1 | d12424cba9e4e9124bf3f15e556c562b95c9b6a3 |
| SHA256 | 4ffdc78433817da79ad2e84b26a2ffaf62d8c1baf80421751d752c3d8723328f |
| SHA512 | 8b690c55ae0b25aeede62a09dea1ef6b7daa9880ca63c6d4ce192160daded05fe0dc44b115216ce10523e2ec45991873c249f159fe8608712818f5ead327897b |
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\times.json
| MD5 | 797325af481a14ae243f10d5f24b4a0d |
| SHA1 | 718b6ed3d9d839b8fe0a0e097b9ac5f5770ed5a1 |
| SHA256 | 1d70eaebce1c81e3241ae47deb92aab50f90dd8baa4c7cb5e9f7eb6b1e66abb1 |
| SHA512 | ac9aa2b028bdffe24831ba50894fb48eb70b100f6973875987e24f075a3e9196f96699667eb3a5d2e4f86041d510447c75fe6e55562813451712878a3411c3b1 |
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage.sqlite
| MD5 | 7f2754df6a4a580b15910f449892766d |
| SHA1 | 9dcaad98563ed89781f53941cbc43db5454de7f5 |
| SHA256 | d3765d63c380e5a79296d566b7869c08b1f4e079787176f29cf2ddcd76330654 |
| SHA512 | 25f0205a8c4aed02e9e1f9ecafffb36cb3bb795ef9f06cc12ede9e8b0459ae5b86573b3b4980b92073a59204eaf314cba34c03b99e90ab98f804fe378fe02839 |
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | 7059cb49a731c42aeef63bffc59bf841 |
| SHA1 | 04049b5711aa4a09c26f9dc8087caa8f16736942 |
| SHA256 | 285573648093d3f2b829d447da3d4ada57e9e88e7bf901c2d072c5099e6ab461 |
| SHA512 | 6709fbfd44f70a8af52aca1648fc2b971ffd5865bb6eea3f1f7550d1a8e4dd3ee918f56b8365220bf882fe5f3e1be5900702ee58d70959eb0bd98d26455e9190 |
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | ecb1dedf5ef99417494e424ca42eb67f |
| SHA1 | e2a293cbba50c6624e75cdaffe472967f3961023 |
| SHA256 | cccd56daa3559a54db61113fbdb5b6c96649cdd65b5cf14bd442c3f2e3b738be |
| SHA512 | 5ea0645775933d5bd2f913d58e344253a58578c920af95bd0fb81ff4f13a4998a919f0856ffdc97541abf9fc3797558b0f2467bc73214b63c7ce568ba87e550b |
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\.metadata-v2
| MD5 | 7abc816e004d9ed0f292770cfa8876cb |
| SHA1 | 4a1eeb702543f0819ef7c64b9f3bfd53be292106 |
| SHA256 | 2960d61c10694d76f29beca0eb96c06608cf4bbf479811449a39197e8580842e |
| SHA512 | 9883b894e65a426227ea9808b69e2259f206df76bd9bb9e7c0ebd7521acbdad0a92c4a531f739c93b1e53001eca8a1a42e122baa1e1885b11d4ba34aae24961a |
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\ls-archive.sqlite
| MD5 | d277f533f1d77e26d09bb66764bbeea6 |
| SHA1 | 082920ebe7dfb870cf94a99fc601fd5ae8b456ee |
| SHA256 | 3c957f8d69ccfe73b66c28d378bf301bb1bcb0ceb5c59ac0dafeb5787b24f3c3 |
| SHA512 | 510c78685b20a68160d9041d5a55a022a281fc0fd5777f978dc422d132961bf52ac23a0a95ca47b15715641ecb7a39b359da8d00d305c8543d553c00db54747d |
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | cbb1daad9fc48ab13e35fcd3621a5999 |
| SHA1 | 0eec8ece735465aea259f8223762f93fb13a97a0 |
| SHA256 | 8a03ae38ee38cf04dd9a5e2c5563bfd930886cae2170ed4200829288e5c155da |
| SHA512 | 818629d68123ae629bd5a1c7e768ed79707360457be1b7c50f7c59447bf9ee398fe78c925f037649d6b1ca529a9cf3bf8077b6f525f3e88142c56bc7e5451e8b |
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\.metadata-v2
| MD5 | 2c740091198dcf20b9c600791e2bcc3c |
| SHA1 | dd6f376ba9139ddec20ece64da0760054133db96 |
| SHA256 | e39504c71ba91c438c682a8c83c7ecfc5410b853d7788a4c561a8c6e90bdbe59 |
| SHA512 | a677a432a4af6b5ad0131d224d2e4c999c2340a54ba770f9f39429fd28ad05a921fcf65a1b714af5deae2419abcf8ab38472e15f0f8758ccf7b7769a40bafffc |
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\sessionCheckpoints.json
| MD5 | 48fcad918c62db97e9af1dba1d131473 |
| SHA1 | d89381594d3241b0e645033f67572a5d8c166764 |
| SHA256 | dd8349e2789db1125b477971c5d445b6afb2f6ea3b57de65080631040900fe8c |
| SHA512 | 2278d074aab519859188b047c77fe7b4db718e0af237b63e06a1b095d7a1eb4e07d6ea59cab5d7b1325aae0047fadea36eae12a80bfefe112aab85fc18aa1ca3 |
C:\Users\Admin\AppData\Local\Temp\_MEI50842\geckodriver.exe
| MD5 | f60c542253cbe94f762e15c7b064b55d |
| SHA1 | 7a32f034217266db6d799893edc976e891a82944 |
| SHA256 | 989c9e22c08924ecb0ce8901889dcb4dc8db33b0b4c8c88ffea38fe89f04c6aa |
| SHA512 | 1a91ba760e9893521e417a4b6ab4a25c1a1d8aadf89ad98a60eb114f65a88f9d2616f3cc102c08b95a0e91d0cb7245ecc2b4fdbbbc17465c57844e6db2b2e8ca |
\Users\Admin\AppData\Local\Temp\_MEI50842\unicodedata.pyd
| MD5 | 601aee84e12b87ca66826dfc7ca57231 |
| SHA1 | 3a7812433ca7d443d4494446a9ced24b6774ceca |
| SHA256 | d8091e62c74e1b2b648086f778c3c41ce01f09661a75ea207d3fea2cf26a8762 |
| SHA512 | 7c2d64623c6cfd66d6729f59909c90aa944e810ff6514c58b2b3142ee90e8660b7ddf7fa187389dd333e47efe8b19e935dd4e9119c15375b69b4880d043877d7 |
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\search.json.mozlz4
| MD5 | b6d7fc9b6ebc5f46500acc52bf6c9808 |
| SHA1 | 4fd8111c436d89b83890e98b4cb7d0343e568340 |
| SHA256 | 2bd35c40d02dfca6c685a001287d89c1ec743b8d4d87a0a568c1cbd0b5ba4974 |
| SHA512 | 7e7111112af9448be4da527ae1d76ed93ec1e236dd00db63ff30d93d1f29cd699193e1e2635b110dda3ec36502c25065ef7d1613537451916ea301eb0f3e084b |
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs.js
| MD5 | 8565a303ddc83b03f8662b034597de18 |
| SHA1 | ce6453779eb52055599ddba097a95ab82512ae5b |
| SHA256 | b6ffe8a2973d7050fd5ffcf7ee1c995eef8d8dc5d58cb0a05a6ca0953bd4c6bd |
| SHA512 | 2b667252645b7f1202582beb353fbb2320f81b1f2e42a8327792309709434092a953727b222a5d81bac1482a547a498ca5c9d3d2c772858746cf29d18c684566 |
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\handlers.json
| MD5 | e7a65c5ead519a7b802f991353c26d3d |
| SHA1 | 34cc3c1cf9bd4912dba5fa422010934e46419fa3 |
| SHA256 | 0e5ce92485da953757f615bad034a43032b220da18f8165dd85347851b56b2d2 |
| SHA512 | 2a6034449ba6f5da8a77870ae665064047cea2460aeb4c8c0b62b308a403fdd30648150209aecc31ab1e50b6d9d94a1f51d3d7d50bbf35ec1b742bff2dbe788d |
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\favicons.sqlite
| MD5 | 0351b833a5c095852e821535974441c8 |
| SHA1 | bcbf5c294852c2d80af7862d19791b994aea7706 |
| SHA256 | dd13400afe7ebe5d0be37c951ff961be293b63588cc3635a62fa5f071ab69eef |
| SHA512 | 3eaefe9e400fadf0b947036e15b4dc5c7b42fbbcb716426ba478073eff1e7d7bddf3f72c44dfb5fafe6712d7ea9f2c52c172607d719f238a22e432afdb618b97 |
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions.json
| MD5 | e2e8f9cf938f81b1185086b12c5c9d90 |
| SHA1 | b67c857a7002b3262f09ffc9fa8524c58a01e5b9 |
| SHA256 | a053bba02f38179197090a9a9849aab872af5b09dc61b2f69efb0d8ea2d0f5e2 |
| SHA512 | 3bab571f5c43ff72ce1dd654b584d053cba937a3d3cc4d07cbf57ac7acc821b199b90fab66abc62dbe32e75297143c810c995d87df076e75a583e321d081d87f |
C:\Users\Admin\AppData\Local\Temp\tmpu2j0qx_l\webdriver-py-profilecopy\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
| MD5 | a3fb2788945937b22e92eeeb30fb4f15 |
| SHA1 | 8cade36d4d5067cd9a094ab2e4b3c786e3c160aa |
| SHA256 | 05b98840b05ef2acbac333543e4b7c3d40fee2ce5fb4e29260b05e2ff6fe24cd |
| SHA512 | 4897aefe3a0efffaa3d92842b42fe223f0b9882031a65bea683f4554d1fec92b8a66ea15c67e9b95c7fc12991cde3245010ccfb91768ba233711ced3412c13bc |
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\places.sqlite
| MD5 | 2eeb46e1c58ff1cce4ac2d4d725b2cc6 |
| SHA1 | 89aa36e77e51da31fbbfd682a2acc91f6016d275 |
| SHA256 | e99e5ee165f2a0d5d39c5cc5a1d994c0534cf7caf8779f314f0e92b2d59d2b6a |
| SHA512 | 23d5e39c25375ef4a83713f44615078878253411cd6ca6c4a149de915cd491b328046ddd189a113585361faad6a47ebd6ead31f062681ab25b0f2832a988265e |
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\datareporting\glean\db\data.safe.bin
| MD5 | b1c8aa9861b461806c9e738511edd6ae |
| SHA1 | fe13c1bbc7e323845cbe6a1bb89259cbd05595f8 |
| SHA256 | 7cea48e7add3340b36f47ba4ea2ded8d6cb0423ffc2a64b44d7e86e0507d6b70 |
| SHA512 | 841a0f8c98dd04dc9a4be2f05c34ecd511388c76d08ca0f415bfb6056166d9a521b8bc2c46b74697f3ecdac5141d1fe6af76dd0689350caca14e9f849ee75a8b |
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\cookies.sqlite
| MD5 | 5caa766855d5613a999f71b7812d6451 |
| SHA1 | ad0d9a52a0d5cc7f11858301dbe47377ed99ee37 |
| SHA256 | 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27 |
| SHA512 | 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba |
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\content-prefs.sqlite
| MD5 | 2ec530a71bdac21f299f9ddb823be222 |
| SHA1 | 5425aaf19c0832cda06be506e88f2435f432d287 |
| SHA256 | ccad2cafe84d27b3be67a87f0e32b7670e451c7ceefce6f2aa38f658976334b3 |
| SHA512 | 94eec8b0f59c68331d9187dd4dd4aa2b2c31d844e72bf707cd9e0c7c72c64982a3babcacf3d09a996422281ac5479ee304b41a577e54a74308d7a31a7d7091d4 |
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\containers.json
| MD5 | 26dd091069531a62061de8ca1c56d46b |
| SHA1 | 6c9daa73f096174f28f86c9bb245cb8a540f5c2d |
| SHA256 | 2cde4e7f9f1c6ab6fcf729370237845c72314a6c6d942fab1989f37e6c610a9a |
| SHA512 | 180d42c642f5d1126efbf89af33f1b4d1aa936aa530834b508eabcf3ec845aad91daa871ee6517e1181910f5720edbc3788d6a4b2455f1255d7b52b95de2d66d |
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\compatibility.ini
| MD5 | e50a617598b0f635e6f9ae4a9d445b78 |
| SHA1 | a372ec393dd6271bd00cf02f894152887765da8b |
| SHA256 | c9053fe76caf2607aa3043fa8b60070956198590dd8aab868145e0644cee30f5 |
| SHA512 | e851c226c38d4a6dfe43074d455fd75483d6c9b4d9521280a64f5b1913a055084d7764f13a8d0a12142a716a4031cc2ca4916c131d41c18a4d7a95128cb03bc0 |
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\addonStartup.json.lz4
| MD5 | 85de06e3d4c6f39404776f3c7162c59b |
| SHA1 | 3e4b8ecebaa9c903d220ee23d367be8e8ba27619 |
| SHA256 | 33d83687f45f4dbe12db0a0ce697cbce2c228d71ed474ad10a839ff7ce95012a |
| SHA512 | 6cd4cac7bd74ac01de30d242b2bc75e7dc2e23c0871250ae8176cc947553dbfc702a2392380acdad6bec355aea6dfa95708af54c560330c36c05bb0f34169963 |
\Users\Admin\AppData\Local\Temp\_MEI50842\_socket.pyd
| MD5 | 4827652de133c83fa1cae839b361856c |
| SHA1 | 182f9a04bdc42766cfd5fb352f2cb22e5c26665e |
| SHA256 | 87832a3b89e2ada8f704a8f066013660d591d9ce01ce901cc57a3b973f0858ba |
| SHA512 | 8d66d68613fdba0820257550de3c39b308b1dce659dca953d10a95ff2cf89c31afe512d30ed44422b31117058dc9fa15279e5ac84694da89b47f99b0ad7e338a |
C:\Users\Admin\AppData\Local\Temp\_MEI50842\top-1m.csv
| MD5 | 0bb41c540a54e3fd2eee9689c7a4d23a |
| SHA1 | 40062442cb48102a1671749bed9e6cbb369284f0 |
| SHA256 | 94b70bb532a798d6b732267e11a90de78b0a7dd3f8a41ecf1525f52fa8409c86 |
| SHA512 | 3589975776e6cbfcf013e7461212676f6900c930347599e39fd102d37139e9636dce0577ec269d4dc90395c9f53936def2886dfef7fad938fc1a78dc3ed2015c |
C:\Users\Admin\AppData\Local\Temp\tmpu2j0qx_l\webdriver-py-profilecopy\favicons.sqlite
| MD5 | dfa3a4ce64626cc3964d930ba7b9fdcf |
| SHA1 | 530ba947eb29f5e795c14025e3daab79b433a86e |
| SHA256 | e4ba330d49ad29b868f5716e4d137f2cc141aabae38f598832b616a596183472 |
| SHA512 | 1ec099138fbbdc0f01c25ee802467a3b994577a353fa995f4dc45182cca9b5703b98faa46da022af077f7dcb51a466775421e6bcac9d655d395a7f411061e0d3 |
C:\Users\Admin\AppData\Local\Temp\_MEI50842\pyexpat.pyd
| MD5 | 2ae23047648257afa90d0ca96811979f |
| SHA1 | 0833cf7ccae477faa4656c74d593d0f59844cadd |
| SHA256 | 5caf51f12406bdb980db1361fab79c51be8cac0a2a0071a083adf4d84f423e95 |
| SHA512 | 13052eb183bb7eb8bb2740ff39f63805b69e920f2e21b482657a9995aa002579a88296b81ec415942511d2ed146689d1868b446f7e698e72da22f5c182706030 |
C:\Users\Admin\AppData\Local\Temp\_MEI50842\nss3.dll
| MD5 | fd012b8e98a8a2ca935c5bfd8583ed72 |
| SHA1 | 3dd493a8c536cd5fdd0aa387488435fb342835dd |
| SHA256 | 19096ce19fc9d4144638bf2b0b2b02fb29e5f01cc85b9099c82a693349ae1d35 |
| SHA512 | f476139139cc770d0aceefbc687ed6a2397dff2ee7d255fd1432169ff3f29e94f337a2f2b0c6cd96887cdeb7a7ccf586b30b07d652de90850535e6379dc22f52 |
C:\Users\Admin\AppData\Local\Temp\_MEI50842\mozglue.dll
| MD5 | 3e4d1ec1d2a6e85593459601b5a0a828 |
| SHA1 | 92ee422285282dcb170cbc7808299d14d8d27963 |
| SHA256 | eefcf97ee8a298c85c9d4d44bb8747c0cca1ef5922e25000814148fd0fbfb2f5 |
| SHA512 | 4fe70fdbf8c902497537fbcda6e96373c636521aba2db52e3047abad37a9b857ab1668f203bcdf2815bbe0c485ec751dd6031043f459fd4af968c5d495e44ba4 |
C:\Users\Admin\AppData\Local\Temp\_MEI50842\mozavutil.dll
| MD5 | 4ecbb73d44518fc2b601a1ac9a38dcad |
| SHA1 | f7c96e85d5b32af8efb784e75164ec4f0c6f4f10 |
| SHA256 | 7f629ecfd36353139e9b067dc5ba84b411ed74132aef01b4430ccb016af46a52 |
| SHA512 | 12946996b2bdd87dd08cf046b37ff21dc23ab336c92d2b42cfa2000743c79524205004623b67505294080f60f9b5433005457f8a385e0461cef2cded6aa3d610 |
C:\Users\Admin\AppData\Local\Temp\_MEI50842\libcrypto-1_1.dll
| MD5 | 89511df61678befa2f62f5025c8c8448 |
| SHA1 | df3961f833b4964f70fcf1c002d9fd7309f53ef8 |
| SHA256 | 296426e7ce11bc3d1cfa9f2aeb42f60c974da4af3b3efbeb0ba40e92e5299fdf |
| SHA512 | 9af069ea13551a4672fdd4635d3242e017837b76ab2815788148dd4c44b4cf3a650d43ac79cd2122e1e51e01fb5164e71ff81a829395bdb8e50bb50a33f0a668 |
C:\Users\Admin\AppData\Local\Temp\_MEI50842\lgpllibs.dll
| MD5 | 726abf1280adf3129481b94b2bc644c4 |
| SHA1 | 404f69e71296f2d199535e8a6d9fb56707fcbc5f |
| SHA256 | 8969747ecb7dfd4a6dcb9150017e14ebbf90ce558f6fb469f6b558d039e9259a |
| SHA512 | 160b57aa1a28ff35210cf958fd7821aa2cc1cf6fca1ea38d768fa90111826b096518363b00b6818d21743aefd6bbbfa358fbe2fe3afa95edacb330a747c6e5f3 |
C:\Users\Admin\AppData\Local\Temp\_MEI50842\Tor Browser\Browser\firefox.exe
| MD5 | 65aa9b0f57d72e4d70e9226322221adc |
| SHA1 | 85fec174d0977afd8c0100c9d9b53c958e1949bf |
| SHA256 | 51b63860fd996d6d5b1753ba6bb7f3a4303f13187fbfecc96ba2b6bae52a7410 |
| SHA512 | f84416a5e9293b8b82993e9424b13d5bb8542d1a379d04f498b60f0b5805626b7c97bcc6f86f6cfd33031b0d65d0ad23ce6d836995b5a481ed29f62ef89b2c85 |
\Users\Admin\AppData\Local\Temp\_MEI50842\_lzma.pyd
| MD5 | cf9fd17b1706f3044a8f74f6d398d5f1 |
| SHA1 | c5cd0debbde042445b9722a676ff36a0ac3959ad |
| SHA256 | 9209ccc60115727b192bf7771551040ca6fdd50f9bf8c3d2eacbfd424e8245e4 |
| SHA512 | 5fe922c00c6f7fd3cd9bc56fc51de1f44adffbdb0afc0583f1bb08008be628b9ac16f8560b0c3ba16138e1cdcaf1c525ef24241bed804804cdeb5961aed6385a |
\Users\Admin\AppData\Local\Temp\_MEI50842\_bz2.pyd
| MD5 | a49c5f406456b79254eb65d015b81088 |
| SHA1 | cfc2a2a89c63df52947af3610e4d9b8999399c91 |
| SHA256 | ce4ef8ed1e72c1d3a6082d500a17a009eb6e8ed15022bf3b68a22291858feced |
| SHA512 | bbafeff8c101c7425dc9b8789117fe4c5e516d217181d3574d9d81b8fec4b0bd34f1e1fe6e406ae95584dc671f788cd7b05c8d700baf59fbf21de9c902edf7ae |
C:\Users\Admin\AppData\Local\Temp\_MEI50842\base_library.zip
| MD5 | 09f7062e078379845347034c2a63943e |
| SHA1 | 9683dd8ef7d72101674850f3db0e05c14039d5fd |
| SHA256 | 7c1c73de4909d11efb20028f4745a9c8494fb4ee8dcf2f049907115def3d2629 |
| SHA512 | a169825e9b0bb995a115134cf1f7b76a96b651acd472dc4ce8473900d8852fc93b9f87a26d2c64f7bb3dd76d5feb01eeb4af4945e0c0b95d5c9c97938fa85b34 |
\Users\Admin\AppData\Local\Temp\_MEI50842\VCRUNTIME140.dll
| MD5 | 4a365ffdbde27954e768358f4a4ce82e |
| SHA1 | a1b31102eee1d2a4ed1290da2038b7b9f6a104a3 |
| SHA256 | 6a0850419432735a98e56857d5cfce97e9d58a947a9863ca6afadd1c7bcab27c |
| SHA512 | 54e4b6287c4d5a165509047262873085f50953af63ca0dcb7649c22aba5b439ab117a7e0d6e7f0a3e51a23e28a255ffd1ca1ddce4b2ea7f87bca1c9b0dbe2722 |
C:\Users\Admin\AppData\Local\Temp\_MEI50842\python38.dll
| MD5 | 305f8ecac261934543c5215f16e6afdd |
| SHA1 | 3920f757f7d3d2c2cd97ce5adcecbcf218873984 |
| SHA256 | 0b75e5e7d45c7d19d5a280e5c3cd296e2601cf378c37174df257e915d4ee244d |
| SHA512 | 9e64641cd7440ee3b3e07ac6aa536a22f9b0bc3684c26ce48462d1f180f0afa692a7f4608174199d91f9dd5665ef49ffafdd1d12d6605f4a896089262d31ef56 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileyVVWMJ\extensions.json
| MD5 | bc6a2b926765b9ebc1a8a29a86e3b533 |
| SHA1 | 3e2b53a274ff3c584709dd021c6ee2631fda2774 |
| SHA256 | f797af589387c0d542e6145f1fd76439f3afcad8c7558224c9660ae1d3bebb63 |
| SHA512 | ac503ed0a1b9a3d825ddd19d7c791ba0445e6baa4be5c5a98d498e361d6f36b682ce7e5c6298895c53091dbc282e0aeb9aade2f1aad63c2a03f06b132dfa9a2e |
C:\Users\Admin\AppData\Roaming\tor\cached-microdesc-consensus.tmp
| MD5 | 80e882ce8268212cf4db9fbe44f95336 |
| SHA1 | 85abc152168a20d8db2c6501aa43a97ea72efc8c |
| SHA256 | 32c7fa19bdf922f35368bbda1fd91b30fae89f7e8615c8224901e4e3454ee937 |
| SHA512 | eb6fc2086c0c5b1e2207c675e49713961246559ade42f65f5e1d51e6139e503eacceaa57542664f7161dc320df0403d90bc85e499aa2d0f09c4a3d4236920cd5 |
C:\Users\Admin\AppData\Roaming\tor\cached-microdescs.new
| MD5 | baf1df7b9cfd566c761694ed27b7bb0e |
| SHA1 | 1b174c66b394349c88c7080c4e3d15109f886a64 |
| SHA256 | ae038005ce9f11252e9d795f16a5684082dd07537625e3340177278a4887a93d |
| SHA512 | a32d8effc9299d3ffc1588bd94527e17f6294fb0a7cc3fc64d2a9bfe7809a7da406288e6413948e1b1c8f21996f3853add593a4ee88cc99e29273e65e3130c41 |
memory/1380-572-0x0000029B16C20000-0x0000029B16C30000-memory.dmp
memory/1380-587-0x0000029B13AF0000-0x0000029B13C60000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileyVVWMJ\prefs-1.js
| MD5 | 473dcfae9d05ee19e992621c19d23f79 |
| SHA1 | d872538cec44d7add6b63f9fa1fa9387d87e0fe8 |
| SHA256 | 2e33d51a855c897426f3bc682b06771b9e96aaa94ef65a45d6e08bf575e40092 |
| SHA512 | 0e26db52063d0c8a15ae93cfed609a80c6807b817088c81e8588c28ab4bf48b4f1b3ccd2acd119c72f7d72e3126adc3610bc8df602c8ffabccb648bf007670e2 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileyVVWMJ\prefs-1.js
| MD5 | 44d2e33c89e94be6e3c8594aebb4fd84 |
| SHA1 | 5c6d41844057f3e29f97eb6b59c42deacdba6eef |
| SHA256 | c6f285724628bcd9c01590683d57d1de463cf25e387ce729b1bd6a827c2062c3 |
| SHA512 | 4b3b17359b5a41a674d0ea0a14d579d58c4c0e38e4e5faa2ddc3e6de490b6c99be1b0e52ab49d8a8699967fb742d0faa3df05731badc651bc7689b3fe4085ce9 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile9gj48S\sessionCheckpoints.json
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile9gj48S\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
memory/1076-823-0x000001FC0BCF0000-0x000001FC0BD00000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile9gj48S\extension-preferences.json
| MD5 | b4298c9a240d6b7b63346daf94013802 |
| SHA1 | 9ce98168437854b51b198c16186c05129f0c273b |
| SHA256 | e120cdbe8994b9c61e74492f0fad161abb5b4e18f64d4b786a8c245ae5a384d5 |
| SHA512 | 545becc42b35be10b4c24fdc38ef6b664d167e4288111f31478f476c2c06794efb802ac0fa2b782cddea1283d295a56053e96520b033258bd596ff6fbb4f1b4c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile9gj48S\startupCache\webext.sc.lz4
| MD5 | ff400e5aafd462e018076d17213750eb |
| SHA1 | ac4d04ead2984f64d55d4a71c1d0b2a089de53da |
| SHA256 | be1ef7420949f013615ba48f8fb49413afd0b4c928faa6f176639cfcf419bd6c |
| SHA512 | 950401affd99fef58eeb42c3a4a27a9a34aaa4d60600fc94f14762ea70823542cdbb92316e2f9c3acf5aee081eb6026f990efcb74932d13027c3547ab7683b32 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile9gj48S\prefs-1.js
| MD5 | f5b9fa1147e03eec8c6ad75b1426e96c |
| SHA1 | 16360fa4c4ca965921e703129ffb0c08df6c6887 |
| SHA256 | b391ecda034ba6fcd60f4f377f250278b81ee137c65a5523d56b5c332a72188d |
| SHA512 | ee4e823daa3126092d2de5218efd96a484f4032a9063835a24e1a2c6b79fbf754bd14307ebf048147a95a9ca1012f708148a6f858c4ca3d8eb62f7096f0d5605 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile9gj48S\broadcast-listeners.json
| MD5 | 97c3738563a9448365a735f5f29ed3d5 |
| SHA1 | 15a81433236ca6e6ecc4e1c8d0fdb8523b265c57 |
| SHA256 | 63221253f5c30efa214c2cd2adcf51a9c9f9a2c05f119b00a51c9579825c2c24 |
| SHA512 | ed98f42d5d02ab53a9e50f80b312bed4b5d05d053bec582cf9d619ef91251e86cf4f4d1123c645500fc1dc4673b49a8b7badd3f3a39f565ac643ca4fd0157ae6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile9gj48S\prefs-1.js
| MD5 | a9f6cd557420a1a35b7ba1ba2f99f439 |
| SHA1 | c2c9f21a7be79bb56aa644ab9191626e11e3a02b |
| SHA256 | 9f6453f81c2da1a75a46fd717f4cc298b085d921c804675b1a4f0348d22a22f0 |
| SHA512 | c25827a193bfc675a0713f93f09fbbe7412add3200c07e3960d878a7af2fadad0f8c949012c49e4f489c4a05c29c29ccf40168b3d513f4318608b71e52e1fa56 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile9gj48S\sessionCheckpoints.json
| MD5 | 99601438ae1349b653fcd00278943f90 |
| SHA1 | 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9 |
| SHA256 | 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a |
| SHA512 | ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile9gj48S\sessionCheckpoints.json
| MD5 | 65690c43c42921410ec8043e34f09079 |
| SHA1 | 362add4dbd0c978ae222a354a4e8d35563da14b4 |
| SHA256 | 7343d5a46e2fca762305a4f85c45484a49c1607ede8e8c4bd12bedd2327edb8d |
| SHA512 | c0208d51cf1586e75f22764b82c48ecbb42c1ff54aa412a85af13d686e0119b4e49e98450d25c70e3792d3b9c2cda0c5ab0c6931ebaf548693bb970a35ae62b9 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile9gj48S\sessionCheckpoints.json
| MD5 | 2d87ba02e79c11351c1d478b06ca9b29 |
| SHA1 | 4b0fb1927ca869256e9e2e2d480c3feb8e67e6f1 |
| SHA256 | 16b7be97c92e0b75b9f8a3c22e90177941c7e6e3fbb97c8d46432554429f3524 |
| SHA512 | be7e128c140a88348c3676afc49a143227c013056007406c66a3cae16aae170543ca8a0749136702411f502f2c933891d7dcdde0db81c5733415c818f1668185 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile9gj48S\xulstore.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileJmsger\user.js
| MD5 | 736db8c9b955f72129a6644a9c797093 |
| SHA1 | 59f1c80c407e27ffe85407a82f7b7250c5ee3753 |
| SHA256 | 668694ca0485bfb77e7049bad327ba3f83534f31c1d50744f227c996eab4097f |
| SHA512 | 9916d339304272357ff56976bfcb9fd2d607ccbaa33dc40b88618c9ae31833923d3f2e8288cfc1f0090da90803b5e07404c41182155db2d2345df6f63020f217 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileJmsger\prefs-1.js
| MD5 | 13efb2fc206c94cdf2b25a4cc5c3b44c |
| SHA1 | 370b549ca8072f796b6941e00db48dcc036412c2 |
| SHA256 | 6177bd9a4f3e13cf6e2cc23ab4cef2bcb398fec3a4b73d3f686aea11a2044fe6 |
| SHA512 | a201e9b01898b3174463e537c4e7e50cb31aad64b236c0830a1a0a8ff2c0d74507c74199e832846029eb952304536c54bcc69a17832713b86e1cd4310a247bf5 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileJmsger\datareporting\glean\db\data.safe.tmp
| MD5 | 7d3d11283370585b060d50a12715851a |
| SHA1 | 3a05d9b7daa2d377d95e7a5f3e8e7a8f705938e3 |
| SHA256 | 86bff840e1bec67b7c91f97f4d37e3a638c5fdc7b56aae210b01745f292347b9 |
| SHA512 | a185a956e7105ad5a903d5d0e780df9421cf7b84ef1f83f7e9f3ab81bf683b440f23e55df4bbd52d60e89af467b5fc949bf1faa7810c523b98c7c2361fde010e |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileJmsger\startupCache\scriptCache-child-new.bin
| MD5 | 2724d7dd31542eea53805994d9290cd8 |
| SHA1 | 7b5d8536b060269d79848eaa6e2362333bc0f8ec |
| SHA256 | 72f0d983fa1c2017f7402b19caf50305d7bd8001ed4e7797bc3dc0528f3081a1 |
| SHA512 | 6ea98f95ca46f2b83081b546bf6238de11a829853105233bb29cf9ceeb69ace8c69ae90e94c9b5143f91f05713cfbf82f63265733f6233ecf5acb867758c1ee0 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileJmsger\prefs-1.js
| MD5 | 65b30242093bee1ace6948b2dc053863 |
| SHA1 | d5835f70be0ee520516a7c306367f2c7c2160dd2 |
| SHA256 | a01cf3aa3db89bd90a90f609a3c94bb453127dd536d5fdafacdbcdfb36df5ffb |
| SHA512 | 37f74745125af0f925760afcf59199af675f81ed7dfee59a49aabf54b03cf006bdd031bfa915b7caa589d120408575dd219d88ac9b212c78203f4c444b934025 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileJmsger\prefs-1.js
| MD5 | a33558bd434cbec17ed62850b0979a1d |
| SHA1 | a1300b0545823087f6089f5d789b198d77d3754c |
| SHA256 | ae0fe48e8e1f546b7ae8534adea6b5ed312c47ecfbce0ef0497b2cad7ee165a5 |
| SHA512 | 3bb1879b8d711f8dc4c0c4fc21b4e76d2f362e6c16018068cd46594ca8bb0e7075df435c5fc87e3c2e59067784263578f95ac86e2356fb0e3a51fc6bd1e0c598 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileJmsger\prefs-1.js
| MD5 | 8ff4202149e5f1f0478450ada8c49947 |
| SHA1 | eb0330d5256fb63dce74439e9ca3bd7fd049b2f0 |
| SHA256 | f3022febdf472108bdceb1d8e5f263ecb26baeb22f644d5fab151e7a687efa61 |
| SHA512 | 9feb10bd118a5a8b44d3bc952201e8061cccf927f48ef3e7ad27d5be0d71b928af1c460358b3201be0f0b7b938ce087e9519fe53410cc4b8a83475ef8c136f12 |
memory/3480-1354-0x00000207BE0B0000-0x00000207BE0C0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilelUTitf\datareporting\glean\db\data.safe.tmp
| MD5 | 7fba44cb533472c1e260d1f28892d86b |
| SHA1 | 727dce051fc511e000053952d568f77b538107bb |
| SHA256 | 14fb5cda1708000576f35c39c15f80a0c653afaf42ed137a3d31678f94b6e8bf |
| SHA512 | 1330b0f39614a3af2a6f5e1ea558b3f5451a7af20b6f7a704784b139a0ec17a20c8d7b903424cb8020a003319a3d75794e9fe8bc0aeb39e81721b9b2fdb9e031 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-05-09 01:55
Reported
2024-05-09 02:07
Platform
win7-20231129-en
Max time kernel
289s
Max time network
304s
Command Line
Signatures
Executes dropped EXE
Loads dropped DLL
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel | C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel | C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel | C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "ver"
C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\TorBrowser\Tor\tor.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Users\Admin\AppData\Local\Temp\_MEI23642\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI23642\geckodriver.exe --port 49452 --websocket-port 49453
C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 49453 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile6W14PM
C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 49453 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile6W14PM
C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe" -contentproc --channel="2492.0.69920597\1509346074" -parentBuildID 20240416150000 -prefsHandle 1200 -prefMapHandle 1204 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\browser" - {93dc74a6-5dca-4e4a-82e2-c462ac5228f5} 2492 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe" -contentproc --channel="2492.1.1590431695\1824570180" -childID 1 -isForBrowser -prefsHandle 1932 -prefMapHandle 1924 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 816 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\browser" - {c84feb41-ce53-480c-bfc9-a671266a6396} 2492 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe" -contentproc --channel="2492.2.158754314\541705715" -childID 2 -isForBrowser -prefsHandle 2300 -prefMapHandle 2296 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 816 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\browser" - {681e8e4f-33e8-46d1-a59a-e9834646e367} 2492 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe" -contentproc --channel="2492.3.781803603\1199939408" -childID 3 -isForBrowser -prefsHandle 2564 -prefMapHandle 2440 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 816 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\browser" - {9a5a7dcd-f5fc-4e89-b69d-8bdd3a74def7} 2492 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe" -contentproc --channel="2492.4.1693531675\664951353" -childID 4 -isForBrowser -prefsHandle 2904 -prefMapHandle 2908 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 816 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\browser" - {83da54e4-137b-477f-b448-86d8cbe3b6f5} 2492 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe" -contentproc --channel="2492.5.322604939\301131853" -childID 5 -isForBrowser -prefsHandle 2932 -prefMapHandle 2936 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 816 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\browser" - {7321387f-9028-4c37-84e7-e6f4e10fbe78} 2492 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe" -contentproc --channel="2492.6.151430969\873510872" -childID 6 -isForBrowser -prefsHandle 3092 -prefMapHandle 3096 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 816 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\browser" - {7f0693cc-4759-4b1d-b4f1-2121598fa1bc} 2492 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe" -contentproc --channel="2492.7.1576532651\1131582269" -childID 7 -isForBrowser -prefsHandle 3428 -prefMapHandle 2872 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 816 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\browser" - {9df0cbd6-4df2-429b-99c4-07d612e339c9} 2492 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23642\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI23642\geckodriver.exe --port 49452 --websocket-port 49453
C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 49453 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilerEAfh8
C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 49453 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilerEAfh8
C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe" -contentproc --channel="1116.0.7852329\20189762" -parentBuildID 20240416150000 -prefsHandle 1220 -prefMapHandle 1212 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\browser" - {90b86590-6b25-46a6-81e9-de74e0f2d523} 1116 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe" -contentproc --channel="1116.1.1828820945\1278717054" -childID 1 -isForBrowser -prefsHandle 596 -prefMapHandle 2016 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\browser" - {412a2e35-965c-498d-9c31-59711409e876} 1116 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe" -contentproc --channel="1116.2.281239194\1863201182" -childID 2 -isForBrowser -prefsHandle 1764 -prefMapHandle 1116 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\browser" - {6dfa2f4e-aa26-4351-bea0-0b59ead29fc0} 1116 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe" -contentproc --channel="1116.3.1660151209\1241202514" -childID 3 -isForBrowser -prefsHandle 2536 -prefMapHandle 2456 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\browser" - {c75b19c9-b500-4154-8cd9-5df964573d19} 1116 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe" -contentproc --channel="1116.4.1451062991\1599803501" -childID 4 -isForBrowser -prefsHandle 2820 -prefMapHandle 1080 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\browser" - {7ebcf5e5-d816-419a-bebf-3d8e9a06241e} 1116 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe" -contentproc --channel="1116.5.452204525\346613182" -childID 5 -isForBrowser -prefsHandle 2932 -prefMapHandle 2936 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\browser" - {f195feec-d8f7-4a40-89a5-054e3e73dd27} 1116 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe" -contentproc --channel="1116.6.468733572\1836103974" -childID 6 -isForBrowser -prefsHandle 3092 -prefMapHandle 3096 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\browser" - {c5cf755e-c053-4a84-9f61-be80990c70ac} 1116 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe" -contentproc --channel="1116.7.1203546649\1598845329" -childID 7 -isForBrowser -prefsHandle 3332 -prefMapHandle 2380 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\browser" - {3da4255d-2238-41b0-afa1-0d12508e5cd2} 1116 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23642\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI23642\geckodriver.exe --port 49452 --websocket-port 49453
C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 49453 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile93QUy3
C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 49453 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile93QUy3
C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe" -contentproc --channel="2564.0.669703644\1089201290" -parentBuildID 20240416150000 -prefsHandle 1212 -prefMapHandle 1204 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\browser" - {753dca9a-21aa-4e08-9c66-a7f5f3ead45d} 2564 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe" -contentproc --channel="2564.1.1827524382\1474659186" -childID 1 -isForBrowser -prefsHandle 1660 -prefMapHandle 1648 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 860 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\browser" - {c04b6869-e854-4645-9119-762e7e77ea62} 2564 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe" -contentproc --channel="2564.2.1654094489\14860502" -childID 2 -isForBrowser -prefsHandle 2240 -prefMapHandle 2236 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 860 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\browser" - {c0944ea5-4c78-41a4-a989-9640a6b2c702} 2564 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe" -contentproc --channel="2564.3.1357169948\1659876501" -childID 3 -isForBrowser -prefsHandle 2316 -prefMapHandle 2256 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 860 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\browser" - {90feb174-f362-4b07-9e4a-0babc1ef4a2d} 2564 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe" -contentproc --channel="2564.4.777882808\565284019" -childID 4 -isForBrowser -prefsHandle 2476 -prefMapHandle 2608 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 860 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\browser" - {1032b390-c5a7-4d9b-a722-0adb2511e77a} 2564 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe" -contentproc --channel="2564.5.1956419916\2055243820" -childID 5 -isForBrowser -prefsHandle 2892 -prefMapHandle 2896 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 860 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\browser" - {4a3a6cb6-b2b6-4ecd-ae39-7eb1723ab857} 2564 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe" -contentproc --channel="2564.6.1436460857\1884996520" -childID 6 -isForBrowser -prefsHandle 2952 -prefMapHandle 2960 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 860 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\browser" - {860fff7c-e9bf-4497-abc9-f8381dbcd6f4} 2564 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\firefox.exe" -contentproc --channel="2564.7.1471636559\1393886325" -childID 7 -isForBrowser -prefsHandle 3348 -prefMapHandle 3352 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 860 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\browser" - {325a301a-518e-42fb-80ff-ea2006a58f0d} 2564 tab
Network
| Country | Destination | Domain | Proto |
| LU | 104.244.79.122:443 | tcp | |
| NL | 192.42.113.102:9001 | tcp | |
| SE | 81.230.245.67:444 | tcp | |
| N/A | 127.0.0.1:49505 | tcp | |
| N/A | 127.0.0.1:49536 | tcp | |
| N/A | 127.0.0.1:49452 | tcp | |
| N/A | 127.0.0.1:49452 | tcp | |
| N/A | 127.0.0.1:49654 | tcp | |
| N/A | 127.0.0.1:49694 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:49452 | tcp | |
| N/A | 127.0.0.1:49452 | tcp | |
| N/A | 127.0.0.1:49452 | tcp | |
| N/A | 127.0.0.1:50216 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50251 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:49452 | tcp | |
| N/A | 127.0.0.1:49452 | tcp | |
| N/A | 127.0.0.1:49452 | tcp | |
| N/A | 127.0.0.1:50773 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50808 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\_MEI23642\python38.dll
| MD5 | 26ba25d468a778d37f1a24f4514d9814 |
| SHA1 | b64fe169690557656ede3ae50d3c5a197fea6013 |
| SHA256 | 2f3e368f5bcc1dda5e951682008a509751e6395f7328fd0f02c4e1a11f67c128 |
| SHA512 | 80471bfeeab279ce4adfb9ee1962597fb8e1886b861e31bdff1e3aa0df06d93afeb3a3398e9519bab7152d4bd7d88fa9b328a2d7eb50a91eb60fead268912080 |
\Users\Admin\AppData\Local\Temp\_MEI23642\VCRUNTIME140.dll
| MD5 | 4a365ffdbde27954e768358f4a4ce82e |
| SHA1 | a1b31102eee1d2a4ed1290da2038b7b9f6a104a3 |
| SHA256 | 6a0850419432735a98e56857d5cfce97e9d58a947a9863ca6afadd1c7bcab27c |
| SHA512 | 54e4b6287c4d5a165509047262873085f50953af63ca0dcb7649c22aba5b439ab117a7e0d6e7f0a3e51a23e28a255ffd1ca1ddce4b2ea7f87bca1c9b0dbe2722 |
C:\Users\Admin\AppData\Local\Temp\_MEI23642\base_library.zip
| MD5 | 09f7062e078379845347034c2a63943e |
| SHA1 | 9683dd8ef7d72101674850f3db0e05c14039d5fd |
| SHA256 | 7c1c73de4909d11efb20028f4745a9c8494fb4ee8dcf2f049907115def3d2629 |
| SHA512 | a169825e9b0bb995a115134cf1f7b76a96b651acd472dc4ce8473900d8852fc93b9f87a26d2c64f7bb3dd76d5feb01eeb4af4945e0c0b95d5c9c97938fa85b34 |
\Users\Admin\AppData\Local\Temp\_MEI23642\_ctypes.pyd
| MD5 | 291a0a9b63bae00a4222a6df71a22023 |
| SHA1 | 7a6a2aad634ec30e8edb2d2d8d0895c708d84551 |
| SHA256 | 820e840759eed12e19f3c485fd819b065b49d9dc704ae3599a63077416d63324 |
| SHA512 | d43ef6fc2595936b17b0a689a00be04968f11d7c28945af4c3a74589bd05f415bf4cb3b4e22ac496490daff533755999a69d5962ccffd12e09c16130ed57fd09 |
C:\Users\Admin\AppData\Local\Temp\_MEI23642\_ssl.pyd
| MD5 | d4dfd8c2894670e9f8d6302c09997300 |
| SHA1 | c3a6cc8d8079a06a4cac8950e0baba2b43fb1f8e |
| SHA256 | 0a721fc230eca278a69a2006e13dfa00e698274281378d4df35227e1f68ea3e0 |
| SHA512 | 1422bf45d233e2e3f77dce30ba0123625f2a511f73dfdf42ee093b1755963d9abc371935111c28f0d2c02308c5e82867de2546d871c35e657da32a7182026048 |
\Users\Admin\AppData\Local\Temp\_MEI23642\_hashlib.pyd
| MD5 | 5e5af52f42eaf007e3ac73fd2211f048 |
| SHA1 | 1a981e66ab5b03f4a74a6bac6227cd45df78010b |
| SHA256 | a30cf1a40e0b09610e34be187f1396ac5a44dcfb27bc7ff9b450d1318b694c1b |
| SHA512 | bc37625005c3dad1129b158a2f1e91628d5c973961e0efd61513bb6c7b97d77922809afca8039d08c11903734450bc098c6e7b63655ff1e9881323e5cfd739fd |
\Users\Admin\AppData\Local\Temp\_MEI23642\libssl-1_1.dll
| MD5 | 50bcfb04328fec1a22c31c0e39286470 |
| SHA1 | 3a1b78faf34125c7b8d684419fa715c367db3daa |
| SHA256 | fddd0da02dcd41786e9aa04ba17ba391ce39dae6b1f54cfa1e2bb55bc753fce9 |
| SHA512 | 370e6dfd318d905b79baf1808efbf6da58590f00006513bdaaed0c313f6fa6c36f634ea3b05f916cee59f4db25a23dd9e6f64caf3c04a200e78c193027f57685 |
\Users\Admin\AppData\Local\Temp\_MEI23642\_queue.pyd
| MD5 | dd146e2fa08302496b15118bf47703cf |
| SHA1 | d06813e2fcb30cbb00bb3893f30c2661686cf4b7 |
| SHA256 | 67e4e888559ea2c62ff267b58d7a7e95c2ec361703b5aa232aa8b2a1f96a2051 |
| SHA512 | 5b93a782c9562370fc5b3f289ca422b4d1a1c532e81bd6c95a0063f2e3889ecf828003e42b674439fc7cd0fa72f64ad607bab6910abe9d959a4fb9fb08df263c |
C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\favicons.sqlite
| MD5 | 86f78270d33684e7d6e0064174e4a4ce |
| SHA1 | f5dad63848bd72f57b7cef3a6c5b3d3f862e8f79 |
| SHA256 | 5b5ff53489a2b6fedcc1ae624cdb6d9d9a8d57e667c09f56914717c137815680 |
| SHA512 | 4e5d1a30c4029b78e09bd2ae133b3c0102d870a62eb759a957159c44c5765928931adb926afabfb73e02c6e72dcc7b6bc5be248a19330c3cc675d3953866e567 |
C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\.metadata-v2
| MD5 | 7abc816e004d9ed0f292770cfa8876cb |
| SHA1 | 4a1eeb702543f0819ef7c64b9f3bfd53be292106 |
| SHA256 | 2960d61c10694d76f29beca0eb96c06608cf4bbf479811449a39197e8580842e |
| SHA512 | 9883b894e65a426227ea9808b69e2259f206df76bd9bb9e7c0ebd7521acbdad0a92c4a531f739c93b1e53001eca8a1a42e122baa1e1885b11d4ba34aae24961a |
C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\xulstore.json
| MD5 | 8d689c06cb844185099c0398a280537e |
| SHA1 | 57073c7526ec37e94bb9db44fedc6d50276f7a6b |
| SHA256 | 96729e9b38f216605ff10715f96f364be32f02e2de23ede7e74b78244605124d |
| SHA512 | 3c7df326c695143915df1068cb2c0f58e93e4881b2c4d94b33948b80e954fbd4cf944ae53b4d15002b79fcdb8e88f8e9cf4c89ca50f56b7cfd8a13ea7dd6fff8 |
C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\webappsstore.sqlite
| MD5 | 41c22c9f81a84b1b0e5ee7ec2ff7c545 |
| SHA1 | d12424cba9e4e9124bf3f15e556c562b95c9b6a3 |
| SHA256 | 4ffdc78433817da79ad2e84b26a2ffaf62d8c1baf80421751d752c3d8723328f |
| SHA512 | 8b690c55ae0b25aeede62a09dea1ef6b7daa9880ca63c6d4ce192160daded05fe0dc44b115216ce10523e2ec45991873c249f159fe8608712818f5ead327897b |
C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\times.json
| MD5 | 797325af481a14ae243f10d5f24b4a0d |
| SHA1 | 718b6ed3d9d839b8fe0a0e097b9ac5f5770ed5a1 |
| SHA256 | 1d70eaebce1c81e3241ae47deb92aab50f90dd8baa4c7cb5e9f7eb6b1e66abb1 |
| SHA512 | ac9aa2b028bdffe24831ba50894fb48eb70b100f6973875987e24f075a3e9196f96699667eb3a5d2e4f86041d510447c75fe6e55562813451712878a3411c3b1 |
C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage.sqlite
| MD5 | 7f2754df6a4a580b15910f449892766d |
| SHA1 | 9dcaad98563ed89781f53941cbc43db5454de7f5 |
| SHA256 | d3765d63c380e5a79296d566b7869c08b1f4e079787176f29cf2ddcd76330654 |
| SHA512 | 25f0205a8c4aed02e9e1f9ecafffb36cb3bb795ef9f06cc12ede9e8b0459ae5b86573b3b4980b92073a59204eaf314cba34c03b99e90ab98f804fe378fe02839 |
C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | ecb1dedf5ef99417494e424ca42eb67f |
| SHA1 | e2a293cbba50c6624e75cdaffe472967f3961023 |
| SHA256 | cccd56daa3559a54db61113fbdb5b6c96649cdd65b5cf14bd442c3f2e3b738be |
| SHA512 | 5ea0645775933d5bd2f913d58e344253a58578c920af95bd0fb81ff4f13a4998a919f0856ffdc97541abf9fc3797558b0f2467bc73214b63c7ce568ba87e550b |
C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\ls-archive.sqlite
| MD5 | d277f533f1d77e26d09bb66764bbeea6 |
| SHA1 | 082920ebe7dfb870cf94a99fc601fd5ae8b456ee |
| SHA256 | 3c957f8d69ccfe73b66c28d378bf301bb1bcb0ceb5c59ac0dafeb5787b24f3c3 |
| SHA512 | 510c78685b20a68160d9041d5a55a022a281fc0fd5777f978dc422d132961bf52ac23a0a95ca47b15715641ecb7a39b359da8d00d305c8543d553c00db54747d |
C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | cbb1daad9fc48ab13e35fcd3621a5999 |
| SHA1 | 0eec8ece735465aea259f8223762f93fb13a97a0 |
| SHA256 | 8a03ae38ee38cf04dd9a5e2c5563bfd930886cae2170ed4200829288e5c155da |
| SHA512 | 818629d68123ae629bd5a1c7e768ed79707360457be1b7c50f7c59447bf9ee398fe78c925f037649d6b1ca529a9cf3bf8077b6f525f3e88142c56bc7e5451e8b |
C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\.metadata-v2
| MD5 | 2c740091198dcf20b9c600791e2bcc3c |
| SHA1 | dd6f376ba9139ddec20ece64da0760054133db96 |
| SHA256 | e39504c71ba91c438c682a8c83c7ecfc5410b853d7788a4c561a8c6e90bdbe59 |
| SHA512 | a677a432a4af6b5ad0131d224d2e4c999c2340a54ba770f9f39429fd28ad05a921fcf65a1b714af5deae2419abcf8ab38472e15f0f8758ccf7b7769a40bafffc |
C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\sessionCheckpoints.json
| MD5 | 48fcad918c62db97e9af1dba1d131473 |
| SHA1 | d89381594d3241b0e645033f67572a5d8c166764 |
| SHA256 | dd8349e2789db1125b477971c5d445b6afb2f6ea3b57de65080631040900fe8c |
| SHA512 | 2278d074aab519859188b047c77fe7b4db718e0af237b63e06a1b095d7a1eb4e07d6ea59cab5d7b1325aae0047fadea36eae12a80bfefe112aab85fc18aa1ca3 |
\Users\Admin\AppData\Local\Temp\_MEI23642\geckodriver.exe
| MD5 | f60c542253cbe94f762e15c7b064b55d |
| SHA1 | 7a32f034217266db6d799893edc976e891a82944 |
| SHA256 | 989c9e22c08924ecb0ce8901889dcb4dc8db33b0b4c8c88ffea38fe89f04c6aa |
| SHA512 | 1a91ba760e9893521e417a4b6ab4a25c1a1d8aadf89ad98a60eb114f65a88f9d2616f3cc102c08b95a0e91d0cb7245ecc2b4fdbbbc17465c57844e6db2b2e8ca |
C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\search.json.mozlz4
| MD5 | b6d7fc9b6ebc5f46500acc52bf6c9808 |
| SHA1 | 4fd8111c436d89b83890e98b4cb7d0343e568340 |
| SHA256 | 2bd35c40d02dfca6c685a001287d89c1ec743b8d4d87a0a568c1cbd0b5ba4974 |
| SHA512 | 7e7111112af9448be4da527ae1d76ed93ec1e236dd00db63ff30d93d1f29cd699193e1e2635b110dda3ec36502c25065ef7d1613537451916ea301eb0f3e084b |
C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs.js
| MD5 | 8565a303ddc83b03f8662b034597de18 |
| SHA1 | ce6453779eb52055599ddba097a95ab82512ae5b |
| SHA256 | b6ffe8a2973d7050fd5ffcf7ee1c995eef8d8dc5d58cb0a05a6ca0953bd4c6bd |
| SHA512 | 2b667252645b7f1202582beb353fbb2320f81b1f2e42a8327792309709434092a953727b222a5d81bac1482a547a498ca5c9d3d2c772858746cf29d18c684566 |
C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\places.sqlite
| MD5 | 2eeb46e1c58ff1cce4ac2d4d725b2cc6 |
| SHA1 | 89aa36e77e51da31fbbfd682a2acc91f6016d275 |
| SHA256 | e99e5ee165f2a0d5d39c5cc5a1d994c0534cf7caf8779f314f0e92b2d59d2b6a |
| SHA512 | 23d5e39c25375ef4a83713f44615078878253411cd6ca6c4a149de915cd491b328046ddd189a113585361faad6a47ebd6ead31f062681ab25b0f2832a988265e |
C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\handlers.json
| MD5 | e7a65c5ead519a7b802f991353c26d3d |
| SHA1 | 34cc3c1cf9bd4912dba5fa422010934e46419fa3 |
| SHA256 | 0e5ce92485da953757f615bad034a43032b220da18f8165dd85347851b56b2d2 |
| SHA512 | 2a6034449ba6f5da8a77870ae665064047cea2460aeb4c8c0b62b308a403fdd30648150209aecc31ab1e50b6d9d94a1f51d3d7d50bbf35ec1b742bff2dbe788d |
C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions.json
| MD5 | e2e8f9cf938f81b1185086b12c5c9d90 |
| SHA1 | b67c857a7002b3262f09ffc9fa8524c58a01e5b9 |
| SHA256 | a053bba02f38179197090a9a9849aab872af5b09dc61b2f69efb0d8ea2d0f5e2 |
| SHA512 | 3bab571f5c43ff72ce1dd654b584d053cba937a3d3cc4d07cbf57ac7acc821b199b90fab66abc62dbe32e75297143c810c995d87df076e75a583e321d081d87f |
C:\Users\Admin\AppData\Local\Temp\tmpcpygl180\webdriver-py-profilecopy\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
| MD5 | a3fb2788945937b22e92eeeb30fb4f15 |
| SHA1 | 8cade36d4d5067cd9a094ab2e4b3c786e3c160aa |
| SHA256 | 05b98840b05ef2acbac333543e4b7c3d40fee2ce5fb4e29260b05e2ff6fe24cd |
| SHA512 | 4897aefe3a0efffaa3d92842b42fe223f0b9882031a65bea683f4554d1fec92b8a66ea15c67e9b95c7fc12991cde3245010ccfb91768ba233711ced3412c13bc |
C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extension-preferences.json
| MD5 | d2e8aceaa00ad916618bea2eee81aedf |
| SHA1 | 28b26f0db0b4b2504a418983089795761c56e4a1 |
| SHA256 | fc52b830f384921b69b457fed04dfb4239fb08e9fe7d8ac07c4c269bd9f6f622 |
| SHA512 | b6cb1f872dfc024d28524976aca3ad8840943ca0fc212326e8b6ee6fe0a57d5120a6c1da824ab70d7f9ee8dd674bdd32ace038db4d893b893830bf3267c6e59d |
C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\datareporting\glean\db\data.safe.bin
| MD5 | b1c8aa9861b461806c9e738511edd6ae |
| SHA1 | fe13c1bbc7e323845cbe6a1bb89259cbd05595f8 |
| SHA256 | 7cea48e7add3340b36f47ba4ea2ded8d6cb0423ffc2a64b44d7e86e0507d6b70 |
| SHA512 | 841a0f8c98dd04dc9a4be2f05c34ecd511388c76d08ca0f415bfb6056166d9a521b8bc2c46b74697f3ecdac5141d1fe6af76dd0689350caca14e9f849ee75a8b |
C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\cookies.sqlite
| MD5 | 5caa766855d5613a999f71b7812d6451 |
| SHA1 | ad0d9a52a0d5cc7f11858301dbe47377ed99ee37 |
| SHA256 | 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27 |
| SHA512 | 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba |
C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\content-prefs.sqlite
| MD5 | 2ec530a71bdac21f299f9ddb823be222 |
| SHA1 | 5425aaf19c0832cda06be506e88f2435f432d287 |
| SHA256 | ccad2cafe84d27b3be67a87f0e32b7670e451c7ceefce6f2aa38f658976334b3 |
| SHA512 | 94eec8b0f59c68331d9187dd4dd4aa2b2c31d844e72bf707cd9e0c7c72c64982a3babcacf3d09a996422281ac5479ee304b41a577e54a74308d7a31a7d7091d4 |
C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\containers.json
| MD5 | 26dd091069531a62061de8ca1c56d46b |
| SHA1 | 6c9daa73f096174f28f86c9bb245cb8a540f5c2d |
| SHA256 | 2cde4e7f9f1c6ab6fcf729370237845c72314a6c6d942fab1989f37e6c610a9a |
| SHA512 | 180d42c642f5d1126efbf89af33f1b4d1aa936aa530834b508eabcf3ec845aad91daa871ee6517e1181910f5720edbc3788d6a4b2455f1255d7b52b95de2d66d |
C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\compatibility.ini
| MD5 | e50a617598b0f635e6f9ae4a9d445b78 |
| SHA1 | a372ec393dd6271bd00cf02f894152887765da8b |
| SHA256 | c9053fe76caf2607aa3043fa8b60070956198590dd8aab868145e0644cee30f5 |
| SHA512 | e851c226c38d4a6dfe43074d455fd75483d6c9b4d9521280a64f5b1913a055084d7764f13a8d0a12142a716a4031cc2ca4916c131d41c18a4d7a95128cb03bc0 |
C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\addonStartup.json.lz4
| MD5 | 85de06e3d4c6f39404776f3c7162c59b |
| SHA1 | 3e4b8ecebaa9c903d220ee23d367be8e8ba27619 |
| SHA256 | 33d83687f45f4dbe12db0a0ce697cbce2c228d71ed474ad10a839ff7ce95012a |
| SHA512 | 6cd4cac7bd74ac01de30d242b2bc75e7dc2e23c0871250ae8176cc947553dbfc702a2392380acdad6bec355aea6dfa95708af54c560330c36c05bb0f34169963 |
C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | 549e54a44c7326c30548c998a1d16424 |
| SHA1 | d4375f9ead356aff85d60375b08db168195d5089 |
| SHA256 | fb2df7a858dbfacbedb5ce100bc71dff2b1e1991b2d574c1d3d46701ceea5433 |
| SHA512 | 7325a6d2ed8cf43c4665f2cda3f4f9578de7a87cf70178eff7e927bb8b58f0dceff4b4bf6029593ff64fab052718cf2da8228275580071de2d0fb77fcb4bb897 |
\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | fd5225eac6a4da3c904ac0c620646f46 |
| SHA1 | 9993f18fa6092d2acabecf7c7e9a19c2c66f2627 |
| SHA256 | cd7d8187bc2088d4c3e21521b9966f839ddcb942b272359da552034acb2ed073 |
| SHA512 | f4efbf3d9a55a6addc51d350e686099503029d9c35ebd77ef0f7356b1af40297d1c425c868bc08f1a3dc471e8b8be4e4740ff71bd2ff4826d3fd1bafd52c7f12 |
C:\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | 9c3f9991165578966bcdd0eef05b7afa |
| SHA1 | 5f129da03c7dc455109a371bf8e1e2a0c859527f |
| SHA256 | ac66ed3f72c030aea0f778dba0aa1baa43eff65ddeee080105dd16d8a7ed6aae |
| SHA512 | 69073c22a3f2b4f68664a4e58dec67eda5ecba6555ca3bdf01aae228d0e82344fcac8f5083fea6b719db0d564bb2f1a09725f2b6b13867307dd748a09855defb |
\Users\Admin\AppData\Local\Temp\_MEI23642\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | c13b2b94a58e3271c1da4f9708fd63ab |
| SHA1 | b6a7e1caece42baa3fe737c2d80f6751d589b22d |
| SHA256 | f25e047128f41cc081e696c4b041cd37c8ad9d8cd7656a79400c4917dab56ead |
| SHA512 | 1ec86a8fffd36c7e97b2185f2adf6fde6f3fce85b0ba362863619702fc6b920c86318c27ebb235aaf0c02a816a39200cd8208f4f7d59073069af8386c6f016cc |
\Users\Admin\AppData\Local\Temp\_MEI23642\select.pyd
| MD5 | e21cff76db11c1066fd96af86332b640 |
| SHA1 | e78ef7075c479b1d218132d89bf4bec13d54c06a |
| SHA256 | fcc2e09a2355a5546922874fb4cac92ee00a33c0ed6adbc440d128d1e9f4ec28 |
| SHA512 | e86dba2326ca5ea3f5ef3af2abd3c23d5b29b6211acc865b6be5a51d5c8850b7cda8c069e6f631ac62f2047224c4b675bbe6ac97c7ba781de5b8016ebaffd46f |
\Users\Admin\AppData\Local\Temp\_MEI23642\_socket.pyd
| MD5 | 4827652de133c83fa1cae839b361856c |
| SHA1 | 182f9a04bdc42766cfd5fb352f2cb22e5c26665e |
| SHA256 | 87832a3b89e2ada8f704a8f066013660d591d9ce01ce901cc57a3b973f0858ba |
| SHA512 | 8d66d68613fdba0820257550de3c39b308b1dce659dca953d10a95ff2cf89c31afe512d30ed44422b31117058dc9fa15279e5ac84694da89b47f99b0ad7e338a |
\Users\Admin\AppData\Local\Temp\_MEI23642\libcrypto-1_1.dll
| MD5 | 89511df61678befa2f62f5025c8c8448 |
| SHA1 | df3961f833b4964f70fcf1c002d9fd7309f53ef8 |
| SHA256 | 296426e7ce11bc3d1cfa9f2aeb42f60c974da4af3b3efbeb0ba40e92e5299fdf |
| SHA512 | 9af069ea13551a4672fdd4635d3242e017837b76ab2815788148dd4c44b4cf3a650d43ac79cd2122e1e51e01fb5164e71ff81a829395bdb8e50bb50a33f0a668 |
C:\Users\Admin\AppData\Local\Temp\_MEI23642\unicodedata.pyd
| MD5 | 601aee84e12b87ca66826dfc7ca57231 |
| SHA1 | 3a7812433ca7d443d4494446a9ced24b6774ceca |
| SHA256 | d8091e62c74e1b2b648086f778c3c41ce01f09661a75ea207d3fea2cf26a8762 |
| SHA512 | 7c2d64623c6cfd66d6729f59909c90aa944e810ff6514c58b2b3142ee90e8660b7ddf7fa187389dd333e47efe8b19e935dd4e9119c15375b69b4880d043877d7 |
C:\Users\Admin\AppData\Local\Temp\_MEI23642\top-1m.csv
| MD5 | f9e5851b5ec6312f3f3a52d02f8805c2 |
| SHA1 | c9d8b9d084d0e57341d4e421424391ff976fc1c4 |
| SHA256 | d4e467463c0d5ec61d6f581bd71fd9b0a4ea15a1ee242b7b97fc364a8ffabd16 |
| SHA512 | 863a22ba5b93ce4d67aaedd6b6e3a993aa777404cb58d31c1dec7d17ed57e2e4658bffc048b53999f9db66c39edbf9b8c11db5a5a6cf42fab365ca544872cf8d |
C:\Users\Admin\AppData\Local\Temp\tmpcpygl180\webdriver-py-profilecopy\favicons.sqlite
| MD5 | 0351b833a5c095852e821535974441c8 |
| SHA1 | bcbf5c294852c2d80af7862d19791b994aea7706 |
| SHA256 | dd13400afe7ebe5d0be37c951ff961be293b63588cc3635a62fa5f071ab69eef |
| SHA512 | 3eaefe9e400fadf0b947036e15b4dc5c7b42fbbcb716426ba478073eff1e7d7bddf3f72c44dfb5fafe6712d7ea9f2c52c172607d719f238a22e432afdb618b97 |
C:\Users\Admin\AppData\Local\Temp\tmpcpygl180\webdriver-py-profilecopy\places.sqlite
| MD5 | 6aba2d0351e5cf9191433296312e2128 |
| SHA1 | 724b71969c12657e847ab17f2fe81dbb6bcdf448 |
| SHA256 | bfb39d0bcf90d9bcd33d78ca8ffe3e63cb7c98d2523ab09e1d3e0a5d28c6766e |
| SHA512 | a5d766ab16ddf31bcb7728054702fabde9b9e638f414827c2d180740d7263170061b425aaf29c29ef1e6d3dc342d58cba5b6660fe70fe646e304c6da63df4a66 |
C:\Users\Admin\AppData\Local\Temp\_MEI23642\pyexpat.pyd
| MD5 | 2ae23047648257afa90d0ca96811979f |
| SHA1 | 0833cf7ccae477faa4656c74d593d0f59844cadd |
| SHA256 | 5caf51f12406bdb980db1361fab79c51be8cac0a2a0071a083adf4d84f423e95 |
| SHA512 | 13052eb183bb7eb8bb2740ff39f63805b69e920f2e21b482657a9995aa002579a88296b81ec415942511d2ed146689d1868b446f7e698e72da22f5c182706030 |
C:\Users\Admin\AppData\Local\Temp\_MEI23642\nss3.dll
| MD5 | 71747091d34cc634b9ad3c360b45b0a9 |
| SHA1 | 111cf483836f6a392f64bc9398a327be1c43dfc8 |
| SHA256 | 6e69c7c93a9d06c34c5f5429813d3763fe7ae4fb09c1dc5b0f0290b2dd8befcf |
| SHA512 | b911fd3b201a84c7663135c2dbf72e2368d68557181f5e1a32be271b0e73181f34990575fba44002fc92bae7d90caf530b7ec9212d3d022b4526906f0c2eb35a |
C:\Users\Admin\AppData\Local\Temp\_MEI23642\mozglue.dll
| MD5 | 3e4d1ec1d2a6e85593459601b5a0a828 |
| SHA1 | 92ee422285282dcb170cbc7808299d14d8d27963 |
| SHA256 | eefcf97ee8a298c85c9d4d44bb8747c0cca1ef5922e25000814148fd0fbfb2f5 |
| SHA512 | 4fe70fdbf8c902497537fbcda6e96373c636521aba2db52e3047abad37a9b857ab1668f203bcdf2815bbe0c485ec751dd6031043f459fd4af968c5d495e44ba4 |
C:\Users\Admin\AppData\Local\Temp\_MEI23642\mozavutil.dll
| MD5 | 4ecbb73d44518fc2b601a1ac9a38dcad |
| SHA1 | f7c96e85d5b32af8efb784e75164ec4f0c6f4f10 |
| SHA256 | 7f629ecfd36353139e9b067dc5ba84b411ed74132aef01b4430ccb016af46a52 |
| SHA512 | 12946996b2bdd87dd08cf046b37ff21dc23ab336c92d2b42cfa2000743c79524205004623b67505294080f60f9b5433005457f8a385e0461cef2cded6aa3d610 |
C:\Users\Admin\AppData\Local\Temp\_MEI23642\lgpllibs.dll
| MD5 | 726abf1280adf3129481b94b2bc644c4 |
| SHA1 | 404f69e71296f2d199535e8a6d9fb56707fcbc5f |
| SHA256 | 8969747ecb7dfd4a6dcb9150017e14ebbf90ce558f6fb469f6b558d039e9259a |
| SHA512 | 160b57aa1a28ff35210cf958fd7821aa2cc1cf6fca1ea38d768fa90111826b096518363b00b6818d21743aefd6bbbfa358fbe2fe3afa95edacb330a747c6e5f3 |
\Users\Admin\AppData\Local\Temp\_MEI23642\_lzma.pyd
| MD5 | cf9fd17b1706f3044a8f74f6d398d5f1 |
| SHA1 | c5cd0debbde042445b9722a676ff36a0ac3959ad |
| SHA256 | 9209ccc60115727b192bf7771551040ca6fdd50f9bf8c3d2eacbfd424e8245e4 |
| SHA512 | 5fe922c00c6f7fd3cd9bc56fc51de1f44adffbdb0afc0583f1bb08008be628b9ac16f8560b0c3ba16138e1cdcaf1c525ef24241bed804804cdeb5961aed6385a |
\Users\Admin\AppData\Local\Temp\_MEI23642\_bz2.pyd
| MD5 | a49c5f406456b79254eb65d015b81088 |
| SHA1 | cfc2a2a89c63df52947af3610e4d9b8999399c91 |
| SHA256 | ce4ef8ed1e72c1d3a6082d500a17a009eb6e8ed15022bf3b68a22291858feced |
| SHA512 | bbafeff8c101c7425dc9b8789117fe4c5e516d217181d3574d9d81b8fec4b0bd34f1e1fe6e406ae95584dc671f788cd7b05c8d700baf59fbf21de9c902edf7ae |
\Users\Admin\AppData\Local\Temp\_MEI23642\libffi-7.dll
| MD5 | eef7981412be8ea459064d3090f4b3aa |
| SHA1 | c60da4830ce27afc234b3c3014c583f7f0a5a925 |
| SHA256 | f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081 |
| SHA512 | dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016 |
C:\Users\Admin\AppData\Roaming\tor\cached-microdesc-consensus.tmp
| MD5 | 80e882ce8268212cf4db9fbe44f95336 |
| SHA1 | 85abc152168a20d8db2c6501aa43a97ea72efc8c |
| SHA256 | 32c7fa19bdf922f35368bbda1fd91b30fae89f7e8615c8224901e4e3454ee937 |
| SHA512 | eb6fc2086c0c5b1e2207c675e49713961246559ade42f65f5e1d51e6139e503eacceaa57542664f7161dc320df0403d90bc85e499aa2d0f09c4a3d4236920cd5 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile6W14PM\prefs.js
| MD5 | a5e7153079ddf80096682884b7f62aa3 |
| SHA1 | c5c044e11b84b991a88736319e9fe080187c5db0 |
| SHA256 | 4c433c4740f07195cc05ca4170b28bf8654b6814549acb340c2b5500cbf5fd5c |
| SHA512 | d4b3bd547da4d8d8cd837420196a6e49dd7345cc09b173732630ebd5884369c1b466d4b248d7fcdd5e8de4b4b93b7dec167972783c8598c13ca4538da1d4783d |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile6W14PM\extensions.json
| MD5 | 6fd0f7904a94f75e62dc21e1bda80816 |
| SHA1 | d5b685f6c77903e6a1e5a65a4b31b13eb6ae98c1 |
| SHA256 | 2a1a8b081b667f5a39dc9f9265803436da03d01b39c1483d7ca6e9f0ca54341d |
| SHA512 | 33d60be4beaee2411357b767ce16848a030a954d5dd63583fd8cca1341b2eda48f417de0c6b167eca85815144d5d3055f133b285aaf4e0c3d7944849fcbec289 |
memory/2492-706-0x000000000BD30000-0x000000000BD40000-memory.dmp
C:\Users\Admin\AppData\Roaming\tor\cached-microdescs.new
| MD5 | f252969e6306fb01c7ec7ca42a0ed99e |
| SHA1 | f760ee778252e58bd8e286b182469c90b79d3047 |
| SHA256 | fdf2dc72c246005312e8c9eeefa72aa64b8c3a01b7b3fccbcf33e140b7def118 |
| SHA512 | 3be017958d1b997dcae279a854d85f13f07da00b9baa3a43c450fc9733fd93e9d5ab0cb06269b4a0016ff2d1659c9ca64022f06a40cb9f887d7119895140d806 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile6W14PM\prefs-1.js
| MD5 | 949958357d4dba77ae9c2cabdedab6a6 |
| SHA1 | 2784ae57ffcddc52e4ad5a50933493f5fb767269 |
| SHA256 | d541f8535ccc6d1f13b20a0b6ae98a387658f0e1ff6c908d99c5430e31cbabe5 |
| SHA512 | 4e42137502b24449f7d0c88d8a9826effb22bd7fa0a05bf1923a34cfcf9320934f5e69db37e9d5bd8f7c6c8072f51265e044a1eafcb961090c7afeac84f98136 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile6W14PM\prefs-1.js
| MD5 | 33efdb6851f974575a066db59b8b3811 |
| SHA1 | e8afbf20ddd73dee73a1065a4f917efbb09e5e41 |
| SHA256 | 32a5077a2cd3c2e26a792df10668af603e6f40d0bd239e1e68738be13fc3efb1 |
| SHA512 | 1dca585d1e82939ff2c90badb22afbeb8ed17a5860c87dd7f9f5d3c176998a97f2a1c05a1783a598b80d1110500a14b013bba58d2117b8cf0460fba252003af1 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilerEAfh8\sessionCheckpoints.json
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilerEAfh8\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilerEAfh8\extension-preferences.json
| MD5 | b4298c9a240d6b7b63346daf94013802 |
| SHA1 | 9ce98168437854b51b198c16186c05129f0c273b |
| SHA256 | e120cdbe8994b9c61e74492f0fad161abb5b4e18f64d4b786a8c245ae5a384d5 |
| SHA512 | 545becc42b35be10b4c24fdc38ef6b664d167e4288111f31478f476c2c06794efb802ac0fa2b782cddea1283d295a56053e96520b033258bd596ff6fbb4f1b4c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilerEAfh8\startupCache\webext.sc.lz4
| MD5 | b084a2a6a6ae053d1594e438789d204a |
| SHA1 | 519a54f797da21abd2e12b8d591163e6623c164d |
| SHA256 | 592fce140b25b0fde27838965242a28724e6d08ed621b58aebb3d8611dc03369 |
| SHA512 | d50938f57cbc924a694992ba74a5bb8cabd8311ec43f5248f8f6521a802efb5e64273afd8f1591afbbf6ae5d68ddeb4348a1e6ed7102c17ba25ac768bf48d689 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilerEAfh8\prefs-1.js
| MD5 | 009a7d4abf937cbecf8320670a504f20 |
| SHA1 | 29ac2230e1a5bf7ba086425f3b59f9c9aaa05c42 |
| SHA256 | 642950fdf90f6074e1c85f24159b691d8671614fc16348b60f6fce60159b4f9d |
| SHA512 | 78df0bf1f13d9ba503a22b92949deb838e3d7d2ca151366c94df613aacf2b4120af4e73babb8f36f289a822ad5d9c00f7f14d410fbaa4501be6444ef1a0c1254 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilerEAfh8\broadcast-listeners.json
| MD5 | 97c3738563a9448365a735f5f29ed3d5 |
| SHA1 | 15a81433236ca6e6ecc4e1c8d0fdb8523b265c57 |
| SHA256 | 63221253f5c30efa214c2cd2adcf51a9c9f9a2c05f119b00a51c9579825c2c24 |
| SHA512 | ed98f42d5d02ab53a9e50f80b312bed4b5d05d053bec582cf9d619ef91251e86cf4f4d1123c645500fc1dc4673b49a8b7badd3f3a39f565ac643ca4fd0157ae6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilerEAfh8\prefs-1.js
| MD5 | 3b6f8293d4d77a8c7983ab439a7a8b74 |
| SHA1 | a12c3a6c182558953541a62f858076f9f070da5b |
| SHA256 | b1944140493e5d057f0c17dbf2ab6b930dda8bfc99f609b1c186f94191f7b883 |
| SHA512 | fd63de549f9cd489c3386b4772f6e89f5cfb720279485a72b0c94c0a3e3d434387ee9077ed577ba2c448a74a381bc110f9a07c7866d29b624bcd7256427999d4 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilerEAfh8\sessionCheckpoints.json
| MD5 | 99601438ae1349b653fcd00278943f90 |
| SHA1 | 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9 |
| SHA256 | 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a |
| SHA512 | ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilerEAfh8\sessionCheckpoints.json
| MD5 | 65690c43c42921410ec8043e34f09079 |
| SHA1 | 362add4dbd0c978ae222a354a4e8d35563da14b4 |
| SHA256 | 7343d5a46e2fca762305a4f85c45484a49c1607ede8e8c4bd12bedd2327edb8d |
| SHA512 | c0208d51cf1586e75f22764b82c48ecbb42c1ff54aa412a85af13d686e0119b4e49e98450d25c70e3792d3b9c2cda0c5ab0c6931ebaf548693bb970a35ae62b9 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilerEAfh8\xulstore.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilerEAfh8\sessionCheckpoints.json.tmp
| MD5 | 29ce37dc02c78bbe2e5284d350fae004 |
| SHA1 | bab97d5908ea6592aef6b46cee1ded6f34693fa2 |
| SHA256 | 1bfee61e2f346959c53aa41add4b02d2b05c86c9f19ffefe1018f4a964bf4693 |
| SHA512 | 53a9eb746e193c088210d8eaa6218d988f3a67ee4cb21844d682ff0178db040932404f5ce2f3cf8b4576313ba0ec33c04ca288c3412bfa5df7dd8230cc2068bb |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilerEAfh8\sessionCheckpoints.json
| MD5 | 2d87ba02e79c11351c1d478b06ca9b29 |
| SHA1 | 4b0fb1927ca869256e9e2e2d480c3feb8e67e6f1 |
| SHA256 | 16b7be97c92e0b75b9f8a3c22e90177941c7e6e3fbb97c8d46432554429f3524 |
| SHA512 | be7e128c140a88348c3676afc49a143227c013056007406c66a3cae16aae170543ca8a0749136702411f502f2c933891d7dcdde0db81c5733415c818f1668185 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile93QUy3\datareporting\glean\db\data.safe.tmp
| MD5 | c58234a092f9d899f0a623e28a4ab9db |
| SHA1 | 7398261b70453661c8b84df12e2bde7cbc07474b |
| SHA256 | eaec709a98b57cd9c054a205f9bfa76c7424db2845c077822804f31e16ac134c |
| SHA512 | ae2724fc45a8d9d26e43d86bcc7e20f398d8ab4e251e89550087ace1311c4d2571392f2f0bed78da211fcb28766779c1853b80742faa69f722b2c44c283569fd |
memory/2564-1657-0x0000000002780000-0x0000000002790000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile93QUy3\startupCache\scriptCache-child-new.bin
| MD5 | 2724d7dd31542eea53805994d9290cd8 |
| SHA1 | 7b5d8536b060269d79848eaa6e2362333bc0f8ec |
| SHA256 | 72f0d983fa1c2017f7402b19caf50305d7bd8001ed4e7797bc3dc0528f3081a1 |
| SHA512 | 6ea98f95ca46f2b83081b546bf6238de11a829853105233bb29cf9ceeb69ace8c69ae90e94c9b5143f91f05713cfbf82f63265733f6233ecf5acb867758c1ee0 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile93QUy3\prefs-1.js
| MD5 | 30e969984ffcdb2db659451e6aa6fcaa |
| SHA1 | cce1717d7718fb052a2c5357033a3c5028134243 |
| SHA256 | 372b652daabe11eda03e4f8eecd8bc6ae3d16fbbe1a58ca53e634bc6550594ad |
| SHA512 | a9d22e8ef7a03a0436ba9192f0e1fab6d28a28d271245b0448f98450f546e218ed965f859cd20e0de6ae03ea15620371291386d3c5bd17b1e9de48d19c37b8cf |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile93QUy3\prefs-1.js
| MD5 | 3473af0a9e06496d39ca7d99ed8d7e31 |
| SHA1 | 4aafc4273be7db6fd1438da669e4ac4b03daa209 |
| SHA256 | 7a92a77b559082e5bea27d9049a70fba2b28758192e52972a1814c4c8aeb97a1 |
| SHA512 | b16846f51f8f218abb4338657cd17239967150819bf4140d00486e41b9ef481ca4fed5db7051176721e0e4b17e86ae50f25b4032413f091d6f957a9cd343d9b5 |
Analysis: behavioral3
Detonation Overview
Submitted
2024-05-09 01:55
Reported
2024-05-09 02:07
Platform
win10-20240404-en
Max time kernel
298s
Max time network
307s
Command Line
Signatures
Executes dropped EXE
Loads dropped DLL
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "ver"
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\TorBrowser\Tor\tor.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Users\Admin\AppData\Local\Temp\_MEI41602\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI41602\geckodriver.exe --port 50037 --websocket-port 50038
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50038 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile8kvotg
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50038 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile8kvotg
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe" -contentproc --channel="4352.0.1107942376\438188117" -parentBuildID 20240416150000 -prefsHandle 1476 -prefMapHandle 1464 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\browser" - {e0d9d1c9-394c-4937-9415-6fb5109c2f99} 4352 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe" -contentproc --channel="4352.1.2064555879\183801217" -childID 1 -isForBrowser -prefsHandle 2624 -prefMapHandle 2772 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\browser" - {e75e572d-7e12-41e1-b348-621d5bdb3178} 4352 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe" -contentproc --channel="4352.2.2146078361\1393642330" -childID 2 -isForBrowser -prefsHandle 2964 -prefMapHandle 2968 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\browser" - {e8927d74-92d5-4788-b828-c795f7944564} 4352 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe" -contentproc --channel="4352.3.28231557\179118621" -childID 3 -isForBrowser -prefsHandle 2952 -prefMapHandle 3356 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\browser" - {54ec6a20-2165-4656-b474-44c1f2de930a} 4352 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe" -contentproc --channel="4352.4.85270844\1310875083" -childID 4 -isForBrowser -prefsHandle 1348 -prefMapHandle 2976 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\browser" - {31bff8b5-4d4f-4d06-95a0-cc2322e97434} 4352 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe" -contentproc --channel="4352.5.1890873203\1837566514" -childID 5 -isForBrowser -prefsHandle 3848 -prefMapHandle 3844 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\browser" - {f19e09fe-58a2-4662-9ff6-4ce042c518c2} 4352 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe" -contentproc --channel="4352.6.820866060\133892407" -childID 6 -isForBrowser -prefsHandle 3952 -prefMapHandle 3956 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\browser" - {214ef909-a36f-45ef-befa-50b2efdc8518} 4352 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe" -contentproc --channel="4352.7.2051260911\1536564650" -childID 7 -isForBrowser -prefsHandle 4332 -prefMapHandle 4336 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\browser" - {7a40ee64-b206-479c-bdd4-db232cd021a9} 4352 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41602\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI41602\geckodriver.exe --port 50037 --websocket-port 50038
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50038 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileiE0lxs
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50038 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileiE0lxs
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe" -contentproc --channel="1376.0.676771266\1505822453" -parentBuildID 20240416150000 -prefsHandle 1480 -prefMapHandle 1456 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\browser" - {620a0605-3943-47bf-9e8a-25dc7d744514} 1376 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe" -contentproc --channel="1376.1.612037743\1494862760" -childID 1 -isForBrowser -prefsHandle 2268 -prefMapHandle 2432 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1104 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\browser" - {5d1e0f1a-9a5a-4997-9214-9088b1be063d} 1376 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe" -contentproc --channel="1376.2.161170730\1765564545" -childID 2 -isForBrowser -prefsHandle 3196 -prefMapHandle 3192 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1104 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\browser" - {127bd945-dcb7-429e-b000-1f448e1e7b10} 1376 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe" -contentproc --channel="1376.3.759457786\989313217" -childID 3 -isForBrowser -prefsHandle 3324 -prefMapHandle 3212 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1104 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\browser" - {e57832b9-ce03-403b-83e8-84e210ce1db1} 1376 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe" -contentproc --channel="1376.4.1168412177\355539919" -childID 4 -isForBrowser -prefsHandle 3012 -prefMapHandle 3244 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1104 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\browser" - {e336d339-83b3-43d8-837f-30e7b617b8b3} 1376 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe" -contentproc --channel="1376.5.2097873021\1596712177" -childID 5 -isForBrowser -prefsHandle 3744 -prefMapHandle 3740 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1104 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\browser" - {cd5d5305-70ae-4b73-8780-b1eb02d6a6a5} 1376 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe" -contentproc --channel="1376.6.1771561700\512881124" -childID 6 -isForBrowser -prefsHandle 3888 -prefMapHandle 3892 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1104 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\browser" - {441de319-0c35-47ca-ab82-f419e9925ee0} 1376 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe" -contentproc --channel="1376.7.873453480\62338473" -childID 7 -isForBrowser -prefsHandle 4392 -prefMapHandle 4396 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1104 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\browser" - {bfeff8ba-8c9a-4166-a068-04200747829f} 1376 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41602\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI41602\geckodriver.exe --port 50037 --websocket-port 50038
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50038 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofiley7DUgE
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50038 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofiley7DUgE
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe" -contentproc --channel="5016.0.953655966\1940651307" -parentBuildID 20240416150000 -prefsHandle 1484 -prefMapHandle 1472 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\browser" - {e4d1c1bb-c378-4977-be91-84d9d42c43f4} 5016 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe" -contentproc --channel="5016.1.1521933586\727991302" -childID 1 -isForBrowser -prefsHandle 2284 -prefMapHandle 2112 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\browser" - {c873d5a7-8c7e-4c54-b262-e3b44418aedb} 5016 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe" -contentproc --channel="5016.2.323658990\1824928458" -childID 2 -isForBrowser -prefsHandle 3292 -prefMapHandle 3288 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\browser" - {de6f8871-36f3-4ee0-9c1f-8774d274807d} 5016 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe" -contentproc --channel="5016.3.1489737802\1019577881" -childID 3 -isForBrowser -prefsHandle 3328 -prefMapHandle 3316 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\browser" - {00948450-8489-4e2c-9f8e-b256dccc791e} 5016 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe" -contentproc --channel="5016.4.805507145\314175061" -childID 4 -isForBrowser -prefsHandle 1352 -prefMapHandle 1348 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\browser" - {56f911eb-4fab-4091-8b81-a359accdb868} 5016 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe" -contentproc --channel="5016.5.648207561\1211439626" -childID 5 -isForBrowser -prefsHandle 3792 -prefMapHandle 3796 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\browser" - {b0ce18db-a78f-49eb-b568-5b9be1e08cbd} 5016 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe" -contentproc --channel="5016.6.2103816995\914577598" -childID 6 -isForBrowser -prefsHandle 3972 -prefMapHandle 3976 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\browser" - {143bc81e-8214-4c31-8ea2-0ae4d1aec63c} 5016 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe" -contentproc --channel="5016.7.2116034076\1847678003" -childID 7 -isForBrowser -prefsHandle 4412 -prefMapHandle 3792 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\browser" - {a4b8a49f-e73c-4350-99bd-3d5ee9e09aa4} 5016 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41602\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI41602\geckodriver.exe --port 50037 --websocket-port 50038
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50038 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileOLxJ1N
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50038 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileOLxJ1N
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe" -contentproc --channel="3944.0.1373390842\1473213135" -parentBuildID 20240416150000 -prefsHandle 1492 -prefMapHandle 1480 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\browser" - {eaae8d9c-6baf-4072-8ebd-215260ed0f6d} 3944 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe" -contentproc --channel="3944.1.910192839\1160257269" -childID 1 -isForBrowser -prefsHandle 2568 -prefMapHandle 2672 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1160 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\browser" - {c5964ae1-c188-470f-bfbf-c708055d7a17} 3944 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe" -contentproc --channel="3944.2.878943634\1711738689" -childID 2 -isForBrowser -prefsHandle 3004 -prefMapHandle 3000 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1160 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\browser" - {14a120bd-7c7e-48ca-953a-0b597cf6a899} 3944 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe" -contentproc --channel="3944.3.998776012\1771658913" -childID 3 -isForBrowser -prefsHandle 2276 -prefMapHandle 3084 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1160 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\browser" - {fca15916-5f25-4e5f-b7c9-17c9fadf0a0f} 3944 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe" -contentproc --channel="3944.4.1020134749\1837345082" -childID 4 -isForBrowser -prefsHandle 3588 -prefMapHandle 3580 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1160 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\browser" - {5c45169a-5a97-4ad1-bdcf-69042ee065fb} 3944 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe" -contentproc --channel="3944.5.694591194\1374474994" -childID 5 -isForBrowser -prefsHandle 3812 -prefMapHandle 3808 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1160 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\browser" - {0fc98f61-95a6-4038-bb1f-84181317a044} 3944 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe" -contentproc --channel="3944.6.758250790\398197669" -childID 6 -isForBrowser -prefsHandle 3860 -prefMapHandle 3864 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1160 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\browser" - {d978983c-4295-468b-a7b6-5465ee45d2ad} 3944 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41602\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI41602\geckodriver.exe --port 50037 --websocket-port 50038
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50038 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileNPISKF
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50038 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileNPISKF
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe" -contentproc --channel="4620.0.451464751\1153878438" -parentBuildID 20240416150000 -prefsHandle 1480 -prefMapHandle 1456 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\browser" - {849f9570-46ed-42f5-833e-102e383350d5} 4620 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe" -contentproc --channel="4620.1.2110882307\1864071646" -childID 1 -isForBrowser -prefsHandle 2472 -prefMapHandle 2488 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1176 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\browser" - {38d72a3b-61ef-4f85-866a-d77d288c8458} 4620 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe" -contentproc --channel="4620.2.278872515\544167164" -childID 2 -isForBrowser -prefsHandle 2936 -prefMapHandle 2932 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1176 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\browser" - {1003570d-f306-4daa-a571-ba58fe6aeee5} 4620 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe" -contentproc --channel="4620.3.993527762\1944144543" -childID 3 -isForBrowser -prefsHandle 2952 -prefMapHandle 3064 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1176 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\browser" - {270cab43-4047-4bf6-9012-c76472b9c530} 4620 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe" -contentproc --channel="4620.4.264850538\1629169280" -childID 4 -isForBrowser -prefsHandle 3816 -prefMapHandle 3812 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1176 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\browser" - {3975b5f8-7726-4b93-a6a1-a969d8565317} 4620 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe" -contentproc --channel="4620.5.234441083\839724239" -childID 5 -isForBrowser -prefsHandle 4028 -prefMapHandle 4040 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1176 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\browser" - {69007662-f951-4231-bcc5-4d410c4a9831} 4620 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe" -contentproc --channel="4620.6.275173030\1802033285" -childID 6 -isForBrowser -prefsHandle 4012 -prefMapHandle 4016 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1176 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\browser" - {1265b325-214b-43b2-8b95-fc2dfe94e165} 4620 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41602\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI41602\geckodriver.exe --port 50037 --websocket-port 50038
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50038 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile7B9lnh
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50038 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile7B9lnh
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe" -contentproc --channel="416.0.592694844\9167478" -parentBuildID 20240416150000 -prefsHandle 1476 -prefMapHandle 1464 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\browser" - {395e2682-3b2a-4085-b552-b0bfa95c96c5} 416 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe" -contentproc --channel="416.1.651326960\340029085" -childID 1 -isForBrowser -prefsHandle 2288 -prefMapHandle 2480 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1084 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\browser" - {ca4c31e2-5248-480f-8ead-796c3b7f1bcc} 416 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe" -contentproc --channel="416.2.239936483\1086580941" -childID 2 -isForBrowser -prefsHandle 2944 -prefMapHandle 2940 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1084 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\browser" - {4ff73f65-8d1c-422a-a9ec-2e1a35fd4a74} 416 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe" -contentproc --channel="416.3.777588022\1768859168" -childID 3 -isForBrowser -prefsHandle 3272 -prefMapHandle 3120 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1084 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\browser" - {073a9531-8e6c-423c-9e6c-b0b112af4249} 416 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe" -contentproc --channel="416.4.1732074580\146130302" -childID 4 -isForBrowser -prefsHandle 3588 -prefMapHandle 3584 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1084 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\browser" - {4cf24675-4b34-4866-a9c3-52159e61710f} 416 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe" -contentproc --channel="416.5.1767935066\113208217" -childID 5 -isForBrowser -prefsHandle 3728 -prefMapHandle 3732 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1084 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\browser" - {9e4b97e5-4f42-42c0-9c78-1373667e6629} 416 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe" -contentproc --channel="416.6.1410007440\1698606224" -childID 6 -isForBrowser -prefsHandle 3912 -prefMapHandle 3916 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1084 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\browser" - {f8bbd395-866b-43af-b6a2-4a8e856d80a8} 416 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe" -contentproc --channel="416.7.208400685\1370684050" -childID 7 -isForBrowser -prefsHandle 4352 -prefMapHandle 4356 -prefsLen 25412 -prefMapSize 245849 -jsInitHandle 1084 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\browser" - {e0318793-00cd-4c5e-8437-c908916cd005} 416 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe" -contentproc --channel="416.8.734691548\934701314" -childID 8 -isForBrowser -prefsHandle 8476 -prefMapHandle 8492 -prefsLen 25536 -prefMapSize 245849 -jsInitHandle 1084 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\browser" - {28059cb2-ddf2-45bc-bbc4-6c1dfe7071e2} 416 tab
Network
| Country | Destination | Domain | Proto |
| DE | 159.69.36.3:8080 | tcp | |
| US | 8.8.8.8:53 | 3.36.69.159.in-addr.arpa | udp |
| FR | 141.94.199.35:9001 | tcp | |
| RO | 185.198.56.195:9001 | tcp | |
| US | 8.8.8.8:53 | 35.199.94.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.56.198.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.229.111.52.in-addr.arpa | udp |
| N/A | 127.0.0.1:50140 | tcp | |
| N/A | 127.0.0.1:50142 | tcp | |
| N/A | 127.0.0.1:50037 | tcp | |
| N/A | 127.0.0.1:50037 | tcp | |
| N/A | 127.0.0.1:50245 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50253 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50037 | tcp | |
| N/A | 127.0.0.1:50037 | tcp | |
| N/A | 127.0.0.1:50037 | tcp | |
| N/A | 127.0.0.1:50597 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50605 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| US | 8.8.8.8:53 | udp | |
| US | 52.111.229.43:443 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:50037 | tcp | |
| N/A | 127.0.0.1:50037 | tcp | |
| N/A | 127.0.0.1:50037 | tcp | |
| N/A | 127.0.0.1:50955 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50963 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50037 | tcp | |
| N/A | 127.0.0.1:50037 | tcp | |
| US | 8.8.8.8:53 | 89.16.208.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| N/A | 127.0.0.1:50037 | tcp | |
| N/A | 127.0.0.1:51262 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51270 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| US | 8.8.8.8:53 | 77.190.18.2.in-addr.arpa | udp |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:50037 | tcp | |
| N/A | 127.0.0.1:50037 | tcp | |
| N/A | 127.0.0.1:50037 | tcp | |
| N/A | 127.0.0.1:51573 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51581 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50037 | tcp | |
| N/A | 127.0.0.1:50037 | tcp | |
| N/A | 127.0.0.1:50037 | tcp | |
| N/A | 127.0.0.1:51832 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51840 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\_MEI41602\python38.dll
| MD5 | 26ba25d468a778d37f1a24f4514d9814 |
| SHA1 | b64fe169690557656ede3ae50d3c5a197fea6013 |
| SHA256 | 2f3e368f5bcc1dda5e951682008a509751e6395f7328fd0f02c4e1a11f67c128 |
| SHA512 | 80471bfeeab279ce4adfb9ee1962597fb8e1886b861e31bdff1e3aa0df06d93afeb3a3398e9519bab7152d4bd7d88fa9b328a2d7eb50a91eb60fead268912080 |
\Users\Admin\AppData\Local\Temp\_MEI41602\python38.dll
| MD5 | a2d1ef944a3b2ece9251bdd4528d71be |
| SHA1 | 5d422a39b769cddf186e36eba348a5382bb81ab2 |
| SHA256 | 59e24582777846f7b5eb952b08a2346801ae20674f0d18a65c0d415095b8e543 |
| SHA512 | abcfad3bb39d143bd56d350d83a4c9ded669504ab89e5d860862e04801e419cc96d8169d1df320a69a97f13ea6f919a34c68098c3d563cb9eccc6f7c9a978828 |
C:\Users\Admin\AppData\Local\Temp\_MEI41602\base_library.zip
| MD5 | 09f7062e078379845347034c2a63943e |
| SHA1 | 9683dd8ef7d72101674850f3db0e05c14039d5fd |
| SHA256 | 7c1c73de4909d11efb20028f4745a9c8494fb4ee8dcf2f049907115def3d2629 |
| SHA512 | a169825e9b0bb995a115134cf1f7b76a96b651acd472dc4ce8473900d8852fc93b9f87a26d2c64f7bb3dd76d5feb01eeb4af4945e0c0b95d5c9c97938fa85b34 |
\Users\Admin\AppData\Local\Temp\_MEI41602\libffi-7.dll
| MD5 | eef7981412be8ea459064d3090f4b3aa |
| SHA1 | c60da4830ce27afc234b3c3014c583f7f0a5a925 |
| SHA256 | f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081 |
| SHA512 | dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016 |
C:\Users\Admin\AppData\Local\Temp\_MEI41602\geckodriver.exe
| MD5 | ecd8efd4cab1e6f7d84483c09c9ce6b7 |
| SHA1 | aafe438def0edbe9176f462d1e4e8c4a1883540c |
| SHA256 | 5032f5bb47f24f8e677397e347fdb4a501b0eda42f5d5aa2f5186edadf9838ec |
| SHA512 | eb40225be2070f88465d35b56d5fd2f94ef4a9ead2306ce5c81bb2fa31b1c252e7b8f57befad32130023c5893fd1cb499c387daeb9b760ce2d008691c5359ea9 |
C:\Users\Admin\AppData\Local\Temp\_MEI41602\unicodedata.pyd
| MD5 | 601aee84e12b87ca66826dfc7ca57231 |
| SHA1 | 3a7812433ca7d443d4494446a9ced24b6774ceca |
| SHA256 | d8091e62c74e1b2b648086f778c3c41ce01f09661a75ea207d3fea2cf26a8762 |
| SHA512 | 7c2d64623c6cfd66d6729f59909c90aa944e810ff6514c58b2b3142ee90e8660b7ddf7fa187389dd333e47efe8b19e935dd4e9119c15375b69b4880d043877d7 |
C:\Users\Admin\AppData\Local\Temp\_MEI41602\_ssl.pyd
| MD5 | d4dfd8c2894670e9f8d6302c09997300 |
| SHA1 | c3a6cc8d8079a06a4cac8950e0baba2b43fb1f8e |
| SHA256 | 0a721fc230eca278a69a2006e13dfa00e698274281378d4df35227e1f68ea3e0 |
| SHA512 | 1422bf45d233e2e3f77dce30ba0123625f2a511f73dfdf42ee093b1755963d9abc371935111c28f0d2c02308c5e82867de2546d871c35e657da32a7182026048 |
\Users\Admin\AppData\Local\Temp\_MEI41602\_hashlib.pyd
| MD5 | 5e5af52f42eaf007e3ac73fd2211f048 |
| SHA1 | 1a981e66ab5b03f4a74a6bac6227cd45df78010b |
| SHA256 | a30cf1a40e0b09610e34be187f1396ac5a44dcfb27bc7ff9b450d1318b694c1b |
| SHA512 | bc37625005c3dad1129b158a2f1e91628d5c973961e0efd61513bb6c7b97d77922809afca8039d08c11903734450bc098c6e7b63655ff1e9881323e5cfd739fd |
C:\Users\Admin\AppData\Local\Temp\_MEI41602\_socket.pyd
| MD5 | 4827652de133c83fa1cae839b361856c |
| SHA1 | 182f9a04bdc42766cfd5fb352f2cb22e5c26665e |
| SHA256 | 87832a3b89e2ada8f704a8f066013660d591d9ce01ce901cc57a3b973f0858ba |
| SHA512 | 8d66d68613fdba0820257550de3c39b308b1dce659dca953d10a95ff2cf89c31afe512d30ed44422b31117058dc9fa15279e5ac84694da89b47f99b0ad7e338a |
\Users\Admin\AppData\Local\Temp\_MEI41602\libcrypto-1_1.dll
| MD5 | 1ce5b04a8b12799bd40d8b97b50d1ef1 |
| SHA1 | f46fed64756c1c0ee4f5b9308b7c3c7f672c76be |
| SHA256 | 2577ade6f2346a73e175adf10d2aacb2e72772f471ba426b65f63164f49e6fb1 |
| SHA512 | 63fbde60d02a7c04b4e7a8054ad9af07e8972ea4e4eedf7764279dc58051c73190c8b61cf6154ce88d64448e7969e0bced5edccd310421b1858b59b547d39e2e |
\Users\Admin\AppData\Local\Temp\_MEI41602\select.pyd
| MD5 | e21cff76db11c1066fd96af86332b640 |
| SHA1 | e78ef7075c479b1d218132d89bf4bec13d54c06a |
| SHA256 | fcc2e09a2355a5546922874fb4cac92ee00a33c0ed6adbc440d128d1e9f4ec28 |
| SHA512 | e86dba2326ca5ea3f5ef3af2abd3c23d5b29b6211acc865b6be5a51d5c8850b7cda8c069e6f631ac62f2047224c4b675bbe6ac97c7ba781de5b8016ebaffd46f |
\Users\Admin\AppData\Local\Temp\_MEI41602\libssl-1_1.dll
| MD5 | 50bcfb04328fec1a22c31c0e39286470 |
| SHA1 | 3a1b78faf34125c7b8d684419fa715c367db3daa |
| SHA256 | fddd0da02dcd41786e9aa04ba17ba391ce39dae6b1f54cfa1e2bb55bc753fce9 |
| SHA512 | 370e6dfd318d905b79baf1808efbf6da58590f00006513bdaaed0c313f6fa6c36f634ea3b05f916cee59f4db25a23dd9e6f64caf3c04a200e78c193027f57685 |
\Users\Admin\AppData\Local\Temp\_MEI41602\_queue.pyd
| MD5 | dd146e2fa08302496b15118bf47703cf |
| SHA1 | d06813e2fcb30cbb00bb3893f30c2661686cf4b7 |
| SHA256 | 67e4e888559ea2c62ff267b58d7a7e95c2ec361703b5aa232aa8b2a1f96a2051 |
| SHA512 | 5b93a782c9562370fc5b3f289ca422b4d1a1c532e81bd6c95a0063f2e3889ecf828003e42b674439fc7cd0fa72f64ad607bab6910abe9d959a4fb9fb08df263c |
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\compatibility.ini
| MD5 | e50a617598b0f635e6f9ae4a9d445b78 |
| SHA1 | a372ec393dd6271bd00cf02f894152887765da8b |
| SHA256 | c9053fe76caf2607aa3043fa8b60070956198590dd8aab868145e0644cee30f5 |
| SHA512 | e851c226c38d4a6dfe43074d455fd75483d6c9b4d9521280a64f5b1913a055084d7764f13a8d0a12142a716a4031cc2ca4916c131d41c18a4d7a95128cb03bc0 |
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\addonStartup.json.lz4
| MD5 | 85de06e3d4c6f39404776f3c7162c59b |
| SHA1 | 3e4b8ecebaa9c903d220ee23d367be8e8ba27619 |
| SHA256 | 33d83687f45f4dbe12db0a0ce697cbce2c228d71ed474ad10a839ff7ce95012a |
| SHA512 | 6cd4cac7bd74ac01de30d242b2bc75e7dc2e23c0871250ae8176cc947553dbfc702a2392380acdad6bec355aea6dfa95708af54c560330c36c05bb0f34169963 |
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\places.sqlite
| MD5 | 2eeb46e1c58ff1cce4ac2d4d725b2cc6 |
| SHA1 | 89aa36e77e51da31fbbfd682a2acc91f6016d275 |
| SHA256 | e99e5ee165f2a0d5d39c5cc5a1d994c0534cf7caf8779f314f0e92b2d59d2b6a |
| SHA512 | 23d5e39c25375ef4a83713f44615078878253411cd6ca6c4a149de915cd491b328046ddd189a113585361faad6a47ebd6ead31f062681ab25b0f2832a988265e |
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | 549e54a44c7326c30548c998a1d16424 |
| SHA1 | d4375f9ead356aff85d60375b08db168195d5089 |
| SHA256 | fb2df7a858dbfacbedb5ce100bc71dff2b1e1991b2d574c1d3d46701ceea5433 |
| SHA512 | 7325a6d2ed8cf43c4665f2cda3f4f9578de7a87cf70178eff7e927bb8b58f0dceff4b4bf6029593ff64fab052718cf2da8228275580071de2d0fb77fcb4bb897 |
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | fd5225eac6a4da3c904ac0c620646f46 |
| SHA1 | 9993f18fa6092d2acabecf7c7e9a19c2c66f2627 |
| SHA256 | cd7d8187bc2088d4c3e21521b9966f839ddcb942b272359da552034acb2ed073 |
| SHA512 | f4efbf3d9a55a6addc51d350e686099503029d9c35ebd77ef0f7356b1af40297d1c425c868bc08f1a3dc471e8b8be4e4740ff71bd2ff4826d3fd1bafd52c7f12 |
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\xulstore.json
| MD5 | 8d689c06cb844185099c0398a280537e |
| SHA1 | 57073c7526ec37e94bb9db44fedc6d50276f7a6b |
| SHA256 | 96729e9b38f216605ff10715f96f364be32f02e2de23ede7e74b78244605124d |
| SHA512 | 3c7df326c695143915df1068cb2c0f58e93e4881b2c4d94b33948b80e954fbd4cf944ae53b4d15002b79fcdb8e88f8e9cf4c89ca50f56b7cfd8a13ea7dd6fff8 |
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\webappsstore.sqlite
| MD5 | 41c22c9f81a84b1b0e5ee7ec2ff7c545 |
| SHA1 | d12424cba9e4e9124bf3f15e556c562b95c9b6a3 |
| SHA256 | 4ffdc78433817da79ad2e84b26a2ffaf62d8c1baf80421751d752c3d8723328f |
| SHA512 | 8b690c55ae0b25aeede62a09dea1ef6b7daa9880ca63c6d4ce192160daded05fe0dc44b115216ce10523e2ec45991873c249f159fe8608712818f5ead327897b |
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\times.json
| MD5 | 797325af481a14ae243f10d5f24b4a0d |
| SHA1 | 718b6ed3d9d839b8fe0a0e097b9ac5f5770ed5a1 |
| SHA256 | 1d70eaebce1c81e3241ae47deb92aab50f90dd8baa4c7cb5e9f7eb6b1e66abb1 |
| SHA512 | ac9aa2b028bdffe24831ba50894fb48eb70b100f6973875987e24f075a3e9196f96699667eb3a5d2e4f86041d510447c75fe6e55562813451712878a3411c3b1 |
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage.sqlite
| MD5 | 7f2754df6a4a580b15910f449892766d |
| SHA1 | 9dcaad98563ed89781f53941cbc43db5454de7f5 |
| SHA256 | d3765d63c380e5a79296d566b7869c08b1f4e079787176f29cf2ddcd76330654 |
| SHA512 | 25f0205a8c4aed02e9e1f9ecafffb36cb3bb795ef9f06cc12ede9e8b0459ae5b86573b3b4980b92073a59204eaf314cba34c03b99e90ab98f804fe378fe02839 |
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | ecb1dedf5ef99417494e424ca42eb67f |
| SHA1 | e2a293cbba50c6624e75cdaffe472967f3961023 |
| SHA256 | cccd56daa3559a54db61113fbdb5b6c96649cdd65b5cf14bd442c3f2e3b738be |
| SHA512 | 5ea0645775933d5bd2f913d58e344253a58578c920af95bd0fb81ff4f13a4998a919f0856ffdc97541abf9fc3797558b0f2467bc73214b63c7ce568ba87e550b |
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\.metadata-v2
| MD5 | 7abc816e004d9ed0f292770cfa8876cb |
| SHA1 | 4a1eeb702543f0819ef7c64b9f3bfd53be292106 |
| SHA256 | 2960d61c10694d76f29beca0eb96c06608cf4bbf479811449a39197e8580842e |
| SHA512 | 9883b894e65a426227ea9808b69e2259f206df76bd9bb9e7c0ebd7521acbdad0a92c4a531f739c93b1e53001eca8a1a42e122baa1e1885b11d4ba34aae24961a |
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\ls-archive.sqlite
| MD5 | d277f533f1d77e26d09bb66764bbeea6 |
| SHA1 | 082920ebe7dfb870cf94a99fc601fd5ae8b456ee |
| SHA256 | 3c957f8d69ccfe73b66c28d378bf301bb1bcb0ceb5c59ac0dafeb5787b24f3c3 |
| SHA512 | 510c78685b20a68160d9041d5a55a022a281fc0fd5777f978dc422d132961bf52ac23a0a95ca47b15715641ecb7a39b359da8d00d305c8543d553c00db54747d |
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | cbb1daad9fc48ab13e35fcd3621a5999 |
| SHA1 | 0eec8ece735465aea259f8223762f93fb13a97a0 |
| SHA256 | 8a03ae38ee38cf04dd9a5e2c5563bfd930886cae2170ed4200829288e5c155da |
| SHA512 | 818629d68123ae629bd5a1c7e768ed79707360457be1b7c50f7c59447bf9ee398fe78c925f037649d6b1ca529a9cf3bf8077b6f525f3e88142c56bc7e5451e8b |
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\.metadata-v2
| MD5 | 2c740091198dcf20b9c600791e2bcc3c |
| SHA1 | dd6f376ba9139ddec20ece64da0760054133db96 |
| SHA256 | e39504c71ba91c438c682a8c83c7ecfc5410b853d7788a4c561a8c6e90bdbe59 |
| SHA512 | a677a432a4af6b5ad0131d224d2e4c999c2340a54ba770f9f39429fd28ad05a921fcf65a1b714af5deae2419abcf8ab38472e15f0f8758ccf7b7769a40bafffc |
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\sessionCheckpoints.json
| MD5 | 48fcad918c62db97e9af1dba1d131473 |
| SHA1 | d89381594d3241b0e645033f67572a5d8c166764 |
| SHA256 | dd8349e2789db1125b477971c5d445b6afb2f6ea3b57de65080631040900fe8c |
| SHA512 | 2278d074aab519859188b047c77fe7b4db718e0af237b63e06a1b095d7a1eb4e07d6ea59cab5d7b1325aae0047fadea36eae12a80bfefe112aab85fc18aa1ca3 |
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\search.json.mozlz4
| MD5 | b6d7fc9b6ebc5f46500acc52bf6c9808 |
| SHA1 | 4fd8111c436d89b83890e98b4cb7d0343e568340 |
| SHA256 | 2bd35c40d02dfca6c685a001287d89c1ec743b8d4d87a0a568c1cbd0b5ba4974 |
| SHA512 | 7e7111112af9448be4da527ae1d76ed93ec1e236dd00db63ff30d93d1f29cd699193e1e2635b110dda3ec36502c25065ef7d1613537451916ea301eb0f3e084b |
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs.js
| MD5 | 8565a303ddc83b03f8662b034597de18 |
| SHA1 | ce6453779eb52055599ddba097a95ab82512ae5b |
| SHA256 | b6ffe8a2973d7050fd5ffcf7ee1c995eef8d8dc5d58cb0a05a6ca0953bd4c6bd |
| SHA512 | 2b667252645b7f1202582beb353fbb2320f81b1f2e42a8327792309709434092a953727b222a5d81bac1482a547a498ca5c9d3d2c772858746cf29d18c684566 |
C:\Users\Admin\AppData\Local\Temp\_MEI41602\geckodriver.exe
| MD5 | f60c542253cbe94f762e15c7b064b55d |
| SHA1 | 7a32f034217266db6d799893edc976e891a82944 |
| SHA256 | 989c9e22c08924ecb0ce8901889dcb4dc8db33b0b4c8c88ffea38fe89f04c6aa |
| SHA512 | 1a91ba760e9893521e417a4b6ab4a25c1a1d8aadf89ad98a60eb114f65a88f9d2616f3cc102c08b95a0e91d0cb7245ecc2b4fdbbbc17465c57844e6db2b2e8ca |
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\handlers.json
| MD5 | e7a65c5ead519a7b802f991353c26d3d |
| SHA1 | 34cc3c1cf9bd4912dba5fa422010934e46419fa3 |
| SHA256 | 0e5ce92485da953757f615bad034a43032b220da18f8165dd85347851b56b2d2 |
| SHA512 | 2a6034449ba6f5da8a77870ae665064047cea2460aeb4c8c0b62b308a403fdd30648150209aecc31ab1e50b6d9d94a1f51d3d7d50bbf35ec1b742bff2dbe788d |
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions.json
| MD5 | e2e8f9cf938f81b1185086b12c5c9d90 |
| SHA1 | b67c857a7002b3262f09ffc9fa8524c58a01e5b9 |
| SHA256 | a053bba02f38179197090a9a9849aab872af5b09dc61b2f69efb0d8ea2d0f5e2 |
| SHA512 | 3bab571f5c43ff72ce1dd654b584d053cba937a3d3cc4d07cbf57ac7acc821b199b90fab66abc62dbe32e75297143c810c995d87df076e75a583e321d081d87f |
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
| MD5 | a3fb2788945937b22e92eeeb30fb4f15 |
| SHA1 | 8cade36d4d5067cd9a094ab2e4b3c786e3c160aa |
| SHA256 | 05b98840b05ef2acbac333543e4b7c3d40fee2ce5fb4e29260b05e2ff6fe24cd |
| SHA512 | 4897aefe3a0efffaa3d92842b42fe223f0b9882031a65bea683f4554d1fec92b8a66ea15c67e9b95c7fc12991cde3245010ccfb91768ba233711ced3412c13bc |
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extension-preferences.json
| MD5 | d2e8aceaa00ad916618bea2eee81aedf |
| SHA1 | 28b26f0db0b4b2504a418983089795761c56e4a1 |
| SHA256 | fc52b830f384921b69b457fed04dfb4239fb08e9fe7d8ac07c4c269bd9f6f622 |
| SHA512 | b6cb1f872dfc024d28524976aca3ad8840943ca0fc212326e8b6ee6fe0a57d5120a6c1da824ab70d7f9ee8dd674bdd32ace038db4d893b893830bf3267c6e59d |
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\datareporting\glean\db\data.safe.bin
| MD5 | b1c8aa9861b461806c9e738511edd6ae |
| SHA1 | fe13c1bbc7e323845cbe6a1bb89259cbd05595f8 |
| SHA256 | 7cea48e7add3340b36f47ba4ea2ded8d6cb0423ffc2a64b44d7e86e0507d6b70 |
| SHA512 | 841a0f8c98dd04dc9a4be2f05c34ecd511388c76d08ca0f415bfb6056166d9a521b8bc2c46b74697f3ecdac5141d1fe6af76dd0689350caca14e9f849ee75a8b |
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\content-prefs.sqlite
| MD5 | 2ec530a71bdac21f299f9ddb823be222 |
| SHA1 | 5425aaf19c0832cda06be506e88f2435f432d287 |
| SHA256 | ccad2cafe84d27b3be67a87f0e32b7670e451c7ceefce6f2aa38f658976334b3 |
| SHA512 | 94eec8b0f59c68331d9187dd4dd4aa2b2c31d844e72bf707cd9e0c7c72c64982a3babcacf3d09a996422281ac5479ee304b41a577e54a74308d7a31a7d7091d4 |
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\favicons.sqlite
| MD5 | 0351b833a5c095852e821535974441c8 |
| SHA1 | bcbf5c294852c2d80af7862d19791b994aea7706 |
| SHA256 | dd13400afe7ebe5d0be37c951ff961be293b63588cc3635a62fa5f071ab69eef |
| SHA512 | 3eaefe9e400fadf0b947036e15b4dc5c7b42fbbcb716426ba478073eff1e7d7bddf3f72c44dfb5fafe6712d7ea9f2c52c172607d719f238a22e432afdb618b97 |
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\cookies.sqlite
| MD5 | 5caa766855d5613a999f71b7812d6451 |
| SHA1 | ad0d9a52a0d5cc7f11858301dbe47377ed99ee37 |
| SHA256 | 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27 |
| SHA512 | 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba |
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\containers.json
| MD5 | 26dd091069531a62061de8ca1c56d46b |
| SHA1 | 6c9daa73f096174f28f86c9bb245cb8a540f5c2d |
| SHA256 | 2cde4e7f9f1c6ab6fcf729370237845c72314a6c6d942fab1989f37e6c610a9a |
| SHA512 | 180d42c642f5d1126efbf89af33f1b4d1aa936aa530834b508eabcf3ec845aad91daa871ee6517e1181910f5720edbc3788d6a4b2455f1255d7b52b95de2d66d |
C:\Users\Admin\AppData\Local\Temp\_MEI41602\top-1m.csv
| MD5 | a29565710c081a7da5e38a4f4edd4e65 |
| SHA1 | 818c4f88ac3e53f2ea07c7b822f5f7c7d5e7103a |
| SHA256 | b9ebda977c49d54f46dbc40b08dd385dc79e4afca90796f35d538ef13ef95831 |
| SHA512 | eda629b4243b2143e9c4de587606e47f0c65ed258d3fada3d652b6339ca95476adab46a03744bbf09a9fb5456f087fc186546da464d36973622f376ae550ffd2 |
C:\Users\Admin\AppData\Local\Temp\_MEI41602\pyexpat.pyd
| MD5 | 2ae23047648257afa90d0ca96811979f |
| SHA1 | 0833cf7ccae477faa4656c74d593d0f59844cadd |
| SHA256 | 5caf51f12406bdb980db1361fab79c51be8cac0a2a0071a083adf4d84f423e95 |
| SHA512 | 13052eb183bb7eb8bb2740ff39f63805b69e920f2e21b482657a9995aa002579a88296b81ec415942511d2ed146689d1868b446f7e698e72da22f5c182706030 |
C:\Users\Admin\AppData\Local\Temp\_MEI41602\nss3.dll
| MD5 | 71747091d34cc634b9ad3c360b45b0a9 |
| SHA1 | 111cf483836f6a392f64bc9398a327be1c43dfc8 |
| SHA256 | 6e69c7c93a9d06c34c5f5429813d3763fe7ae4fb09c1dc5b0f0290b2dd8befcf |
| SHA512 | b911fd3b201a84c7663135c2dbf72e2368d68557181f5e1a32be271b0e73181f34990575fba44002fc92bae7d90caf530b7ec9212d3d022b4526906f0c2eb35a |
C:\Users\Admin\AppData\Local\Temp\_MEI41602\mozglue.dll
| MD5 | 3e4d1ec1d2a6e85593459601b5a0a828 |
| SHA1 | 92ee422285282dcb170cbc7808299d14d8d27963 |
| SHA256 | eefcf97ee8a298c85c9d4d44bb8747c0cca1ef5922e25000814148fd0fbfb2f5 |
| SHA512 | 4fe70fdbf8c902497537fbcda6e96373c636521aba2db52e3047abad37a9b857ab1668f203bcdf2815bbe0c485ec751dd6031043f459fd4af968c5d495e44ba4 |
C:\Users\Admin\AppData\Local\Temp\_MEI41602\mozavutil.dll
| MD5 | 4ecbb73d44518fc2b601a1ac9a38dcad |
| SHA1 | f7c96e85d5b32af8efb784e75164ec4f0c6f4f10 |
| SHA256 | 7f629ecfd36353139e9b067dc5ba84b411ed74132aef01b4430ccb016af46a52 |
| SHA512 | 12946996b2bdd87dd08cf046b37ff21dc23ab336c92d2b42cfa2000743c79524205004623b67505294080f60f9b5433005457f8a385e0461cef2cded6aa3d610 |
C:\Users\Admin\AppData\Local\Temp\_MEI41602\libcrypto-1_1.dll
| MD5 | 89511df61678befa2f62f5025c8c8448 |
| SHA1 | df3961f833b4964f70fcf1c002d9fd7309f53ef8 |
| SHA256 | 296426e7ce11bc3d1cfa9f2aeb42f60c974da4af3b3efbeb0ba40e92e5299fdf |
| SHA512 | 9af069ea13551a4672fdd4635d3242e017837b76ab2815788148dd4c44b4cf3a650d43ac79cd2122e1e51e01fb5164e71ff81a829395bdb8e50bb50a33f0a668 |
C:\Users\Admin\AppData\Local\Temp\_MEI41602\lgpllibs.dll
| MD5 | 726abf1280adf3129481b94b2bc644c4 |
| SHA1 | 404f69e71296f2d199535e8a6d9fb56707fcbc5f |
| SHA256 | 8969747ecb7dfd4a6dcb9150017e14ebbf90ce558f6fb469f6b558d039e9259a |
| SHA512 | 160b57aa1a28ff35210cf958fd7821aa2cc1cf6fca1ea38d768fa90111826b096518363b00b6818d21743aefd6bbbfa358fbe2fe3afa95edacb330a747c6e5f3 |
\Users\Admin\AppData\Local\Temp\_MEI41602\_lzma.pyd
| MD5 | cf9fd17b1706f3044a8f74f6d398d5f1 |
| SHA1 | c5cd0debbde042445b9722a676ff36a0ac3959ad |
| SHA256 | 9209ccc60115727b192bf7771551040ca6fdd50f9bf8c3d2eacbfd424e8245e4 |
| SHA512 | 5fe922c00c6f7fd3cd9bc56fc51de1f44adffbdb0afc0583f1bb08008be628b9ac16f8560b0c3ba16138e1cdcaf1c525ef24241bed804804cdeb5961aed6385a |
\Users\Admin\AppData\Local\Temp\_MEI41602\_bz2.pyd
| MD5 | a49c5f406456b79254eb65d015b81088 |
| SHA1 | cfc2a2a89c63df52947af3610e4d9b8999399c91 |
| SHA256 | ce4ef8ed1e72c1d3a6082d500a17a009eb6e8ed15022bf3b68a22291858feced |
| SHA512 | bbafeff8c101c7425dc9b8789117fe4c5e516d217181d3574d9d81b8fec4b0bd34f1e1fe6e406ae95584dc671f788cd7b05c8d700baf59fbf21de9c902edf7ae |
C:\Users\Admin\AppData\Roaming\tor\cached-microdesc-consensus.tmp
| MD5 | 80e882ce8268212cf4db9fbe44f95336 |
| SHA1 | 85abc152168a20d8db2c6501aa43a97ea72efc8c |
| SHA256 | 32c7fa19bdf922f35368bbda1fd91b30fae89f7e8615c8224901e4e3454ee937 |
| SHA512 | eb6fc2086c0c5b1e2207c675e49713961246559ade42f65f5e1d51e6139e503eacceaa57542664f7161dc320df0403d90bc85e499aa2d0f09c4a3d4236920cd5 |
C:\Users\Admin\AppData\Local\Temp\_MEI41602\Tor Browser\Browser\firefox.exe
| MD5 | 65aa9b0f57d72e4d70e9226322221adc |
| SHA1 | 85fec174d0977afd8c0100c9d9b53c958e1949bf |
| SHA256 | 51b63860fd996d6d5b1753ba6bb7f3a4303f13187fbfecc96ba2b6bae52a7410 |
| SHA512 | f84416a5e9293b8b82993e9424b13d5bb8542d1a379d04f498b60f0b5805626b7c97bcc6f86f6cfd33031b0d65d0ad23ce6d836995b5a481ed29f62ef89b2c85 |
\Users\Admin\AppData\Local\Temp\_MEI41602\_ctypes.pyd
| MD5 | 291a0a9b63bae00a4222a6df71a22023 |
| SHA1 | 7a6a2aad634ec30e8edb2d2d8d0895c708d84551 |
| SHA256 | 820e840759eed12e19f3c485fd819b065b49d9dc704ae3599a63077416d63324 |
| SHA512 | d43ef6fc2595936b17b0a689a00be04968f11d7c28945af4c3a74589bd05f415bf4cb3b4e22ac496490daff533755999a69d5962ccffd12e09c16130ed57fd09 |
\Users\Admin\AppData\Local\Temp\_MEI41602\VCRUNTIME140.dll
| MD5 | 4a365ffdbde27954e768358f4a4ce82e |
| SHA1 | a1b31102eee1d2a4ed1290da2038b7b9f6a104a3 |
| SHA256 | 6a0850419432735a98e56857d5cfce97e9d58a947a9863ca6afadd1c7bcab27c |
| SHA512 | 54e4b6287c4d5a165509047262873085f50953af63ca0dcb7649c22aba5b439ab117a7e0d6e7f0a3e51a23e28a255ffd1ca1ddce4b2ea7f87bca1c9b0dbe2722 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile8kvotg\prefs.js
| MD5 | 141c9205ffd1924f658798a883224593 |
| SHA1 | 9af27d3c771d45d05834d54008bd25f8d56a2430 |
| SHA256 | ba35ed2e10ffdf52d9ada86e3366705593efb9d90bb510c6625337abc4ebb1fa |
| SHA512 | 31b01b1c8814a2216122a9299aad4c5fe553428e4ca567ec6eb1af0ab35bd1bf33c77e05979ce0ebdaf6b581cd07f87de8c33747fa4200428b6ba53b28d3009a |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile8kvotg\extensions.json
| MD5 | 524df86131ca4532242418664f6b0213 |
| SHA1 | 1a6add2a1038edaa6d4e7595f9756acd3b9cc20f |
| SHA256 | 772636f801130afbad0e6ca5ec328723ad2faab5480a1b91a0e69111953984a4 |
| SHA512 | 87d366275e1c2843637d549bac5d95f7399a2edac68b489d811b3151f2975293adabcf89f294b70c33aa03eb2cc3d6bd6db29ff7a6375f62b3848ac91c1dbd2f |
memory/4352-556-0x000001CD4D410000-0x000001CD4D420000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile8kvotg\prefs.js
| MD5 | 28d318dc3535ff514182c42f45e9a685 |
| SHA1 | 5f1e24c665ae916b965acb8ce307b03a47e7906c |
| SHA256 | d09537ca41319f5d810bf500f2b61cda9fa3afe763040d9577f32f6ef454d1e5 |
| SHA512 | 18080d4576bd65f6c0f6bbd54726a0aedbc37392add9ee4ffcd44a5c3e0f0549af1b9340cfe8b3d35384d0a8cf90252f798ffef002205e10e40b45b698856769 |
C:\Users\Admin\AppData\Roaming\tor\cached-microdescs.new
| MD5 | fc022d26a830636722e97cfb904f164e |
| SHA1 | a16f4069fe3ca8befb6e197ac02719608b5aaf50 |
| SHA256 | 0b5c5aa91a36be3250fe37eb21a70cd318e857b7a3f3c3ee7ae6e98727161c65 |
| SHA512 | 3222fb075da732688d55315a3624d8f52da660a5dde4184fea533f426dbfc78f64a49f91f33c8e80ceb1fdc28661092d3910239b469798a48adcf8b8b212130c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile8kvotg\prefs-1.js
| MD5 | ee1ca0c5c9f77697d08b720dc7c3e26c |
| SHA1 | 95688b4e230f27ad44d8398b5027d3a59346c1fa |
| SHA256 | bc037ae21ba42d6439ce9ee54d6df4202b48fd6668bb204ffbb05710e94f9ae4 |
| SHA512 | e34a2cf0257f4c15eb4bbb45608066d8341f47f1b91519bbfa5ea5bee411241989d91ed90239f9c6ef29376b2a98a4d7d3408eb39824cef6c3a274c6b0edb432 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile8kvotg\prefs-1.js
| MD5 | e69ce3c248262c27e7a9412a3188958a |
| SHA1 | 8b4b4da03048fdbb659254330dd400f1f376c010 |
| SHA256 | 859b4b21080c54c58d39e7969ff2dc53b96cff5bb9b7866cc536e403ddfe4272 |
| SHA512 | 0163206fd49544a9619734a3908ad102ffccf8fd900c28ee399fb70cdacfd9025400da32f39d40b0977935c515b4310fca00283bd1651265fea28f1ba9c9f2ae |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileiE0lxs\sessionCheckpoints.json
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileiE0lxs\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
memory/1376-849-0x000001E6FB480000-0x000001E6FB490000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileiE0lxs\extension-preferences.json
| MD5 | b4298c9a240d6b7b63346daf94013802 |
| SHA1 | 9ce98168437854b51b198c16186c05129f0c273b |
| SHA256 | e120cdbe8994b9c61e74492f0fad161abb5b4e18f64d4b786a8c245ae5a384d5 |
| SHA512 | 545becc42b35be10b4c24fdc38ef6b664d167e4288111f31478f476c2c06794efb802ac0fa2b782cddea1283d295a56053e96520b033258bd596ff6fbb4f1b4c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileiE0lxs\startupCache\webext.sc.lz4
| MD5 | 1b799cc5b6cf681cfa54d37c8ce8cb06 |
| SHA1 | 2f0fae44eb2fe74542df923e37f0c7e23a74fd17 |
| SHA256 | ce654b3257aec215ee980682aa6a48628dac50252a09301efe8686ff3f406a03 |
| SHA512 | 10263e878623c9375095f150a83e5fe42fb5feccea139e107d37b2337f0c68c4f8a47952247d7e8517876a12dcd696202b8ecdf115577c0e416a489a280451d3 |
memory/1376-897-0x000001E6F1AE0000-0x000001E6F1C50000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileiE0lxs\prefs-1.js
| MD5 | 4b4c27e67f9b8aafea9ca38615f891fa |
| SHA1 | 1c8bf8d7dbb0d5302e183fe6c02f9a01ba5026f9 |
| SHA256 | 760ed5013119fcad3be856f34a182a646e7b92dbbbd9b7180a7012ef1c58f44a |
| SHA512 | 548f712a782bb9a7d342cdb720bedf1d74a4923586de60327518528ce9a236b1b35afe76042d840ed66cf0861562c53a3e28c52767a23dab9a91da34e7814be8 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileiE0lxs\broadcast-listeners.json
| MD5 | 97c3738563a9448365a735f5f29ed3d5 |
| SHA1 | 15a81433236ca6e6ecc4e1c8d0fdb8523b265c57 |
| SHA256 | 63221253f5c30efa214c2cd2adcf51a9c9f9a2c05f119b00a51c9579825c2c24 |
| SHA512 | ed98f42d5d02ab53a9e50f80b312bed4b5d05d053bec582cf9d619ef91251e86cf4f4d1123c645500fc1dc4673b49a8b7badd3f3a39f565ac643ca4fd0157ae6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileiE0lxs\prefs.js
| MD5 | b68438b7dd2a38c403066597a2517312 |
| SHA1 | 9af952701f299eadf614a7d3932c699b0ee1278c |
| SHA256 | 03e6257d8c81db2871574efb241b9289ff6227f2bef9baf1af1116706a451580 |
| SHA512 | 07fbee56a40c4ea793fdf610cb5479ebf2f5fe5e166c8f86d5fb7ec1b14f7551de420e8fec792231db378d411dcdbc7a9738661d9fc5eadc39746264a550ea4e |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileiE0lxs\sessionCheckpoints.json
| MD5 | 99601438ae1349b653fcd00278943f90 |
| SHA1 | 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9 |
| SHA256 | 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a |
| SHA512 | ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileiE0lxs\sessionCheckpoints.json.tmp
| MD5 | 29ce37dc02c78bbe2e5284d350fae004 |
| SHA1 | bab97d5908ea6592aef6b46cee1ded6f34693fa2 |
| SHA256 | 1bfee61e2f346959c53aa41add4b02d2b05c86c9f19ffefe1018f4a964bf4693 |
| SHA512 | 53a9eb746e193c088210d8eaa6218d988f3a67ee4cb21844d682ff0178db040932404f5ce2f3cf8b4576313ba0ec33c04ca288c3412bfa5df7dd8230cc2068bb |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileiE0lxs\sessionCheckpoints.json
| MD5 | 2d87ba02e79c11351c1d478b06ca9b29 |
| SHA1 | 4b0fb1927ca869256e9e2e2d480c3feb8e67e6f1 |
| SHA256 | 16b7be97c92e0b75b9f8a3c22e90177941c7e6e3fbb97c8d46432554429f3524 |
| SHA512 | be7e128c140a88348c3676afc49a143227c013056007406c66a3cae16aae170543ca8a0749136702411f502f2c933891d7dcdde0db81c5733415c818f1668185 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileiE0lxs\sessionCheckpoints.json
| MD5 | 65690c43c42921410ec8043e34f09079 |
| SHA1 | 362add4dbd0c978ae222a354a4e8d35563da14b4 |
| SHA256 | 7343d5a46e2fca762305a4f85c45484a49c1607ede8e8c4bd12bedd2327edb8d |
| SHA512 | c0208d51cf1586e75f22764b82c48ecbb42c1ff54aa412a85af13d686e0119b4e49e98450d25c70e3792d3b9c2cda0c5ab0c6931ebaf548693bb970a35ae62b9 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileiE0lxs\xulstore.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofiley7DUgE\user.js
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofiley7DUgE\startupCache\scriptCache-child-new.bin
| MD5 | 2724d7dd31542eea53805994d9290cd8 |
| SHA1 | 7b5d8536b060269d79848eaa6e2362333bc0f8ec |
| SHA256 | 72f0d983fa1c2017f7402b19caf50305d7bd8001ed4e7797bc3dc0528f3081a1 |
| SHA512 | 6ea98f95ca46f2b83081b546bf6238de11a829853105233bb29cf9ceeb69ace8c69ae90e94c9b5143f91f05713cfbf82f63265733f6233ecf5acb867758c1ee0 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofiley7DUgE\prefs-1.js
| MD5 | 198c308915d375507745d5e2ff725544 |
| SHA1 | da108df1c759c9fa5713f00c6ce70e3a1efc1c2c |
| SHA256 | 759113d54734ab51abedd8bc645d42e25fd5b75895b443d0b697ceb168b80fa4 |
| SHA512 | f7f79c4da1c8905d6505685897d94f6655e3d4cc9759a86032c9f4d72766c13d6bba080cf375a00da35dba432970b5efda6895471d6a41b321ca8e22a8a75d8f |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofiley7DUgE\prefs-1.js
| MD5 | 44bc5e71f9702db1fd3f7df180b86ea8 |
| SHA1 | eb4cf4f319ffe10cb21a9a1bb8f5b9ec1966edb2 |
| SHA256 | b069da00c84578a5658078357adcb427b26a680d3bb85eb60404bf389ecffdde |
| SHA512 | 51f67872189029163a5702d9a20594a324e23e8f66bf77e53ad4df1fc24e10c1fecd78e0182c6321f8ab142c50eadadd568e2f9e885f370a898694c7167a5f1c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileOLxJ1N\datareporting\glean\db\data.safe.tmp
| MD5 | 7fba44cb533472c1e260d1f28892d86b |
| SHA1 | 727dce051fc511e000053952d568f77b538107bb |
| SHA256 | 14fb5cda1708000576f35c39c15f80a0c653afaf42ed137a3d31678f94b6e8bf |
| SHA512 | 1330b0f39614a3af2a6f5e1ea558b3f5451a7af20b6f7a704784b139a0ec17a20c8d7b903424cb8020a003319a3d75794e9fe8bc0aeb39e81721b9b2fdb9e031 |
memory/3944-1391-0x0000029421D70000-0x0000029421D80000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileOLxJ1N\prefs-1.js
| MD5 | 6b8674bac42f5360e4cb3e2f8e063311 |
| SHA1 | 41231c5708ce3c12f7279ef741488d0ca606e8d5 |
| SHA256 | 506dc3f7b56453f13c9b34c45fcfda2a95a4abc0765e112664c06401369c84c0 |
| SHA512 | 9aa2fa46d6e3ab87e5cbd9dd2cc6d35f2ece25c9acfcaf80ee5bf66318474831b3043d727229e2b17ffea153a500b7024d43dc63c6d2fc5abf2578a91e40db4c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileOLxJ1N\prefs-1.js
| MD5 | 6e9f726b96dfaeb474dc6e1df21f65d4 |
| SHA1 | c14bcc435c3446f4e42d242214542f10dd2559ed |
| SHA256 | 9f1b6ff25fb0090607341a2cb64d3e4b081494df5496d07833db3dcc4aec82de |
| SHA512 | 61b9bf9521a8a5907c58ac38170eb8dd970835869d5d474a829bbc30879e7f79fef38f3c2a3902b6c1d879f2d2ba03668c4fd5fe73ccb1acc42711de15802d3e |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileOLxJ1N\prefs-1.js
| MD5 | 9728c2b088342f451aa9122c5c69da7b |
| SHA1 | e6031d67d655027dda7f222aab055ca1b2e4049e |
| SHA256 | 1aaed21e0042e45b4afe963aa718c366cac6ce810ed766bc094157d6ee5ffea2 |
| SHA512 | 719bb97fba7b3801e90c81aed7dc81585e86e88992a39ae3589bd9c5afd4253f22b09aeb5c84ab0ea201199025c31718b0d94236428ebbae8596000eeb4d81fc |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileNPISKF\compatibility.ini
| MD5 | c7ee43d4588dff78f13f8f3d4bc451e2 |
| SHA1 | 730bc44ec9f3645623b187053258cebb4c8f7f8b |
| SHA256 | 03dc1d0432d01abd8a696caa981db9dc3a4823fb30f7a848c86d5b43656a2e4a |
| SHA512 | becdbfcc177932fa0d5b75c3bc8fd8aecbb76d3fc9da9e90f3a5659113fc694c0f8813583ae2d4a687c804878b610bd4b2813ff0a962cfd42da47de7da1fbc5e |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileNPISKF\WebDriverBiDiServer.json
| MD5 | f37734326c42ba13c915dc4e70eebafd |
| SHA1 | f4f39cb5b10f83af174c564c0922615351870e75 |
| SHA256 | 3acc4bb12c1b5be69a50733a288b930691fdb3aebc9ef171f52643828a57fe50 |
| SHA512 | 809638245a076e55031bbce9e1033e2d1933220ac9905e1ac5420d7e588c5ebfd12f05f49b1f641da83eec089859e3f8a9ccc675717b99fbcb6473b183585238 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileNPISKF\prefs.js
| MD5 | b3a5d1e20efa9996c7e330d896061f94 |
| SHA1 | 03df0f023763a8360b1e14afc2d97b5c6edd53ce |
| SHA256 | 416bb85dfe2dcf3c95aefa8e7496f6a4540109cea1dc8fe9cdbe1246ee9ec3a1 |
| SHA512 | 336ca929c5966cabeff0be586e717d99d59ac9d94b0c1dd5644270b32b0f1b1607068f270737ee0e5ab2d6e83262726f6a8a5db11cad799d5e2f469446b99e4d |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileNPISKF\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | c1970fa88aba8cbc305bc7cf3e1a4baa |
| SHA1 | 76a8b12729619f997f40a1c410e31d0013591f0c |
| SHA256 | eecb9c364cd90594e55fe87ec464303b783ab174b0ff57d4330c83d7f400d736 |
| SHA512 | 736e880868102db7352ec2fd44d8f363b7b6cce420a6650da30591320bb14a7a34b9035b3b0596ea2df25684ded894427119ca30852c1bde8d00d973386e5ebd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileNPISKF\storage-sync-v2.sqlite
| MD5 | bff4d6361e4126d963ab7dffdc7550ce |
| SHA1 | e2660c2f00b0aef4a81972c6a6093935d5aa40d5 |
| SHA256 | ad0828e5ff9d4188151772cd9af85827a431d122901486590c5734b62b4af2d2 |
| SHA512 | 8d967c085d343d50a76cf14e88ed2fb742a7195034ddbaacd57d2c47abf0218a5f6878528a8f37c8f3b61496f61b5e254d205003af87a3cf156ba12ea59f65bc |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileNPISKF\content-prefs.sqlite
| MD5 | b15425d1f21f5708184e35493e63c8a1 |
| SHA1 | e944c1fdf56a3f6a5150b77980e89d48c7b57be2 |
| SHA256 | 7a9012d1846763fe9dcb059035972a023ec29f2b9c03f865f0a6f6df6ef2a6c0 |
| SHA512 | 6b54e30e0a060261bdac98ef818d1053fbabf0d6b8a17efc729942729ed6e6dddb29063b079ddb1dcd1b4edfc85a0311cf821b4b3291372c834a00733456423f |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileNPISKF\datareporting\glean\db\data.safe.tmp
| MD5 | 63b1bb87284efe954e1c3ae390e7ee44 |
| SHA1 | 75b297779e1e2a8009276dd8df4507eb57e4e179 |
| SHA256 | b017ee25a7f5c09eb4bf359ca721d67e6e9d9f95f8ce6f741d47f33bde6ef73a |
| SHA512 | f7768cbd7dd80408bd270e5a0dc47df588850203546bbc405adb0b096d00d45010d0fb64d8a6c050c83d81bd313094036f3d3af2916f1328f3899d76fad04895 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile7B9lnh\prefs.js
| MD5 | a42b0488d417bfed54ca011bede4e909 |
| SHA1 | eb8be3a255ba8f0cb4f5029d99aadfd7128d6fa3 |
| SHA256 | 8cabafeba7239db5bf159cb349417af67216a9978dd4434a5f40271188ec7a54 |
| SHA512 | 798bd124d544be0dd7db0006ed117821e02de28d1f3bd0e04ea3d44ad5958e0fbf9682221c9c351ea897540087463a0d8803e885c23d41cb181df9685af14b4f |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile7B9lnh\prefs.js
| MD5 | 4e3154eda67c06bad2c7c52ada0f5ff0 |
| SHA1 | d87eefe37b14c436fc417d69b9aa142a9f0e4f7e |
| SHA256 | 323f9f3b72a8d9c11c128b414a00ced59c1bbf2d5bf6af366043776966d6ed02 |
| SHA512 | 5bd593b4a0f643870a7557cb43c236d45e083fd1bed650f423a8e3121bd53d04c5cdd227f6dd5793feb78fd82962f8a2a011f85adfb4a437b86b548b474b0a14 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile7B9lnh\prefs-1.js
| MD5 | 9b0626f762f2b0146500e6b4ecee59ad |
| SHA1 | b802e8726b8c00e4da93f412b83b6f4790f5e9f7 |
| SHA256 | 26d9bfb15fa45caf00f25452988c5058db048314557c633dc6f17975c99185b1 |
| SHA512 | fdba6081326960ceb78987eb43b0e62b24a5207cf07531b10478bba2caae9e7c6d8ca9747da2d2621836d69ae1631f688fea12ff8f43dfc8d616d3d20184b696 |
Analysis: behavioral4
Detonation Overview
Submitted
2024-05-09 01:55
Reported
2024-05-09 02:07
Platform
win10v2004-20240426-en
Max time kernel
300s
Max time network
305s
Command Line
Signatures
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "ver"
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\TorBrowser\Tor\tor.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Users\Admin\AppData\Local\Temp\_MEI40282\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI40282\geckodriver.exe --port 50572 --websocket-port 50573
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50573 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileTcf3HU
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50573 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileTcf3HU
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" -contentproc --channel="4656.0.1371741490\1522547100" -parentBuildID 20240416150000 -prefsHandle 1676 -prefMapHandle 1668 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\browser" - {e7ed4d75-950e-48ef-a838-703c61148bb0} 4656 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" -contentproc --channel="4656.1.1384705232\860196246" -childID 1 -isForBrowser -prefsHandle 2432 -prefMapHandle 2472 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\browser" - {b194a9a0-b324-4ec5-950e-5c498d699ff8} 4656 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" -contentproc --channel="4656.2.1930234290\1953280590" -childID 2 -isForBrowser -prefsHandle 3204 -prefMapHandle 3200 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\browser" - {dbaefcb6-4b61-4734-af76-126dfc7ccac7} 4656 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" -contentproc --channel="4656.3.1682170409\909061445" -childID 3 -isForBrowser -prefsHandle 3472 -prefMapHandle 3488 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\browser" - {edb3c8f7-f02f-4a3a-a4f9-a0cbba8179db} 4656 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" -contentproc --channel="4656.4.1393997595\572797676" -childID 4 -isForBrowser -prefsHandle 3444 -prefMapHandle 3288 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\browser" - {2a84dabc-1ffe-448b-b1e7-949db14e6084} 4656 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" -contentproc --channel="4656.5.492462141\1023590304" -childID 5 -isForBrowser -prefsHandle 3932 -prefMapHandle 3472 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\browser" - {996b50fa-b760-4450-9672-e3d3d920201d} 4656 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" -contentproc --channel="4656.6.475021941\800262328" -childID 6 -isForBrowser -prefsHandle 4196 -prefMapHandle 4192 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\browser" - {297d8603-48d7-4c6e-9ec8-1bd6600e417b} 4656 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" -contentproc --channel="4656.7.1417493241\565881965" -childID 7 -isForBrowser -prefsHandle 4460 -prefMapHandle 4464 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\browser" - {67db2f4b-332d-434f-b6d6-b47192400b92} 4656 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40282\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI40282\geckodriver.exe --port 50572 --websocket-port 50573
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50573 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilewFdkjO
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50573 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilewFdkjO
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" -contentproc --channel="764.0.61402057\490334065" -parentBuildID 20240416150000 -prefsHandle 1672 -prefMapHandle 1664 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\browser" - {d39f8e78-6a71-4e87-a2c4-e15903ac55ec} 764 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" -contentproc --channel="764.1.1858331646\1744192272" -childID 1 -isForBrowser -prefsHandle 2496 -prefMapHandle 2744 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1272 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\browser" - {80ab86eb-6bfc-488e-baa9-d3a69363669f} 764 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" -contentproc --channel="764.2.638373909\65615541" -childID 2 -isForBrowser -prefsHandle 3180 -prefMapHandle 3176 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1272 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\browser" - {db3c5e59-4002-432c-84f5-651c98eda25f} 764 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" -contentproc --channel="764.3.1196572234\381486799" -childID 3 -isForBrowser -prefsHandle 3660 -prefMapHandle 3664 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1272 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\browser" - {aeacfc74-1049-4337-a221-73f4c96133bb} 764 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" -contentproc --channel="764.4.2039684925\1936485891" -childID 4 -isForBrowser -prefsHandle 3884 -prefMapHandle 3676 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1272 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\browser" - {91ead12b-703a-4ab8-8952-93460d08a0ed} 764 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" -contentproc --channel="764.5.800078576\1321556432" -childID 5 -isForBrowser -prefsHandle 3356 -prefMapHandle 3148 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1272 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\browser" - {a3bc7ec4-0468-4c3d-9624-ee0a4f43fc01} 764 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" -contentproc --channel="764.6.632583494\1423396507" -childID 6 -isForBrowser -prefsHandle 4080 -prefMapHandle 4084 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1272 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\browser" - {fd06e483-48f1-48f3-ba2d-c62d6b49aaae} 764 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" -contentproc --channel="764.7.908946367\1156092089" -childID 7 -isForBrowser -prefsHandle 4620 -prefMapHandle 4624 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1272 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\browser" - {e389d10a-8d0b-4fa9-b375-e3bc9c7d8cbb} 764 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" -contentproc --channel="764.8.709564801\927215602" -childID 8 -isForBrowser -prefsHandle 4776 -prefMapHandle 3920 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1272 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\browser" - {8e2d7b89-57ee-4c70-bd91-128c30beafac} 764 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40282\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI40282\geckodriver.exe --port 50572 --websocket-port 50573
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50573 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileAmrsFV
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50573 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileAmrsFV
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" -contentproc --channel="1032.0.1561288542\1120668373" -parentBuildID 20240416150000 -prefsHandle 1688 -prefMapHandle 1680 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\browser" - {a741b472-2012-45bc-acc5-0e305615f8ff} 1032 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" -contentproc --channel="1032.1.776752020\92573509" -childID 1 -isForBrowser -prefsHandle 2528 -prefMapHandle 2372 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\browser" - {1eb7fc72-f9f6-423b-b406-b0d46eb9af00} 1032 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" -contentproc --channel="1032.2.1996742752\1949612071" -childID 2 -isForBrowser -prefsHandle 3200 -prefMapHandle 3196 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\browser" - {9134c3cf-1730-40a8-83c6-766e0e22a767} 1032 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" -contentproc --channel="1032.3.343780931\1533575968" -childID 3 -isForBrowser -prefsHandle 3444 -prefMapHandle 3448 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\browser" - {cfbc2248-43ad-4452-911a-5a604602c240} 1032 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" -contentproc --channel="1032.4.559298187\765684960" -childID 4 -isForBrowser -prefsHandle 3940 -prefMapHandle 3936 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\browser" - {98fce419-cc01-49d5-9966-be1d8178a0c2} 1032 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" -contentproc --channel="1032.5.570515525\242830024" -childID 5 -isForBrowser -prefsHandle 3424 -prefMapHandle 3400 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\browser" - {f34644e0-2f27-4f10-b5bc-7a2d4dddffcb} 1032 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" -contentproc --channel="1032.6.1491081388\778710959" -childID 6 -isForBrowser -prefsHandle 4300 -prefMapHandle 4304 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\browser" - {7b4387ee-31d8-47d5-aefd-c5179e06698a} 1032 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" -contentproc --channel="1032.7.780560633\1001147280" -childID 7 -isForBrowser -prefsHandle 4564 -prefMapHandle 4568 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\browser" - {ea1f0503-fca7-4e4c-a4cf-1032b1521690} 1032 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40282\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI40282\geckodriver.exe --port 50572 --websocket-port 50573
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50573 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileyo2cxg
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50573 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileyo2cxg
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" -contentproc --channel="4644.0.1809104311\49019658" -parentBuildID 20240416150000 -prefsHandle 1676 -prefMapHandle 1668 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\browser" - {3c25485d-26ab-400e-8b62-5c5ceb3d0e7e} 4644 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" -contentproc --channel="4644.1.228816842\1904121978" -childID 1 -isForBrowser -prefsHandle 2644 -prefMapHandle 2640 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1332 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\browser" - {b44ad408-be0d-442d-95b4-41f313bfdd6c} 4644 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" -contentproc --channel="4644.2.2057731119\923543352" -childID 2 -isForBrowser -prefsHandle 3160 -prefMapHandle 3156 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1332 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\browser" - {a76ab8ab-e6af-4994-983a-fabf2d01538f} 4644 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" -contentproc --channel="4644.3.1127273475\930985406" -childID 3 -isForBrowser -prefsHandle 3704 -prefMapHandle 3156 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1332 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\browser" - {d05b1f79-ebc6-4320-8fc1-89857aa7166c} 4644 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" -contentproc --channel="4644.4.1852113676\727325989" -childID 4 -isForBrowser -prefsHandle 3916 -prefMapHandle 3912 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1332 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\browser" - {251bb321-6e88-4fd3-8c45-9242fd33bea6} 4644 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" -contentproc --channel="4644.5.2006258892\1687472941" -childID 5 -isForBrowser -prefsHandle 4048 -prefMapHandle 4052 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1332 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\browser" - {cda64fe2-ba0c-463c-9331-dfe0a41bf98e} 4644 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" -contentproc --channel="4644.6.592364410\1666208396" -childID 6 -isForBrowser -prefsHandle 4288 -prefMapHandle 4292 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1332 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\browser" - {ba4d9aaf-8afe-40c4-bbbf-1d336ed24591} 4644 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" -contentproc --channel="4644.7.1082500714\810865873" -childID 7 -isForBrowser -prefsHandle 4524 -prefMapHandle 4528 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1332 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\browser" - {5d8afa5e-302d-4850-a34d-875dd9ef6745} 4644 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40282\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI40282\geckodriver.exe --port 50572 --websocket-port 50573
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50573 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilevm4GkP
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50573 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilevm4GkP
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" -contentproc --channel="900.0.880303717\192028342" -parentBuildID 20240416150000 -prefsHandle 1692 -prefMapHandle 1684 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\browser" - {f8ec2987-cd9a-4266-8857-cbd58b07fa42} 900 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" -contentproc --channel="900.1.502407735\1461893095" -childID 1 -isForBrowser -prefsHandle 2744 -prefMapHandle 2740 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1280 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\browser" - {76802b4d-448d-4267-bb5b-55ccd06843a9} 900 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" -contentproc --channel="900.2.647867828\752135524" -childID 2 -isForBrowser -prefsHandle 3176 -prefMapHandle 3172 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1280 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\browser" - {61e93517-1790-440a-842b-fe2264a825a1} 900 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" -contentproc --channel="900.3.1901653649\2005254864" -childID 3 -isForBrowser -prefsHandle 3404 -prefMapHandle 3400 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1280 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\browser" - {319d3865-4775-4185-9d66-76f91b374ebd} 900 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" -contentproc --channel="900.4.1917955069\959048869" -childID 4 -isForBrowser -prefsHandle 3232 -prefMapHandle 3300 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1280 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\browser" - {f3b44b94-4e3f-4444-94d9-cb3e9306dc10} 900 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" -contentproc --channel="900.5.2107252561\711777218" -childID 5 -isForBrowser -prefsHandle 3792 -prefMapHandle 3796 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1280 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\browser" - {e2df1bbd-57d3-4187-b24d-6084e68cea8c} 900 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" -contentproc --channel="900.6.1005789834\390853086" -childID 6 -isForBrowser -prefsHandle 3972 -prefMapHandle 3976 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1280 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\browser" - {2a0ae4a2-a5a5-45d5-9369-9d6fb2c2f351} 900 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" -contentproc --channel="900.7.1625573374\194875062" -childID 7 -isForBrowser -prefsHandle 4544 -prefMapHandle 4016 -prefsLen 25491 -prefMapSize 245849 -jsInitHandle 1280 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\browser" - {61e344a1-0ba7-465e-8600-f88b246df255} 900 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40282\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI40282\geckodriver.exe --port 50572 --websocket-port 50573
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50573 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilenPu1bd
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50573 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilenPu1bd
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" -contentproc --channel="624.0.690513718\219179276" -parentBuildID 20240416150000 -prefsHandle 1676 -prefMapHandle 1668 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\browser" - {139d0619-59ca-428d-8ae7-19ac4a1d1381} 624 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" -contentproc --channel="624.1.1832672129\711189784" -childID 1 -isForBrowser -prefsHandle 2760 -prefMapHandle 2756 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1280 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\browser" - {1d269ca7-6cd2-4b50-9165-7b42140b0767} 624 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" -contentproc --channel="624.2.411384289\449075694" -childID 2 -isForBrowser -prefsHandle 3156 -prefMapHandle 3152 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1280 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\browser" - {6afcb128-d174-47fe-93d8-ab3c0d4d8c3d} 624 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" -contentproc --channel="624.3.96480515\1847025033" -childID 3 -isForBrowser -prefsHandle 3232 -prefMapHandle 3220 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1280 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\browser" - {75de5084-7f0f-44a9-b515-7e381fe4c189} 624 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" -contentproc --channel="624.4.543584543\1338817269" -childID 4 -isForBrowser -prefsHandle 3160 -prefMapHandle 3120 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1280 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\browser" - {1912fe94-6fd8-4542-ad82-55bcd8d1d275} 624 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" -contentproc --channel="624.5.553589674\1920374686" -childID 5 -isForBrowser -prefsHandle 3984 -prefMapHandle 3980 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1280 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\browser" - {c194457a-1de4-471b-bc7d-9e5be5e51ecc} 624 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" -contentproc --channel="624.6.245837364\395484117" -childID 6 -isForBrowser -prefsHandle 4232 -prefMapHandle 4236 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1280 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\browser" - {46518d52-7547-4491-9cc7-2f12e728cf3e} 624 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" -contentproc --channel="624.7.1704499183\1711445098" -childID 7 -isForBrowser -prefsHandle 3824 -prefMapHandle 4432 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1280 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\browser" - {c94d597c-dedc-4ec1-8fdc-0a52bdeb77ae} 624 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40282\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI40282\geckodriver.exe --port 50572 --websocket-port 50573
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50573 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilelbpBzG
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50573 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilelbpBzG
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" -contentproc --channel="3316.0.939953801\2099962469" -parentBuildID 20240416150000 -prefsHandle 1684 -prefMapHandle 1676 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\browser" - {a3de68a2-ba6b-4e39-8e15-4f0821782066} 3316 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" -contentproc --channel="3316.1.469785948\153542292" -childID 1 -isForBrowser -prefsHandle 2680 -prefMapHandle 2676 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1320 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\browser" - {f9480f0c-9625-4912-bf9e-0bf20197b1e6} 3316 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" -contentproc --channel="3316.2.1536820860\746857780" -childID 2 -isForBrowser -prefsHandle 3204 -prefMapHandle 3200 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1320 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\browser" - {9cf530c5-6e67-4afd-9ec7-05fc7424ee6b} 3316 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" -contentproc --channel="3316.3.1643390711\2104817838" -childID 3 -isForBrowser -prefsHandle 3748 -prefMapHandle 3752 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1320 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\browser" - {24024f7d-8e20-4c23-b8aa-031b30d8e13a} 3316 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" -contentproc --channel="3316.4.1141331418\883479436" -childID 4 -isForBrowser -prefsHandle 3912 -prefMapHandle 3916 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1320 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\browser" - {28dcad31-2484-471d-bd40-287cd972628b} 3316 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" -contentproc --channel="3316.5.764552542\319048521" -childID 5 -isForBrowser -prefsHandle 3836 -prefMapHandle 3832 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1320 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\browser" - {77e0654a-66eb-447f-a49f-ad76ff3ade45} 3316 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe" -contentproc --channel="3316.6.1622790649\537933885" -childID 6 -isForBrowser -prefsHandle 4224 -prefMapHandle 4220 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1320 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\browser" - {c7201a76-856f-4d06-a68b-4d4bdbdddf7c} 3316 tab
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| BE | 2.17.196.177:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 177.196.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.32.126.40.in-addr.arpa | udp |
| BE | 2.17.196.177:443 | www.bing.com | tcp |
| DE | 79.143.177.192:443 | tcp | |
| US | 8.8.8.8:53 | 192.177.143.79.in-addr.arpa | udp |
| DE | 94.16.123.171:9001 | tcp | |
| FR | 45.145.166.104:9000 | tcp | |
| US | 8.8.8.8:53 | 171.123.16.94.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.166.145.45.in-addr.arpa | udp |
| N/A | 127.0.0.1:50675 | tcp | |
| N/A | 127.0.0.1:50677 | tcp | |
| US | 8.8.8.8:53 | 86.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 139.53.16.96.in-addr.arpa | udp |
| N/A | 127.0.0.1:50572 | tcp | |
| N/A | 127.0.0.1:50572 | tcp | |
| N/A | 127.0.0.1:50780 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50788 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50572 | tcp | |
| N/A | 127.0.0.1:50572 | tcp | |
| N/A | 127.0.0.1:50572 | tcp | |
| N/A | 127.0.0.1:51158 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51166 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| US | 8.8.8.8:53 | 0.205.248.87.in-addr.arpa | udp |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| US | 8.8.8.8:53 | 43.58.199.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 48.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50572 | tcp | |
| N/A | 127.0.0.1:50572 | tcp | |
| N/A | 127.0.0.1:50572 | tcp | |
| N/A | 127.0.0.1:51530 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51538 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50572 | tcp | |
| N/A | 127.0.0.1:50572 | tcp | |
| N/A | 127.0.0.1:50572 | tcp | |
| N/A | 127.0.0.1:51839 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51847 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| US | 8.8.8.8:53 | 94.65.42.20.in-addr.arpa | udp |
| N/A | 127.0.0.1:50572 | tcp | |
| N/A | 127.0.0.1:50572 | tcp | |
| N/A | 127.0.0.1:50572 | tcp | |
| N/A | 127.0.0.1:52190 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:52198 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50572 | tcp | |
| N/A | 127.0.0.1:50572 | tcp | |
| N/A | 127.0.0.1:50572 | tcp | |
| N/A | 127.0.0.1:52535 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:52543 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:50572 | tcp | |
| N/A | 127.0.0.1:50572 | tcp | |
| N/A | 127.0.0.1:50572 | tcp | |
| N/A | 127.0.0.1:52847 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:52855 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\_MEI40282\python38.dll
| MD5 | 26ba25d468a778d37f1a24f4514d9814 |
| SHA1 | b64fe169690557656ede3ae50d3c5a197fea6013 |
| SHA256 | 2f3e368f5bcc1dda5e951682008a509751e6395f7328fd0f02c4e1a11f67c128 |
| SHA512 | 80471bfeeab279ce4adfb9ee1962597fb8e1886b861e31bdff1e3aa0df06d93afeb3a3398e9519bab7152d4bd7d88fa9b328a2d7eb50a91eb60fead268912080 |
C:\Users\Admin\AppData\Local\Temp\_MEI40282\VCRUNTIME140.dll
| MD5 | 4a365ffdbde27954e768358f4a4ce82e |
| SHA1 | a1b31102eee1d2a4ed1290da2038b7b9f6a104a3 |
| SHA256 | 6a0850419432735a98e56857d5cfce97e9d58a947a9863ca6afadd1c7bcab27c |
| SHA512 | 54e4b6287c4d5a165509047262873085f50953af63ca0dcb7649c22aba5b439ab117a7e0d6e7f0a3e51a23e28a255ffd1ca1ddce4b2ea7f87bca1c9b0dbe2722 |
C:\Users\Admin\AppData\Local\Temp\_MEI40282\base_library.zip
| MD5 | 09f7062e078379845347034c2a63943e |
| SHA1 | 9683dd8ef7d72101674850f3db0e05c14039d5fd |
| SHA256 | 7c1c73de4909d11efb20028f4745a9c8494fb4ee8dcf2f049907115def3d2629 |
| SHA512 | a169825e9b0bb995a115134cf1f7b76a96b651acd472dc4ce8473900d8852fc93b9f87a26d2c64f7bb3dd76d5feb01eeb4af4945e0c0b95d5c9c97938fa85b34 |
C:\Users\Admin\AppData\Local\Temp\_MEI40282\libffi-7.dll
| MD5 | eef7981412be8ea459064d3090f4b3aa |
| SHA1 | c60da4830ce27afc234b3c3014c583f7f0a5a925 |
| SHA256 | f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081 |
| SHA512 | dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016 |
C:\Users\Admin\AppData\Local\Temp\_MEI40282\top-1m.csv
| MD5 | ba0857be5e9736dde1f5cc44edd5d21b |
| SHA1 | b130759907909cc97bfe0d9a1fd65b8942c931aa |
| SHA256 | 7800cdef850c31931b2b520a42f858c4feb5ca86d6b3789e6173a02e909595ca |
| SHA512 | 08446902bc588e323b8fc551502ff869be6c2bb64f788d1bebfcc30a04c3e589b0616e84fc55de3d81d7b19b26e690024a442e6a27096808bc613bcecf3f6db4 |
C:\Users\Admin\AppData\Local\Temp\_MEI40282\_socket.pyd
| MD5 | 4827652de133c83fa1cae839b361856c |
| SHA1 | 182f9a04bdc42766cfd5fb352f2cb22e5c26665e |
| SHA256 | 87832a3b89e2ada8f704a8f066013660d591d9ce01ce901cc57a3b973f0858ba |
| SHA512 | 8d66d68613fdba0820257550de3c39b308b1dce659dca953d10a95ff2cf89c31afe512d30ed44422b31117058dc9fa15279e5ac84694da89b47f99b0ad7e338a |
C:\Users\Admin\AppData\Local\Temp\_MEI40282\select.pyd
| MD5 | e21cff76db11c1066fd96af86332b640 |
| SHA1 | e78ef7075c479b1d218132d89bf4bec13d54c06a |
| SHA256 | fcc2e09a2355a5546922874fb4cac92ee00a33c0ed6adbc440d128d1e9f4ec28 |
| SHA512 | e86dba2326ca5ea3f5ef3af2abd3c23d5b29b6211acc865b6be5a51d5c8850b7cda8c069e6f631ac62f2047224c4b675bbe6ac97c7ba781de5b8016ebaffd46f |
C:\Users\Admin\AppData\Local\Temp\_MEI40282\_ssl.pyd
| MD5 | d4dfd8c2894670e9f8d6302c09997300 |
| SHA1 | c3a6cc8d8079a06a4cac8950e0baba2b43fb1f8e |
| SHA256 | 0a721fc230eca278a69a2006e13dfa00e698274281378d4df35227e1f68ea3e0 |
| SHA512 | 1422bf45d233e2e3f77dce30ba0123625f2a511f73dfdf42ee093b1755963d9abc371935111c28f0d2c02308c5e82867de2546d871c35e657da32a7182026048 |
C:\Users\Admin\AppData\Local\Temp\_MEI40282\libcrypto-1_1.dll
| MD5 | 89511df61678befa2f62f5025c8c8448 |
| SHA1 | df3961f833b4964f70fcf1c002d9fd7309f53ef8 |
| SHA256 | 296426e7ce11bc3d1cfa9f2aeb42f60c974da4af3b3efbeb0ba40e92e5299fdf |
| SHA512 | 9af069ea13551a4672fdd4635d3242e017837b76ab2815788148dd4c44b4cf3a650d43ac79cd2122e1e51e01fb5164e71ff81a829395bdb8e50bb50a33f0a668 |
C:\Users\Admin\AppData\Local\Temp\_MEI40282\_hashlib.pyd
| MD5 | 5e5af52f42eaf007e3ac73fd2211f048 |
| SHA1 | 1a981e66ab5b03f4a74a6bac6227cd45df78010b |
| SHA256 | a30cf1a40e0b09610e34be187f1396ac5a44dcfb27bc7ff9b450d1318b694c1b |
| SHA512 | bc37625005c3dad1129b158a2f1e91628d5c973961e0efd61513bb6c7b97d77922809afca8039d08c11903734450bc098c6e7b63655ff1e9881323e5cfd739fd |
C:\Users\Admin\AppData\Local\Temp\_MEI40282\libssl-1_1.dll
| MD5 | 50bcfb04328fec1a22c31c0e39286470 |
| SHA1 | 3a1b78faf34125c7b8d684419fa715c367db3daa |
| SHA256 | fddd0da02dcd41786e9aa04ba17ba391ce39dae6b1f54cfa1e2bb55bc753fce9 |
| SHA512 | 370e6dfd318d905b79baf1808efbf6da58590f00006513bdaaed0c313f6fa6c36f634ea3b05f916cee59f4db25a23dd9e6f64caf3c04a200e78c193027f57685 |
C:\Users\Admin\AppData\Local\Temp\_MEI40282\_queue.pyd
| MD5 | dd146e2fa08302496b15118bf47703cf |
| SHA1 | d06813e2fcb30cbb00bb3893f30c2661686cf4b7 |
| SHA256 | 67e4e888559ea2c62ff267b58d7a7e95c2ec361703b5aa232aa8b2a1f96a2051 |
| SHA512 | 5b93a782c9562370fc5b3f289ca422b4d1a1c532e81bd6c95a0063f2e3889ecf828003e42b674439fc7cd0fa72f64ad607bab6910abe9d959a4fb9fb08df263c |
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\favicons.sqlite
| MD5 | 0351b833a5c095852e821535974441c8 |
| SHA1 | bcbf5c294852c2d80af7862d19791b994aea7706 |
| SHA256 | dd13400afe7ebe5d0be37c951ff961be293b63588cc3635a62fa5f071ab69eef |
| SHA512 | 3eaefe9e400fadf0b947036e15b4dc5c7b42fbbcb716426ba478073eff1e7d7bddf3f72c44dfb5fafe6712d7ea9f2c52c172607d719f238a22e432afdb618b97 |
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\handlers.json
| MD5 | e7a65c5ead519a7b802f991353c26d3d |
| SHA1 | 34cc3c1cf9bd4912dba5fa422010934e46419fa3 |
| SHA256 | 0e5ce92485da953757f615bad034a43032b220da18f8165dd85347851b56b2d2 |
| SHA512 | 2a6034449ba6f5da8a77870ae665064047cea2460aeb4c8c0b62b308a403fdd30648150209aecc31ab1e50b6d9d94a1f51d3d7d50bbf35ec1b742bff2dbe788d |
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions.json
| MD5 | e2e8f9cf938f81b1185086b12c5c9d90 |
| SHA1 | b67c857a7002b3262f09ffc9fa8524c58a01e5b9 |
| SHA256 | a053bba02f38179197090a9a9849aab872af5b09dc61b2f69efb0d8ea2d0f5e2 |
| SHA512 | 3bab571f5c43ff72ce1dd654b584d053cba937a3d3cc4d07cbf57ac7acc821b199b90fab66abc62dbe32e75297143c810c995d87df076e75a583e321d081d87f |
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\places.sqlite
| MD5 | 2eeb46e1c58ff1cce4ac2d4d725b2cc6 |
| SHA1 | 89aa36e77e51da31fbbfd682a2acc91f6016d275 |
| SHA256 | e99e5ee165f2a0d5d39c5cc5a1d994c0534cf7caf8779f314f0e92b2d59d2b6a |
| SHA512 | 23d5e39c25375ef4a83713f44615078878253411cd6ca6c4a149de915cd491b328046ddd189a113585361faad6a47ebd6ead31f062681ab25b0f2832a988265e |
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\xulstore.json
| MD5 | 8d689c06cb844185099c0398a280537e |
| SHA1 | 57073c7526ec37e94bb9db44fedc6d50276f7a6b |
| SHA256 | 96729e9b38f216605ff10715f96f364be32f02e2de23ede7e74b78244605124d |
| SHA512 | 3c7df326c695143915df1068cb2c0f58e93e4881b2c4d94b33948b80e954fbd4cf944ae53b4d15002b79fcdb8e88f8e9cf4c89ca50f56b7cfd8a13ea7dd6fff8 |
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\webappsstore.sqlite
| MD5 | 41c22c9f81a84b1b0e5ee7ec2ff7c545 |
| SHA1 | d12424cba9e4e9124bf3f15e556c562b95c9b6a3 |
| SHA256 | 4ffdc78433817da79ad2e84b26a2ffaf62d8c1baf80421751d752c3d8723328f |
| SHA512 | 8b690c55ae0b25aeede62a09dea1ef6b7daa9880ca63c6d4ce192160daded05fe0dc44b115216ce10523e2ec45991873c249f159fe8608712818f5ead327897b |
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | 47539d0337e97e22a728afc2638d461f |
| SHA1 | d97b37079543b33b9b605c787945f809aed66fd6 |
| SHA256 | 262e52c5bbaa9bcd2dfcb4cf7da83a1efa95ebd0299f82031ad31a6ab19405a5 |
| SHA512 | 3810ebe80173d41785a42459fc5c4a8a31e56294f2c03fe99416925a34d242b88023565057201c9b6dcbdb97c8396d8305a723c0e31bb5b560b031b299672d4a |
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\times.json
| MD5 | 797325af481a14ae243f10d5f24b4a0d |
| SHA1 | 718b6ed3d9d839b8fe0a0e097b9ac5f5770ed5a1 |
| SHA256 | 1d70eaebce1c81e3241ae47deb92aab50f90dd8baa4c7cb5e9f7eb6b1e66abb1 |
| SHA512 | ac9aa2b028bdffe24831ba50894fb48eb70b100f6973875987e24f075a3e9196f96699667eb3a5d2e4f86041d510447c75fe6e55562813451712878a3411c3b1 |
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage.sqlite
| MD5 | 7f2754df6a4a580b15910f449892766d |
| SHA1 | 9dcaad98563ed89781f53941cbc43db5454de7f5 |
| SHA256 | d3765d63c380e5a79296d566b7869c08b1f4e079787176f29cf2ddcd76330654 |
| SHA512 | 25f0205a8c4aed02e9e1f9ecafffb36cb3bb795ef9f06cc12ede9e8b0459ae5b86573b3b4980b92073a59204eaf314cba34c03b99e90ab98f804fe378fe02839 |
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | ecb1dedf5ef99417494e424ca42eb67f |
| SHA1 | e2a293cbba50c6624e75cdaffe472967f3961023 |
| SHA256 | cccd56daa3559a54db61113fbdb5b6c96649cdd65b5cf14bd442c3f2e3b738be |
| SHA512 | 5ea0645775933d5bd2f913d58e344253a58578c920af95bd0fb81ff4f13a4998a919f0856ffdc97541abf9fc3797558b0f2467bc73214b63c7ce568ba87e550b |
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\.metadata-v2
| MD5 | 7abc816e004d9ed0f292770cfa8876cb |
| SHA1 | 4a1eeb702543f0819ef7c64b9f3bfd53be292106 |
| SHA256 | 2960d61c10694d76f29beca0eb96c06608cf4bbf479811449a39197e8580842e |
| SHA512 | 9883b894e65a426227ea9808b69e2259f206df76bd9bb9e7c0ebd7521acbdad0a92c4a531f739c93b1e53001eca8a1a42e122baa1e1885b11d4ba34aae24961a |
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\ls-archive.sqlite
| MD5 | d277f533f1d77e26d09bb66764bbeea6 |
| SHA1 | 082920ebe7dfb870cf94a99fc601fd5ae8b456ee |
| SHA256 | 3c957f8d69ccfe73b66c28d378bf301bb1bcb0ceb5c59ac0dafeb5787b24f3c3 |
| SHA512 | 510c78685b20a68160d9041d5a55a022a281fc0fd5777f978dc422d132961bf52ac23a0a95ca47b15715641ecb7a39b359da8d00d305c8543d553c00db54747d |
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | cbb1daad9fc48ab13e35fcd3621a5999 |
| SHA1 | 0eec8ece735465aea259f8223762f93fb13a97a0 |
| SHA256 | 8a03ae38ee38cf04dd9a5e2c5563bfd930886cae2170ed4200829288e5c155da |
| SHA512 | 818629d68123ae629bd5a1c7e768ed79707360457be1b7c50f7c59447bf9ee398fe78c925f037649d6b1ca529a9cf3bf8077b6f525f3e88142c56bc7e5451e8b |
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\.metadata-v2
| MD5 | 2c740091198dcf20b9c600791e2bcc3c |
| SHA1 | dd6f376ba9139ddec20ece64da0760054133db96 |
| SHA256 | e39504c71ba91c438c682a8c83c7ecfc5410b853d7788a4c561a8c6e90bdbe59 |
| SHA512 | a677a432a4af6b5ad0131d224d2e4c999c2340a54ba770f9f39429fd28ad05a921fcf65a1b714af5deae2419abcf8ab38472e15f0f8758ccf7b7769a40bafffc |
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\sessionCheckpoints.json
| MD5 | 48fcad918c62db97e9af1dba1d131473 |
| SHA1 | d89381594d3241b0e645033f67572a5d8c166764 |
| SHA256 | dd8349e2789db1125b477971c5d445b6afb2f6ea3b57de65080631040900fe8c |
| SHA512 | 2278d074aab519859188b047c77fe7b4db718e0af237b63e06a1b095d7a1eb4e07d6ea59cab5d7b1325aae0047fadea36eae12a80bfefe112aab85fc18aa1ca3 |
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\search.json.mozlz4
| MD5 | b6d7fc9b6ebc5f46500acc52bf6c9808 |
| SHA1 | 4fd8111c436d89b83890e98b4cb7d0343e568340 |
| SHA256 | 2bd35c40d02dfca6c685a001287d89c1ec743b8d4d87a0a568c1cbd0b5ba4974 |
| SHA512 | 7e7111112af9448be4da527ae1d76ed93ec1e236dd00db63ff30d93d1f29cd699193e1e2635b110dda3ec36502c25065ef7d1613537451916ea301eb0f3e084b |
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs.js
| MD5 | 8565a303ddc83b03f8662b034597de18 |
| SHA1 | ce6453779eb52055599ddba097a95ab82512ae5b |
| SHA256 | b6ffe8a2973d7050fd5ffcf7ee1c995eef8d8dc5d58cb0a05a6ca0953bd4c6bd |
| SHA512 | 2b667252645b7f1202582beb353fbb2320f81b1f2e42a8327792309709434092a953727b222a5d81bac1482a547a498ca5c9d3d2c772858746cf29d18c684566 |
C:\Users\Admin\AppData\Local\Temp\tmpdtwdjw4n\webdriver-py-profilecopy\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
| MD5 | a3fb2788945937b22e92eeeb30fb4f15 |
| SHA1 | 8cade36d4d5067cd9a094ab2e4b3c786e3c160aa |
| SHA256 | 05b98840b05ef2acbac333543e4b7c3d40fee2ce5fb4e29260b05e2ff6fe24cd |
| SHA512 | 4897aefe3a0efffaa3d92842b42fe223f0b9882031a65bea683f4554d1fec92b8a66ea15c67e9b95c7fc12991cde3245010ccfb91768ba233711ced3412c13bc |
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extension-preferences.json
| MD5 | d2e8aceaa00ad916618bea2eee81aedf |
| SHA1 | 28b26f0db0b4b2504a418983089795761c56e4a1 |
| SHA256 | fc52b830f384921b69b457fed04dfb4239fb08e9fe7d8ac07c4c269bd9f6f622 |
| SHA512 | b6cb1f872dfc024d28524976aca3ad8840943ca0fc212326e8b6ee6fe0a57d5120a6c1da824ab70d7f9ee8dd674bdd32ace038db4d893b893830bf3267c6e59d |
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\datareporting\glean\db\data.safe.bin
| MD5 | b1c8aa9861b461806c9e738511edd6ae |
| SHA1 | fe13c1bbc7e323845cbe6a1bb89259cbd05595f8 |
| SHA256 | 7cea48e7add3340b36f47ba4ea2ded8d6cb0423ffc2a64b44d7e86e0507d6b70 |
| SHA512 | 841a0f8c98dd04dc9a4be2f05c34ecd511388c76d08ca0f415bfb6056166d9a521b8bc2c46b74697f3ecdac5141d1fe6af76dd0689350caca14e9f849ee75a8b |
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\cookies.sqlite
| MD5 | 5caa766855d5613a999f71b7812d6451 |
| SHA1 | ad0d9a52a0d5cc7f11858301dbe47377ed99ee37 |
| SHA256 | 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27 |
| SHA512 | 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba |
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\content-prefs.sqlite
| MD5 | 2ec530a71bdac21f299f9ddb823be222 |
| SHA1 | 5425aaf19c0832cda06be506e88f2435f432d287 |
| SHA256 | ccad2cafe84d27b3be67a87f0e32b7670e451c7ceefce6f2aa38f658976334b3 |
| SHA512 | 94eec8b0f59c68331d9187dd4dd4aa2b2c31d844e72bf707cd9e0c7c72c64982a3babcacf3d09a996422281ac5479ee304b41a577e54a74308d7a31a7d7091d4 |
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\containers.json
| MD5 | 26dd091069531a62061de8ca1c56d46b |
| SHA1 | 6c9daa73f096174f28f86c9bb245cb8a540f5c2d |
| SHA256 | 2cde4e7f9f1c6ab6fcf729370237845c72314a6c6d942fab1989f37e6c610a9a |
| SHA512 | 180d42c642f5d1126efbf89af33f1b4d1aa936aa530834b508eabcf3ec845aad91daa871ee6517e1181910f5720edbc3788d6a4b2455f1255d7b52b95de2d66d |
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\compatibility.ini
| MD5 | e50a617598b0f635e6f9ae4a9d445b78 |
| SHA1 | a372ec393dd6271bd00cf02f894152887765da8b |
| SHA256 | c9053fe76caf2607aa3043fa8b60070956198590dd8aab868145e0644cee30f5 |
| SHA512 | e851c226c38d4a6dfe43074d455fd75483d6c9b4d9521280a64f5b1913a055084d7764f13a8d0a12142a716a4031cc2ca4916c131d41c18a4d7a95128cb03bc0 |
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\addonStartup.json.lz4
| MD5 | 85de06e3d4c6f39404776f3c7162c59b |
| SHA1 | 3e4b8ecebaa9c903d220ee23d367be8e8ba27619 |
| SHA256 | 33d83687f45f4dbe12db0a0ce697cbce2c228d71ed474ad10a839ff7ce95012a |
| SHA512 | 6cd4cac7bd74ac01de30d242b2bc75e7dc2e23c0871250ae8176cc947553dbfc702a2392380acdad6bec355aea6dfa95708af54c560330c36c05bb0f34169963 |
C:\Users\Admin\AppData\Local\Temp\_MEI40282\unicodedata.pyd
| MD5 | 601aee84e12b87ca66826dfc7ca57231 |
| SHA1 | 3a7812433ca7d443d4494446a9ced24b6774ceca |
| SHA256 | d8091e62c74e1b2b648086f778c3c41ce01f09661a75ea207d3fea2cf26a8762 |
| SHA512 | 7c2d64623c6cfd66d6729f59909c90aa944e810ff6514c58b2b3142ee90e8660b7ddf7fa187389dd333e47efe8b19e935dd4e9119c15375b69b4880d043877d7 |
C:\Users\Admin\AppData\Local\Temp\_MEI40282\pyexpat.pyd
| MD5 | 2ae23047648257afa90d0ca96811979f |
| SHA1 | 0833cf7ccae477faa4656c74d593d0f59844cadd |
| SHA256 | 5caf51f12406bdb980db1361fab79c51be8cac0a2a0071a083adf4d84f423e95 |
| SHA512 | 13052eb183bb7eb8bb2740ff39f63805b69e920f2e21b482657a9995aa002579a88296b81ec415942511d2ed146689d1868b446f7e698e72da22f5c182706030 |
C:\Users\Admin\AppData\Local\Temp\_MEI40282\nss3.dll
| MD5 | 71747091d34cc634b9ad3c360b45b0a9 |
| SHA1 | 111cf483836f6a392f64bc9398a327be1c43dfc8 |
| SHA256 | 6e69c7c93a9d06c34c5f5429813d3763fe7ae4fb09c1dc5b0f0290b2dd8befcf |
| SHA512 | b911fd3b201a84c7663135c2dbf72e2368d68557181f5e1a32be271b0e73181f34990575fba44002fc92bae7d90caf530b7ec9212d3d022b4526906f0c2eb35a |
C:\Users\Admin\AppData\Local\Temp\_MEI40282\mozglue.dll
| MD5 | 3e4d1ec1d2a6e85593459601b5a0a828 |
| SHA1 | 92ee422285282dcb170cbc7808299d14d8d27963 |
| SHA256 | eefcf97ee8a298c85c9d4d44bb8747c0cca1ef5922e25000814148fd0fbfb2f5 |
| SHA512 | 4fe70fdbf8c902497537fbcda6e96373c636521aba2db52e3047abad37a9b857ab1668f203bcdf2815bbe0c485ec751dd6031043f459fd4af968c5d495e44ba4 |
C:\Users\Admin\AppData\Local\Temp\_MEI40282\mozavutil.dll
| MD5 | 4ecbb73d44518fc2b601a1ac9a38dcad |
| SHA1 | f7c96e85d5b32af8efb784e75164ec4f0c6f4f10 |
| SHA256 | 7f629ecfd36353139e9b067dc5ba84b411ed74132aef01b4430ccb016af46a52 |
| SHA512 | 12946996b2bdd87dd08cf046b37ff21dc23ab336c92d2b42cfa2000743c79524205004623b67505294080f60f9b5433005457f8a385e0461cef2cded6aa3d610 |
C:\Users\Admin\AppData\Local\Temp\_MEI40282\lgpllibs.dll
| MD5 | 726abf1280adf3129481b94b2bc644c4 |
| SHA1 | 404f69e71296f2d199535e8a6d9fb56707fcbc5f |
| SHA256 | 8969747ecb7dfd4a6dcb9150017e14ebbf90ce558f6fb469f6b558d039e9259a |
| SHA512 | 160b57aa1a28ff35210cf958fd7821aa2cc1cf6fca1ea38d768fa90111826b096518363b00b6818d21743aefd6bbbfa358fbe2fe3afa95edacb330a747c6e5f3 |
C:\Users\Admin\AppData\Local\Temp\_MEI40282\geckodriver.exe
| MD5 | f60c542253cbe94f762e15c7b064b55d |
| SHA1 | 7a32f034217266db6d799893edc976e891a82944 |
| SHA256 | 989c9e22c08924ecb0ce8901889dcb4dc8db33b0b4c8c88ffea38fe89f04c6aa |
| SHA512 | 1a91ba760e9893521e417a4b6ab4a25c1a1d8aadf89ad98a60eb114f65a88f9d2616f3cc102c08b95a0e91d0cb7245ecc2b4fdbbbc17465c57844e6db2b2e8ca |
C:\Users\Admin\AppData\Local\Temp\_MEI40282\_lzma.pyd
| MD5 | cf9fd17b1706f3044a8f74f6d398d5f1 |
| SHA1 | c5cd0debbde042445b9722a676ff36a0ac3959ad |
| SHA256 | 9209ccc60115727b192bf7771551040ca6fdd50f9bf8c3d2eacbfd424e8245e4 |
| SHA512 | 5fe922c00c6f7fd3cd9bc56fc51de1f44adffbdb0afc0583f1bb08008be628b9ac16f8560b0c3ba16138e1cdcaf1c525ef24241bed804804cdeb5961aed6385a |
C:\Users\Admin\AppData\Local\Temp\_MEI40282\_bz2.pyd
| MD5 | a49c5f406456b79254eb65d015b81088 |
| SHA1 | cfc2a2a89c63df52947af3610e4d9b8999399c91 |
| SHA256 | ce4ef8ed1e72c1d3a6082d500a17a009eb6e8ed15022bf3b68a22291858feced |
| SHA512 | bbafeff8c101c7425dc9b8789117fe4c5e516d217181d3574d9d81b8fec4b0bd34f1e1fe6e406ae95584dc671f788cd7b05c8d700baf59fbf21de9c902edf7ae |
C:\Users\Admin\AppData\Local\Temp\_MEI40282\_ctypes.pyd
| MD5 | 291a0a9b63bae00a4222a6df71a22023 |
| SHA1 | 7a6a2aad634ec30e8edb2d2d8d0895c708d84551 |
| SHA256 | 820e840759eed12e19f3c485fd819b065b49d9dc704ae3599a63077416d63324 |
| SHA512 | d43ef6fc2595936b17b0a689a00be04968f11d7c28945af4c3a74589bd05f415bf4cb3b4e22ac496490daff533755999a69d5962ccffd12e09c16130ed57fd09 |
C:\Users\Admin\AppData\Roaming\tor\cached-microdesc-consensus.tmp
| MD5 | 80e882ce8268212cf4db9fbe44f95336 |
| SHA1 | 85abc152168a20d8db2c6501aa43a97ea72efc8c |
| SHA256 | 32c7fa19bdf922f35368bbda1fd91b30fae89f7e8615c8224901e4e3454ee937 |
| SHA512 | eb6fc2086c0c5b1e2207c675e49713961246559ade42f65f5e1d51e6139e503eacceaa57542664f7161dc320df0403d90bc85e499aa2d0f09c4a3d4236920cd5 |
C:\Users\Admin\AppData\Local\Temp\_MEI40282\Tor Browser\Browser\firefox.exe
| MD5 | 65aa9b0f57d72e4d70e9226322221adc |
| SHA1 | 85fec174d0977afd8c0100c9d9b53c958e1949bf |
| SHA256 | 51b63860fd996d6d5b1753ba6bb7f3a4303f13187fbfecc96ba2b6bae52a7410 |
| SHA512 | f84416a5e9293b8b82993e9424b13d5bb8542d1a379d04f498b60f0b5805626b7c97bcc6f86f6cfd33031b0d65d0ad23ce6d836995b5a481ed29f62ef89b2c85 |
memory/1304-492-0x00007FFA6B1B0000-0x00007FFA6B1B1000-memory.dmp
memory/1304-491-0x00007FFA6A1C0000-0x00007FFA6A1C1000-memory.dmp
memory/3640-522-0x000001A6597E0000-0x000001A65984B000-memory.dmp
memory/4656-545-0x0000020A56AE0000-0x0000020A56AF0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileTcf3HU\extensions.json.tmp
| MD5 | f1e9efece63a1af13bb4c071f735316d |
| SHA1 | eb81dced3465ec6d2fc7b04637c1b863cc1c8656 |
| SHA256 | 0245899c3de106ca532b2c18dfc9790b7445bc17dc7532ab55e08d788396bca6 |
| SHA512 | b8761a9880d63dba788655f8c05759d04d2a5fae5f72c4994fd905a9fce52d4c93af636438be4b8b6225415134ec80c3e6236e73bbd92d1edf08c6ea5ce7f8cb |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileTcf3HU\prefs.js
| MD5 | 9c48bf4654e159e53cd97c89030e8619 |
| SHA1 | cf0cf4e2b55e3dfe525d2f62cd8d218bf08f530c |
| SHA256 | 037b8f361b7bbdd59c1123c77f196a44dc99b43fd9f038bae495e8bb62d179bc |
| SHA512 | 4c3fa50d49a445fe8012491adf4ab869e53cd8dff7341e690b1d2be1d33089e2b73ee7fa3439e8e2ae7276026e4019aac2311f3975b1dcb253c4ad6eca383a89 |
C:\Users\Admin\AppData\Roaming\tor\cached-microdescs.new
| MD5 | 089c4540bfb6ba6ff5e865dacda2fc1e |
| SHA1 | 8cb70bc1b7733e925b8fbb6a6ce51423a436e096 |
| SHA256 | ae75543c343ae6239e2fc8959dc07b96cb55e5a275b91f4093ea731f99563eb5 |
| SHA512 | e753b17d9ce0f14b8adaf6d59e7303959175b25c31769128e8c38dc04afa3164cb53999bdf94253b0f395677e87ff7170ea90f57636bf1aac029593f29f7c39c |
memory/3164-613-0x0000026EB7CA0000-0x0000026EB7D0B000-memory.dmp
memory/1304-612-0x000001F849380000-0x000001F8493EB000-memory.dmp
memory/4656-611-0x0000020A4AE30000-0x0000020A4AFA0000-memory.dmp
memory/2148-628-0x0000024DEAB00000-0x0000024DEAB6B000-memory.dmp
memory/3536-627-0x0000028C0F700000-0x0000028C0F76B000-memory.dmp
memory/4964-626-0x000001A0B4720000-0x000001A0B478B000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileTcf3HU\prefs.js
| MD5 | 120ec841c9c91d349ff7741f3725b8cc |
| SHA1 | e73130d8de6d075926102205204f41ff7c9391d7 |
| SHA256 | ecd3d505f848dddf851f8b0e00e3a06eb62969d512026ab5807f061189fd17e6 |
| SHA512 | 92eb6b5e42c6132c93e7d7077dad9c1a6a833a68570c70fbd522f9033383fec5d97df5e82cb0fc3f39e56a2bb2e9ad718caa064e742e48bb166ced256e72ba33 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileTcf3HU\prefs-1.js
| MD5 | 60132019a4bb0948d80904ed00b0d0e4 |
| SHA1 | 688b3d3e13be2e7305315292bc79e535695ac004 |
| SHA256 | 3cc2c3f37e7a08a7cf3e5ebedecc590d1b51679cc7d75ad2fb0c5be860e65aa6 |
| SHA512 | bcb2d1e4e3cb16114d9b3768db2dc12e03bc3977a06f064f7cd615619390b9bc520b844f80dd493f5cd7b40dfb5e7225cb66501eb1c8eb3e9679729c18adf495 |
memory/3864-667-0x000001E51B230000-0x000001E51B29B000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileTcf3HU\prefs-1.js
| MD5 | febd0789560dc953a566bec2715f3104 |
| SHA1 | b1cfe47cd78478a87b101f63316bb15c511c2f3f |
| SHA256 | 47d78f58fe87732222b03ec7373b19d8cb9b69999fe6fd5fe8a73a98c0f292fa |
| SHA512 | ab747a8aa88419ba9e020cfe2bdbfea39cd5f1bf3992e40c696be52f52b2db3bb043a71f2bccc12f46d193514ac12b16fed91e70790db3701c18a7f1067b2202 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilewFdkjO\sessionCheckpoints.json
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilewFdkjO\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
memory/1304-859-0x0000025E57550000-0x0000025E575BB000-memory.dmp
memory/764-882-0x000001BCDD8E0000-0x000001BCDD8F0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilewFdkjO\extension-preferences.json
| MD5 | b4298c9a240d6b7b63346daf94013802 |
| SHA1 | 9ce98168437854b51b198c16186c05129f0c273b |
| SHA256 | e120cdbe8994b9c61e74492f0fad161abb5b4e18f64d4b786a8c245ae5a384d5 |
| SHA512 | 545becc42b35be10b4c24fdc38ef6b664d167e4288111f31478f476c2c06794efb802ac0fa2b782cddea1283d295a56053e96520b033258bd596ff6fbb4f1b4c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilewFdkjO\startupCache\webext.sc.lz4
| MD5 | ad70c39d13a0c42ceade33b627e1ebe7 |
| SHA1 | 40e6980874d6ae15f883eaf463c9b917a92ad14e |
| SHA256 | a4df7b8f6d6c83b4b42d7cd732560132dfdd453d53fab65144a6fdeec6da8c62 |
| SHA512 | 278407a7c71fa31ed6ad25c6a7b8fe94e9fc00727f487f43218dc5dfb2ebda402912e1c9846a0b2b28e565bf3a61ac5586e820c0873d31ae68f9e86360504349 |
memory/3500-959-0x000002D6AD340000-0x000002D6AD3AB000-memory.dmp
memory/2832-958-0x0000013123AA0000-0x0000013123B0B000-memory.dmp
memory/424-957-0x000001A99F930000-0x000001A99F99B000-memory.dmp
memory/3640-956-0x0000024482830000-0x000002448289B000-memory.dmp
memory/4524-955-0x000001809FCA0000-0x000001809FD0B000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilewFdkjO\prefs-1.js
| MD5 | d0df7cd2b1d8e50f2cdb6b670efb56b7 |
| SHA1 | 6898fcf0833234080234bf88c4f6165210062056 |
| SHA256 | 21261de8df271d9c96c0d6fdbb68ce81c5451fa3837d46f5c6387c750275145f |
| SHA512 | b924d1c2d0f51bd427061d2b69951fb2d25a359a074f3b5ebf328d108c1a6abd91c3c634c3d0c92d72491adf37d244b7a55fb34064dede7ca16ed1e21762c2d2 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilewFdkjO\broadcast-listeners.json
| MD5 | 97c3738563a9448365a735f5f29ed3d5 |
| SHA1 | 15a81433236ca6e6ecc4e1c8d0fdb8523b265c57 |
| SHA256 | 63221253f5c30efa214c2cd2adcf51a9c9f9a2c05f119b00a51c9579825c2c24 |
| SHA512 | ed98f42d5d02ab53a9e50f80b312bed4b5d05d053bec582cf9d619ef91251e86cf4f4d1123c645500fc1dc4673b49a8b7badd3f3a39f565ac643ca4fd0157ae6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilewFdkjO\sessionCheckpoints.json
| MD5 | 99601438ae1349b653fcd00278943f90 |
| SHA1 | 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9 |
| SHA256 | 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a |
| SHA512 | ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilewFdkjO\sessionCheckpoints.json.tmp
| MD5 | 2d87ba02e79c11351c1d478b06ca9b29 |
| SHA1 | 4b0fb1927ca869256e9e2e2d480c3feb8e67e6f1 |
| SHA256 | 16b7be97c92e0b75b9f8a3c22e90177941c7e6e3fbb97c8d46432554429f3524 |
| SHA512 | be7e128c140a88348c3676afc49a143227c013056007406c66a3cae16aae170543ca8a0749136702411f502f2c933891d7dcdde0db81c5733415c818f1668185 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilewFdkjO\xulstore.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileAmrsFV\user.js
| MD5 | fabecc1f2f9211cfb2669b19d504faba |
| SHA1 | b94e1452a320e49e7e6c48c4cb8c7a1fe3ae1a9c |
| SHA256 | 41aeb5c7bd40f1fbe0edc80a05d5099a0abe8f356291500e1044cf72a81b722a |
| SHA512 | 98b2ae8057364021b63eedfe29eb3134a4b1f767b76508e4e7c4b39855b4e8eb0dc8934077e3c1152ada1bcce001674bc9e5bb1bd1f91252e8b3165d0babdbd4 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileAmrsFV\startupCache\scriptCache-child-new.bin
| MD5 | 2724d7dd31542eea53805994d9290cd8 |
| SHA1 | 7b5d8536b060269d79848eaa6e2362333bc0f8ec |
| SHA256 | 72f0d983fa1c2017f7402b19caf50305d7bd8001ed4e7797bc3dc0528f3081a1 |
| SHA512 | 6ea98f95ca46f2b83081b546bf6238de11a829853105233bb29cf9ceeb69ace8c69ae90e94c9b5143f91f05713cfbf82f63265733f6233ecf5acb867758c1ee0 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileAmrsFV\sessionCheckpoints.json.tmp
| MD5 | 29ce37dc02c78bbe2e5284d350fae004 |
| SHA1 | bab97d5908ea6592aef6b46cee1ded6f34693fa2 |
| SHA256 | 1bfee61e2f346959c53aa41add4b02d2b05c86c9f19ffefe1018f4a964bf4693 |
| SHA512 | 53a9eb746e193c088210d8eaa6218d988f3a67ee4cb21844d682ff0178db040932404f5ce2f3cf8b4576313ba0ec33c04ca288c3412bfa5df7dd8230cc2068bb |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileAmrsFV\prefs-1.js
| MD5 | 8a99a87a2532aef0a623124c9e97bbca |
| SHA1 | d33008783f69d653a55fea26f6d223ecb7b3d101 |
| SHA256 | 586b570007f2e9d15558357f7f0c34d513b90686a20dff71509c0a347125d588 |
| SHA512 | 232bf5bb9f0427fe50714d483a410f354e302e1e81e3a18413ae890b9e4baa11f5909c00535900a299f5d1723b1e1a8ceef26e1d4748cb131eb2bc1a89f92741 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileyo2cxg\datareporting\glean\db\data.safe.tmp
| MD5 | 63b1bb87284efe954e1c3ae390e7ee44 |
| SHA1 | 75b297779e1e2a8009276dd8df4507eb57e4e179 |
| SHA256 | b017ee25a7f5c09eb4bf359ca721d67e6e9d9f95f8ce6f741d47f33bde6ef73a |
| SHA512 | f7768cbd7dd80408bd270e5a0dc47df588850203546bbc405adb0b096d00d45010d0fb64d8a6c050c83d81bd313094036f3d3af2916f1328f3899d76fad04895 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileyo2cxg\datareporting\glean\db\data.safe.tmp
| MD5 | 1c3c58f7838dde7f753614d170f110fc |
| SHA1 | c17e5a486cecaddd6ced7217d298306850a87f48 |
| SHA256 | 81c14432135b2a50dc505904e87781864ca561efef9e94baeca3704d04e6db3d |
| SHA512 | 9f6e9bcb0bba9e2ce3d7dabe03b061e3fda3f6d7b0249ecf4dbc145dc78844386d047ee2ac95656a025ef808cd0fc451204dc98a1981cf2729091761661a3b49 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileyo2cxg\prefs-1.js
| MD5 | 5cf67f1f8177c2b88c154b7ca5d97530 |
| SHA1 | 2ef19a1845b5aa1e184de0052bb45950354ce44e |
| SHA256 | 045ff4505fc29e36ad3aa314ac425891030f3c56e19aa1fcb36afbededfe6561 |
| SHA512 | 6a0c7e0f7eb42e4e628d4b7194c09da0c26a8d98be23273fe5eb873b31675e7bfbc090575523d01ae8f897e189d3cac101703dd60fdd0d5c6a8a86cad6cadb93 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileyo2cxg\prefs-1.js
| MD5 | 25ab9957a423274c0f74a9790c5be9d0 |
| SHA1 | 5cde1e223f2a0f0b2c78dc5eac354829cf211725 |
| SHA256 | 3b3b4fb5e5b1005bf52c8240fd8a82c26ccaf694efd64813cf1e99af17261d29 |
| SHA512 | 62116fec302ef9493eb7d6a6634e0067479aed8816050e0fec90ac09bc1aea11381e4495cddf86791c795ce765dd82fb75066511cadb9b5e76114dd8f79fe551 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilevm4GkP\compatibility.ini
| MD5 | 5b2f5f30b2edda498fd46f856b46e935 |
| SHA1 | 18f75b0cc1873e91e0abcf4fa03cec46b257cb9a |
| SHA256 | 710cc5b54003fedec95bf1627b6ff56c69459c2649b05725a6c89f7e19df5a8c |
| SHA512 | 432da38fc7271470738f0961a6fdbfeb020a493c8093f542e78ddbd59f2642a19074612fd0a1ddd5927be8316e7ef682489654b64067585f853bcfa214fa2967 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilevm4GkP\WebDriverBiDiServer.json
| MD5 | 7d51f7d29865a572a36027c41bde571b |
| SHA1 | 1960b9ff6d321eb719171c8154b2fbbe2f004900 |
| SHA256 | 384faba7eed560c62dc7bd140a22c225f74e88b18aa5852ef93144bf4935be85 |
| SHA512 | ea12a842d65ed8c6b073a5c5a566a3cbdb19d1a4a0c27ee479d0200630d41cccda973f9b7fa411d4df3b0d9c5a5348c421549d2ce57ad459b5aae329f94f4217 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilevm4GkP\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | dfaa6a9af55ae85fe1c7b6d4e1c9556a |
| SHA1 | 4b40b2c3e983c01f58c51805b73c73b1b9590eef |
| SHA256 | 68633ab0841f852960fec07545b8176bb9831fb17b7d06c3522f4164ea720081 |
| SHA512 | 8cc05f011057cfe291439c0cde538509c752e6bb520ec56f3023a12ed4238417a3e1f996bb2cc639418d891a1b822d8f132ce42a45e2cc11d194ba1c80f0fc8f |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilevm4GkP\prefs-1.js
| MD5 | b8361282ca04128f3afacba411379806 |
| SHA1 | adadb17aee0b970030fb789db5499c209eddaa99 |
| SHA256 | 1dd948160c9d8504ab8715962ab03a7dc1b3eba0413d1ea6a73fa3fd29814eb9 |
| SHA512 | 6c05a3e59f7059cf1aafc24e855e2c507df6030c02cbb8aebfcf73ad66bf334c5ffeba42aafb65c1b5ddcf854f2c564f2a96632fcb88fdcadc3edb882735bc9e |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilevm4GkP\prefs-1.js
| MD5 | 1a2c636f4f1f5d13e98305e698841d6a |
| SHA1 | 8c74e6aa2a2f6a87b9c0518dfb57dbdf3a057902 |
| SHA256 | 133043543a4b642ec6159ee47c2701e852fb093175eca6947020a46f9f439cac |
| SHA512 | b95b6eb8dc6324bd92b1531cd8a84592c3a4537b525e90aa0c5c900a5d10503ca30e21aecccb2c79c2c7b2d133ac48e8d8d355d05c0ffbb7b80f331f74bb5b8e |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilevm4GkP\storage-sync-v2.sqlite
| MD5 | bff4d6361e4126d963ab7dffdc7550ce |
| SHA1 | e2660c2f00b0aef4a81972c6a6093935d5aa40d5 |
| SHA256 | ad0828e5ff9d4188151772cd9af85827a431d122901486590c5734b62b4af2d2 |
| SHA512 | 8d967c085d343d50a76cf14e88ed2fb742a7195034ddbaacd57d2c47abf0218a5f6878528a8f37c8f3b61496f61b5e254d205003af87a3cf156ba12ea59f65bc |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilevm4GkP\content-prefs.sqlite
| MD5 | b15425d1f21f5708184e35493e63c8a1 |
| SHA1 | e944c1fdf56a3f6a5150b77980e89d48c7b57be2 |
| SHA256 | 7a9012d1846763fe9dcb059035972a023ec29f2b9c03f865f0a6f6df6ef2a6c0 |
| SHA512 | 6b54e30e0a060261bdac98ef818d1053fbabf0d6b8a17efc729942729ed6e6dddb29063b079ddb1dcd1b4edfc85a0311cf821b4b3291372c834a00733456423f |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilenPu1bd\prefs-1.js
| MD5 | a210f67d7c3e778135c55010a280dae0 |
| SHA1 | cf3cac625d3bde36cc192fd7c4fe6aa6762c6a53 |
| SHA256 | febed27835796817cbc6f73deac6e1a256816e0e96cac30962677c5057728d6f |
| SHA512 | f835e7123462fa0363a87c66ae79d01dcd07255dc2045e590ffccb6a7792875663315fac131e290f6fe0d755b38281b92908d0a7d09ae3b78f09d2085276963b |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilenPu1bd\prefs-1.js
| MD5 | 494f963190863460b806ef0c303fe1b7 |
| SHA1 | 1682aeca4c6212d03f88919e3100a65c543293f2 |
| SHA256 | 17d2406c0554226b33d205e92c2765e6fc79c037b94f01be707c09b5b98b0653 |
| SHA512 | 567f6f717b43013895e47036048e08e75be9a051333e319406eaf7503f982f9ab3fb797e71451bc52bd4c0e81c71863bd9f59ba685919d6ce7a5fe3c94057f21 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilelbpBzG\prefs-1.js
| MD5 | a6961b73de7c91ba0faed08c457184c2 |
| SHA1 | c189251e8faef2d2dc61efd00b7285e8904f2a19 |
| SHA256 | cc2e94657d32ca8fef5afe0510821eed43f088b4eb3ee174ac0405208ae709de |
| SHA512 | 397a87c8319f59ffbfc3d242f13c0645366c43ec5a704379ecdd5ecaa7cbaa3c6bb67d6f347271b438693c261a73e919207c470e7ded933a700bc3fee46ca54c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilelbpBzG\prefs-1.js
| MD5 | bf2e8106c7e6d91fa40770304fc7709f |
| SHA1 | f3f6a8d5d11cdcd6490cafee2e2c340560d6a2b8 |
| SHA256 | 1c37c1ed6c47bc9dd3ac98cecbf7c26c9906f7ba1c520416f60ed5b9288b72c3 |
| SHA512 | 96ef04d91be491d9fa28bf075edb730d654682ce9fb0753dc9b76856219ec1cb72b4f1ff0f0308e10a284a01f6752d95eb141637b81a4a27e4ced02cdbd16e21 |
Analysis: behavioral5
Detonation Overview
Submitted
2024-05-09 01:55
Reported
2024-05-09 02:07
Platform
win11-20240508-en
Max time kernel
292s
Max time network
313s
Command Line
Signatures
Executes dropped EXE
Loads dropped DLL
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3107365284-1576850094-161165143-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3107365284-1576850094-161165143-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3107365284-1576850094-161165143-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3107365284-1576850094-161165143-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "ver"
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\TorBrowser\Tor\tor.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Users\Admin\AppData\Local\Temp\_MEI43602\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI43602\geckodriver.exe --port 50007 --websocket-port 50008
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50008 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilezRDp7f
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50008 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilezRDp7f
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe" -contentproc --channel="3728.0.755249550\1418699008" -parentBuildID 20240416150000 -prefsHandle 1716 -prefMapHandle 1708 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\browser" - {53a45ec9-bab9-4a47-a195-541ad5e052b0} 3728 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe" -contentproc --channel="3728.1.1252845890\1314268615" -childID 1 -isForBrowser -prefsHandle 2772 -prefMapHandle 2920 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1212 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\browser" - {f80c31f5-5e0f-42ea-a3b0-4ccb822212a9} 3728 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe" -contentproc --channel="3728.2.1548255528\1949663878" -childID 2 -isForBrowser -prefsHandle 3064 -prefMapHandle 3060 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1212 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\browser" - {c4a8f4a3-d3f4-4f0f-939f-11afee75247e} 3728 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe" -contentproc --channel="3728.3.252289992\974522577" -childID 3 -isForBrowser -prefsHandle 3500 -prefMapHandle 3496 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1212 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\browser" - {02002b2e-6169-44f0-87b5-90d563058877} 3728 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe" -contentproc --channel="3728.4.296103671\132645904" -childID 4 -isForBrowser -prefsHandle 3876 -prefMapHandle 3872 -prefsLen 25287 -prefMapSize 245849 -jsInitHandle 1212 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\browser" - {4dcebdd3-5ed4-44c7-93ed-cc5f842c9840} 3728 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe" -contentproc --channel="3728.5.877422484\128883263" -childID 5 -isForBrowser -prefsHandle 4024 -prefMapHandle 4028 -prefsLen 25287 -prefMapSize 245849 -jsInitHandle 1212 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\browser" - {c30af2ff-05c0-4b4f-b2f1-58f44c6cc33a} 3728 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe" -contentproc --channel="3728.6.1145460404\320598485" -childID 6 -isForBrowser -prefsHandle 3888 -prefMapHandle 4220 -prefsLen 25287 -prefMapSize 245849 -jsInitHandle 1212 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\browser" - {e8bf83e9-5bc7-4120-8007-22c2b4a7b543} 3728 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43602\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI43602\geckodriver.exe --port 50007 --websocket-port 50008
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50008 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilegJXsba
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50008 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilegJXsba
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe" -contentproc --channel="1156.0.438030194\886037302" -parentBuildID 20240416150000 -prefsHandle 1688 -prefMapHandle 1668 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\browser" - {02f560a2-6ff0-4dda-97aa-7551b4fa3607} 1156 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe" -contentproc --channel="1156.1.467562767\1041249774" -childID 1 -isForBrowser -prefsHandle 2748 -prefMapHandle 2864 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1300 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\browser" - {9312c14c-d9c3-43f8-8b87-7ed1cbb5dd5d} 1156 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe" -contentproc --channel="1156.2.722013980\624095240" -childID 2 -isForBrowser -prefsHandle 3076 -prefMapHandle 3068 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1300 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\browser" - {b35a5a57-c96a-4091-9c8b-5bb820f4e6b1} 1156 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe" -contentproc --channel="1156.3.875088752\886125336" -childID 3 -isForBrowser -prefsHandle 3640 -prefMapHandle 3644 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1300 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\browser" - {3fff8ac2-3c4a-41ac-9e8f-3f3067f4a280} 1156 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe" -contentproc --channel="1156.4.1226566635\1002708347" -childID 4 -isForBrowser -prefsHandle 3780 -prefMapHandle 3772 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1300 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\browser" - {4f2f3f1f-757b-4275-a3fb-6dd3f937ebfc} 1156 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe" -contentproc --channel="1156.5.791212001\757831930" -childID 5 -isForBrowser -prefsHandle 4004 -prefMapHandle 4000 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1300 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\browser" - {f983103e-79c1-4731-97c2-4f2f040e2768} 1156 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe" -contentproc --channel="1156.6.2044080078\117145394" -childID 6 -isForBrowser -prefsHandle 4152 -prefMapHandle 4156 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1300 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\browser" - {b471b4c8-ddb8-41e9-a64c-d92246f78f6d} 1156 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43602\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI43602\geckodriver.exe --port 50007 --websocket-port 50008
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50008 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileA7w0nW
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50008 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileA7w0nW
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe" -contentproc --channel="1476.0.519640982\801093847" -parentBuildID 20240416150000 -prefsHandle 1716 -prefMapHandle 1688 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\browser" - {9a51218e-0a94-4975-8a1e-5aff0d3d1fca} 1476 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe" -contentproc --channel="1476.1.1836230504\885820791" -childID 1 -isForBrowser -prefsHandle 2724 -prefMapHandle 2752 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1308 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\browser" - {b49bc053-4e2f-479f-88eb-3b16f08b4dce} 1476 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe" -contentproc --channel="1476.2.1486441088\2060383083" -childID 2 -isForBrowser -prefsHandle 3124 -prefMapHandle 3120 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1308 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\browser" - {3e6cf6a2-77b3-4604-ad11-03267683d5d7} 1476 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe" -contentproc --channel="1476.3.1635090293\386556948" -childID 3 -isForBrowser -prefsHandle 3216 -prefMapHandle 3220 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1308 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\browser" - {33901e46-e9cc-4c55-a0ce-ed553e16ac09} 1476 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe" -contentproc --channel="1476.4.1725226433\746711948" -childID 4 -isForBrowser -prefsHandle 3804 -prefMapHandle 3808 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1308 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\browser" - {25375e39-2a0b-422e-b8b5-d520e0da06d5} 1476 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe" -contentproc --channel="1476.5.1644598532\1668996702" -childID 5 -isForBrowser -prefsHandle 3880 -prefMapHandle 1528 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1308 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\browser" - {74135c48-4976-4164-be98-89a008e1ffbd} 1476 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe" -contentproc --channel="1476.6.10819026\1808077527" -childID 6 -isForBrowser -prefsHandle 4048 -prefMapHandle 4052 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1308 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\browser" - {84cc20b9-e4b1-4094-8f61-fb3bc1991da1} 1476 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43602\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI43602\geckodriver.exe --port 50007 --websocket-port 50008
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50008 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilee8GbWI
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50008 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilee8GbWI
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe" -contentproc --channel="2488.0.1178979146\540921346" -parentBuildID 20240416150000 -prefsHandle 1700 -prefMapHandle 1676 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\browser" - {c02b949b-3425-4b53-9c51-7c70d59e8c5a} 2488 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe" -contentproc --channel="2488.1.1015964627\603491849" -childID 1 -isForBrowser -prefsHandle 2404 -prefMapHandle 2536 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1360 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\browser" - {94050e66-285b-4375-88bb-3123fa0e1c30} 2488 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe" -contentproc --channel="2488.2.1542815516\1376975603" -childID 2 -isForBrowser -prefsHandle 2288 -prefMapHandle 2972 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1360 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\browser" - {027be498-8478-4a8a-8947-d3ef5c400f0b} 2488 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe" -contentproc --channel="2488.3.735321581\1857647929" -childID 3 -isForBrowser -prefsHandle 3180 -prefMapHandle 3196 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1360 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\browser" - {43927946-d6f8-435f-b353-6a8a5516e633} 2488 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe" -contentproc --channel="2488.4.689363294\882163208" -childID 4 -isForBrowser -prefsHandle 3928 -prefMapHandle 3924 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1360 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\browser" - {67ea7605-14ee-4b78-a4ab-24f017d751b9} 2488 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe" -contentproc --channel="2488.5.700103423\303851967" -childID 5 -isForBrowser -prefsHandle 3256 -prefMapHandle 3376 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1360 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\browser" - {db936094-5d9f-4869-8635-755c8c9ded23} 2488 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe" -contentproc --channel="2488.6.655315107\1533239198" -childID 6 -isForBrowser -prefsHandle 4140 -prefMapHandle 4144 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1360 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\browser" - {88bb2b0d-b523-40c7-b1b4-c7aa43515c1f} 2488 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe" -contentproc --channel="2488.7.1082713291\415747632" -childID 7 -isForBrowser -prefsHandle 4092 -prefMapHandle 4168 -prefsLen 25367 -prefMapSize 245849 -jsInitHandle 1360 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\browser" - {7094ca0b-bae6-429f-8430-06f7abe28420} 2488 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe" -contentproc --channel="2488.8.1140478422\692395888" -parentBuildID 20240416150000 -prefsHandle 4176 -prefMapHandle 1440 -prefsLen 27675 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\browser" - {9ebd4c11-436e-49fc-9583-6df4598e3ddf} 2488 rdd
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe" -contentproc --channel="2488.9.1403852479\1652551279" -parentBuildID 20240416150000 -sandboxingKind 1 -prefsHandle 2676 -prefMapHandle 2884 -prefsLen 27675 -prefMapSize 245849 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\browser" - {f7aa1099-8bb0-4489-961e-52f6a4659469} 2488 utility
Network
| Country | Destination | Domain | Proto |
| TR | 5.252.74.238:443 | tcp | |
| US | 8.8.8.8:53 | 238.74.252.5.in-addr.arpa | udp |
| N/A | 127.0.0.1:50111 | tcp | |
| N/A | 127.0.0.1:50113 | tcp | |
| N/A | 127.0.0.1:50007 | tcp | |
| FR | 188.165.26.13:9000 | tcp | |
| US | 131.153.152.146:443 | tcp | |
| US | 8.8.8.8:53 | 146.152.153.131.in-addr.arpa | udp |
| N/A | 127.0.0.1:50007 | tcp | |
| N/A | 127.0.0.1:50216 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50224 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50007 | tcp | |
| N/A | 127.0.0.1:50007 | tcp | |
| N/A | 127.0.0.1:50007 | tcp | |
| N/A | 127.0.0.1:50530 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50538 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50007 | tcp | |
| N/A | 127.0.0.1:50007 | tcp | |
| N/A | 127.0.0.1:50007 | tcp | |
| N/A | 127.0.0.1:50815 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50823 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50007 | tcp | |
| US | 52.111.227.14:443 | tcp | |
| N/A | 127.0.0.1:50007 | tcp | |
| N/A | 127.0.0.1:50007 | tcp | |
| N/A | 127.0.0.1:51116 | tcp | |
| N/A | 127.0.0.1:51124 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\_MEI43602\python38.dll
| MD5 | 26ba25d468a778d37f1a24f4514d9814 |
| SHA1 | b64fe169690557656ede3ae50d3c5a197fea6013 |
| SHA256 | 2f3e368f5bcc1dda5e951682008a509751e6395f7328fd0f02c4e1a11f67c128 |
| SHA512 | 80471bfeeab279ce4adfb9ee1962597fb8e1886b861e31bdff1e3aa0df06d93afeb3a3398e9519bab7152d4bd7d88fa9b328a2d7eb50a91eb60fead268912080 |
C:\Users\Admin\AppData\Local\Temp\_MEI43602\VCRUNTIME140.dll
| MD5 | 4a365ffdbde27954e768358f4a4ce82e |
| SHA1 | a1b31102eee1d2a4ed1290da2038b7b9f6a104a3 |
| SHA256 | 6a0850419432735a98e56857d5cfce97e9d58a947a9863ca6afadd1c7bcab27c |
| SHA512 | 54e4b6287c4d5a165509047262873085f50953af63ca0dcb7649c22aba5b439ab117a7e0d6e7f0a3e51a23e28a255ffd1ca1ddce4b2ea7f87bca1c9b0dbe2722 |
C:\Users\Admin\AppData\Local\Temp\_MEI43602\base_library.zip
| MD5 | 09f7062e078379845347034c2a63943e |
| SHA1 | 9683dd8ef7d72101674850f3db0e05c14039d5fd |
| SHA256 | 7c1c73de4909d11efb20028f4745a9c8494fb4ee8dcf2f049907115def3d2629 |
| SHA512 | a169825e9b0bb995a115134cf1f7b76a96b651acd472dc4ce8473900d8852fc93b9f87a26d2c64f7bb3dd76d5feb01eeb4af4945e0c0b95d5c9c97938fa85b34 |
C:\Users\Admin\AppData\Local\Temp\_MEI43602\_ctypes.pyd
| MD5 | 291a0a9b63bae00a4222a6df71a22023 |
| SHA1 | 7a6a2aad634ec30e8edb2d2d8d0895c708d84551 |
| SHA256 | 820e840759eed12e19f3c485fd819b065b49d9dc704ae3599a63077416d63324 |
| SHA512 | d43ef6fc2595936b17b0a689a00be04968f11d7c28945af4c3a74589bd05f415bf4cb3b4e22ac496490daff533755999a69d5962ccffd12e09c16130ed57fd09 |
C:\Users\Admin\AppData\Local\Temp\_MEI43602\libffi-7.dll
| MD5 | eef7981412be8ea459064d3090f4b3aa |
| SHA1 | c60da4830ce27afc234b3c3014c583f7f0a5a925 |
| SHA256 | f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081 |
| SHA512 | dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016 |
C:\Users\Admin\AppData\Local\Temp\_MEI43602\_bz2.pyd
| MD5 | a49c5f406456b79254eb65d015b81088 |
| SHA1 | cfc2a2a89c63df52947af3610e4d9b8999399c91 |
| SHA256 | ce4ef8ed1e72c1d3a6082d500a17a009eb6e8ed15022bf3b68a22291858feced |
| SHA512 | bbafeff8c101c7425dc9b8789117fe4c5e516d217181d3574d9d81b8fec4b0bd34f1e1fe6e406ae95584dc671f788cd7b05c8d700baf59fbf21de9c902edf7ae |
C:\Users\Admin\AppData\Local\Temp\_MEI43602\_lzma.pyd
| MD5 | cf9fd17b1706f3044a8f74f6d398d5f1 |
| SHA1 | c5cd0debbde042445b9722a676ff36a0ac3959ad |
| SHA256 | 9209ccc60115727b192bf7771551040ca6fdd50f9bf8c3d2eacbfd424e8245e4 |
| SHA512 | 5fe922c00c6f7fd3cd9bc56fc51de1f44adffbdb0afc0583f1bb08008be628b9ac16f8560b0c3ba16138e1cdcaf1c525ef24241bed804804cdeb5961aed6385a |
C:\Users\Admin\AppData\Local\Temp\_MEI43602\_ssl.pyd
| MD5 | d4dfd8c2894670e9f8d6302c09997300 |
| SHA1 | c3a6cc8d8079a06a4cac8950e0baba2b43fb1f8e |
| SHA256 | 0a721fc230eca278a69a2006e13dfa00e698274281378d4df35227e1f68ea3e0 |
| SHA512 | 1422bf45d233e2e3f77dce30ba0123625f2a511f73dfdf42ee093b1755963d9abc371935111c28f0d2c02308c5e82867de2546d871c35e657da32a7182026048 |
C:\Users\Admin\AppData\Local\Temp\_MEI43602\_socket.pyd
| MD5 | 4827652de133c83fa1cae839b361856c |
| SHA1 | 182f9a04bdc42766cfd5fb352f2cb22e5c26665e |
| SHA256 | 87832a3b89e2ada8f704a8f066013660d591d9ce01ce901cc57a3b973f0858ba |
| SHA512 | 8d66d68613fdba0820257550de3c39b308b1dce659dca953d10a95ff2cf89c31afe512d30ed44422b31117058dc9fa15279e5ac84694da89b47f99b0ad7e338a |
C:\Users\Admin\AppData\Local\Temp\_MEI43602\_queue.pyd
| MD5 | dd146e2fa08302496b15118bf47703cf |
| SHA1 | d06813e2fcb30cbb00bb3893f30c2661686cf4b7 |
| SHA256 | 67e4e888559ea2c62ff267b58d7a7e95c2ec361703b5aa232aa8b2a1f96a2051 |
| SHA512 | 5b93a782c9562370fc5b3f289ca422b4d1a1c532e81bd6c95a0063f2e3889ecf828003e42b674439fc7cd0fa72f64ad607bab6910abe9d959a4fb9fb08df263c |
C:\Users\Admin\AppData\Local\Temp\_MEI43602\_hashlib.pyd
| MD5 | 5e5af52f42eaf007e3ac73fd2211f048 |
| SHA1 | 1a981e66ab5b03f4a74a6bac6227cd45df78010b |
| SHA256 | a30cf1a40e0b09610e34be187f1396ac5a44dcfb27bc7ff9b450d1318b694c1b |
| SHA512 | bc37625005c3dad1129b158a2f1e91628d5c973961e0efd61513bb6c7b97d77922809afca8039d08c11903734450bc098c6e7b63655ff1e9881323e5cfd739fd |
C:\Users\Admin\AppData\Local\Temp\_MEI43602\unicodedata.pyd
| MD5 | 601aee84e12b87ca66826dfc7ca57231 |
| SHA1 | 3a7812433ca7d443d4494446a9ced24b6774ceca |
| SHA256 | d8091e62c74e1b2b648086f778c3c41ce01f09661a75ea207d3fea2cf26a8762 |
| SHA512 | 7c2d64623c6cfd66d6729f59909c90aa944e810ff6514c58b2b3142ee90e8660b7ddf7fa187389dd333e47efe8b19e935dd4e9119c15375b69b4880d043877d7 |
C:\Users\Admin\AppData\Local\Temp\_MEI43602\top-1m.csv
| MD5 | ba0857be5e9736dde1f5cc44edd5d21b |
| SHA1 | b130759907909cc97bfe0d9a1fd65b8942c931aa |
| SHA256 | 7800cdef850c31931b2b520a42f858c4feb5ca86d6b3789e6173a02e909595ca |
| SHA512 | 08446902bc588e323b8fc551502ff869be6c2bb64f788d1bebfcc30a04c3e589b0616e84fc55de3d81d7b19b26e690024a442e6a27096808bc613bcecf3f6db4 |
C:\Users\Admin\AppData\Local\Temp\_MEI43602\select.pyd
| MD5 | e21cff76db11c1066fd96af86332b640 |
| SHA1 | e78ef7075c479b1d218132d89bf4bec13d54c06a |
| SHA256 | fcc2e09a2355a5546922874fb4cac92ee00a33c0ed6adbc440d128d1e9f4ec28 |
| SHA512 | e86dba2326ca5ea3f5ef3af2abd3c23d5b29b6211acc865b6be5a51d5c8850b7cda8c069e6f631ac62f2047224c4b675bbe6ac97c7ba781de5b8016ebaffd46f |
C:\Users\Admin\AppData\Local\Temp\_MEI43602\pyexpat.pyd
| MD5 | 2ae23047648257afa90d0ca96811979f |
| SHA1 | 0833cf7ccae477faa4656c74d593d0f59844cadd |
| SHA256 | 5caf51f12406bdb980db1361fab79c51be8cac0a2a0071a083adf4d84f423e95 |
| SHA512 | 13052eb183bb7eb8bb2740ff39f63805b69e920f2e21b482657a9995aa002579a88296b81ec415942511d2ed146689d1868b446f7e698e72da22f5c182706030 |
C:\Users\Admin\AppData\Local\Temp\_MEI43602\nss3.dll
| MD5 | 71747091d34cc634b9ad3c360b45b0a9 |
| SHA1 | 111cf483836f6a392f64bc9398a327be1c43dfc8 |
| SHA256 | 6e69c7c93a9d06c34c5f5429813d3763fe7ae4fb09c1dc5b0f0290b2dd8befcf |
| SHA512 | b911fd3b201a84c7663135c2dbf72e2368d68557181f5e1a32be271b0e73181f34990575fba44002fc92bae7d90caf530b7ec9212d3d022b4526906f0c2eb35a |
C:\Users\Admin\AppData\Local\Temp\_MEI43602\libcrypto-1_1.dll
| MD5 | 89511df61678befa2f62f5025c8c8448 |
| SHA1 | df3961f833b4964f70fcf1c002d9fd7309f53ef8 |
| SHA256 | 296426e7ce11bc3d1cfa9f2aeb42f60c974da4af3b3efbeb0ba40e92e5299fdf |
| SHA512 | 9af069ea13551a4672fdd4635d3242e017837b76ab2815788148dd4c44b4cf3a650d43ac79cd2122e1e51e01fb5164e71ff81a829395bdb8e50bb50a33f0a668 |
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\favicons.sqlite
| MD5 | 0351b833a5c095852e821535974441c8 |
| SHA1 | bcbf5c294852c2d80af7862d19791b994aea7706 |
| SHA256 | dd13400afe7ebe5d0be37c951ff961be293b63588cc3635a62fa5f071ab69eef |
| SHA512 | 3eaefe9e400fadf0b947036e15b4dc5c7b42fbbcb716426ba478073eff1e7d7bddf3f72c44dfb5fafe6712d7ea9f2c52c172607d719f238a22e432afdb618b97 |
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\places.sqlite
| MD5 | 2eeb46e1c58ff1cce4ac2d4d725b2cc6 |
| SHA1 | 89aa36e77e51da31fbbfd682a2acc91f6016d275 |
| SHA256 | e99e5ee165f2a0d5d39c5cc5a1d994c0534cf7caf8779f314f0e92b2d59d2b6a |
| SHA512 | 23d5e39c25375ef4a83713f44615078878253411cd6ca6c4a149de915cd491b328046ddd189a113585361faad6a47ebd6ead31f062681ab25b0f2832a988265e |
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | 47539d0337e97e22a728afc2638d461f |
| SHA1 | d97b37079543b33b9b605c787945f809aed66fd6 |
| SHA256 | 262e52c5bbaa9bcd2dfcb4cf7da83a1efa95ebd0299f82031ad31a6ab19405a5 |
| SHA512 | 3810ebe80173d41785a42459fc5c4a8a31e56294f2c03fe99416925a34d242b88023565057201c9b6dcbdb97c8396d8305a723c0e31bb5b560b031b299672d4a |
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\xulstore.json
| MD5 | 8d689c06cb844185099c0398a280537e |
| SHA1 | 57073c7526ec37e94bb9db44fedc6d50276f7a6b |
| SHA256 | 96729e9b38f216605ff10715f96f364be32f02e2de23ede7e74b78244605124d |
| SHA512 | 3c7df326c695143915df1068cb2c0f58e93e4881b2c4d94b33948b80e954fbd4cf944ae53b4d15002b79fcdb8e88f8e9cf4c89ca50f56b7cfd8a13ea7dd6fff8 |
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\webappsstore.sqlite
| MD5 | 41c22c9f81a84b1b0e5ee7ec2ff7c545 |
| SHA1 | d12424cba9e4e9124bf3f15e556c562b95c9b6a3 |
| SHA256 | 4ffdc78433817da79ad2e84b26a2ffaf62d8c1baf80421751d752c3d8723328f |
| SHA512 | 8b690c55ae0b25aeede62a09dea1ef6b7daa9880ca63c6d4ce192160daded05fe0dc44b115216ce10523e2ec45991873c249f159fe8608712818f5ead327897b |
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\times.json
| MD5 | 797325af481a14ae243f10d5f24b4a0d |
| SHA1 | 718b6ed3d9d839b8fe0a0e097b9ac5f5770ed5a1 |
| SHA256 | 1d70eaebce1c81e3241ae47deb92aab50f90dd8baa4c7cb5e9f7eb6b1e66abb1 |
| SHA512 | ac9aa2b028bdffe24831ba50894fb48eb70b100f6973875987e24f075a3e9196f96699667eb3a5d2e4f86041d510447c75fe6e55562813451712878a3411c3b1 |
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage.sqlite
| MD5 | 7f2754df6a4a580b15910f449892766d |
| SHA1 | 9dcaad98563ed89781f53941cbc43db5454de7f5 |
| SHA256 | d3765d63c380e5a79296d566b7869c08b1f4e079787176f29cf2ddcd76330654 |
| SHA512 | 25f0205a8c4aed02e9e1f9ecafffb36cb3bb795ef9f06cc12ede9e8b0459ae5b86573b3b4980b92073a59204eaf314cba34c03b99e90ab98f804fe378fe02839 |
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | ecb1dedf5ef99417494e424ca42eb67f |
| SHA1 | e2a293cbba50c6624e75cdaffe472967f3961023 |
| SHA256 | cccd56daa3559a54db61113fbdb5b6c96649cdd65b5cf14bd442c3f2e3b738be |
| SHA512 | 5ea0645775933d5bd2f913d58e344253a58578c920af95bd0fb81ff4f13a4998a919f0856ffdc97541abf9fc3797558b0f2467bc73214b63c7ce568ba87e550b |
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\.metadata-v2
| MD5 | 7abc816e004d9ed0f292770cfa8876cb |
| SHA1 | 4a1eeb702543f0819ef7c64b9f3bfd53be292106 |
| SHA256 | 2960d61c10694d76f29beca0eb96c06608cf4bbf479811449a39197e8580842e |
| SHA512 | 9883b894e65a426227ea9808b69e2259f206df76bd9bb9e7c0ebd7521acbdad0a92c4a531f739c93b1e53001eca8a1a42e122baa1e1885b11d4ba34aae24961a |
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\ls-archive.sqlite
| MD5 | d277f533f1d77e26d09bb66764bbeea6 |
| SHA1 | 082920ebe7dfb870cf94a99fc601fd5ae8b456ee |
| SHA256 | 3c957f8d69ccfe73b66c28d378bf301bb1bcb0ceb5c59ac0dafeb5787b24f3c3 |
| SHA512 | 510c78685b20a68160d9041d5a55a022a281fc0fd5777f978dc422d132961bf52ac23a0a95ca47b15715641ecb7a39b359da8d00d305c8543d553c00db54747d |
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | cbb1daad9fc48ab13e35fcd3621a5999 |
| SHA1 | 0eec8ece735465aea259f8223762f93fb13a97a0 |
| SHA256 | 8a03ae38ee38cf04dd9a5e2c5563bfd930886cae2170ed4200829288e5c155da |
| SHA512 | 818629d68123ae629bd5a1c7e768ed79707360457be1b7c50f7c59447bf9ee398fe78c925f037649d6b1ca529a9cf3bf8077b6f525f3e88142c56bc7e5451e8b |
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\.metadata-v2
| MD5 | 2c740091198dcf20b9c600791e2bcc3c |
| SHA1 | dd6f376ba9139ddec20ece64da0760054133db96 |
| SHA256 | e39504c71ba91c438c682a8c83c7ecfc5410b853d7788a4c561a8c6e90bdbe59 |
| SHA512 | a677a432a4af6b5ad0131d224d2e4c999c2340a54ba770f9f39429fd28ad05a921fcf65a1b714af5deae2419abcf8ab38472e15f0f8758ccf7b7769a40bafffc |
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\sessionCheckpoints.json
| MD5 | 48fcad918c62db97e9af1dba1d131473 |
| SHA1 | d89381594d3241b0e645033f67572a5d8c166764 |
| SHA256 | dd8349e2789db1125b477971c5d445b6afb2f6ea3b57de65080631040900fe8c |
| SHA512 | 2278d074aab519859188b047c77fe7b4db718e0af237b63e06a1b095d7a1eb4e07d6ea59cab5d7b1325aae0047fadea36eae12a80bfefe112aab85fc18aa1ca3 |
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\search.json.mozlz4
| MD5 | b6d7fc9b6ebc5f46500acc52bf6c9808 |
| SHA1 | 4fd8111c436d89b83890e98b4cb7d0343e568340 |
| SHA256 | 2bd35c40d02dfca6c685a001287d89c1ec743b8d4d87a0a568c1cbd0b5ba4974 |
| SHA512 | 7e7111112af9448be4da527ae1d76ed93ec1e236dd00db63ff30d93d1f29cd699193e1e2635b110dda3ec36502c25065ef7d1613537451916ea301eb0f3e084b |
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs.js
| MD5 | 8565a303ddc83b03f8662b034597de18 |
| SHA1 | ce6453779eb52055599ddba097a95ab82512ae5b |
| SHA256 | b6ffe8a2973d7050fd5ffcf7ee1c995eef8d8dc5d58cb0a05a6ca0953bd4c6bd |
| SHA512 | 2b667252645b7f1202582beb353fbb2320f81b1f2e42a8327792309709434092a953727b222a5d81bac1482a547a498ca5c9d3d2c772858746cf29d18c684566 |
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\handlers.json
| MD5 | e7a65c5ead519a7b802f991353c26d3d |
| SHA1 | 34cc3c1cf9bd4912dba5fa422010934e46419fa3 |
| SHA256 | 0e5ce92485da953757f615bad034a43032b220da18f8165dd85347851b56b2d2 |
| SHA512 | 2a6034449ba6f5da8a77870ae665064047cea2460aeb4c8c0b62b308a403fdd30648150209aecc31ab1e50b6d9d94a1f51d3d7d50bbf35ec1b742bff2dbe788d |
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions.json
| MD5 | e2e8f9cf938f81b1185086b12c5c9d90 |
| SHA1 | b67c857a7002b3262f09ffc9fa8524c58a01e5b9 |
| SHA256 | a053bba02f38179197090a9a9849aab872af5b09dc61b2f69efb0d8ea2d0f5e2 |
| SHA512 | 3bab571f5c43ff72ce1dd654b584d053cba937a3d3cc4d07cbf57ac7acc821b199b90fab66abc62dbe32e75297143c810c995d87df076e75a583e321d081d87f |
C:\Users\Admin\AppData\Local\Temp\tmpsdina05s\webdriver-py-profilecopy\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
| MD5 | a3fb2788945937b22e92eeeb30fb4f15 |
| SHA1 | 8cade36d4d5067cd9a094ab2e4b3c786e3c160aa |
| SHA256 | 05b98840b05ef2acbac333543e4b7c3d40fee2ce5fb4e29260b05e2ff6fe24cd |
| SHA512 | 4897aefe3a0efffaa3d92842b42fe223f0b9882031a65bea683f4554d1fec92b8a66ea15c67e9b95c7fc12991cde3245010ccfb91768ba233711ced3412c13bc |
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extension-preferences.json
| MD5 | d2e8aceaa00ad916618bea2eee81aedf |
| SHA1 | 28b26f0db0b4b2504a418983089795761c56e4a1 |
| SHA256 | fc52b830f384921b69b457fed04dfb4239fb08e9fe7d8ac07c4c269bd9f6f622 |
| SHA512 | b6cb1f872dfc024d28524976aca3ad8840943ca0fc212326e8b6ee6fe0a57d5120a6c1da824ab70d7f9ee8dd674bdd32ace038db4d893b893830bf3267c6e59d |
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\datareporting\glean\db\data.safe.bin
| MD5 | b1c8aa9861b461806c9e738511edd6ae |
| SHA1 | fe13c1bbc7e323845cbe6a1bb89259cbd05595f8 |
| SHA256 | 7cea48e7add3340b36f47ba4ea2ded8d6cb0423ffc2a64b44d7e86e0507d6b70 |
| SHA512 | 841a0f8c98dd04dc9a4be2f05c34ecd511388c76d08ca0f415bfb6056166d9a521b8bc2c46b74697f3ecdac5141d1fe6af76dd0689350caca14e9f849ee75a8b |
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\cookies.sqlite
| MD5 | 5caa766855d5613a999f71b7812d6451 |
| SHA1 | ad0d9a52a0d5cc7f11858301dbe47377ed99ee37 |
| SHA256 | 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27 |
| SHA512 | 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba |
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\content-prefs.sqlite
| MD5 | 2ec530a71bdac21f299f9ddb823be222 |
| SHA1 | 5425aaf19c0832cda06be506e88f2435f432d287 |
| SHA256 | ccad2cafe84d27b3be67a87f0e32b7670e451c7ceefce6f2aa38f658976334b3 |
| SHA512 | 94eec8b0f59c68331d9187dd4dd4aa2b2c31d844e72bf707cd9e0c7c72c64982a3babcacf3d09a996422281ac5479ee304b41a577e54a74308d7a31a7d7091d4 |
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\containers.json
| MD5 | 26dd091069531a62061de8ca1c56d46b |
| SHA1 | 6c9daa73f096174f28f86c9bb245cb8a540f5c2d |
| SHA256 | 2cde4e7f9f1c6ab6fcf729370237845c72314a6c6d942fab1989f37e6c610a9a |
| SHA512 | 180d42c642f5d1126efbf89af33f1b4d1aa936aa530834b508eabcf3ec845aad91daa871ee6517e1181910f5720edbc3788d6a4b2455f1255d7b52b95de2d66d |
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\compatibility.ini
| MD5 | e50a617598b0f635e6f9ae4a9d445b78 |
| SHA1 | a372ec393dd6271bd00cf02f894152887765da8b |
| SHA256 | c9053fe76caf2607aa3043fa8b60070956198590dd8aab868145e0644cee30f5 |
| SHA512 | e851c226c38d4a6dfe43074d455fd75483d6c9b4d9521280a64f5b1913a055084d7764f13a8d0a12142a716a4031cc2ca4916c131d41c18a4d7a95128cb03bc0 |
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\addonStartup.json.lz4
| MD5 | 85de06e3d4c6f39404776f3c7162c59b |
| SHA1 | 3e4b8ecebaa9c903d220ee23d367be8e8ba27619 |
| SHA256 | 33d83687f45f4dbe12db0a0ce697cbce2c228d71ed474ad10a839ff7ce95012a |
| SHA512 | 6cd4cac7bd74ac01de30d242b2bc75e7dc2e23c0871250ae8176cc947553dbfc702a2392380acdad6bec355aea6dfa95708af54c560330c36c05bb0f34169963 |
C:\Users\Admin\AppData\Local\Temp\_MEI43602\libssl-1_1.dll
| MD5 | 50bcfb04328fec1a22c31c0e39286470 |
| SHA1 | 3a1b78faf34125c7b8d684419fa715c367db3daa |
| SHA256 | fddd0da02dcd41786e9aa04ba17ba391ce39dae6b1f54cfa1e2bb55bc753fce9 |
| SHA512 | 370e6dfd318d905b79baf1808efbf6da58590f00006513bdaaed0c313f6fa6c36f634ea3b05f916cee59f4db25a23dd9e6f64caf3c04a200e78c193027f57685 |
C:\Users\Admin\AppData\Local\Temp\_MEI43602\mozglue.dll
| MD5 | 3e4d1ec1d2a6e85593459601b5a0a828 |
| SHA1 | 92ee422285282dcb170cbc7808299d14d8d27963 |
| SHA256 | eefcf97ee8a298c85c9d4d44bb8747c0cca1ef5922e25000814148fd0fbfb2f5 |
| SHA512 | 4fe70fdbf8c902497537fbcda6e96373c636521aba2db52e3047abad37a9b857ab1668f203bcdf2815bbe0c485ec751dd6031043f459fd4af968c5d495e44ba4 |
C:\Users\Admin\AppData\Local\Temp\_MEI43602\mozavutil.dll
| MD5 | 4ecbb73d44518fc2b601a1ac9a38dcad |
| SHA1 | f7c96e85d5b32af8efb784e75164ec4f0c6f4f10 |
| SHA256 | 7f629ecfd36353139e9b067dc5ba84b411ed74132aef01b4430ccb016af46a52 |
| SHA512 | 12946996b2bdd87dd08cf046b37ff21dc23ab336c92d2b42cfa2000743c79524205004623b67505294080f60f9b5433005457f8a385e0461cef2cded6aa3d610 |
C:\Users\Admin\AppData\Local\Temp\_MEI43602\lgpllibs.dll
| MD5 | 726abf1280adf3129481b94b2bc644c4 |
| SHA1 | 404f69e71296f2d199535e8a6d9fb56707fcbc5f |
| SHA256 | 8969747ecb7dfd4a6dcb9150017e14ebbf90ce558f6fb469f6b558d039e9259a |
| SHA512 | 160b57aa1a28ff35210cf958fd7821aa2cc1cf6fca1ea38d768fa90111826b096518363b00b6818d21743aefd6bbbfa358fbe2fe3afa95edacb330a747c6e5f3 |
C:\Users\Admin\AppData\Local\Temp\_MEI43602\geckodriver.exe
| MD5 | f60c542253cbe94f762e15c7b064b55d |
| SHA1 | 7a32f034217266db6d799893edc976e891a82944 |
| SHA256 | 989c9e22c08924ecb0ce8901889dcb4dc8db33b0b4c8c88ffea38fe89f04c6aa |
| SHA512 | 1a91ba760e9893521e417a4b6ab4a25c1a1d8aadf89ad98a60eb114f65a88f9d2616f3cc102c08b95a0e91d0cb7245ecc2b4fdbbbc17465c57844e6db2b2e8ca |
C:\Users\Admin\AppData\Roaming\tor\cached-microdesc-consensus
| MD5 | 80e882ce8268212cf4db9fbe44f95336 |
| SHA1 | 85abc152168a20d8db2c6501aa43a97ea72efc8c |
| SHA256 | 32c7fa19bdf922f35368bbda1fd91b30fae89f7e8615c8224901e4e3454ee937 |
| SHA512 | eb6fc2086c0c5b1e2207c675e49713961246559ade42f65f5e1d51e6139e503eacceaa57542664f7161dc320df0403d90bc85e499aa2d0f09c4a3d4236920cd5 |
C:\Users\Admin\AppData\Local\Temp\_MEI43602\Tor Browser\Browser\firefox.exe
| MD5 | 65aa9b0f57d72e4d70e9226322221adc |
| SHA1 | 85fec174d0977afd8c0100c9d9b53c958e1949bf |
| SHA256 | 51b63860fd996d6d5b1753ba6bb7f3a4303f13187fbfecc96ba2b6bae52a7410 |
| SHA512 | f84416a5e9293b8b82993e9424b13d5bb8542d1a379d04f498b60f0b5805626b7c97bcc6f86f6cfd33031b0d65d0ad23ce6d836995b5a481ed29f62ef89b2c85 |
memory/4708-494-0x00007FFE298D0000-0x00007FFE298D1000-memory.dmp
memory/4708-493-0x00007FFE29D50000-0x00007FFE29D51000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilezRDp7f\prefs.js
| MD5 | 97c9cc54995dd15e60f0c9600df2ad65 |
| SHA1 | 56999166c983e371e71ac03ee0080daf99f93f75 |
| SHA256 | 0846e3eb45ffef259529b8815b3735b5661e0c76fac16fab99b76a93827f64ca |
| SHA512 | c7ad8fab9fe6e256e4ba3eeb38b8d89662730b35460caa51f0cebcd01128f0b5a9ae28b67da24475209dd5fb2d90f3da48393d75c174e90bc6fbe24e5df65dda |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilezRDp7f\extensions.json
| MD5 | 432e08c11c7c26417a3d2f2dffd75df4 |
| SHA1 | 05300cbd90f01e04155e21e42ad85188002182b5 |
| SHA256 | 7119403aac3e30433f9440af1393f3eb313f51a99a8a10e7508eb7f7252473f4 |
| SHA512 | dec775afb859b3fd106ed4b902b99829749d61a6f06c85598a30ec4cb48f9f386286ec4f33087be6e6eae70d363fe4f545eb39bf0e68a89266efebcadaa4057c |
C:\Users\Admin\AppData\Roaming\tor\cached-microdescs.new
| MD5 | e065714ac139ebe78883c99ece50ac21 |
| SHA1 | 9ed361bc2d1680a1b4a19c56b7c1ec6b1784e4c6 |
| SHA256 | a0c2197840066e2007ea947813ff64f1d200d46fe5717117d563cfb0b0e863ea |
| SHA512 | 0f791510b633ad438075a69a88a57ebf9f0d086c49f89320b260998381bf21d3dd5f095468295977181bc77c1b46bdf17b65a60aaf4b311c0f2510d60557e9a0 |
memory/3728-568-0x000001D0E6F30000-0x000001D0E6F40000-memory.dmp
memory/3728-605-0x000001D0DBA50000-0x000001D0DBBC0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilezRDp7f\prefs-1.js
| MD5 | 7af3b1761a1df2750bcaacee29355366 |
| SHA1 | f742be3c5e29385757b8c6bc5d4fab3ae83901ba |
| SHA256 | 83fccc0caa72c309b2b7680b2a31c8691e7dba72b548b0d34127f53b5b508049 |
| SHA512 | 0331a4e88076a6a48f89dfd29946b447264b265f29ab86d9c8a42318fd0e2aa3f43e4ed683cccb74b02b24e796e46d57d9ca911ddc98cdfc4f4383016bd9bcf6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilegJXsba\sessionCheckpoints.json
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilegJXsba\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilegJXsba\extension-preferences.json
| MD5 | b4298c9a240d6b7b63346daf94013802 |
| SHA1 | 9ce98168437854b51b198c16186c05129f0c273b |
| SHA256 | e120cdbe8994b9c61e74492f0fad161abb5b4e18f64d4b786a8c245ae5a384d5 |
| SHA512 | 545becc42b35be10b4c24fdc38ef6b664d167e4288111f31478f476c2c06794efb802ac0fa2b782cddea1283d295a56053e96520b033258bd596ff6fbb4f1b4c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilegJXsba\startupCache\webext.sc.lz4
| MD5 | 829ad1e2a31213908c620602bd5e35c2 |
| SHA1 | 8802af91507d12db2db3ef37d13b19402f4e2c46 |
| SHA256 | deb76e1fd4a56175267a860cda38c740a2c81db15a3308c070adc3d7a32d8f42 |
| SHA512 | 3fa0da3d3d339dab80444092c07030e6bdde512a3fb422eadb88b61ec7ba19e28e3fd1ee40250a5d897ced06706ac396a97feae22bf76b13ccff7e037a7ef94c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilegJXsba\datareporting\glean\db\data.safe.tmp
| MD5 | c58234a092f9d899f0a623e28a4ab9db |
| SHA1 | 7398261b70453661c8b84df12e2bde7cbc07474b |
| SHA256 | eaec709a98b57cd9c054a205f9bfa76c7424db2845c077822804f31e16ac134c |
| SHA512 | ae2724fc45a8d9d26e43d86bcc7e20f398d8ab4e251e89550087ace1311c4d2571392f2f0bed78da211fcb28766779c1853b80742faa69f722b2c44c283569fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilegJXsba\sessionCheckpoints.json
| MD5 | 99601438ae1349b653fcd00278943f90 |
| SHA1 | 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9 |
| SHA256 | 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a |
| SHA512 | ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilegJXsba\prefs-1.js
| MD5 | 2ef97bbeff841acf3f48ef4c0eef54ba |
| SHA1 | f2f24f0d3960f5c82f1fffe25f0963f45a3ccb6a |
| SHA256 | ac3eba99ee5003f8647574dd03fef8905d765ed9229a5fe47d6d48ef9d3f6957 |
| SHA512 | e6a7bc99e38cd953c1df349b9e138d221173693a7a31af99024cad210e7868203cecca1ada0da216db1a1ca0a305a1fa40ac2f3562ab283ca80925be69500122 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilegJXsba\sessionCheckpoints.json
| MD5 | 65690c43c42921410ec8043e34f09079 |
| SHA1 | 362add4dbd0c978ae222a354a4e8d35563da14b4 |
| SHA256 | 7343d5a46e2fca762305a4f85c45484a49c1607ede8e8c4bd12bedd2327edb8d |
| SHA512 | c0208d51cf1586e75f22764b82c48ecbb42c1ff54aa412a85af13d686e0119b4e49e98450d25c70e3792d3b9c2cda0c5ab0c6931ebaf548693bb970a35ae62b9 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilegJXsba\sessionCheckpoints.json
| MD5 | 2d87ba02e79c11351c1d478b06ca9b29 |
| SHA1 | 4b0fb1927ca869256e9e2e2d480c3feb8e67e6f1 |
| SHA256 | 16b7be97c92e0b75b9f8a3c22e90177941c7e6e3fbb97c8d46432554429f3524 |
| SHA512 | be7e128c140a88348c3676afc49a143227c013056007406c66a3cae16aae170543ca8a0749136702411f502f2c933891d7dcdde0db81c5733415c818f1668185 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilegJXsba\xulstore.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileA7w0nW\user.js
| MD5 | 00cc6397b628f1762d2f7dbe8dc5667c |
| SHA1 | 674a207e1cf2545e791df61b5b84762cb2b86709 |
| SHA256 | cb5706f0f6901ebfd48297ef83baa2ad2765496c13e4f9bfc72e9a00e5e2918f |
| SHA512 | 7c863d5c001ece5dc64272d73c17021c120934ae26297b7f6842de770a650cbfef94f14432977e07aede4a0f8e3851ae0fde9e54c6b41195c61e922d4071dd85 |
memory/1476-1114-0x0000025C64430000-0x0000025C64440000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileA7w0nW\prefs.js
| MD5 | bc55094a15bed289af4105583b0c5c47 |
| SHA1 | 08c445adeb215d3370d32f4c5c4054b55aba85d3 |
| SHA256 | 2cba62094ec463abcbf0e29969b8471a9c6cffd2431ec14c039b1b55cbb1dfc5 |
| SHA512 | bce194aa5b6dfcfff422c5241a8e1dbec723d0f81e979b07063fd32897a221e12c0b811600edceaf2626f4eb8aecbdd13c90c4ef2eda0a685743a5120448affc |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileA7w0nW\sessionCheckpoints.json.tmp
| MD5 | 29ce37dc02c78bbe2e5284d350fae004 |
| SHA1 | bab97d5908ea6592aef6b46cee1ded6f34693fa2 |
| SHA256 | 1bfee61e2f346959c53aa41add4b02d2b05c86c9f19ffefe1018f4a964bf4693 |
| SHA512 | 53a9eb746e193c088210d8eaa6218d988f3a67ee4cb21844d682ff0178db040932404f5ce2f3cf8b4576313ba0ec33c04ca288c3412bfa5df7dd8230cc2068bb |
memory/2488-1391-0x0000020B50470000-0x0000020B50480000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilee8GbWI\prefs.js
| MD5 | 59f7ee39719f7c627df27825c253b590 |
| SHA1 | 10ed14c28443884b29e9c9284b69f909c2e5095c |
| SHA256 | 373980ff0bedb8cdedc8bcf6dd5eb390ded6e8e5250561c83135603d5fca2ef0 |
| SHA512 | a380b12688764d0721fec232277aff04474cb4998aa1fb3b412be2ea7c8b186ddf3ebc4e8ce19bf5274dd5aff5334184d5802d45035b43adaf19f245212e8885 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilee8GbWI\startupCache\scriptCache-child-new.bin
| MD5 | 2724d7dd31542eea53805994d9290cd8 |
| SHA1 | 7b5d8536b060269d79848eaa6e2362333bc0f8ec |
| SHA256 | 72f0d983fa1c2017f7402b19caf50305d7bd8001ed4e7797bc3dc0528f3081a1 |
| SHA512 | 6ea98f95ca46f2b83081b546bf6238de11a829853105233bb29cf9ceeb69ace8c69ae90e94c9b5143f91f05713cfbf82f63265733f6233ecf5acb867758c1ee0 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilee8GbWI\prefs.js
| MD5 | 3720d9a9698211a307d01029d7062c20 |
| SHA1 | a3005522517ddf9b3f7da734ed6157dd9cbf667b |
| SHA256 | 9dd57d6c28c8835c9455cafc9e2decd8f827583e9df6dd8348ae7e228c049cee |
| SHA512 | b51945a0d5b4a66d8c37439059cf33b3b4e539adf302fcd4d4db884755269415c59018ff674afc362c8321a2b87d7941b4cf28fde8a8cb19ea8701809d5137d9 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilee8GbWI\prefs-1.js
| MD5 | e3df56a2085d962c866452c4f705cf13 |
| SHA1 | 35fe1bb5f786efebfef4f93903a9673a6c789d66 |
| SHA256 | 91e500466b1cb3336a07d497d779924cc7e88b109064fae0bd7313127f3e9012 |
| SHA512 | 8de0f27035e2698b98584e2aee617993c8b38ffab748b56385da22c5a7b8edcb48c02736fe7d90c65a4df2f16e1f9c7cbfa9b68643ccdd8918b40cb44e684a8d |