Analysis Overview
SHA256
88093c75834d60df3b4b6f4df642bb28dc749f4bd562f587fa8f9e30e97d3c5c
Threat Level: Likely malicious
The file heavy.exe was found to be: Likely malicious.
Malicious Activity Summary
Renames multiple (51) files with added filename extension
Checks computer location settings
Executes dropped EXE
Loads dropped DLL
Checks whether UAC is enabled
Unsigned PE
Detects Pyinstaller
Enumerates physical storage devices
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
Checks processor information in registry
Suspicious use of AdjustPrivilegeToken
Modifies registry class
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-05-09 01:57
Signatures
Detects Pyinstaller
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral4
Detonation Overview
Submitted
2024-05-09 01:55
Reported
2024-05-09 02:08
Platform
win10v2004-20240226-en
Max time kernel
323s
Max time network
347s
Command Line
Signatures
Executes dropped EXE
Loads dropped DLL
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4304 --field-trial-handle=2276,i,5697607538120380977,9987005253899555344,262144 --variations-seed-version /prefetch:8
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "ver"
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\TorBrowser\Tor\tor.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Users\Admin\AppData\Local\Temp\_MEI49002\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI49002\geckodriver.exe --port 50121 --websocket-port 50122
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50122 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile9oWgNZ
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50122 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile9oWgNZ
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe" -contentproc --channel="4416.0.1781070577\227200098" -parentBuildID 20240416150000 -prefsHandle 1692 -prefMapHandle 1684 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\browser" - {0a77fde1-3540-4490-b447-d21fdba7fecd} 4416 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe" -contentproc --channel="4416.1.1699350428\1038538088" -childID 1 -isForBrowser -prefsHandle 2692 -prefMapHandle 2688 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1332 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\browser" - {fe55f5bd-2e25-417b-9a05-399159120cc5} 4416 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe" -contentproc --channel="4416.2.1502202758\1021984870" -childID 2 -isForBrowser -prefsHandle 3256 -prefMapHandle 3252 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1332 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\browser" - {93887403-fa43-49f8-96f3-0269f1770158} 4416 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe" -contentproc --channel="4416.3.135959301\772418023" -childID 3 -isForBrowser -prefsHandle 3604 -prefMapHandle 3596 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1332 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\browser" - {de6eac90-8330-4951-b694-95df2502b80c} 4416 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe" -contentproc --channel="4416.4.1159576949\90734238" -childID 4 -isForBrowser -prefsHandle 4088 -prefMapHandle 4084 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1332 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\browser" - {e32d557a-edd5-42db-adf3-df9215b644f5} 4416 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe" -contentproc --channel="4416.5.1789396004\1140534862" -childID 5 -isForBrowser -prefsHandle 3304 -prefMapHandle 3308 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1332 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\browser" - {8b5dc370-9764-451e-a8c3-b95a572b21c0} 4416 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe" -contentproc --channel="4416.6.1753807674\1404789340" -childID 6 -isForBrowser -prefsHandle 3196 -prefMapHandle 3888 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1332 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\browser" - {32f7db54-c354-4258-8f79-4be961d244ad} 4416 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe" -contentproc --channel="4416.7.1212516622\1316027707" -childID 7 -isForBrowser -prefsHandle 3224 -prefMapHandle 3160 -prefsLen 25491 -prefMapSize 245849 -jsInitHandle 1332 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\browser" - {1702db61-4071-44bb-9ab9-7b07537a474d} 4416 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49002\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI49002\geckodriver.exe --port 50121 --websocket-port 50122
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50122 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilebka8Vc
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50122 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilebka8Vc
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe" -contentproc --channel="5516.0.1150786569\118208647" -parentBuildID 20240416150000 -prefsHandle 1684 -prefMapHandle 1676 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\browser" - {29baa8f1-8b82-4ad4-ad7b-7c0f6e1629c6} 5516 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe" -contentproc --channel="5516.1.1611739557\423213778" -childID 1 -isForBrowser -prefsHandle 2640 -prefMapHandle 2636 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\browser" - {8e83d892-6a29-4615-97fd-fa988e2ef6e6} 5516 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe" -contentproc --channel="5516.2.791032259\1410254503" -childID 2 -isForBrowser -prefsHandle 3228 -prefMapHandle 3224 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\browser" - {00c9d5dc-bd39-488c-8bdf-dae9d27876ac} 5516 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe" -contentproc --channel="5516.3.635731655\1940184815" -childID 3 -isForBrowser -prefsHandle 3240 -prefMapHandle 3452 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\browser" - {185c4252-c3c2-4e49-9cbf-77bb313df4f0} 5516 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe" -contentproc --channel="5516.4.351703307\1166499369" -childID 4 -isForBrowser -prefsHandle 3664 -prefMapHandle 3452 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\browser" - {afc52e51-87e2-46a7-8a96-3349a00abff4} 5516 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe" -contentproc --channel="5516.5.418445824\65388671" -childID 5 -isForBrowser -prefsHandle 3824 -prefMapHandle 3828 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\browser" - {df128a6d-a4c8-4470-9aaf-091f2da7883f} 5516 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe" -contentproc --channel="5516.6.478620561\298823384" -childID 6 -isForBrowser -prefsHandle 4084 -prefMapHandle 4080 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\browser" - {3194bdc3-9f10-4bda-ba53-19c99c021e65} 5516 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe" -contentproc --channel="5516.7.1255683366\356394459" -childID 7 -isForBrowser -prefsHandle 4564 -prefMapHandle 4560 -prefsLen 25491 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\browser" - {b5956ac1-a8fa-4235-9a49-7281cca153b1} 5516 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49002\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI49002\geckodriver.exe --port 50121 --websocket-port 50122
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50122 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileHn267p
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50122 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileHn267p
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe" -contentproc --channel="5440.0.935760921\447257146" -parentBuildID 20240416150000 -prefsHandle 1676 -prefMapHandle 1668 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\browser" - {402cfea3-5413-442d-b0c3-366c912e26d1} 5440 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe" -contentproc --channel="5440.1.798727873\1233719679" -childID 1 -isForBrowser -prefsHandle 2628 -prefMapHandle 2624 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1316 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\browser" - {a9a95bb2-5f24-4ff6-b366-31bc03ee5d92} 5440 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe" -contentproc --channel="5440.2.1744716390\1783502998" -childID 2 -isForBrowser -prefsHandle 3136 -prefMapHandle 3132 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1316 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\browser" - {06c45195-3c19-444c-836f-514202971805} 5440 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe" -contentproc --channel="5440.3.1362313184\794438405" -childID 3 -isForBrowser -prefsHandle 3640 -prefMapHandle 3656 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1316 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\browser" - {b5f4ef8b-ce39-4e48-9446-4e8f5b03fc6b} 5440 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe" -contentproc --channel="5440.4.809961439\173216368" -childID 4 -isForBrowser -prefsHandle 3996 -prefMapHandle 3992 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1316 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\browser" - {1be6cc70-4026-4584-be41-2e40c9a2512c} 5440 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe" -contentproc --channel="5440.5.892547166\1323772836" -childID 5 -isForBrowser -prefsHandle 4156 -prefMapHandle 4160 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1316 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\browser" - {ceda0285-777b-434e-91bc-975934efcd61} 5440 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe" -contentproc --channel="5440.6.611813328\666413256" -childID 6 -isForBrowser -prefsHandle 4340 -prefMapHandle 4344 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1316 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\browser" - {e81bec6e-ee85-4f72-978d-549abe5c06ab} 5440 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe" -contentproc --channel="5440.7.512657034\13201857" -childID 7 -isForBrowser -prefsHandle 4332 -prefMapHandle 4804 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1316 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\browser" - {60930805-f3c4-4966-b962-204260e81827} 5440 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49002\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI49002\geckodriver.exe --port 50121 --websocket-port 50122
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50122 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile5E32oL
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50122 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile5E32oL
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe" -contentproc --channel="1428.0.1694549207\656262186" -parentBuildID 20240416150000 -prefsHandle 1660 -prefMapHandle 1652 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\browser" - {3c1e59c0-9f08-4d1f-98cc-940f8a5fe919} 1428 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe" -contentproc --channel="1428.1.1893824257\259660266" -childID 1 -isForBrowser -prefsHandle 2688 -prefMapHandle 2704 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1280 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\browser" - {7b259f5b-2f75-4391-a2db-c9637af8cf21} 1428 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe" -contentproc --channel="1428.2.648826563\1551587713" -childID 2 -isForBrowser -prefsHandle 3236 -prefMapHandle 3232 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1280 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\browser" - {8fd29ff3-23fc-40a0-8fdb-83e76d3f338f} 1428 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe" -contentproc --channel="1428.3.1831029940\2085942200" -childID 3 -isForBrowser -prefsHandle 2688 -prefMapHandle 3488 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1280 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\browser" - {5e471fdb-ebf7-4fc7-9a45-12fc9b9a081e} 1428 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe" -contentproc --channel="1428.4.208449308\1734054117" -childID 4 -isForBrowser -prefsHandle 3828 -prefMapHandle 3824 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1280 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\browser" - {20ffaf44-9723-4907-b5ad-458c82206cda} 1428 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe" -contentproc --channel="1428.5.2069692677\1298002137" -childID 5 -isForBrowser -prefsHandle 3964 -prefMapHandle 3968 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1280 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\browser" - {280b5674-0cf7-4e8c-8c5e-f23188805364} 1428 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe" -contentproc --channel="1428.6.2065464740\1621323453" -childID 6 -isForBrowser -prefsHandle 4148 -prefMapHandle 4152 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1280 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\browser" - {863ab60f-95be-4fbf-97e0-d95329f89e94} 1428 tab
Network
| Country | Destination | Domain | Proto |
| GB | 142.250.187.234:443 | tcp | |
| US | 8.8.8.8:53 | 28.118.140.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.31.95.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| DE | 185.170.114.25:443 | tcp | |
| US | 8.8.8.8:53 | 25.114.170.185.in-addr.arpa | udp |
| N/A | 127.0.0.1:50224 | tcp | |
| N/A | 127.0.0.1:50228 | tcp | |
| N/A | 127.0.0.1:50121 | tcp | |
| N/A | 127.0.0.1:50121 | tcp | |
| N/A | 127.0.0.1:50319 | tcp | |
| DE | 45.145.41.146:9200 | tcp | |
| CZ | 89.203.249.226:9001 | tcp | |
| US | 8.8.8.8:53 | 226.249.203.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | 97.17.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 146.41.145.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.86.106.20.in-addr.arpa | udp |
| N/A | 127.0.0.1:9151 | tcp | |
| US | 8.8.8.8:53 | 205.201.50.20.in-addr.arpa | udp |
| N/A | 127.0.0.1:50327 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| US | 8.8.8.8:53 | udp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| US | 8.8.8.8:53 | udp | |
| N/A | 127.0.0.1:50121 | tcp | |
| N/A | 127.0.0.1:50121 | tcp | |
| N/A | 127.0.0.1:50121 | tcp | |
| N/A | 127.0.0.1:50671 | tcp | |
| N/A | 127.0.0.1:50679 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| NL | 164.215.103.126:9001 | tcp | |
| US | 8.8.8.8:53 | 126.103.215.164.in-addr.arpa | udp |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:50121 | tcp | |
| N/A | 127.0.0.1:50121 | tcp | |
| N/A | 127.0.0.1:50121 | tcp | |
| N/A | 127.0.0.1:51017 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51025 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:50121 | tcp | |
| N/A | 127.0.0.1:50121 | tcp | |
| N/A | 127.0.0.1:50121 | tcp | |
| N/A | 127.0.0.1:51364 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51372 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\_MEI49002\python38.dll
| MD5 | 26ba25d468a778d37f1a24f4514d9814 |
| SHA1 | b64fe169690557656ede3ae50d3c5a197fea6013 |
| SHA256 | 2f3e368f5bcc1dda5e951682008a509751e6395f7328fd0f02c4e1a11f67c128 |
| SHA512 | 80471bfeeab279ce4adfb9ee1962597fb8e1886b861e31bdff1e3aa0df06d93afeb3a3398e9519bab7152d4bd7d88fa9b328a2d7eb50a91eb60fead268912080 |
C:\Users\Admin\AppData\Local\Temp\_MEI49002\VCRUNTIME140.dll
| MD5 | 4a365ffdbde27954e768358f4a4ce82e |
| SHA1 | a1b31102eee1d2a4ed1290da2038b7b9f6a104a3 |
| SHA256 | 6a0850419432735a98e56857d5cfce97e9d58a947a9863ca6afadd1c7bcab27c |
| SHA512 | 54e4b6287c4d5a165509047262873085f50953af63ca0dcb7649c22aba5b439ab117a7e0d6e7f0a3e51a23e28a255ffd1ca1ddce4b2ea7f87bca1c9b0dbe2722 |
C:\Users\Admin\AppData\Local\Temp\_MEI49002\base_library.zip
| MD5 | 09f7062e078379845347034c2a63943e |
| SHA1 | 9683dd8ef7d72101674850f3db0e05c14039d5fd |
| SHA256 | 7c1c73de4909d11efb20028f4745a9c8494fb4ee8dcf2f049907115def3d2629 |
| SHA512 | a169825e9b0bb995a115134cf1f7b76a96b651acd472dc4ce8473900d8852fc93b9f87a26d2c64f7bb3dd76d5feb01eeb4af4945e0c0b95d5c9c97938fa85b34 |
C:\Users\Admin\AppData\Local\Temp\_MEI49002\_ctypes.pyd
| MD5 | 291a0a9b63bae00a4222a6df71a22023 |
| SHA1 | 7a6a2aad634ec30e8edb2d2d8d0895c708d84551 |
| SHA256 | 820e840759eed12e19f3c485fd819b065b49d9dc704ae3599a63077416d63324 |
| SHA512 | d43ef6fc2595936b17b0a689a00be04968f11d7c28945af4c3a74589bd05f415bf4cb3b4e22ac496490daff533755999a69d5962ccffd12e09c16130ed57fd09 |
C:\Users\Admin\AppData\Local\Temp\_MEI49002\libffi-7.dll
| MD5 | eef7981412be8ea459064d3090f4b3aa |
| SHA1 | c60da4830ce27afc234b3c3014c583f7f0a5a925 |
| SHA256 | f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081 |
| SHA512 | dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016 |
C:\Users\Admin\AppData\Local\Temp\_MEI49002\_bz2.pyd
| MD5 | a49c5f406456b79254eb65d015b81088 |
| SHA1 | cfc2a2a89c63df52947af3610e4d9b8999399c91 |
| SHA256 | ce4ef8ed1e72c1d3a6082d500a17a009eb6e8ed15022bf3b68a22291858feced |
| SHA512 | bbafeff8c101c7425dc9b8789117fe4c5e516d217181d3574d9d81b8fec4b0bd34f1e1fe6e406ae95584dc671f788cd7b05c8d700baf59fbf21de9c902edf7ae |
C:\Users\Admin\AppData\Local\Temp\_MEI49002\_lzma.pyd
| MD5 | cf9fd17b1706f3044a8f74f6d398d5f1 |
| SHA1 | c5cd0debbde042445b9722a676ff36a0ac3959ad |
| SHA256 | 9209ccc60115727b192bf7771551040ca6fdd50f9bf8c3d2eacbfd424e8245e4 |
| SHA512 | 5fe922c00c6f7fd3cd9bc56fc51de1f44adffbdb0afc0583f1bb08008be628b9ac16f8560b0c3ba16138e1cdcaf1c525ef24241bed804804cdeb5961aed6385a |
C:\Users\Admin\AppData\Local\Temp\_MEI49002\top-1m.csv
| MD5 | ba0857be5e9736dde1f5cc44edd5d21b |
| SHA1 | b130759907909cc97bfe0d9a1fd65b8942c931aa |
| SHA256 | 7800cdef850c31931b2b520a42f858c4feb5ca86d6b3789e6173a02e909595ca |
| SHA512 | 08446902bc588e323b8fc551502ff869be6c2bb64f788d1bebfcc30a04c3e589b0616e84fc55de3d81d7b19b26e690024a442e6a27096808bc613bcecf3f6db4 |
C:\Users\Admin\AppData\Local\Temp\_MEI49002\_ssl.pyd
| MD5 | d4dfd8c2894670e9f8d6302c09997300 |
| SHA1 | c3a6cc8d8079a06a4cac8950e0baba2b43fb1f8e |
| SHA256 | 0a721fc230eca278a69a2006e13dfa00e698274281378d4df35227e1f68ea3e0 |
| SHA512 | 1422bf45d233e2e3f77dce30ba0123625f2a511f73dfdf42ee093b1755963d9abc371935111c28f0d2c02308c5e82867de2546d871c35e657da32a7182026048 |
C:\Users\Admin\AppData\Local\Temp\_MEI49002\_socket.pyd
| MD5 | 4827652de133c83fa1cae839b361856c |
| SHA1 | 182f9a04bdc42766cfd5fb352f2cb22e5c26665e |
| SHA256 | 87832a3b89e2ada8f704a8f066013660d591d9ce01ce901cc57a3b973f0858ba |
| SHA512 | 8d66d68613fdba0820257550de3c39b308b1dce659dca953d10a95ff2cf89c31afe512d30ed44422b31117058dc9fa15279e5ac84694da89b47f99b0ad7e338a |
C:\Users\Admin\AppData\Local\Temp\_MEI49002\_queue.pyd
| MD5 | dd146e2fa08302496b15118bf47703cf |
| SHA1 | d06813e2fcb30cbb00bb3893f30c2661686cf4b7 |
| SHA256 | 67e4e888559ea2c62ff267b58d7a7e95c2ec361703b5aa232aa8b2a1f96a2051 |
| SHA512 | 5b93a782c9562370fc5b3f289ca422b4d1a1c532e81bd6c95a0063f2e3889ecf828003e42b674439fc7cd0fa72f64ad607bab6910abe9d959a4fb9fb08df263c |
C:\Users\Admin\AppData\Local\Temp\_MEI49002\_hashlib.pyd
| MD5 | 5e5af52f42eaf007e3ac73fd2211f048 |
| SHA1 | 1a981e66ab5b03f4a74a6bac6227cd45df78010b |
| SHA256 | a30cf1a40e0b09610e34be187f1396ac5a44dcfb27bc7ff9b450d1318b694c1b |
| SHA512 | bc37625005c3dad1129b158a2f1e91628d5c973961e0efd61513bb6c7b97d77922809afca8039d08c11903734450bc098c6e7b63655ff1e9881323e5cfd739fd |
C:\Users\Admin\AppData\Local\Temp\_MEI49002\unicodedata.pyd
| MD5 | 601aee84e12b87ca66826dfc7ca57231 |
| SHA1 | 3a7812433ca7d443d4494446a9ced24b6774ceca |
| SHA256 | d8091e62c74e1b2b648086f778c3c41ce01f09661a75ea207d3fea2cf26a8762 |
| SHA512 | 7c2d64623c6cfd66d6729f59909c90aa944e810ff6514c58b2b3142ee90e8660b7ddf7fa187389dd333e47efe8b19e935dd4e9119c15375b69b4880d043877d7 |
C:\Users\Admin\AppData\Local\Temp\_MEI49002\select.pyd
| MD5 | e21cff76db11c1066fd96af86332b640 |
| SHA1 | e78ef7075c479b1d218132d89bf4bec13d54c06a |
| SHA256 | fcc2e09a2355a5546922874fb4cac92ee00a33c0ed6adbc440d128d1e9f4ec28 |
| SHA512 | e86dba2326ca5ea3f5ef3af2abd3c23d5b29b6211acc865b6be5a51d5c8850b7cda8c069e6f631ac62f2047224c4b675bbe6ac97c7ba781de5b8016ebaffd46f |
C:\Users\Admin\AppData\Local\Temp\_MEI49002\pyexpat.pyd
| MD5 | 2ae23047648257afa90d0ca96811979f |
| SHA1 | 0833cf7ccae477faa4656c74d593d0f59844cadd |
| SHA256 | 5caf51f12406bdb980db1361fab79c51be8cac0a2a0071a083adf4d84f423e95 |
| SHA512 | 13052eb183bb7eb8bb2740ff39f63805b69e920f2e21b482657a9995aa002579a88296b81ec415942511d2ed146689d1868b446f7e698e72da22f5c182706030 |
C:\Users\Admin\AppData\Local\Temp\_MEI49002\nss3.dll
| MD5 | 71747091d34cc634b9ad3c360b45b0a9 |
| SHA1 | 111cf483836f6a392f64bc9398a327be1c43dfc8 |
| SHA256 | 6e69c7c93a9d06c34c5f5429813d3763fe7ae4fb09c1dc5b0f0290b2dd8befcf |
| SHA512 | b911fd3b201a84c7663135c2dbf72e2368d68557181f5e1a32be271b0e73181f34990575fba44002fc92bae7d90caf530b7ec9212d3d022b4526906f0c2eb35a |
C:\Users\Admin\AppData\Local\Temp\_MEI49002\mozglue.dll
| MD5 | 3e4d1ec1d2a6e85593459601b5a0a828 |
| SHA1 | 92ee422285282dcb170cbc7808299d14d8d27963 |
| SHA256 | eefcf97ee8a298c85c9d4d44bb8747c0cca1ef5922e25000814148fd0fbfb2f5 |
| SHA512 | 4fe70fdbf8c902497537fbcda6e96373c636521aba2db52e3047abad37a9b857ab1668f203bcdf2815bbe0c485ec751dd6031043f459fd4af968c5d495e44ba4 |
C:\Users\Admin\AppData\Local\Temp\_MEI49002\mozavutil.dll
| MD5 | 4ecbb73d44518fc2b601a1ac9a38dcad |
| SHA1 | f7c96e85d5b32af8efb784e75164ec4f0c6f4f10 |
| SHA256 | 7f629ecfd36353139e9b067dc5ba84b411ed74132aef01b4430ccb016af46a52 |
| SHA512 | 12946996b2bdd87dd08cf046b37ff21dc23ab336c92d2b42cfa2000743c79524205004623b67505294080f60f9b5433005457f8a385e0461cef2cded6aa3d610 |
C:\Users\Admin\AppData\Local\Temp\_MEI49002\libssl-1_1.dll
| MD5 | 50bcfb04328fec1a22c31c0e39286470 |
| SHA1 | 3a1b78faf34125c7b8d684419fa715c367db3daa |
| SHA256 | fddd0da02dcd41786e9aa04ba17ba391ce39dae6b1f54cfa1e2bb55bc753fce9 |
| SHA512 | 370e6dfd318d905b79baf1808efbf6da58590f00006513bdaaed0c313f6fa6c36f634ea3b05f916cee59f4db25a23dd9e6f64caf3c04a200e78c193027f57685 |
C:\Users\Admin\AppData\Local\Temp\_MEI49002\libcrypto-1_1.dll
| MD5 | 89511df61678befa2f62f5025c8c8448 |
| SHA1 | df3961f833b4964f70fcf1c002d9fd7309f53ef8 |
| SHA256 | 296426e7ce11bc3d1cfa9f2aeb42f60c974da4af3b3efbeb0ba40e92e5299fdf |
| SHA512 | 9af069ea13551a4672fdd4635d3242e017837b76ab2815788148dd4c44b4cf3a650d43ac79cd2122e1e51e01fb5164e71ff81a829395bdb8e50bb50a33f0a668 |
C:\Users\Admin\AppData\Local\Temp\_MEI49002\lgpllibs.dll
| MD5 | 726abf1280adf3129481b94b2bc644c4 |
| SHA1 | 404f69e71296f2d199535e8a6d9fb56707fcbc5f |
| SHA256 | 8969747ecb7dfd4a6dcb9150017e14ebbf90ce558f6fb469f6b558d039e9259a |
| SHA512 | 160b57aa1a28ff35210cf958fd7821aa2cc1cf6fca1ea38d768fa90111826b096518363b00b6818d21743aefd6bbbfa358fbe2fe3afa95edacb330a747c6e5f3 |
C:\Users\Admin\AppData\Local\Temp\_MEI49002\geckodriver.exe
| MD5 | f60c542253cbe94f762e15c7b064b55d |
| SHA1 | 7a32f034217266db6d799893edc976e891a82944 |
| SHA256 | 989c9e22c08924ecb0ce8901889dcb4dc8db33b0b4c8c88ffea38fe89f04c6aa |
| SHA512 | 1a91ba760e9893521e417a4b6ab4a25c1a1d8aadf89ad98a60eb114f65a88f9d2616f3cc102c08b95a0e91d0cb7245ecc2b4fdbbbc17465c57844e6db2b2e8ca |
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
| MD5 | a3fb2788945937b22e92eeeb30fb4f15 |
| SHA1 | 8cade36d4d5067cd9a094ab2e4b3c786e3c160aa |
| SHA256 | 05b98840b05ef2acbac333543e4b7c3d40fee2ce5fb4e29260b05e2ff6fe24cd |
| SHA512 | 4897aefe3a0efffaa3d92842b42fe223f0b9882031a65bea683f4554d1fec92b8a66ea15c67e9b95c7fc12991cde3245010ccfb91768ba233711ced3412c13bc |
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\favicons.sqlite
| MD5 | 0351b833a5c095852e821535974441c8 |
| SHA1 | bcbf5c294852c2d80af7862d19791b994aea7706 |
| SHA256 | dd13400afe7ebe5d0be37c951ff961be293b63588cc3635a62fa5f071ab69eef |
| SHA512 | 3eaefe9e400fadf0b947036e15b4dc5c7b42fbbcb716426ba478073eff1e7d7bddf3f72c44dfb5fafe6712d7ea9f2c52c172607d719f238a22e432afdb618b97 |
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs.js
| MD5 | 8565a303ddc83b03f8662b034597de18 |
| SHA1 | ce6453779eb52055599ddba097a95ab82512ae5b |
| SHA256 | b6ffe8a2973d7050fd5ffcf7ee1c995eef8d8dc5d58cb0a05a6ca0953bd4c6bd |
| SHA512 | 2b667252645b7f1202582beb353fbb2320f81b1f2e42a8327792309709434092a953727b222a5d81bac1482a547a498ca5c9d3d2c772858746cf29d18c684566 |
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\sessionCheckpoints.json
| MD5 | 48fcad918c62db97e9af1dba1d131473 |
| SHA1 | d89381594d3241b0e645033f67572a5d8c166764 |
| SHA256 | dd8349e2789db1125b477971c5d445b6afb2f6ea3b57de65080631040900fe8c |
| SHA512 | 2278d074aab519859188b047c77fe7b4db718e0af237b63e06a1b095d7a1eb4e07d6ea59cab5d7b1325aae0047fadea36eae12a80bfefe112aab85fc18aa1ca3 |
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | 47539d0337e97e22a728afc2638d461f |
| SHA1 | d97b37079543b33b9b605c787945f809aed66fd6 |
| SHA256 | 262e52c5bbaa9bcd2dfcb4cf7da83a1efa95ebd0299f82031ad31a6ab19405a5 |
| SHA512 | 3810ebe80173d41785a42459fc5c4a8a31e56294f2c03fe99416925a34d242b88023565057201c9b6dcbdb97c8396d8305a723c0e31bb5b560b031b299672d4a |
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | cbb1daad9fc48ab13e35fcd3621a5999 |
| SHA1 | 0eec8ece735465aea259f8223762f93fb13a97a0 |
| SHA256 | 8a03ae38ee38cf04dd9a5e2c5563bfd930886cae2170ed4200829288e5c155da |
| SHA512 | 818629d68123ae629bd5a1c7e768ed79707360457be1b7c50f7c59447bf9ee398fe78c925f037649d6b1ca529a9cf3bf8077b6f525f3e88142c56bc7e5451e8b |
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage.sqlite
| MD5 | 7f2754df6a4a580b15910f449892766d |
| SHA1 | 9dcaad98563ed89781f53941cbc43db5454de7f5 |
| SHA256 | d3765d63c380e5a79296d566b7869c08b1f4e079787176f29cf2ddcd76330654 |
| SHA512 | 25f0205a8c4aed02e9e1f9ecafffb36cb3bb795ef9f06cc12ede9e8b0459ae5b86573b3b4980b92073a59204eaf314cba34c03b99e90ab98f804fe378fe02839 |
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | ecb1dedf5ef99417494e424ca42eb67f |
| SHA1 | e2a293cbba50c6624e75cdaffe472967f3961023 |
| SHA256 | cccd56daa3559a54db61113fbdb5b6c96649cdd65b5cf14bd442c3f2e3b738be |
| SHA512 | 5ea0645775933d5bd2f913d58e344253a58578c920af95bd0fb81ff4f13a4998a919f0856ffdc97541abf9fc3797558b0f2467bc73214b63c7ce568ba87e550b |
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\.metadata-v2
| MD5 | 7abc816e004d9ed0f292770cfa8876cb |
| SHA1 | 4a1eeb702543f0819ef7c64b9f3bfd53be292106 |
| SHA256 | 2960d61c10694d76f29beca0eb96c06608cf4bbf479811449a39197e8580842e |
| SHA512 | 9883b894e65a426227ea9808b69e2259f206df76bd9bb9e7c0ebd7521acbdad0a92c4a531f739c93b1e53001eca8a1a42e122baa1e1885b11d4ba34aae24961a |
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\ls-archive.sqlite
| MD5 | d277f533f1d77e26d09bb66764bbeea6 |
| SHA1 | 082920ebe7dfb870cf94a99fc601fd5ae8b456ee |
| SHA256 | 3c957f8d69ccfe73b66c28d378bf301bb1bcb0ceb5c59ac0dafeb5787b24f3c3 |
| SHA512 | 510c78685b20a68160d9041d5a55a022a281fc0fd5777f978dc422d132961bf52ac23a0a95ca47b15715641ecb7a39b359da8d00d305c8543d553c00db54747d |
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\.metadata-v2
| MD5 | 2c740091198dcf20b9c600791e2bcc3c |
| SHA1 | dd6f376ba9139ddec20ece64da0760054133db96 |
| SHA256 | e39504c71ba91c438c682a8c83c7ecfc5410b853d7788a4c561a8c6e90bdbe59 |
| SHA512 | a677a432a4af6b5ad0131d224d2e4c999c2340a54ba770f9f39429fd28ad05a921fcf65a1b714af5deae2419abcf8ab38472e15f0f8758ccf7b7769a40bafffc |
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\search.json.mozlz4
| MD5 | b6d7fc9b6ebc5f46500acc52bf6c9808 |
| SHA1 | 4fd8111c436d89b83890e98b4cb7d0343e568340 |
| SHA256 | 2bd35c40d02dfca6c685a001287d89c1ec743b8d4d87a0a568c1cbd0b5ba4974 |
| SHA512 | 7e7111112af9448be4da527ae1d76ed93ec1e236dd00db63ff30d93d1f29cd699193e1e2635b110dda3ec36502c25065ef7d1613537451916ea301eb0f3e084b |
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\places.sqlite
| MD5 | 2eeb46e1c58ff1cce4ac2d4d725b2cc6 |
| SHA1 | 89aa36e77e51da31fbbfd682a2acc91f6016d275 |
| SHA256 | e99e5ee165f2a0d5d39c5cc5a1d994c0534cf7caf8779f314f0e92b2d59d2b6a |
| SHA512 | 23d5e39c25375ef4a83713f44615078878253411cd6ca6c4a149de915cd491b328046ddd189a113585361faad6a47ebd6ead31f062681ab25b0f2832a988265e |
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\handlers.json
| MD5 | e7a65c5ead519a7b802f991353c26d3d |
| SHA1 | 34cc3c1cf9bd4912dba5fa422010934e46419fa3 |
| SHA256 | 0e5ce92485da953757f615bad034a43032b220da18f8165dd85347851b56b2d2 |
| SHA512 | 2a6034449ba6f5da8a77870ae665064047cea2460aeb4c8c0b62b308a403fdd30648150209aecc31ab1e50b6d9d94a1f51d3d7d50bbf35ec1b742bff2dbe788d |
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\webappsstore.sqlite
| MD5 | 41c22c9f81a84b1b0e5ee7ec2ff7c545 |
| SHA1 | d12424cba9e4e9124bf3f15e556c562b95c9b6a3 |
| SHA256 | 4ffdc78433817da79ad2e84b26a2ffaf62d8c1baf80421751d752c3d8723328f |
| SHA512 | 8b690c55ae0b25aeede62a09dea1ef6b7daa9880ca63c6d4ce192160daded05fe0dc44b115216ce10523e2ec45991873c249f159fe8608712818f5ead327897b |
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\xulstore.json
| MD5 | 8d689c06cb844185099c0398a280537e |
| SHA1 | 57073c7526ec37e94bb9db44fedc6d50276f7a6b |
| SHA256 | 96729e9b38f216605ff10715f96f364be32f02e2de23ede7e74b78244605124d |
| SHA512 | 3c7df326c695143915df1068cb2c0f58e93e4881b2c4d94b33948b80e954fbd4cf944ae53b4d15002b79fcdb8e88f8e9cf4c89ca50f56b7cfd8a13ea7dd6fff8 |
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\times.json
| MD5 | 797325af481a14ae243f10d5f24b4a0d |
| SHA1 | 718b6ed3d9d839b8fe0a0e097b9ac5f5770ed5a1 |
| SHA256 | 1d70eaebce1c81e3241ae47deb92aab50f90dd8baa4c7cb5e9f7eb6b1e66abb1 |
| SHA512 | ac9aa2b028bdffe24831ba50894fb48eb70b100f6973875987e24f075a3e9196f96699667eb3a5d2e4f86041d510447c75fe6e55562813451712878a3411c3b1 |
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions.json
| MD5 | e2e8f9cf938f81b1185086b12c5c9d90 |
| SHA1 | b67c857a7002b3262f09ffc9fa8524c58a01e5b9 |
| SHA256 | a053bba02f38179197090a9a9849aab872af5b09dc61b2f69efb0d8ea2d0f5e2 |
| SHA512 | 3bab571f5c43ff72ce1dd654b584d053cba937a3d3cc4d07cbf57ac7acc821b199b90fab66abc62dbe32e75297143c810c995d87df076e75a583e321d081d87f |
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extension-preferences.json
| MD5 | d2e8aceaa00ad916618bea2eee81aedf |
| SHA1 | 28b26f0db0b4b2504a418983089795761c56e4a1 |
| SHA256 | fc52b830f384921b69b457fed04dfb4239fb08e9fe7d8ac07c4c269bd9f6f622 |
| SHA512 | b6cb1f872dfc024d28524976aca3ad8840943ca0fc212326e8b6ee6fe0a57d5120a6c1da824ab70d7f9ee8dd674bdd32ace038db4d893b893830bf3267c6e59d |
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\datareporting\glean\db\data.safe.bin
| MD5 | b1c8aa9861b461806c9e738511edd6ae |
| SHA1 | fe13c1bbc7e323845cbe6a1bb89259cbd05595f8 |
| SHA256 | 7cea48e7add3340b36f47ba4ea2ded8d6cb0423ffc2a64b44d7e86e0507d6b70 |
| SHA512 | 841a0f8c98dd04dc9a4be2f05c34ecd511388c76d08ca0f415bfb6056166d9a521b8bc2c46b74697f3ecdac5141d1fe6af76dd0689350caca14e9f849ee75a8b |
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\cookies.sqlite
| MD5 | 5caa766855d5613a999f71b7812d6451 |
| SHA1 | ad0d9a52a0d5cc7f11858301dbe47377ed99ee37 |
| SHA256 | 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27 |
| SHA512 | 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba |
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\content-prefs.sqlite
| MD5 | 2ec530a71bdac21f299f9ddb823be222 |
| SHA1 | 5425aaf19c0832cda06be506e88f2435f432d287 |
| SHA256 | ccad2cafe84d27b3be67a87f0e32b7670e451c7ceefce6f2aa38f658976334b3 |
| SHA512 | 94eec8b0f59c68331d9187dd4dd4aa2b2c31d844e72bf707cd9e0c7c72c64982a3babcacf3d09a996422281ac5479ee304b41a577e54a74308d7a31a7d7091d4 |
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\containers.json
| MD5 | 26dd091069531a62061de8ca1c56d46b |
| SHA1 | 6c9daa73f096174f28f86c9bb245cb8a540f5c2d |
| SHA256 | 2cde4e7f9f1c6ab6fcf729370237845c72314a6c6d942fab1989f37e6c610a9a |
| SHA512 | 180d42c642f5d1126efbf89af33f1b4d1aa936aa530834b508eabcf3ec845aad91daa871ee6517e1181910f5720edbc3788d6a4b2455f1255d7b52b95de2d66d |
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\compatibility.ini
| MD5 | e50a617598b0f635e6f9ae4a9d445b78 |
| SHA1 | a372ec393dd6271bd00cf02f894152887765da8b |
| SHA256 | c9053fe76caf2607aa3043fa8b60070956198590dd8aab868145e0644cee30f5 |
| SHA512 | e851c226c38d4a6dfe43074d455fd75483d6c9b4d9521280a64f5b1913a055084d7764f13a8d0a12142a716a4031cc2ca4916c131d41c18a4d7a95128cb03bc0 |
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\addonStartup.json.lz4
| MD5 | 85de06e3d4c6f39404776f3c7162c59b |
| SHA1 | 3e4b8ecebaa9c903d220ee23d367be8e8ba27619 |
| SHA256 | 33d83687f45f4dbe12db0a0ce697cbce2c228d71ed474ad10a839ff7ce95012a |
| SHA512 | 6cd4cac7bd74ac01de30d242b2bc75e7dc2e23c0871250ae8176cc947553dbfc702a2392380acdad6bec355aea6dfa95708af54c560330c36c05bb0f34169963 |
C:\Users\Admin\AppData\Local\Temp\_MEI49002\Tor Browser\Browser\firefox.exe
| MD5 | 65aa9b0f57d72e4d70e9226322221adc |
| SHA1 | 85fec174d0977afd8c0100c9d9b53c958e1949bf |
| SHA256 | 51b63860fd996d6d5b1753ba6bb7f3a4303f13187fbfecc96ba2b6bae52a7410 |
| SHA512 | f84416a5e9293b8b82993e9424b13d5bb8542d1a379d04f498b60f0b5805626b7c97bcc6f86f6cfd33031b0d65d0ad23ce6d836995b5a481ed29f62ef89b2c85 |
memory/4432-483-0x00007FF98EAB0000-0x00007FF98EAB1000-memory.dmp
memory/4432-482-0x00007FF98F420000-0x00007FF98F421000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile9oWgNZ\prefs-1.js
| MD5 | 3448eca234519180337d221d127da387 |
| SHA1 | b17caefad3f7e8be2e554e2d10fa1a5a94634295 |
| SHA256 | 0e7342da501be471f396f0e11244fba9ad62dcb998d30d157cc66e608c435099 |
| SHA512 | d63175bdf1f1bdfa31c51dd1d516dc94d74a16d74138ad4ed3d6467b66e20101f33ec54317c9b853fb4eda3489505182b9a7731db4c53a80e971500e3219b06c |
C:\Users\Admin\AppData\Roaming\tor\cached-microdesc-consensus.tmp
| MD5 | 80e882ce8268212cf4db9fbe44f95336 |
| SHA1 | 85abc152168a20d8db2c6501aa43a97ea72efc8c |
| SHA256 | 32c7fa19bdf922f35368bbda1fd91b30fae89f7e8615c8224901e4e3454ee937 |
| SHA512 | eb6fc2086c0c5b1e2207c675e49713961246559ade42f65f5e1d51e6139e503eacceaa57542664f7161dc320df0403d90bc85e499aa2d0f09c4a3d4236920cd5 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile9oWgNZ\extensions.json
| MD5 | 2aec750c15430444421c447e291f9399 |
| SHA1 | e334d2a6410b2722dd6f52c43e9b3700c1628f7f |
| SHA256 | 3ccb64d8db294c8b8352ba295de25aeb34bbf85da5450f011906e1b93620d461 |
| SHA512 | 2ea3e58a1c8fc2ee14adcd4d68e6856026f4c3bc6002c7439ab754685bbfe71ca862214a7519e1c8da1774b247a00b1a0ac8aec6bd3ec5edde73888bf87d6b3b |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile9oWgNZ\prefs-1.js
| MD5 | 15a94632f8c348d746744b1cc5d144fd |
| SHA1 | 3d96e3702c198ffefa41729abff5311f551762cf |
| SHA256 | 5d13335d45c5c00bd7836fbf496114ca25787964f21cfb23accca3c2cba36654 |
| SHA512 | 8051d2adfcbc4a19fbe7e085b9118508150d9fe0fac6d1a02732e9a97aee40663a71c171bc2f7cd60f59c87be3fbacfa2fe3fcea74b3a623f19e0a80f151c46a |
C:\Users\Admin\AppData\Roaming\tor\cached-microdescs.new
| MD5 | 24436484bb21db120ada9f50b979e959 |
| SHA1 | 0c78f3dc8f0a83576b6f6f79f46522bf27936993 |
| SHA256 | 53e5c118b134aff30c29888e7c7cace0b605d909ee9a66522d578612e4de0a77 |
| SHA512 | fca89f864f17f4049952c299a71a3bda19a6439533760fa24f95e8ae47c31f8a65f243c9c62c4c4525e6453f34c3899ab4ce278493a203c2b1cad58cb50ab27f |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile9oWgNZ\prefs-1.js
| MD5 | d94b0a89cc47e19ab3545d2dfa3d42bc |
| SHA1 | ef6ef8dda89b6488571e5c0f04e2a5e766c21159 |
| SHA256 | da019fdb7eaa6b7d0ebca1f25d64abbb4a2f03ff97bdf80f8d4b6d44be269c2a |
| SHA512 | 5c378d60aba7cd92053115e048044fca280b5348389befa47dcae30883f1827eb152712e70398306e4a00fc958c144e24df5449d2c48e4a025f88296601d4cd1 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile9oWgNZ\prefs-1.js
| MD5 | abc660d509c0952c74585b2bd3222893 |
| SHA1 | 9ecc506d0b52150d63e21dcc2dbd87afee57d30b |
| SHA256 | d8facb38f141b1faee216bf715ed9c05c633244fc978c021eea2c8edaf7aa74f |
| SHA512 | 037db064571dd3c4c0c0abfd79007ca450a792ec26168ed2e2e5f61d260dfe2d2d4ce96ee0677e13911403847c5b00383291e14f3516c7bd971d2be5b3c4279b |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilebka8Vc\sessionCheckpoints.json
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilebka8Vc\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilebka8Vc\extension-preferences.json
| MD5 | b4298c9a240d6b7b63346daf94013802 |
| SHA1 | 9ce98168437854b51b198c16186c05129f0c273b |
| SHA256 | e120cdbe8994b9c61e74492f0fad161abb5b4e18f64d4b786a8c245ae5a384d5 |
| SHA512 | 545becc42b35be10b4c24fdc38ef6b664d167e4288111f31478f476c2c06794efb802ac0fa2b782cddea1283d295a56053e96520b033258bd596ff6fbb4f1b4c |
memory/5516-839-0x00000199B72F0000-0x00000199B7300000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilebka8Vc\startupCache\webext.sc.lz4
| MD5 | 1b799cc5b6cf681cfa54d37c8ce8cb06 |
| SHA1 | 2f0fae44eb2fe74542df923e37f0c7e23a74fd17 |
| SHA256 | ce654b3257aec215ee980682aa6a48628dac50252a09301efe8686ff3f406a03 |
| SHA512 | 10263e878623c9375095f150a83e5fe42fb5feccea139e107d37b2337f0c68c4f8a47952247d7e8517876a12dcd696202b8ecdf115577c0e416a489a280451d3 |
memory/5516-884-0x00000199B2E40000-0x00000199B2FB0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilebka8Vc\prefs-1.js
| MD5 | e619ea90498322b49d5c525201a65789 |
| SHA1 | d894580643f58bb1ab63595f74e943544f602f31 |
| SHA256 | 2a0afcad413ca0abbaa6ee589f0dc93b8cba0cb5cc3097f0fd4f2cf8cb5bfd63 |
| SHA512 | 18556d2bba09fe830218692a7172ca2d69ad9d700c312c51a88551c4fda4f342420e0c7095070a377a6d707a05cc2542d8e7cb1a9ce0befa3b79040e700a99ed |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilebka8Vc\broadcast-listeners.json
| MD5 | 97c3738563a9448365a735f5f29ed3d5 |
| SHA1 | 15a81433236ca6e6ecc4e1c8d0fdb8523b265c57 |
| SHA256 | 63221253f5c30efa214c2cd2adcf51a9c9f9a2c05f119b00a51c9579825c2c24 |
| SHA512 | ed98f42d5d02ab53a9e50f80b312bed4b5d05d053bec582cf9d619ef91251e86cf4f4d1123c645500fc1dc4673b49a8b7badd3f3a39f565ac643ca4fd0157ae6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilebka8Vc\prefs-1.js
| MD5 | 1ff74ff20ab59477198ef813d904d7ef |
| SHA1 | 2592a752003b4c4e9b6554240898c731349e984c |
| SHA256 | d8a4c4de64b2502fc65f6ee5bf6ade641944ef6da0c817a1571826242a980c34 |
| SHA512 | 7bf99eaa039d902b8c2e0406f7d1bb8174606998e838d53967b84f5b502d92b7a7196a3ae5867ac2b928073fd39359c768531efb4a12ee68170fdb1c19da1ee1 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilebka8Vc\sessionCheckpoints.json
| MD5 | 99601438ae1349b653fcd00278943f90 |
| SHA1 | 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9 |
| SHA256 | 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a |
| SHA512 | ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilebka8Vc\prefs-1.js
| MD5 | 844db71671c622a00ebb844ef4e76b7b |
| SHA1 | 7edbc7d00fdc92cb9f6cad8de92a57d04df3e4d8 |
| SHA256 | bcd31ab4123176b3ebd95820471ce7ca26c8e67f198d2c7f3a5acbabdd62a1c3 |
| SHA512 | 8c20e8711708a0e73c9eaaaab2d7606c02cb3f37619ef0ae7f6040970fd61789186a5695979088158fc48d674f0ff92fb6d97c5385016084534fa6be341c198a |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilebka8Vc\sessionCheckpoints.json
| MD5 | 65690c43c42921410ec8043e34f09079 |
| SHA1 | 362add4dbd0c978ae222a354a4e8d35563da14b4 |
| SHA256 | 7343d5a46e2fca762305a4f85c45484a49c1607ede8e8c4bd12bedd2327edb8d |
| SHA512 | c0208d51cf1586e75f22764b82c48ecbb42c1ff54aa412a85af13d686e0119b4e49e98450d25c70e3792d3b9c2cda0c5ab0c6931ebaf548693bb970a35ae62b9 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilebka8Vc\sessionCheckpoints.json
| MD5 | 2d87ba02e79c11351c1d478b06ca9b29 |
| SHA1 | 4b0fb1927ca869256e9e2e2d480c3feb8e67e6f1 |
| SHA256 | 16b7be97c92e0b75b9f8a3c22e90177941c7e6e3fbb97c8d46432554429f3524 |
| SHA512 | be7e128c140a88348c3676afc49a143227c013056007406c66a3cae16aae170543ca8a0749136702411f502f2c933891d7dcdde0db81c5733415c818f1668185 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilebka8Vc\xulstore.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileHn267p\user.js
| MD5 | 736db8c9b955f72129a6644a9c797093 |
| SHA1 | 59f1c80c407e27ffe85407a82f7b7250c5ee3753 |
| SHA256 | 668694ca0485bfb77e7049bad327ba3f83534f31c1d50744f227c996eab4097f |
| SHA512 | 9916d339304272357ff56976bfcb9fd2d607ccbaa33dc40b88618c9ae31833923d3f2e8288cfc1f0090da90803b5e07404c41182155db2d2345df6f63020f217 |
memory/5440-1166-0x00000208B7F90000-0x00000208B7FA0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileHn267p\prefs.js
| MD5 | 0856e4bc718ee7791ba6dd9d0249e437 |
| SHA1 | 0a3699f07b6c636bd6ab97cfe05c0e18948cad94 |
| SHA256 | 03d7fae4985b4439cd2ec16882d898c6c8a7208849d6cce22f8714c8efb0afbc |
| SHA512 | 8b6e6ce2ec223f537a8e4e0f2906a97345f288fb62455b1e5a481aa89bf97e9a2c3ad8db2dc5226800ef8396c72227b97fb2510559f8c828665e6dc4164e6132 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileHn267p\prefs-1.js
| MD5 | 76f22ac7ff3b52b924432395356c1b6a |
| SHA1 | 09eaf6e9bd3f8abce8e098959a11b537e06be775 |
| SHA256 | 52ddd2f956c20e52b07d16d0cb11c87ee19846fcf2c4b136f352f291dc62b77b |
| SHA512 | 35fc911f1d12e1576019b25b185685e13468e95bac614851ea079b3250373c3d9c84c00aecb0882b9f83c500d172965e986662050670a47f7aac00661e82a954 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileHn267p\startupCache\scriptCache-child-new.bin
| MD5 | 2724d7dd31542eea53805994d9290cd8 |
| SHA1 | 7b5d8536b060269d79848eaa6e2362333bc0f8ec |
| SHA256 | 72f0d983fa1c2017f7402b19caf50305d7bd8001ed4e7797bc3dc0528f3081a1 |
| SHA512 | 6ea98f95ca46f2b83081b546bf6238de11a829853105233bb29cf9ceeb69ace8c69ae90e94c9b5143f91f05713cfbf82f63265733f6233ecf5acb867758c1ee0 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileHn267p\prefs-1.js
| MD5 | 6f5df22b03a4423914ebaec55f6f23d7 |
| SHA1 | c3c4f406b214ff156217d55fabbffb65f19d83cc |
| SHA256 | d7711bc13cbf87ec854fec7aaa340cd57518d474e70d986e6623e22102a67373 |
| SHA512 | 0aa2745bb34d1c24ac7b34049445080edd9cb94e47c38c44e641b70ecf0121d37177141440f16615f41d8e518eb7d0dcb1dc1a59c303cc64e49ea7508874dafd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileHn267p\sessionCheckpoints.json.tmp
| MD5 | 29ce37dc02c78bbe2e5284d350fae004 |
| SHA1 | bab97d5908ea6592aef6b46cee1ded6f34693fa2 |
| SHA256 | 1bfee61e2f346959c53aa41add4b02d2b05c86c9f19ffefe1018f4a964bf4693 |
| SHA512 | 53a9eb746e193c088210d8eaa6218d988f3a67ee4cb21844d682ff0178db040932404f5ce2f3cf8b4576313ba0ec33c04ca288c3412bfa5df7dd8230cc2068bb |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile5E32oL\datareporting\glean\db\data.safe.tmp
| MD5 | c58234a092f9d899f0a623e28a4ab9db |
| SHA1 | 7398261b70453661c8b84df12e2bde7cbc07474b |
| SHA256 | eaec709a98b57cd9c054a205f9bfa76c7424db2845c077822804f31e16ac134c |
| SHA512 | ae2724fc45a8d9d26e43d86bcc7e20f398d8ab4e251e89550087ace1311c4d2571392f2f0bed78da211fcb28766779c1853b80742faa69f722b2c44c283569fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile5E32oL\addonStartup.json.lz4
| MD5 | 1beb1185b39b6a135001241e894b7d41 |
| SHA1 | d1f4f33337c74a8b6127333dac8890daef77d668 |
| SHA256 | 6ccff5b3bb3476fe6b91efc70db1864440a7cbb4999efba29413565e434209d6 |
| SHA512 | da1521edcb04ca7ae51680c2064297ee692ae80b0055fe37b4140c1986d8cc46d4703866966ffe423e8942ff2229fbc07df562080b24c5ba4c029b85efe00bf0 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile5E32oL\prefs.js
| MD5 | 249c3d29fd302d221690d1e12315c625 |
| SHA1 | 2a2396e6d05ddd40b5fe2cafeee05f9f534b7c0f |
| SHA256 | 135efa70711e9bd9e44d4aefe04e9741adbd7ab396b32e04bfecd17be510b6c9 |
| SHA512 | c422cec31d0799e2ddf468929ff3f077af916968af83541a4291f17dea2dc064640834c98a98ff7fb0f234ee921cf8d3c65617b7f070b3b8b7ad3d9290ca4e1e |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile5E32oL\prefs.js
| MD5 | 304d865727841a8c2b659ae589e18caf |
| SHA1 | 3fcabbb1473808317aba3fd3a3ab3dc100b8118e |
| SHA256 | a03a9861191ff125db667fdc7bf0c91acb2a4aab7a29a9d4d6f09d9eecb14aa7 |
| SHA512 | 7a2ff4ba46a5bc8b5799eec5a642575ccda5d18502bab7fd2d9f38f90f5add344a1afe97056e8d140bd46cdf8a0d71f7f9b7abe111244093ffb6b3b6f0a83ef6 |
Analysis: behavioral5
Detonation Overview
Submitted
2024-05-09 01:55
Reported
2024-05-09 02:07
Platform
win11-20240419-en
Max time kernel
301s
Max time network
310s
Command Line
Signatures
Executes dropped EXE
Loads dropped DLL
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-1474490143-3221292397-4168103503-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1474490143-3221292397-4168103503-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1474490143-3221292397-4168103503-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1474490143-3221292397-4168103503-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1474490143-3221292397-4168103503-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1474490143-3221292397-4168103503-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "ver"
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\TorBrowser\Tor\tor.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Users\Admin\AppData\Local\Temp\_MEI49762\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI49762\geckodriver.exe --port 50003 --websocket-port 50004
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50004 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilekQv0bJ
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50004 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilekQv0bJ
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4392.0.1072575057\52367952" -parentBuildID 20240416150000 -prefsHandle 1696 -prefMapHandle 1688 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\browser" - {44ef63dd-8045-46cb-ac7d-bff4438222e4} 4392 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4392.1.730184561\1803859112" -childID 1 -isForBrowser -prefsHandle 1416 -prefMapHandle 2668 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1320 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\browser" - {297cf207-f727-46f1-88d0-bd5cc11e80f9} 4392 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4392.2.1356620528\653010266" -childID 2 -isForBrowser -prefsHandle 2328 -prefMapHandle 2560 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1320 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\browser" - {eece2630-909d-427e-aca3-0343f6c2a1e0} 4392 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4392.3.1129847608\1051972227" -childID 3 -isForBrowser -prefsHandle 3304 -prefMapHandle 3300 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1320 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\browser" - {26b2ca24-2d2a-4b41-b2f4-975fab993498} 4392 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4392.4.684717895\189718381" -childID 4 -isForBrowser -prefsHandle 3800 -prefMapHandle 3788 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1320 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\browser" - {cbd3bd2f-2a19-4ea1-a6ec-8ac6bafb4b2e} 4392 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4392.5.767604412\1234002545" -childID 5 -isForBrowser -prefsHandle 3956 -prefMapHandle 3960 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1320 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\browser" - {79ec2485-40ac-4101-aaa7-b5dee6d334c3} 4392 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4392.6.571418513\1548534735" -childID 6 -isForBrowser -prefsHandle 4220 -prefMapHandle 4216 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1320 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\browser" - {94e27752-5db3-4ea6-9856-43179f846819} 4392 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4392.7.468581521\1558490687" -childID 7 -isForBrowser -prefsHandle 4172 -prefMapHandle 4168 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1320 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\browser" - {6025164f-9bcc-4470-9e5f-785c0d0b10e9} 4392 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4392.8.1736320795\443929513" -childID 8 -isForBrowser -prefsHandle 4872 -prefMapHandle 4524 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1320 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\browser" - {96e24ff7-b951-4fa0-ad65-3e01528e81ac} 4392 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49762\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI49762\geckodriver.exe --port 50003 --websocket-port 50004
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50004 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilebI1NEf
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50004 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilebI1NEf
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4704.0.817014987\439162749" -parentBuildID 20240416150000 -prefsHandle 1676 -prefMapHandle 1668 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\browser" - {67c559dc-f1c4-459f-9d01-fe328f0d43d2} 4704 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4704.1.1230926406\865839802" -childID 1 -isForBrowser -prefsHandle 2804 -prefMapHandle 2496 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1356 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\browser" - {462e0d61-4ab0-4e9c-9e09-420197de3a05} 4704 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4704.2.164370412\2106131464" -childID 2 -isForBrowser -prefsHandle 3084 -prefMapHandle 2304 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1356 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\browser" - {a4a338fd-d064-4ee7-b9d3-14858079e76c} 4704 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4704.3.458981209\760997016" -childID 3 -isForBrowser -prefsHandle 3736 -prefMapHandle 3744 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1356 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\browser" - {b41af9d0-3450-46b1-9225-5ae594c56ff4} 4704 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4704.4.1950594643\1113346406" -childID 4 -isForBrowser -prefsHandle 3276 -prefMapHandle 2224 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1356 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\browser" - {7561a50b-cc73-4bb0-9dd2-df03c8626e72} 4704 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4704.5.1087778333\984107156" -childID 5 -isForBrowser -prefsHandle 4120 -prefMapHandle 4116 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1356 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\browser" - {83188f42-d04f-4ee0-ab21-f3eb1a9326a5} 4704 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4704.6.1851969128\1555414659" -childID 6 -isForBrowser -prefsHandle 4364 -prefMapHandle 4360 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1356 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\browser" - {6b685bf2-7c20-4ebf-9984-08f17425072e} 4704 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4704.7.868780999\905385103" -childID 7 -isForBrowser -prefsHandle 4496 -prefMapHandle 4500 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1356 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\browser" - {4f0e943d-9e86-466e-b5ef-4d980af3f9f4} 4704 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49762\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI49762\geckodriver.exe --port 50003 --websocket-port 50004
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50004 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile9dUh9n
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50004 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile9dUh9n
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4184.0.1581854541\505606882" -parentBuildID 20240416150000 -prefsHandle 1720 -prefMapHandle 1712 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\browser" - {af90820e-cd23-4617-9753-679a8dbb47fd} 4184 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4184.1.1869037675\2047872359" -childID 1 -isForBrowser -prefsHandle 2736 -prefMapHandle 2292 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1292 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\browser" - {b5970284-9ff3-45dd-9696-b177a95c5434} 4184 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4184.2.55556468\1050994102" -childID 2 -isForBrowser -prefsHandle 3076 -prefMapHandle 3004 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1292 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\browser" - {7843a786-f31f-4a82-82b0-8fc9ba069715} 4184 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4184.3.1026236081\1557658440" -childID 3 -isForBrowser -prefsHandle 3312 -prefMapHandle 3844 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1292 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\browser" - {fb360564-0c7a-433e-8590-d1feabe3f4a4} 4184 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4184.4.532534444\137081832" -childID 4 -isForBrowser -prefsHandle 2388 -prefMapHandle 3424 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1292 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\browser" - {81d594d2-abf5-43fa-b882-dfbed9a07fad} 4184 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4184.5.1320232558\476079016" -childID 5 -isForBrowser -prefsHandle 3984 -prefMapHandle 3988 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1292 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\browser" - {7ed87220-6af0-4500-ad07-98eabef0570e} 4184 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4184.6.1624335500\638644387" -childID 6 -isForBrowser -prefsHandle 4172 -prefMapHandle 4176 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1292 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\browser" - {cf81e881-040c-49ec-aecc-d2fe0069da40} 4184 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4184.7.1975473081\512477892" -childID 7 -isForBrowser -prefsHandle 3512 -prefMapHandle 3516 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1292 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\browser" - {9e34268e-82f8-4881-beb7-996afed6dbf1} 4184 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4184.8.1452757673\733978733" -childID 8 -isForBrowser -prefsHandle 3732 -prefMapHandle 4720 -prefsLen 25367 -prefMapSize 245849 -jsInitHandle 1292 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\browser" - {d12378eb-2fd9-407e-af70-60d550b0e55b} 4184 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49762\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI49762\geckodriver.exe --port 50003 --websocket-port 50004
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50004 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile4vepLg
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50004 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile4vepLg
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4468.0.1276787119\87292183" -parentBuildID 20240416150000 -prefsHandle 1700 -prefMapHandle 1692 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\browser" - {71fd0df2-ad46-445c-94e0-379bd8827ff9} 4468 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4468.1.677843129\907325088" -childID 1 -isForBrowser -prefsHandle 2808 -prefMapHandle 2816 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1296 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\browser" - {7cbf1e11-951b-46c4-b9f7-0425148718c4} 4468 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4468.2.488430963\800202885" -childID 2 -isForBrowser -prefsHandle 2444 -prefMapHandle 2516 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1296 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\browser" - {96248bb9-85f2-44f1-80f3-0a1402c1885b} 4468 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4468.3.579964293\1211730325" -childID 3 -isForBrowser -prefsHandle 2736 -prefMapHandle 3552 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1296 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\browser" - {e8b42c16-7843-4a17-9b30-a22b824589fc} 4468 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4468.4.831967810\2000247042" -childID 4 -isForBrowser -prefsHandle 1560 -prefMapHandle 1556 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1296 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\browser" - {edd18d36-ecb0-49bb-b446-c6fcc79d7805} 4468 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4468.5.1756836778\962425890" -childID 5 -isForBrowser -prefsHandle 3960 -prefMapHandle 3696 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1296 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\browser" - {f01f8ee6-2ff2-469d-a3e7-18ce45594ba6} 4468 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4468.6.1720788404\652646590" -childID 6 -isForBrowser -prefsHandle 4136 -prefMapHandle 4140 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1296 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\browser" - {298d6cec-0eb1-4959-985b-6d86dba9f05c} 4468 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49762\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI49762\geckodriver.exe --port 50003 --websocket-port 50004
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50004 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileb7He2d
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50004 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileb7He2d
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1888.0.2096434026\1906363740" -parentBuildID 20240416150000 -prefsHandle 1716 -prefMapHandle 1708 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\browser" - {3925dc76-2e65-407d-ad56-a7f9fd600cdc} 1888 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1888.1.120422817\757466465" -childID 1 -isForBrowser -prefsHandle 2776 -prefMapHandle 2224 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1304 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\browser" - {a7806d53-1972-4909-8cc8-087904377edd} 1888 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1888.2.1933161084\658751460" -childID 2 -isForBrowser -prefsHandle 3084 -prefMapHandle 3080 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1304 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\browser" - {0e438e28-bafa-44e7-a7d3-9aa16e4a208b} 1888 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1888.3.72766165\1925057179" -childID 3 -isForBrowser -prefsHandle 3716 -prefMapHandle 3372 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1304 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\browser" - {a7c1653d-87bb-47bc-b9f4-df5b1db3c845} 1888 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1888.4.1763942354\1984360890" -childID 4 -isForBrowser -prefsHandle 3968 -prefMapHandle 3960 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1304 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\browser" - {1013c326-8dd0-4478-aa07-f9ae29be9ed2} 1888 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1888.5.1269275234\1156928194" -childID 5 -isForBrowser -prefsHandle 4012 -prefMapHandle 4008 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1304 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\browser" - {21d4e1cc-e2a8-40a6-b88c-30560e1eb7d0} 1888 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1888.6.687386489\574122552" -childID 6 -isForBrowser -prefsHandle 4128 -prefMapHandle 4132 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1304 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\browser" - {8e010dfc-c911-418b-aff3-1fef39e4a704} 1888 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1888.7.1042345458\302541165" -childID 7 -isForBrowser -prefsHandle 4528 -prefMapHandle 4532 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1304 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\browser" - {801060ad-2f32-49b1-a86c-2cd348b4d0b7} 1888 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49762\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI49762\geckodriver.exe --port 50003 --websocket-port 50004
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50004 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilee0Swau
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50004 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilee0Swau
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1544.0.1029979754\372878105" -parentBuildID 20240416150000 -prefsHandle 1708 -prefMapHandle 1692 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\browser" - {7cb8f2cf-dec2-4303-9c33-2a9ab24afd11} 1544 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1544.1.61716180\391680586" -childID 1 -isForBrowser -prefsHandle 2548 -prefMapHandle 2776 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1312 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\browser" - {f8d1b50f-6754-48ea-ac43-24f02363e6ee} 1544 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1544.2.1454711387\1072554530" -childID 2 -isForBrowser -prefsHandle 3076 -prefMapHandle 3068 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1312 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\browser" - {8b4d3572-f3e0-42f7-bec7-10a33b75353e} 1544 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1544.3.2059577485\1292649993" -childID 3 -isForBrowser -prefsHandle 3464 -prefMapHandle 3636 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1312 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\browser" - {1c5434f6-7782-4f99-9fc1-06ab7fc9a419} 1544 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1544.4.1740534539\469725545" -childID 4 -isForBrowser -prefsHandle 3516 -prefMapHandle 3272 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1312 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\browser" - {7304fd3d-9866-4392-99ce-2e962d8fcafc} 1544 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1544.5.2059532917\229397634" -childID 5 -isForBrowser -prefsHandle 3852 -prefMapHandle 3856 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1312 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\browser" - {af0529f3-9e96-4794-a82d-388f9a82ec3b} 1544 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1544.6.1016114053\1797567514" -childID 6 -isForBrowser -prefsHandle 3960 -prefMapHandle 3964 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1312 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\browser" - {5954fa73-abef-4b5e-8611-ae1a0817d208} 1544 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1544.7.272076956\1187997864" -childID 7 -isForBrowser -prefsHandle 4528 -prefMapHandle 4524 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1312 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\browser" - {0f2ab30f-321a-4809-abcf-2ebd536d1a75} 1544 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1544.8.1907447345\1762406924" -childID 8 -isForBrowser -prefsHandle 8212 -prefMapHandle 8216 -prefsLen 25367 -prefMapSize 245849 -jsInitHandle 1312 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\browser" - {05967c16-377a-4422-805e-0422c5d93bb2} 1544 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1544.9.2060101860\356423387" -childID 9 -isForBrowser -prefsHandle 7944 -prefMapHandle 7948 -prefsLen 25367 -prefMapSize 245849 -jsInitHandle 1312 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\browser" - {61669af0-f603-42d4-9514-7e44667ada72} 1544 tab
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1544.10.456021926\967427030" -childID 10 -isForBrowser -prefsHandle 4468 -prefMapHandle 4420 -prefsLen 25367 -prefMapSize 245849 -jsInitHandle 1312 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\browser" - {da24ad23-d77f-4425-acff-6428eb9e6d64} 1544 tab
Network
| Country | Destination | Domain | Proto |
| FR | 51.159.181.146:443 | tcp | |
| US | 8.8.8.8:53 | 146.181.159.51.in-addr.arpa | udp |
| FI | 65.109.120.23:9001 | tcp | |
| DE | 148.251.83.53:8443 | tcp | |
| US | 8.8.8.8:53 | 23.120.109.65.in-addr.arpa | udp |
| N/A | 127.0.0.1:50008 | tcp | |
| N/A | 127.0.0.1:50010 | tcp | |
| N/A | 127.0.0.1:50003 | tcp | |
| N/A | 127.0.0.1:50003 | tcp | |
| N/A | 127.0.0.1:50211 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50219 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:50003 | tcp | |
| N/A | 127.0.0.1:50003 | tcp | |
| N/A | 127.0.0.1:50003 | tcp | |
| N/A | 127.0.0.1:50637 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50645 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50003 | tcp | |
| N/A | 127.0.0.1:50003 | tcp | |
| N/A | 127.0.0.1:50003 | tcp | |
| N/A | 127.0.0.1:50969 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50977 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50003 | tcp | |
| N/A | 127.0.0.1:50003 | tcp | |
| N/A | 127.0.0.1:50003 | tcp | |
| N/A | 127.0.0.1:51356 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51364 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50003 | tcp | |
| N/A | 127.0.0.1:50003 | tcp | |
| N/A | 127.0.0.1:50003 | tcp | |
| N/A | 127.0.0.1:51745 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51753 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50003 | tcp | |
| N/A | 127.0.0.1:50003 | tcp | |
| N/A | 127.0.0.1:50003 | tcp | |
| N/A | 127.0.0.1:52096 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:52104 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\_MEI49762\python38.dll
| MD5 | 26ba25d468a778d37f1a24f4514d9814 |
| SHA1 | b64fe169690557656ede3ae50d3c5a197fea6013 |
| SHA256 | 2f3e368f5bcc1dda5e951682008a509751e6395f7328fd0f02c4e1a11f67c128 |
| SHA512 | 80471bfeeab279ce4adfb9ee1962597fb8e1886b861e31bdff1e3aa0df06d93afeb3a3398e9519bab7152d4bd7d88fa9b328a2d7eb50a91eb60fead268912080 |
C:\Users\Admin\AppData\Local\Temp\_MEI49762\VCRUNTIME140.dll
| MD5 | 4a365ffdbde27954e768358f4a4ce82e |
| SHA1 | a1b31102eee1d2a4ed1290da2038b7b9f6a104a3 |
| SHA256 | 6a0850419432735a98e56857d5cfce97e9d58a947a9863ca6afadd1c7bcab27c |
| SHA512 | 54e4b6287c4d5a165509047262873085f50953af63ca0dcb7649c22aba5b439ab117a7e0d6e7f0a3e51a23e28a255ffd1ca1ddce4b2ea7f87bca1c9b0dbe2722 |
C:\Users\Admin\AppData\Local\Temp\_MEI49762\base_library.zip
| MD5 | 09f7062e078379845347034c2a63943e |
| SHA1 | 9683dd8ef7d72101674850f3db0e05c14039d5fd |
| SHA256 | 7c1c73de4909d11efb20028f4745a9c8494fb4ee8dcf2f049907115def3d2629 |
| SHA512 | a169825e9b0bb995a115134cf1f7b76a96b651acd472dc4ce8473900d8852fc93b9f87a26d2c64f7bb3dd76d5feb01eeb4af4945e0c0b95d5c9c97938fa85b34 |
C:\Users\Admin\AppData\Local\Temp\_MEI49762\_ctypes.pyd
| MD5 | 291a0a9b63bae00a4222a6df71a22023 |
| SHA1 | 7a6a2aad634ec30e8edb2d2d8d0895c708d84551 |
| SHA256 | 820e840759eed12e19f3c485fd819b065b49d9dc704ae3599a63077416d63324 |
| SHA512 | d43ef6fc2595936b17b0a689a00be04968f11d7c28945af4c3a74589bd05f415bf4cb3b4e22ac496490daff533755999a69d5962ccffd12e09c16130ed57fd09 |
C:\Users\Admin\AppData\Local\Temp\_MEI49762\libffi-7.dll
| MD5 | eef7981412be8ea459064d3090f4b3aa |
| SHA1 | c60da4830ce27afc234b3c3014c583f7f0a5a925 |
| SHA256 | f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081 |
| SHA512 | dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016 |
C:\Users\Admin\AppData\Local\Temp\_MEI49762\_bz2.pyd
| MD5 | a49c5f406456b79254eb65d015b81088 |
| SHA1 | cfc2a2a89c63df52947af3610e4d9b8999399c91 |
| SHA256 | ce4ef8ed1e72c1d3a6082d500a17a009eb6e8ed15022bf3b68a22291858feced |
| SHA512 | bbafeff8c101c7425dc9b8789117fe4c5e516d217181d3574d9d81b8fec4b0bd34f1e1fe6e406ae95584dc671f788cd7b05c8d700baf59fbf21de9c902edf7ae |
C:\Users\Admin\AppData\Local\Temp\_MEI49762\geckodriver.exe
| MD5 | f60c542253cbe94f762e15c7b064b55d |
| SHA1 | 7a32f034217266db6d799893edc976e891a82944 |
| SHA256 | 989c9e22c08924ecb0ce8901889dcb4dc8db33b0b4c8c88ffea38fe89f04c6aa |
| SHA512 | 1a91ba760e9893521e417a4b6ab4a25c1a1d8aadf89ad98a60eb114f65a88f9d2616f3cc102c08b95a0e91d0cb7245ecc2b4fdbbbc17465c57844e6db2b2e8ca |
C:\Users\Admin\AppData\Local\Temp\_MEI49762\_socket.pyd
| MD5 | 4827652de133c83fa1cae839b361856c |
| SHA1 | 182f9a04bdc42766cfd5fb352f2cb22e5c26665e |
| SHA256 | 87832a3b89e2ada8f704a8f066013660d591d9ce01ce901cc57a3b973f0858ba |
| SHA512 | 8d66d68613fdba0820257550de3c39b308b1dce659dca953d10a95ff2cf89c31afe512d30ed44422b31117058dc9fa15279e5ac84694da89b47f99b0ad7e338a |
C:\Users\Admin\AppData\Local\Temp\_MEI49762\libcrypto-1_1.dll
| MD5 | 89511df61678befa2f62f5025c8c8448 |
| SHA1 | df3961f833b4964f70fcf1c002d9fd7309f53ef8 |
| SHA256 | 296426e7ce11bc3d1cfa9f2aeb42f60c974da4af3b3efbeb0ba40e92e5299fdf |
| SHA512 | 9af069ea13551a4672fdd4635d3242e017837b76ab2815788148dd4c44b4cf3a650d43ac79cd2122e1e51e01fb5164e71ff81a829395bdb8e50bb50a33f0a668 |
C:\Users\Admin\AppData\Local\Temp\_MEI49762\select.pyd
| MD5 | e21cff76db11c1066fd96af86332b640 |
| SHA1 | e78ef7075c479b1d218132d89bf4bec13d54c06a |
| SHA256 | fcc2e09a2355a5546922874fb4cac92ee00a33c0ed6adbc440d128d1e9f4ec28 |
| SHA512 | e86dba2326ca5ea3f5ef3af2abd3c23d5b29b6211acc865b6be5a51d5c8850b7cda8c069e6f631ac62f2047224c4b675bbe6ac97c7ba781de5b8016ebaffd46f |
C:\Users\Admin\AppData\Local\Temp\_MEI49762\_ssl.pyd
| MD5 | d4dfd8c2894670e9f8d6302c09997300 |
| SHA1 | c3a6cc8d8079a06a4cac8950e0baba2b43fb1f8e |
| SHA256 | 0a721fc230eca278a69a2006e13dfa00e698274281378d4df35227e1f68ea3e0 |
| SHA512 | 1422bf45d233e2e3f77dce30ba0123625f2a511f73dfdf42ee093b1755963d9abc371935111c28f0d2c02308c5e82867de2546d871c35e657da32a7182026048 |
C:\Users\Admin\AppData\Local\Temp\_MEI49762\libssl-1_1.dll
| MD5 | 50bcfb04328fec1a22c31c0e39286470 |
| SHA1 | 3a1b78faf34125c7b8d684419fa715c367db3daa |
| SHA256 | fddd0da02dcd41786e9aa04ba17ba391ce39dae6b1f54cfa1e2bb55bc753fce9 |
| SHA512 | 370e6dfd318d905b79baf1808efbf6da58590f00006513bdaaed0c313f6fa6c36f634ea3b05f916cee59f4db25a23dd9e6f64caf3c04a200e78c193027f57685 |
C:\Users\Admin\AppData\Local\Temp\_MEI49762\_hashlib.pyd
| MD5 | 5e5af52f42eaf007e3ac73fd2211f048 |
| SHA1 | 1a981e66ab5b03f4a74a6bac6227cd45df78010b |
| SHA256 | a30cf1a40e0b09610e34be187f1396ac5a44dcfb27bc7ff9b450d1318b694c1b |
| SHA512 | bc37625005c3dad1129b158a2f1e91628d5c973961e0efd61513bb6c7b97d77922809afca8039d08c11903734450bc098c6e7b63655ff1e9881323e5cfd739fd |
C:\Users\Admin\AppData\Local\Temp\_MEI49762\_queue.pyd
| MD5 | dd146e2fa08302496b15118bf47703cf |
| SHA1 | d06813e2fcb30cbb00bb3893f30c2661686cf4b7 |
| SHA256 | 67e4e888559ea2c62ff267b58d7a7e95c2ec361703b5aa232aa8b2a1f96a2051 |
| SHA512 | 5b93a782c9562370fc5b3f289ca422b4d1a1c532e81bd6c95a0063f2e3889ecf828003e42b674439fc7cd0fa72f64ad607bab6910abe9d959a4fb9fb08df263c |
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | 47539d0337e97e22a728afc2638d461f |
| SHA1 | d97b37079543b33b9b605c787945f809aed66fd6 |
| SHA256 | 262e52c5bbaa9bcd2dfcb4cf7da83a1efa95ebd0299f82031ad31a6ab19405a5 |
| SHA512 | 3810ebe80173d41785a42459fc5c4a8a31e56294f2c03fe99416925a34d242b88023565057201c9b6dcbdb97c8396d8305a723c0e31bb5b560b031b299672d4a |
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs.js
| MD5 | 8565a303ddc83b03f8662b034597de18 |
| SHA1 | ce6453779eb52055599ddba097a95ab82512ae5b |
| SHA256 | b6ffe8a2973d7050fd5ffcf7ee1c995eef8d8dc5d58cb0a05a6ca0953bd4c6bd |
| SHA512 | 2b667252645b7f1202582beb353fbb2320f81b1f2e42a8327792309709434092a953727b222a5d81bac1482a547a498ca5c9d3d2c772858746cf29d18c684566 |
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage.sqlite
| MD5 | 7f2754df6a4a580b15910f449892766d |
| SHA1 | 9dcaad98563ed89781f53941cbc43db5454de7f5 |
| SHA256 | d3765d63c380e5a79296d566b7869c08b1f4e079787176f29cf2ddcd76330654 |
| SHA512 | 25f0205a8c4aed02e9e1f9ecafffb36cb3bb795ef9f06cc12ede9e8b0459ae5b86573b3b4980b92073a59204eaf314cba34c03b99e90ab98f804fe378fe02839 |
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\xulstore.json
| MD5 | 8d689c06cb844185099c0398a280537e |
| SHA1 | 57073c7526ec37e94bb9db44fedc6d50276f7a6b |
| SHA256 | 96729e9b38f216605ff10715f96f364be32f02e2de23ede7e74b78244605124d |
| SHA512 | 3c7df326c695143915df1068cb2c0f58e93e4881b2c4d94b33948b80e954fbd4cf944ae53b4d15002b79fcdb8e88f8e9cf4c89ca50f56b7cfd8a13ea7dd6fff8 |
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\webappsstore.sqlite
| MD5 | 41c22c9f81a84b1b0e5ee7ec2ff7c545 |
| SHA1 | d12424cba9e4e9124bf3f15e556c562b95c9b6a3 |
| SHA256 | 4ffdc78433817da79ad2e84b26a2ffaf62d8c1baf80421751d752c3d8723328f |
| SHA512 | 8b690c55ae0b25aeede62a09dea1ef6b7daa9880ca63c6d4ce192160daded05fe0dc44b115216ce10523e2ec45991873c249f159fe8608712818f5ead327897b |
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\times.json
| MD5 | 797325af481a14ae243f10d5f24b4a0d |
| SHA1 | 718b6ed3d9d839b8fe0a0e097b9ac5f5770ed5a1 |
| SHA256 | 1d70eaebce1c81e3241ae47deb92aab50f90dd8baa4c7cb5e9f7eb6b1e66abb1 |
| SHA512 | ac9aa2b028bdffe24831ba50894fb48eb70b100f6973875987e24f075a3e9196f96699667eb3a5d2e4f86041d510447c75fe6e55562813451712878a3411c3b1 |
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | ecb1dedf5ef99417494e424ca42eb67f |
| SHA1 | e2a293cbba50c6624e75cdaffe472967f3961023 |
| SHA256 | cccd56daa3559a54db61113fbdb5b6c96649cdd65b5cf14bd442c3f2e3b738be |
| SHA512 | 5ea0645775933d5bd2f913d58e344253a58578c920af95bd0fb81ff4f13a4998a919f0856ffdc97541abf9fc3797558b0f2467bc73214b63c7ce568ba87e550b |
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\.metadata-v2
| MD5 | 7abc816e004d9ed0f292770cfa8876cb |
| SHA1 | 4a1eeb702543f0819ef7c64b9f3bfd53be292106 |
| SHA256 | 2960d61c10694d76f29beca0eb96c06608cf4bbf479811449a39197e8580842e |
| SHA512 | 9883b894e65a426227ea9808b69e2259f206df76bd9bb9e7c0ebd7521acbdad0a92c4a531f739c93b1e53001eca8a1a42e122baa1e1885b11d4ba34aae24961a |
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\ls-archive.sqlite
| MD5 | d277f533f1d77e26d09bb66764bbeea6 |
| SHA1 | 082920ebe7dfb870cf94a99fc601fd5ae8b456ee |
| SHA256 | 3c957f8d69ccfe73b66c28d378bf301bb1bcb0ceb5c59ac0dafeb5787b24f3c3 |
| SHA512 | 510c78685b20a68160d9041d5a55a022a281fc0fd5777f978dc422d132961bf52ac23a0a95ca47b15715641ecb7a39b359da8d00d305c8543d553c00db54747d |
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | cbb1daad9fc48ab13e35fcd3621a5999 |
| SHA1 | 0eec8ece735465aea259f8223762f93fb13a97a0 |
| SHA256 | 8a03ae38ee38cf04dd9a5e2c5563bfd930886cae2170ed4200829288e5c155da |
| SHA512 | 818629d68123ae629bd5a1c7e768ed79707360457be1b7c50f7c59447bf9ee398fe78c925f037649d6b1ca529a9cf3bf8077b6f525f3e88142c56bc7e5451e8b |
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\.metadata-v2
| MD5 | 2c740091198dcf20b9c600791e2bcc3c |
| SHA1 | dd6f376ba9139ddec20ece64da0760054133db96 |
| SHA256 | e39504c71ba91c438c682a8c83c7ecfc5410b853d7788a4c561a8c6e90bdbe59 |
| SHA512 | a677a432a4af6b5ad0131d224d2e4c999c2340a54ba770f9f39429fd28ad05a921fcf65a1b714af5deae2419abcf8ab38472e15f0f8758ccf7b7769a40bafffc |
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\sessionCheckpoints.json
| MD5 | 48fcad918c62db97e9af1dba1d131473 |
| SHA1 | d89381594d3241b0e645033f67572a5d8c166764 |
| SHA256 | dd8349e2789db1125b477971c5d445b6afb2f6ea3b57de65080631040900fe8c |
| SHA512 | 2278d074aab519859188b047c77fe7b4db718e0af237b63e06a1b095d7a1eb4e07d6ea59cab5d7b1325aae0047fadea36eae12a80bfefe112aab85fc18aa1ca3 |
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\search.json.mozlz4
| MD5 | b6d7fc9b6ebc5f46500acc52bf6c9808 |
| SHA1 | 4fd8111c436d89b83890e98b4cb7d0343e568340 |
| SHA256 | 2bd35c40d02dfca6c685a001287d89c1ec743b8d4d87a0a568c1cbd0b5ba4974 |
| SHA512 | 7e7111112af9448be4da527ae1d76ed93ec1e236dd00db63ff30d93d1f29cd699193e1e2635b110dda3ec36502c25065ef7d1613537451916ea301eb0f3e084b |
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\places.sqlite
| MD5 | 2eeb46e1c58ff1cce4ac2d4d725b2cc6 |
| SHA1 | 89aa36e77e51da31fbbfd682a2acc91f6016d275 |
| SHA256 | e99e5ee165f2a0d5d39c5cc5a1d994c0534cf7caf8779f314f0e92b2d59d2b6a |
| SHA512 | 23d5e39c25375ef4a83713f44615078878253411cd6ca6c4a149de915cd491b328046ddd189a113585361faad6a47ebd6ead31f062681ab25b0f2832a988265e |
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\handlers.json
| MD5 | e7a65c5ead519a7b802f991353c26d3d |
| SHA1 | 34cc3c1cf9bd4912dba5fa422010934e46419fa3 |
| SHA256 | 0e5ce92485da953757f615bad034a43032b220da18f8165dd85347851b56b2d2 |
| SHA512 | 2a6034449ba6f5da8a77870ae665064047cea2460aeb4c8c0b62b308a403fdd30648150209aecc31ab1e50b6d9d94a1f51d3d7d50bbf35ec1b742bff2dbe788d |
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\favicons.sqlite
| MD5 | 0351b833a5c095852e821535974441c8 |
| SHA1 | bcbf5c294852c2d80af7862d19791b994aea7706 |
| SHA256 | dd13400afe7ebe5d0be37c951ff961be293b63588cc3635a62fa5f071ab69eef |
| SHA512 | 3eaefe9e400fadf0b947036e15b4dc5c7b42fbbcb716426ba478073eff1e7d7bddf3f72c44dfb5fafe6712d7ea9f2c52c172607d719f238a22e432afdb618b97 |
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions.json
| MD5 | e2e8f9cf938f81b1185086b12c5c9d90 |
| SHA1 | b67c857a7002b3262f09ffc9fa8524c58a01e5b9 |
| SHA256 | a053bba02f38179197090a9a9849aab872af5b09dc61b2f69efb0d8ea2d0f5e2 |
| SHA512 | 3bab571f5c43ff72ce1dd654b584d053cba937a3d3cc4d07cbf57ac7acc821b199b90fab66abc62dbe32e75297143c810c995d87df076e75a583e321d081d87f |
C:\Users\Admin\AppData\Local\Temp\tmp_lc3sqda\webdriver-py-profilecopy\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
| MD5 | a3fb2788945937b22e92eeeb30fb4f15 |
| SHA1 | 8cade36d4d5067cd9a094ab2e4b3c786e3c160aa |
| SHA256 | 05b98840b05ef2acbac333543e4b7c3d40fee2ce5fb4e29260b05e2ff6fe24cd |
| SHA512 | 4897aefe3a0efffaa3d92842b42fe223f0b9882031a65bea683f4554d1fec92b8a66ea15c67e9b95c7fc12991cde3245010ccfb91768ba233711ced3412c13bc |
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extension-preferences.json
| MD5 | d2e8aceaa00ad916618bea2eee81aedf |
| SHA1 | 28b26f0db0b4b2504a418983089795761c56e4a1 |
| SHA256 | fc52b830f384921b69b457fed04dfb4239fb08e9fe7d8ac07c4c269bd9f6f622 |
| SHA512 | b6cb1f872dfc024d28524976aca3ad8840943ca0fc212326e8b6ee6fe0a57d5120a6c1da824ab70d7f9ee8dd674bdd32ace038db4d893b893830bf3267c6e59d |
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\datareporting\glean\db\data.safe.bin
| MD5 | b1c8aa9861b461806c9e738511edd6ae |
| SHA1 | fe13c1bbc7e323845cbe6a1bb89259cbd05595f8 |
| SHA256 | 7cea48e7add3340b36f47ba4ea2ded8d6cb0423ffc2a64b44d7e86e0507d6b70 |
| SHA512 | 841a0f8c98dd04dc9a4be2f05c34ecd511388c76d08ca0f415bfb6056166d9a521b8bc2c46b74697f3ecdac5141d1fe6af76dd0689350caca14e9f849ee75a8b |
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\cookies.sqlite
| MD5 | 5caa766855d5613a999f71b7812d6451 |
| SHA1 | ad0d9a52a0d5cc7f11858301dbe47377ed99ee37 |
| SHA256 | 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27 |
| SHA512 | 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba |
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\content-prefs.sqlite
| MD5 | 2ec530a71bdac21f299f9ddb823be222 |
| SHA1 | 5425aaf19c0832cda06be506e88f2435f432d287 |
| SHA256 | ccad2cafe84d27b3be67a87f0e32b7670e451c7ceefce6f2aa38f658976334b3 |
| SHA512 | 94eec8b0f59c68331d9187dd4dd4aa2b2c31d844e72bf707cd9e0c7c72c64982a3babcacf3d09a996422281ac5479ee304b41a577e54a74308d7a31a7d7091d4 |
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\containers.json
| MD5 | 26dd091069531a62061de8ca1c56d46b |
| SHA1 | 6c9daa73f096174f28f86c9bb245cb8a540f5c2d |
| SHA256 | 2cde4e7f9f1c6ab6fcf729370237845c72314a6c6d942fab1989f37e6c610a9a |
| SHA512 | 180d42c642f5d1126efbf89af33f1b4d1aa936aa530834b508eabcf3ec845aad91daa871ee6517e1181910f5720edbc3788d6a4b2455f1255d7b52b95de2d66d |
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\compatibility.ini
| MD5 | e50a617598b0f635e6f9ae4a9d445b78 |
| SHA1 | a372ec393dd6271bd00cf02f894152887765da8b |
| SHA256 | c9053fe76caf2607aa3043fa8b60070956198590dd8aab868145e0644cee30f5 |
| SHA512 | e851c226c38d4a6dfe43074d455fd75483d6c9b4d9521280a64f5b1913a055084d7764f13a8d0a12142a716a4031cc2ca4916c131d41c18a4d7a95128cb03bc0 |
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\addonStartup.json.lz4
| MD5 | 85de06e3d4c6f39404776f3c7162c59b |
| SHA1 | 3e4b8ecebaa9c903d220ee23d367be8e8ba27619 |
| SHA256 | 33d83687f45f4dbe12db0a0ce697cbce2c228d71ed474ad10a839ff7ce95012a |
| SHA512 | 6cd4cac7bd74ac01de30d242b2bc75e7dc2e23c0871250ae8176cc947553dbfc702a2392380acdad6bec355aea6dfa95708af54c560330c36c05bb0f34169963 |
C:\Users\Admin\AppData\Local\Temp\_MEI49762\unicodedata.pyd
| MD5 | 601aee84e12b87ca66826dfc7ca57231 |
| SHA1 | 3a7812433ca7d443d4494446a9ced24b6774ceca |
| SHA256 | d8091e62c74e1b2b648086f778c3c41ce01f09661a75ea207d3fea2cf26a8762 |
| SHA512 | 7c2d64623c6cfd66d6729f59909c90aa944e810ff6514c58b2b3142ee90e8660b7ddf7fa187389dd333e47efe8b19e935dd4e9119c15375b69b4880d043877d7 |
C:\Users\Admin\AppData\Local\Temp\_MEI49762\top-1m.csv
| MD5 | ba0857be5e9736dde1f5cc44edd5d21b |
| SHA1 | b130759907909cc97bfe0d9a1fd65b8942c931aa |
| SHA256 | 7800cdef850c31931b2b520a42f858c4feb5ca86d6b3789e6173a02e909595ca |
| SHA512 | 08446902bc588e323b8fc551502ff869be6c2bb64f788d1bebfcc30a04c3e589b0616e84fc55de3d81d7b19b26e690024a442e6a27096808bc613bcecf3f6db4 |
C:\Users\Admin\AppData\Local\Temp\_MEI49762\pyexpat.pyd
| MD5 | 2ae23047648257afa90d0ca96811979f |
| SHA1 | 0833cf7ccae477faa4656c74d593d0f59844cadd |
| SHA256 | 5caf51f12406bdb980db1361fab79c51be8cac0a2a0071a083adf4d84f423e95 |
| SHA512 | 13052eb183bb7eb8bb2740ff39f63805b69e920f2e21b482657a9995aa002579a88296b81ec415942511d2ed146689d1868b446f7e698e72da22f5c182706030 |
C:\Users\Admin\AppData\Local\Temp\_MEI49762\nss3.dll
| MD5 | 71747091d34cc634b9ad3c360b45b0a9 |
| SHA1 | 111cf483836f6a392f64bc9398a327be1c43dfc8 |
| SHA256 | 6e69c7c93a9d06c34c5f5429813d3763fe7ae4fb09c1dc5b0f0290b2dd8befcf |
| SHA512 | b911fd3b201a84c7663135c2dbf72e2368d68557181f5e1a32be271b0e73181f34990575fba44002fc92bae7d90caf530b7ec9212d3d022b4526906f0c2eb35a |
C:\Users\Admin\AppData\Local\Temp\_MEI49762\mozglue.dll
| MD5 | 3e4d1ec1d2a6e85593459601b5a0a828 |
| SHA1 | 92ee422285282dcb170cbc7808299d14d8d27963 |
| SHA256 | eefcf97ee8a298c85c9d4d44bb8747c0cca1ef5922e25000814148fd0fbfb2f5 |
| SHA512 | 4fe70fdbf8c902497537fbcda6e96373c636521aba2db52e3047abad37a9b857ab1668f203bcdf2815bbe0c485ec751dd6031043f459fd4af968c5d495e44ba4 |
C:\Users\Admin\AppData\Local\Temp\_MEI49762\mozavutil.dll
| MD5 | 4ecbb73d44518fc2b601a1ac9a38dcad |
| SHA1 | f7c96e85d5b32af8efb784e75164ec4f0c6f4f10 |
| SHA256 | 7f629ecfd36353139e9b067dc5ba84b411ed74132aef01b4430ccb016af46a52 |
| SHA512 | 12946996b2bdd87dd08cf046b37ff21dc23ab336c92d2b42cfa2000743c79524205004623b67505294080f60f9b5433005457f8a385e0461cef2cded6aa3d610 |
C:\Users\Admin\AppData\Local\Temp\_MEI49762\lgpllibs.dll
| MD5 | 726abf1280adf3129481b94b2bc644c4 |
| SHA1 | 404f69e71296f2d199535e8a6d9fb56707fcbc5f |
| SHA256 | 8969747ecb7dfd4a6dcb9150017e14ebbf90ce558f6fb469f6b558d039e9259a |
| SHA512 | 160b57aa1a28ff35210cf958fd7821aa2cc1cf6fca1ea38d768fa90111826b096518363b00b6818d21743aefd6bbbfa358fbe2fe3afa95edacb330a747c6e5f3 |
C:\Users\Admin\AppData\Local\Temp\_MEI49762\_lzma.pyd
| MD5 | cf9fd17b1706f3044a8f74f6d398d5f1 |
| SHA1 | c5cd0debbde042445b9722a676ff36a0ac3959ad |
| SHA256 | 9209ccc60115727b192bf7771551040ca6fdd50f9bf8c3d2eacbfd424e8245e4 |
| SHA512 | 5fe922c00c6f7fd3cd9bc56fc51de1f44adffbdb0afc0583f1bb08008be628b9ac16f8560b0c3ba16138e1cdcaf1c525ef24241bed804804cdeb5961aed6385a |
C:\Users\Admin\AppData\Roaming\tor\cached-microdesc-consensus
| MD5 | 80e882ce8268212cf4db9fbe44f95336 |
| SHA1 | 85abc152168a20d8db2c6501aa43a97ea72efc8c |
| SHA256 | 32c7fa19bdf922f35368bbda1fd91b30fae89f7e8615c8224901e4e3454ee937 |
| SHA512 | eb6fc2086c0c5b1e2207c675e49713961246559ade42f65f5e1d51e6139e503eacceaa57542664f7161dc320df0403d90bc85e499aa2d0f09c4a3d4236920cd5 |
C:\Users\Admin\AppData\Local\Temp\_MEI49762\Tor Browser\Browser\firefox.exe
| MD5 | 65aa9b0f57d72e4d70e9226322221adc |
| SHA1 | 85fec174d0977afd8c0100c9d9b53c958e1949bf |
| SHA256 | 51b63860fd996d6d5b1753ba6bb7f3a4303f13187fbfecc96ba2b6bae52a7410 |
| SHA512 | f84416a5e9293b8b82993e9424b13d5bb8542d1a379d04f498b60f0b5805626b7c97bcc6f86f6cfd33031b0d65d0ad23ce6d836995b5a481ed29f62ef89b2c85 |
memory/244-493-0x00007FF8C3910000-0x00007FF8C3911000-memory.dmp
memory/244-492-0x00007FF8C33C0000-0x00007FF8C33C1000-memory.dmp
memory/440-521-0x000001DF9C610000-0x000001DF9C6E6000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilekQv0bJ\prefs.js
| MD5 | a56c241010601228ec0309460cca7497 |
| SHA1 | 9436468a5a39b268748b1ae50ba49839ed27f923 |
| SHA256 | 9ff6009742539c51e1a7b4f1f2e83c7be84f28cc6fda38ec90bcb85844d7403c |
| SHA512 | 4db690681dd4c5d31c3244f3a740a184d36d01fda38be4a77c9959eb537345b6fdca6ed44b0ea49af308c4daaf447fba6427b3684e405fab0c7145b82a0499f9 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilekQv0bJ\extensions.json
| MD5 | 8aa41a12d47ed4f1ab52f4d2ec7b0423 |
| SHA1 | 705dbe9ef7e543a5371c57d83bc9f5415eed7e06 |
| SHA256 | aad8178392eacb8a5e71c0dbd46eede4b532d7bc7baec105346625b9f0b8e091 |
| SHA512 | ad0c27589f31b7a21297e305b8e28f0180d53256b456a7df2ba575377e31417ba12b33638f1ef64e4448316157f9064855db5adc155c1b7e3222a3a319410c58 |
memory/4392-555-0x0000025CE10A0000-0x0000025CE10B0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilekQv0bJ\prefs.js
| MD5 | ca7b65867c7fddf2a7c04263cf4a73a4 |
| SHA1 | 9f7099dc5972f0fadd8541180226026c04038c0d |
| SHA256 | 997f5279ed4f6e1b6dc92507e00bdb9a2cda040880b55dc4b5097e18ec52f9a4 |
| SHA512 | 483f2ec9243666023536f1fa9d3d3014d782d93c0656abf3b8d96fa3dda172d5c9010b71887b44adb28827ed454c7733dc7914a23a527a2dd64b2db92dfc6569 |
C:\Users\Admin\AppData\Roaming\tor\cached-microdescs.new
| MD5 | c8c33d756754a295bad4d21fd6d9468b |
| SHA1 | a4863a95b5440ec6e770e133a550fca9e5779826 |
| SHA256 | 67e74cb77e79cb988b4a1636c12c880b968165f81b7c7d59402d95c200e7cadf |
| SHA512 | 0a57548bab7dafd67c942741ea5c1b7c4603170d66932ddb990a35dbee43b3b6095d31c46310ace8aee590d3a2fede2eb2db414b9c78bc017414b909b4100949 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilekQv0bJ\prefs-1.js
| MD5 | 97af2321f20b2cc8a04aab117b19aba6 |
| SHA1 | 9e804b3bb2ec5741fcc2403ba86d10be8f8c692b |
| SHA256 | c9f12a860ca0d273358257c6752db0aef7d939c24862f25c3ff74dc222fffd05 |
| SHA512 | 9bc28f1d8b8aadbcbd99e2d53cf034e393de17458d0d3ff705dfe7fe154bad5739f8128fdb43f50cd68cba705cc1ef67a3017ea358af702179d8ca741b15a62b |
memory/244-647-0x000001F6AB000000-0x000001F6AB0D6000-memory.dmp
memory/1952-665-0x000001E451480000-0x000001E451556000-memory.dmp
memory/1720-664-0x000001CE81500000-0x000001CE815D6000-memory.dmp
memory/4052-667-0x00000268D7270000-0x00000268D7346000-memory.dmp
memory/3876-666-0x0000025B1CAD0000-0x0000025B1CBA6000-memory.dmp
memory/1448-673-0x0000024B41100000-0x0000024B411D6000-memory.dmp
memory/4752-686-0x00000205214C0000-0x0000020521596000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilekQv0bJ\prefs-1.js
| MD5 | d2ad830b1f1db79d8cd7e622e3411671 |
| SHA1 | 047d8b7494a2fbc562f8fc82ac439bde4a79c0eb |
| SHA256 | e83921a89e0fcb8134bb658a8416607fd58cf16c7838f18381a06bfd864a35da |
| SHA512 | fec3b88966de5c9e4c3fe0dcdf1bd90e8115800b9de3079baeee63ca0e9d0bc02155a83ddebbe3f8b1da58fcfe5d0e86951c87fd09d6658ab0cf2d0f0687ab79 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilekQv0bJ\prefs-1.js
| MD5 | 1e2717578ba9f01d06071bb208dbd51e |
| SHA1 | 2024da0f078e2af8323e504971ef7d083f8d97a6 |
| SHA256 | f6113f3aad877e479bc6b5434877769ba63c1a339e4948bce1388321653d49a7 |
| SHA512 | ce36df2a98acaa7a48d9af78a4abef080e46cfa8a3fb825eb72f600171e25c4dcd570339f499350a880a92ebf3efbeb0574915c41fca12e5f65625403b4cd837 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilebI1NEf\sessionCheckpoints.json
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilebI1NEf\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
memory/4808-903-0x000001B792820000-0x000001B7928F6000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilebI1NEf\extension-preferences.json
| MD5 | b4298c9a240d6b7b63346daf94013802 |
| SHA1 | 9ce98168437854b51b198c16186c05129f0c273b |
| SHA256 | e120cdbe8994b9c61e74492f0fad161abb5b4e18f64d4b786a8c245ae5a384d5 |
| SHA512 | 545becc42b35be10b4c24fdc38ef6b664d167e4288111f31478f476c2c06794efb802ac0fa2b782cddea1283d295a56053e96520b033258bd596ff6fbb4f1b4c |
memory/4704-944-0x0000026B558D0000-0x0000026B558E0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilebI1NEf\prefs-1.js
| MD5 | fbde5a0609c908bf65d088b6d3681bd1 |
| SHA1 | ed9610dfc5f592445f4d3d097f611e8b18e4728a |
| SHA256 | da8f30c705c2a466f85c4c17c1fd07428c2fcbf713dd89402fa5a583f65bc533 |
| SHA512 | b4725dc935bfd59e286b05a4dff0e65607e39c5c2d25c31c59474324fc35302d22d33d53b636f3d76727fdf6807e214307cdeb1970a81322ed3a64c9fc33f515 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilebI1NEf\startupCache\webext.sc.lz4
| MD5 | d0284d10ec2c0f50ccba9167a4ed9ba5 |
| SHA1 | a78901c7c9d2e8e9eb1d6a49a264715a5367a820 |
| SHA256 | 25248ba2072c6ecc0bd7c13d095f9ccfd0cfa6fd29cc157f8e1bcb121c750718 |
| SHA512 | 58e5e61211e3393b1376c6a5a0ad380bff5c4eb98f7cd434f163ebd7044bd803eb41485ebe2ba9ddbedfc651557d0515ed661eaaa3c87eced0a4a61dc73474b4 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilebI1NEf\prefs-1.js
| MD5 | a7225432038b736eb9fc55a330eedb42 |
| SHA1 | 295729985b53d9bd79852d6b3f07ce5930afeb13 |
| SHA256 | 18b24b1a91d7bd9dad327496cd1c7296aaa41c33aa5181a7aa6b0d6ba968e640 |
| SHA512 | b2142635fec02c34bd8560331d5a139a4f108763aab8ead9d461aa080e20d6314c73b63f61ae552a908f1df4b860b6e814ed9f2700b280f05093d1c80a354cc3 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilebI1NEf\sessionCheckpoints.json
| MD5 | 99601438ae1349b653fcd00278943f90 |
| SHA1 | 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9 |
| SHA256 | 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a |
| SHA512 | ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilebI1NEf\sessionCheckpoints.json
| MD5 | 65690c43c42921410ec8043e34f09079 |
| SHA1 | 362add4dbd0c978ae222a354a4e8d35563da14b4 |
| SHA256 | 7343d5a46e2fca762305a4f85c45484a49c1607ede8e8c4bd12bedd2327edb8d |
| SHA512 | c0208d51cf1586e75f22764b82c48ecbb42c1ff54aa412a85af13d686e0119b4e49e98450d25c70e3792d3b9c2cda0c5ab0c6931ebaf548693bb970a35ae62b9 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilebI1NEf\sessionCheckpoints.json
| MD5 | 2d87ba02e79c11351c1d478b06ca9b29 |
| SHA1 | 4b0fb1927ca869256e9e2e2d480c3feb8e67e6f1 |
| SHA256 | 16b7be97c92e0b75b9f8a3c22e90177941c7e6e3fbb97c8d46432554429f3524 |
| SHA512 | be7e128c140a88348c3676afc49a143227c013056007406c66a3cae16aae170543ca8a0749136702411f502f2c933891d7dcdde0db81c5733415c818f1668185 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilebI1NEf\xulstore.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilebI1NEf\datareporting\glean\db\data.safe.tmp
| MD5 | 1c3c58f7838dde7f753614d170f110fc |
| SHA1 | c17e5a486cecaddd6ced7217d298306850a87f48 |
| SHA256 | 81c14432135b2a50dc505904e87781864ca561efef9e94baeca3704d04e6db3d |
| SHA512 | 9f6e9bcb0bba9e2ce3d7dabe03b061e3fda3f6d7b0249ecf4dbc145dc78844386d047ee2ac95656a025ef808cd0fc451204dc98a1981cf2729091761661a3b49 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile9dUh9n\user.js
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile9dUh9n\startupCache\scriptCache-child-new.bin
| MD5 | f5d1636ce3602881a361d6b4ef15f97c |
| SHA1 | 6976e01e8f57aefc8a626d3b8967aa3a056930f9 |
| SHA256 | 01565f73663b891f84d82db21727226d9d0c622d3a43af33a0aa332ebf56d27c |
| SHA512 | fb0525447422216487f6b2cd6911a831af358f5d8fe97742db91541085e230841bb8a70460ebe29de85fd34020ccf4fd510719fad646338431203f23a14ea0bd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile9dUh9n\prefs-1.js
| MD5 | 09d7ee07e36d60b67fc34c3e3545354c |
| SHA1 | 5298c0ce6dd1c72933cde7a2ce36e45d07756070 |
| SHA256 | 45651dacc8974ff59674e131610c87f5ec27bc56cb2636c2eb64c8fc9d35cb03 |
| SHA512 | ae182d2aafdff2f4a6045b77f49a2601a200ed52583a8a24e1e9159d8c60044723ae5a0a610e71f701ea56d9b31673de5a618e6c5c96e3c47f9dd7f59a393e27 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile9dUh9n\broadcast-listeners.json
| MD5 | 97c3738563a9448365a735f5f29ed3d5 |
| SHA1 | 15a81433236ca6e6ecc4e1c8d0fdb8523b265c57 |
| SHA256 | 63221253f5c30efa214c2cd2adcf51a9c9f9a2c05f119b00a51c9579825c2c24 |
| SHA512 | ed98f42d5d02ab53a9e50f80b312bed4b5d05d053bec582cf9d619ef91251e86cf4f4d1123c645500fc1dc4673b49a8b7badd3f3a39f565ac643ca4fd0157ae6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile9dUh9n\prefs-1.js
| MD5 | ab640e5e95fa7beba5d6f2ba59c834f0 |
| SHA1 | c4715794528653b0056a99d37911d5884c7e207b |
| SHA256 | 418fb793c9faa0298ca6d7ab2f5e528622508ed3493539f5c8f99dba573a2480 |
| SHA512 | a9840d8c2880cd1d8eb5c0c2d37e53478f231a3ef51299c49ce77bd6b6737110a3217955040af5079f3e34c44ed52d1a1de58c03e7c1676eebdddb4755ceaaed |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile4vepLg\prefs.js
| MD5 | 825d1dff7fcaeca16fd9fba75bb3b4b7 |
| SHA1 | 951fe64ec5d690f1844c73024ac4a3690451bebb |
| SHA256 | 3e1a0d1407bcd5ba96ec2293f5813fe0d02ef409d485a1c7d0e21a0c92b80fee |
| SHA512 | 317013b43a5facaccb96a2c5c10454a4098f9eb2c93ab4faa8189010c1b30aa36f1674a7556339d1b5095510afb2064782740361a7d33bcbc7c77fc86ea5d28c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile4vepLg\prefs-1.js
| MD5 | fb5e3a164771d719623dfe3c984e0cd5 |
| SHA1 | b056940a85fef0cca21f4828aaee5d4b6e255f9b |
| SHA256 | 5d5e4e613f5907c40c8ae3eac35e23c6a16e85ae926130663f3637e831aeeda8 |
| SHA512 | 643cf8d0673795d3aae693cf4dfb7f8d41ddc21ecb5959d9e7350ced042c945d7a9b5083dfe92544b6a689ce77f6f9003aa9e2a26697ce1c0dd2f562f5b3a092 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile4vepLg\datareporting\glean\db\data.safe.tmp
| MD5 | 63b1bb87284efe954e1c3ae390e7ee44 |
| SHA1 | 75b297779e1e2a8009276dd8df4507eb57e4e179 |
| SHA256 | b017ee25a7f5c09eb4bf359ca721d67e6e9d9f95f8ce6f741d47f33bde6ef73a |
| SHA512 | f7768cbd7dd80408bd270e5a0dc47df588850203546bbc405adb0b096d00d45010d0fb64d8a6c050c83d81bd313094036f3d3af2916f1328f3899d76fad04895 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileb7He2d\compatibility.ini
| MD5 | ff5860cbf819403b5c5f80638d82dbab |
| SHA1 | b708bd81db632cb49fbd407897a0e1453649cbfd |
| SHA256 | 73bb2af630f8775d7ff0471bc1f33881271b5e31e331ada5760e6faebbe4d795 |
| SHA512 | 01f8f337f1ff47ae7baced21dc9bf67fcc90b9c27a47a0614e7ba31725e554dccf315c8f70a164348313998b8d95d83cd8672414e6a3dbdfab348ba54ecea345 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileb7He2d\WebDriverBiDiServer.json
| MD5 | 479915382d1d97f8157cf7bf839aee74 |
| SHA1 | 714d15bfa6832f9b9e1ca1d8f9a9201743fe8030 |
| SHA256 | fa2d76c28ee55290799cf8dd2c6507748c8caee64a004681095b8159f3d354b2 |
| SHA512 | f990b5591154a557f6dd095506a45d0ae151d3b39390249c2eac91de70647b0160c5a7fe45db36100f6207cf8d98219d6d02e3b0cb89dd7b9828c8f22f9ac815 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileb7He2d\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | 95c31cf4b28588fcc262f8180ca1c4e2 |
| SHA1 | 9cc5bd01f2ee39f47c271b5b52feb54cd055b95e |
| SHA256 | 87586251ae666f83d1627c9914ae416ac430bb0d4b76e8c8768dc32aa984efaf |
| SHA512 | 803a0169528f1a161c185c297435a1c0c2ca72c71699b6aa4b4b0d59d65b44407437d85a9bc2de46116ae6459ec02a050e789319052004652870413fbaa373ef |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileb7He2d\prefs-1.js
| MD5 | 2f0f50de24b5e2dd5a5d55919b1655c7 |
| SHA1 | df8d1b3577b4a3c22d3f34997d90b4ca691f5468 |
| SHA256 | 0029c28d3ed5aef10ed76b539a7c3c4c5ec9fe89a0e6fcec6bd4644612d264dc |
| SHA512 | 82a79eafb4b0a0ec322d0535d3b215e772df75f58d44465af398d4fb9b4fe2618d0aaf34cebef1d49d5a72db5e0a9c9fb3f1d5b5c6d78c802b6c78187dfd7615 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileb7He2d\storage-sync-v2.sqlite
| MD5 | bff4d6361e4126d963ab7dffdc7550ce |
| SHA1 | e2660c2f00b0aef4a81972c6a6093935d5aa40d5 |
| SHA256 | ad0828e5ff9d4188151772cd9af85827a431d122901486590c5734b62b4af2d2 |
| SHA512 | 8d967c085d343d50a76cf14e88ed2fb742a7195034ddbaacd57d2c47abf0218a5f6878528a8f37c8f3b61496f61b5e254d205003af87a3cf156ba12ea59f65bc |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileb7He2d\content-prefs.sqlite
| MD5 | b15425d1f21f5708184e35493e63c8a1 |
| SHA1 | e944c1fdf56a3f6a5150b77980e89d48c7b57be2 |
| SHA256 | 7a9012d1846763fe9dcb059035972a023ec29f2b9c03f865f0a6f6df6ef2a6c0 |
| SHA512 | 6b54e30e0a060261bdac98ef818d1053fbabf0d6b8a17efc729942729ed6e6dddb29063b079ddb1dcd1b4edfc85a0311cf821b4b3291372c834a00733456423f |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileb7He2d\prefs-1.js
| MD5 | 3e998d0398bce7eb4423413b90afcb1e |
| SHA1 | b78535151c11049bfe3684871913d703e5d5bd42 |
| SHA256 | 0728fa371d9f16c10fe1e1ed07c30c1ff55a720ac5873e5005d3cd0c31682267 |
| SHA512 | 61c5378cd235c18ac9465cbd2b06818ad0fb8415ba84598762539dccf5db750897b5b62ed65a93da6214b91e3d9eb1b80dd48691c97ea38396fa0d4e522bc35e |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilee0Swau\prefs.js
| MD5 | 901e600f218982c37dbc74b6c6062c94 |
| SHA1 | cc4367386afb5800da57636bf90b31777ce17318 |
| SHA256 | 2a562f5b87a8a6bccf8305ddb838fbb0a0279b382e5369769474b8dbaead81b4 |
| SHA512 | 306ec5a75e1841ab116d9d28e7009b038308b28ee14d7be777c48a78b9c7a83fb1b71d552b0a03226ba17d83735ba1bf6fc77a03eb3af7246e77c28702c14681 |
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-09 01:55
Reported
2024-05-09 02:07
Platform
win11-20240419-en
Max time kernel
297s
Max time network
310s
Command Line
Signatures
Executes dropped EXE
Loads dropped DLL
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-1474490143-3221292397-4168103503-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1474490143-3221292397-4168103503-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1474490143-3221292397-4168103503-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1474490143-3221292397-4168103503-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1474490143-3221292397-4168103503-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1474490143-3221292397-4168103503-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "ver"
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\TorBrowser\Tor\tor.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Users\Admin\AppData\Local\Temp\_MEI43402\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI43402\geckodriver.exe --port 50006 --websocket-port 50007
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50007 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile3CP6Dq
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50007 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile3CP6Dq
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe" -contentproc --channel="2944.0.919253022\2106096426" -parentBuildID 20240416150000 -prefsHandle 1688 -prefMapHandle 1680 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\browser" - {e3493e82-09af-49d3-981b-4db67e1c6bed} 2944 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe" -contentproc --channel="2944.1.1207849802\641654984" -childID 1 -isForBrowser -prefsHandle 2736 -prefMapHandle 2732 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\browser" - {caf734a3-89f7-485c-94cc-528731c2b119} 2944 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe" -contentproc --channel="2944.2.1337536553\737486660" -childID 2 -isForBrowser -prefsHandle 3116 -prefMapHandle 3112 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\browser" - {b3a55047-f7e5-45c0-8399-9280431217b4} 2944 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe" -contentproc --channel="2944.3.58831679\1020740982" -childID 3 -isForBrowser -prefsHandle 3392 -prefMapHandle 3312 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\browser" - {120c6472-028d-4711-ae94-4aecc8df175d} 2944 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe" -contentproc --channel="2944.4.441295323\1149700668" -childID 4 -isForBrowser -prefsHandle 3808 -prefMapHandle 3696 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\browser" - {80d3ace6-1676-448d-92dd-1c133abd2e47} 2944 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe" -contentproc --channel="2944.5.1329691050\984090930" -childID 5 -isForBrowser -prefsHandle 3324 -prefMapHandle 3340 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\browser" - {c7c1f795-bfb8-498e-b607-3e0d58998cb5} 2944 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe" -contentproc --channel="2944.6.17437893\612117250" -childID 6 -isForBrowser -prefsHandle 3156 -prefMapHandle 3120 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\browser" - {d1a5097d-5348-4051-9fa3-be3e2629fc2f} 2944 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe" -contentproc --channel="2944.7.107458201\1014911574" -childID 7 -isForBrowser -prefsHandle 3340 -prefMapHandle 3156 -prefsLen 25491 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\browser" - {065232af-1e78-443a-8b36-60c7563a241c} 2944 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43402\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI43402\geckodriver.exe --port 50006 --websocket-port 50007
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50007 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile1iZvCa
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50007 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile1iZvCa
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe" -contentproc --channel="716.0.1352354143\1855347048" -parentBuildID 20240416150000 -prefsHandle 1692 -prefMapHandle 1668 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\browser" - {5c1cc179-7407-456c-addc-0cb4e3890833} 716 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe" -contentproc --channel="716.1.845271577\98367383" -childID 1 -isForBrowser -prefsHandle 2192 -prefMapHandle 2448 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1280 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\browser" - {da59377e-a09f-47a9-882e-9e06b5015c68} 716 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe" -contentproc --channel="716.2.1137229131\1915369683" -childID 2 -isForBrowser -prefsHandle 3052 -prefMapHandle 3044 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1280 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\browser" - {18985969-930f-43c0-ab86-4f2645676b07} 716 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe" -contentproc --channel="716.3.717069953\1207092983" -childID 3 -isForBrowser -prefsHandle 3576 -prefMapHandle 3496 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1280 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\browser" - {44b8d5d0-7295-42a4-ac76-552d071822a8} 716 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe" -contentproc --channel="716.4.898396423\2034548767" -childID 4 -isForBrowser -prefsHandle 3760 -prefMapHandle 3280 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1280 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\browser" - {951ae56a-81bc-4fa0-9242-de123c8ac1da} 716 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe" -contentproc --channel="716.5.1869534046\107153689" -childID 5 -isForBrowser -prefsHandle 3064 -prefMapHandle 3832 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1280 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\browser" - {265240ca-37e8-4ffc-9142-f10d119301be} 716 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe" -contentproc --channel="716.6.259132111\25026383" -childID 6 -isForBrowser -prefsHandle 4044 -prefMapHandle 4048 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1280 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\browser" - {24cc0b7b-2333-46f3-b253-a708052ca091} 716 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43402\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI43402\geckodriver.exe --port 50006 --websocket-port 50007
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50007 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileviDNYF
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50007 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileviDNYF
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe" -contentproc --channel="2320.0.1106302937\894983197" -parentBuildID 20240416150000 -prefsHandle 1692 -prefMapHandle 1684 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\browser" - {4fcdb907-1830-4311-b871-49d81a2ab35b} 2320 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe" -contentproc --channel="2320.1.973534538\1283096431" -childID 1 -isForBrowser -prefsHandle 2684 -prefMapHandle 2856 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1292 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\browser" - {9b2a54b6-c923-4d69-86c7-9a1a664fe6fc} 2320 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe" -contentproc --channel="2320.2.1394937713\980057631" -childID 2 -isForBrowser -prefsHandle 3104 -prefMapHandle 3100 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1292 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\browser" - {2bc7f8ad-06a8-4148-8949-6c2118aa74ad} 2320 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe" -contentproc --channel="2320.3.2065323930\1067763098" -childID 3 -isForBrowser -prefsHandle 3524 -prefMapHandle 3464 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1292 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\browser" - {7d01fc12-a4b1-43fc-befc-f2c3eb1d5332} 2320 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe" -contentproc --channel="2320.4.221061726\1499266667" -childID 4 -isForBrowser -prefsHandle 4084 -prefMapHandle 3140 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1292 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\browser" - {b17ce0e9-53fa-4703-9822-a3ec1b9c41b6} 2320 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe" -contentproc --channel="2320.5.1244763680\1233958207" -childID 5 -isForBrowser -prefsHandle 4200 -prefMapHandle 4196 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1292 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\browser" - {72dfb5a9-bdec-4b8d-903f-dfe915206a1d} 2320 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe" -contentproc --channel="2320.6.457391877\2075402240" -childID 6 -isForBrowser -prefsHandle 4384 -prefMapHandle 4388 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1292 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\browser" - {a1aad640-1b91-4059-a79b-8615fafd6e15} 2320 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe" -contentproc --channel="2320.7.1517055774\2042809798" -childID 7 -isForBrowser -prefsHandle 4204 -prefMapHandle 4572 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1292 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\browser" - {5ef1f362-80d7-47a9-82b7-53a9dfd7c55b} 2320 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43402\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI43402\geckodriver.exe --port 50006 --websocket-port 50007
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50007 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileUQ4QtO
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50007 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileUQ4QtO
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe" -contentproc --channel="4840.0.2116710853\479365201" -parentBuildID 20240416150000 -prefsHandle 1700 -prefMapHandle 1692 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\browser" - {d75c5151-cdd7-4598-ad9c-85a2923739c5} 4840 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe" -contentproc --channel="4840.1.668475553\1638840071" -childID 1 -isForBrowser -prefsHandle 2292 -prefMapHandle 2820 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1308 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\browser" - {0305d094-282d-4745-bc37-102d24fefd0e} 4840 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe" -contentproc --channel="4840.2.953419833\1554386058" -childID 2 -isForBrowser -prefsHandle 3080 -prefMapHandle 3076 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1308 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\browser" - {ea2315a4-41b7-4e2a-8afd-1b8b5439d6d0} 4840 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe" -contentproc --channel="4840.3.1871855125\119094839" -childID 3 -isForBrowser -prefsHandle 3492 -prefMapHandle 3476 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1308 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\browser" - {2dc2269a-a834-4997-8c48-c4555ce0afd3} 4840 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe" -contentproc --channel="4840.4.686327398\1671333844" -childID 4 -isForBrowser -prefsHandle 3468 -prefMapHandle 3464 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1308 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\browser" - {1bb68b5e-c2d2-4d6c-bd47-e79f032f52d9} 4840 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe" -contentproc --channel="4840.5.1774234383\1898739031" -childID 5 -isForBrowser -prefsHandle 4056 -prefMapHandle 4052 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1308 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\browser" - {ded54108-8a97-4aa2-9300-8922b3cc6cfa} 4840 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe" -contentproc --channel="4840.6.1185174560\262003992" -childID 6 -isForBrowser -prefsHandle 4208 -prefMapHandle 4216 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1308 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\browser" - {b6700483-b4c4-4455-897a-7ee6a543947f} 4840 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe" -contentproc --channel="4840.7.1978839603\449912151" -childID 7 -isForBrowser -prefsHandle 4496 -prefMapHandle 3048 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1308 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\browser" - {40e80130-c9b5-440b-9ca2-d585768026fa} 4840 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43402\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI43402\geckodriver.exe --port 50006 --websocket-port 50007
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50007 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileJulh9r
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50007 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileJulh9r
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe" -contentproc --channel="4576.0.1921897076\1232084576" -parentBuildID 20240416150000 -prefsHandle 1692 -prefMapHandle 1684 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\browser" - {7bbea34b-2cc7-4e3a-a0a2-6d7cefca4c0d} 4576 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe" -contentproc --channel="4576.1.1729336446\578626463" -childID 1 -isForBrowser -prefsHandle 2520 -prefMapHandle 2824 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1376 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\browser" - {c3377335-3f66-467f-b517-3643a53afdf5} 4576 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe" -contentproc --channel="4576.2.1874077230\1448033958" -childID 2 -isForBrowser -prefsHandle 3080 -prefMapHandle 3076 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1376 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\browser" - {85f97fb6-875f-4f58-9775-e4f4dd4eef7b} 4576 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe" -contentproc --channel="4576.3.1787899960\1998845177" -childID 3 -isForBrowser -prefsHandle 3400 -prefMapHandle 3212 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1376 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\browser" - {0ed6d23a-8e9d-44b7-bae3-2108668b26a4} 4576 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe" -contentproc --channel="4576.4.921466778\503458084" -childID 4 -isForBrowser -prefsHandle 3188 -prefMapHandle 3184 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1376 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\browser" - {b549d346-a0aa-4272-a86d-8ed9730f50dc} 4576 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe" -contentproc --channel="4576.5.917882607\796447252" -childID 5 -isForBrowser -prefsHandle 3304 -prefMapHandle 3136 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1376 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\browser" - {2bbd1512-c7c4-4995-b876-31e191b76e2a} 4576 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe" -contentproc --channel="4576.6.442805580\51372668" -childID 6 -isForBrowser -prefsHandle 4020 -prefMapHandle 3932 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1376 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\browser" - {a0b776e6-6b2d-4b47-a7a7-9891b9d18341} 4576 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe" -contentproc --channel="4576.7.916211156\102441962" -childID 7 -isForBrowser -prefsHandle 2688 -prefMapHandle 2684 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1376 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\browser" - {84ab4abe-e130-4c7c-948b-33f0e40da59d} 4576 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe" -contentproc --channel="4576.8.773947450\1263564438" -childID 8 -isForBrowser -prefsHandle 2688 -prefMapHandle 2684 -prefsLen 25367 -prefMapSize 245849 -jsInitHandle 1376 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\browser" - {9b7dc642-7f37-437b-8ff4-915d322bfcff} 4576 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43402\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI43402\geckodriver.exe --port 50006 --websocket-port 50007
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50007 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile3dFeuz
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50007 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile3dFeuz
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe" -contentproc --channel="2260.0.2126967958\348241373" -parentBuildID 20240416150000 -prefsHandle 1700 -prefMapHandle 1680 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\browser" - {ea0efde5-0f78-460e-ad71-7c407157195f} 2260 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe" -contentproc --channel="2260.1.1357064975\534970490" -childID 1 -isForBrowser -prefsHandle 2572 -prefMapHandle 2948 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1292 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\browser" - {afb81f5b-4526-482e-b45e-4c916165af72} 2260 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe" -contentproc --channel="2260.2.1761722311\1864770921" -childID 2 -isForBrowser -prefsHandle 3076 -prefMapHandle 3068 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1292 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\browser" - {f81c90c5-a80a-49e3-8368-c87e0bdc188b} 2260 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe" -contentproc --channel="2260.3.159014830\948377607" -childID 3 -isForBrowser -prefsHandle 3552 -prefMapHandle 3556 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1292 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\browser" - {374482ee-3fde-4236-b94c-fa5a5e430615} 2260 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe" -contentproc --channel="2260.4.395496191\1156285569" -childID 4 -isForBrowser -prefsHandle 3788 -prefMapHandle 1560 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1292 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\browser" - {df601fd1-17be-4f29-a2e9-634184b548d0} 2260 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe" -contentproc --channel="2260.5.430849606\1031060845" -childID 5 -isForBrowser -prefsHandle 4024 -prefMapHandle 4020 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1292 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\browser" - {f3d110e8-c6f6-445f-97b1-4a3559672e08} 2260 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe" -contentproc --channel="2260.6.1509911034\431382756" -childID 6 -isForBrowser -prefsHandle 3996 -prefMapHandle 4004 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1292 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\browser" - {76fa67cb-955d-40b5-9618-5776b8682ca4} 2260 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe" -contentproc --channel="2260.7.909457598\789250840" -childID 7 -isForBrowser -prefsHandle 4468 -prefMapHandle 4152 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1292 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\browser" - {cbe77335-72e0-457d-920b-f4785e787251} 2260 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe" -contentproc --channel="2260.8.680911417\890242371" -childID 8 -isForBrowser -prefsHandle 4260 -prefMapHandle 4256 -prefsLen 25491 -prefMapSize 245849 -jsInitHandle 1292 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\browser" - {b2334e29-4597-4c9d-86be-921dd7c49115} 2260 tab
Network
| Country | Destination | Domain | Proto |
| AT | 140.78.100.23:5443 | tcp | |
| US | 8.8.8.8:53 | 23.100.78.140.in-addr.arpa | udp |
| FR | 94.23.168.79:9000 | tcp | |
| DE | 185.237.253.222:443 | tcp | |
| US | 8.8.8.8:53 | 222.253.237.185.in-addr.arpa | udp |
| N/A | 127.0.0.1:50109 | tcp | |
| N/A | 127.0.0.1:50111 | tcp | |
| N/A | 127.0.0.1:50006 | tcp | |
| N/A | 127.0.0.1:50006 | tcp | |
| N/A | 127.0.0.1:50215 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50224 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| DE | 185.237.253.222:443 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:50006 | tcp | |
| N/A | 127.0.0.1:50006 | tcp | |
| N/A | 127.0.0.1:50006 | tcp | |
| N/A | 127.0.0.1:50727 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50735 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50006 | tcp | |
| N/A | 127.0.0.1:50006 | tcp | |
| N/A | 127.0.0.1:50006 | tcp | |
| N/A | 127.0.0.1:51037 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51045 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| DE | 185.237.253.222:443 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50006 | tcp | |
| N/A | 127.0.0.1:50006 | tcp | |
| N/A | 127.0.0.1:50006 | tcp | |
| N/A | 127.0.0.1:51412 | tcp | |
| N/A | 127.0.0.1:51420 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50006 | tcp | |
| N/A | 127.0.0.1:50006 | tcp | |
| N/A | 127.0.0.1:50006 | tcp | |
| N/A | 127.0.0.1:51784 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51792 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| DE | 185.237.253.222:443 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| DE | 185.237.253.222:443 | tcp | |
| DE | 185.177.229.15:8080 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50006 | tcp | |
| N/A | 127.0.0.1:50006 | tcp | |
| N/A | 127.0.0.1:50006 | tcp | |
| N/A | 127.0.0.1:52232 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:52240 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| DE | 185.237.253.222:443 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\_MEI43402\python38.dll
| MD5 | 26ba25d468a778d37f1a24f4514d9814 |
| SHA1 | b64fe169690557656ede3ae50d3c5a197fea6013 |
| SHA256 | 2f3e368f5bcc1dda5e951682008a509751e6395f7328fd0f02c4e1a11f67c128 |
| SHA512 | 80471bfeeab279ce4adfb9ee1962597fb8e1886b861e31bdff1e3aa0df06d93afeb3a3398e9519bab7152d4bd7d88fa9b328a2d7eb50a91eb60fead268912080 |
C:\Users\Admin\AppData\Local\Temp\_MEI43402\VCRUNTIME140.dll
| MD5 | 4a365ffdbde27954e768358f4a4ce82e |
| SHA1 | a1b31102eee1d2a4ed1290da2038b7b9f6a104a3 |
| SHA256 | 6a0850419432735a98e56857d5cfce97e9d58a947a9863ca6afadd1c7bcab27c |
| SHA512 | 54e4b6287c4d5a165509047262873085f50953af63ca0dcb7649c22aba5b439ab117a7e0d6e7f0a3e51a23e28a255ffd1ca1ddce4b2ea7f87bca1c9b0dbe2722 |
C:\Users\Admin\AppData\Local\Temp\_MEI43402\base_library.zip
| MD5 | 09f7062e078379845347034c2a63943e |
| SHA1 | 9683dd8ef7d72101674850f3db0e05c14039d5fd |
| SHA256 | 7c1c73de4909d11efb20028f4745a9c8494fb4ee8dcf2f049907115def3d2629 |
| SHA512 | a169825e9b0bb995a115134cf1f7b76a96b651acd472dc4ce8473900d8852fc93b9f87a26d2c64f7bb3dd76d5feb01eeb4af4945e0c0b95d5c9c97938fa85b34 |
C:\Users\Admin\AppData\Local\Temp\_MEI43402\_ctypes.pyd
| MD5 | 291a0a9b63bae00a4222a6df71a22023 |
| SHA1 | 7a6a2aad634ec30e8edb2d2d8d0895c708d84551 |
| SHA256 | 820e840759eed12e19f3c485fd819b065b49d9dc704ae3599a63077416d63324 |
| SHA512 | d43ef6fc2595936b17b0a689a00be04968f11d7c28945af4c3a74589bd05f415bf4cb3b4e22ac496490daff533755999a69d5962ccffd12e09c16130ed57fd09 |
C:\Users\Admin\AppData\Local\Temp\_MEI43402\libffi-7.dll
| MD5 | eef7981412be8ea459064d3090f4b3aa |
| SHA1 | c60da4830ce27afc234b3c3014c583f7f0a5a925 |
| SHA256 | f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081 |
| SHA512 | dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016 |
C:\Users\Admin\AppData\Local\Temp\_MEI43402\_bz2.pyd
| MD5 | a49c5f406456b79254eb65d015b81088 |
| SHA1 | cfc2a2a89c63df52947af3610e4d9b8999399c91 |
| SHA256 | ce4ef8ed1e72c1d3a6082d500a17a009eb6e8ed15022bf3b68a22291858feced |
| SHA512 | bbafeff8c101c7425dc9b8789117fe4c5e516d217181d3574d9d81b8fec4b0bd34f1e1fe6e406ae95584dc671f788cd7b05c8d700baf59fbf21de9c902edf7ae |
C:\Users\Admin\AppData\Local\Temp\_MEI43402\_lzma.pyd
| MD5 | cf9fd17b1706f3044a8f74f6d398d5f1 |
| SHA1 | c5cd0debbde042445b9722a676ff36a0ac3959ad |
| SHA256 | 9209ccc60115727b192bf7771551040ca6fdd50f9bf8c3d2eacbfd424e8245e4 |
| SHA512 | 5fe922c00c6f7fd3cd9bc56fc51de1f44adffbdb0afc0583f1bb08008be628b9ac16f8560b0c3ba16138e1cdcaf1c525ef24241bed804804cdeb5961aed6385a |
C:\Users\Admin\AppData\Local\Temp\_MEI43402\geckodriver.exe
| MD5 | f60c542253cbe94f762e15c7b064b55d |
| SHA1 | 7a32f034217266db6d799893edc976e891a82944 |
| SHA256 | 989c9e22c08924ecb0ce8901889dcb4dc8db33b0b4c8c88ffea38fe89f04c6aa |
| SHA512 | 1a91ba760e9893521e417a4b6ab4a25c1a1d8aadf89ad98a60eb114f65a88f9d2616f3cc102c08b95a0e91d0cb7245ecc2b4fdbbbc17465c57844e6db2b2e8ca |
C:\Users\Admin\AppData\Local\Temp\_MEI43402\pyexpat.pyd
| MD5 | 2ae23047648257afa90d0ca96811979f |
| SHA1 | 0833cf7ccae477faa4656c74d593d0f59844cadd |
| SHA256 | 5caf51f12406bdb980db1361fab79c51be8cac0a2a0071a083adf4d84f423e95 |
| SHA512 | 13052eb183bb7eb8bb2740ff39f63805b69e920f2e21b482657a9995aa002579a88296b81ec415942511d2ed146689d1868b446f7e698e72da22f5c182706030 |
C:\Users\Admin\AppData\Local\Temp\_MEI43402\_ssl.pyd
| MD5 | d4dfd8c2894670e9f8d6302c09997300 |
| SHA1 | c3a6cc8d8079a06a4cac8950e0baba2b43fb1f8e |
| SHA256 | 0a721fc230eca278a69a2006e13dfa00e698274281378d4df35227e1f68ea3e0 |
| SHA512 | 1422bf45d233e2e3f77dce30ba0123625f2a511f73dfdf42ee093b1755963d9abc371935111c28f0d2c02308c5e82867de2546d871c35e657da32a7182026048 |
C:\Users\Admin\AppData\Local\Temp\_MEI43402\_queue.pyd
| MD5 | dd146e2fa08302496b15118bf47703cf |
| SHA1 | d06813e2fcb30cbb00bb3893f30c2661686cf4b7 |
| SHA256 | 67e4e888559ea2c62ff267b58d7a7e95c2ec361703b5aa232aa8b2a1f96a2051 |
| SHA512 | 5b93a782c9562370fc5b3f289ca422b4d1a1c532e81bd6c95a0063f2e3889ecf828003e42b674439fc7cd0fa72f64ad607bab6910abe9d959a4fb9fb08df263c |
C:\Users\Admin\AppData\Local\Temp\_MEI43402\_hashlib.pyd
| MD5 | 5e5af52f42eaf007e3ac73fd2211f048 |
| SHA1 | 1a981e66ab5b03f4a74a6bac6227cd45df78010b |
| SHA256 | a30cf1a40e0b09610e34be187f1396ac5a44dcfb27bc7ff9b450d1318b694c1b |
| SHA512 | bc37625005c3dad1129b158a2f1e91628d5c973961e0efd61513bb6c7b97d77922809afca8039d08c11903734450bc098c6e7b63655ff1e9881323e5cfd739fd |
C:\Users\Admin\AppData\Local\Temp\_MEI43402\unicodedata.pyd
| MD5 | 601aee84e12b87ca66826dfc7ca57231 |
| SHA1 | 3a7812433ca7d443d4494446a9ced24b6774ceca |
| SHA256 | d8091e62c74e1b2b648086f778c3c41ce01f09661a75ea207d3fea2cf26a8762 |
| SHA512 | 7c2d64623c6cfd66d6729f59909c90aa944e810ff6514c58b2b3142ee90e8660b7ddf7fa187389dd333e47efe8b19e935dd4e9119c15375b69b4880d043877d7 |
C:\Users\Admin\AppData\Local\Temp\_MEI43402\nss3.dll
| MD5 | 71747091d34cc634b9ad3c360b45b0a9 |
| SHA1 | 111cf483836f6a392f64bc9398a327be1c43dfc8 |
| SHA256 | 6e69c7c93a9d06c34c5f5429813d3763fe7ae4fb09c1dc5b0f0290b2dd8befcf |
| SHA512 | b911fd3b201a84c7663135c2dbf72e2368d68557181f5e1a32be271b0e73181f34990575fba44002fc92bae7d90caf530b7ec9212d3d022b4526906f0c2eb35a |
C:\Users\Admin\AppData\Local\Temp\_MEI43402\mozavutil.dll
| MD5 | 4ecbb73d44518fc2b601a1ac9a38dcad |
| SHA1 | f7c96e85d5b32af8efb784e75164ec4f0c6f4f10 |
| SHA256 | 7f629ecfd36353139e9b067dc5ba84b411ed74132aef01b4430ccb016af46a52 |
| SHA512 | 12946996b2bdd87dd08cf046b37ff21dc23ab336c92d2b42cfa2000743c79524205004623b67505294080f60f9b5433005457f8a385e0461cef2cded6aa3d610 |
C:\Users\Admin\AppData\Local\Temp\_MEI43402\_socket.pyd
| MD5 | 4827652de133c83fa1cae839b361856c |
| SHA1 | 182f9a04bdc42766cfd5fb352f2cb22e5c26665e |
| SHA256 | 87832a3b89e2ada8f704a8f066013660d591d9ce01ce901cc57a3b973f0858ba |
| SHA512 | 8d66d68613fdba0820257550de3c39b308b1dce659dca953d10a95ff2cf89c31afe512d30ed44422b31117058dc9fa15279e5ac84694da89b47f99b0ad7e338a |
C:\Users\Admin\AppData\Local\Temp\_MEI43402\top-1m.csv
| MD5 | ba0857be5e9736dde1f5cc44edd5d21b |
| SHA1 | b130759907909cc97bfe0d9a1fd65b8942c931aa |
| SHA256 | 7800cdef850c31931b2b520a42f858c4feb5ca86d6b3789e6173a02e909595ca |
| SHA512 | 08446902bc588e323b8fc551502ff869be6c2bb64f788d1bebfcc30a04c3e589b0616e84fc55de3d81d7b19b26e690024a442e6a27096808bc613bcecf3f6db4 |
C:\Users\Admin\AppData\Local\Temp\_MEI43402\select.pyd
| MD5 | e21cff76db11c1066fd96af86332b640 |
| SHA1 | e78ef7075c479b1d218132d89bf4bec13d54c06a |
| SHA256 | fcc2e09a2355a5546922874fb4cac92ee00a33c0ed6adbc440d128d1e9f4ec28 |
| SHA512 | e86dba2326ca5ea3f5ef3af2abd3c23d5b29b6211acc865b6be5a51d5c8850b7cda8c069e6f631ac62f2047224c4b675bbe6ac97c7ba781de5b8016ebaffd46f |
C:\Users\Admin\AppData\Local\Temp\_MEI43402\mozglue.dll
| MD5 | 3e4d1ec1d2a6e85593459601b5a0a828 |
| SHA1 | 92ee422285282dcb170cbc7808299d14d8d27963 |
| SHA256 | eefcf97ee8a298c85c9d4d44bb8747c0cca1ef5922e25000814148fd0fbfb2f5 |
| SHA512 | 4fe70fdbf8c902497537fbcda6e96373c636521aba2db52e3047abad37a9b857ab1668f203bcdf2815bbe0c485ec751dd6031043f459fd4af968c5d495e44ba4 |
C:\Users\Admin\AppData\Local\Temp\_MEI43402\libssl-1_1.dll
| MD5 | 50bcfb04328fec1a22c31c0e39286470 |
| SHA1 | 3a1b78faf34125c7b8d684419fa715c367db3daa |
| SHA256 | fddd0da02dcd41786e9aa04ba17ba391ce39dae6b1f54cfa1e2bb55bc753fce9 |
| SHA512 | 370e6dfd318d905b79baf1808efbf6da58590f00006513bdaaed0c313f6fa6c36f634ea3b05f916cee59f4db25a23dd9e6f64caf3c04a200e78c193027f57685 |
C:\Users\Admin\AppData\Local\Temp\_MEI43402\libcrypto-1_1.dll
| MD5 | 89511df61678befa2f62f5025c8c8448 |
| SHA1 | df3961f833b4964f70fcf1c002d9fd7309f53ef8 |
| SHA256 | 296426e7ce11bc3d1cfa9f2aeb42f60c974da4af3b3efbeb0ba40e92e5299fdf |
| SHA512 | 9af069ea13551a4672fdd4635d3242e017837b76ab2815788148dd4c44b4cf3a650d43ac79cd2122e1e51e01fb5164e71ff81a829395bdb8e50bb50a33f0a668 |
C:\Users\Admin\AppData\Local\Temp\_MEI43402\lgpllibs.dll
| MD5 | 726abf1280adf3129481b94b2bc644c4 |
| SHA1 | 404f69e71296f2d199535e8a6d9fb56707fcbc5f |
| SHA256 | 8969747ecb7dfd4a6dcb9150017e14ebbf90ce558f6fb469f6b558d039e9259a |
| SHA512 | 160b57aa1a28ff35210cf958fd7821aa2cc1cf6fca1ea38d768fa90111826b096518363b00b6818d21743aefd6bbbfa358fbe2fe3afa95edacb330a747c6e5f3 |
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\favicons.sqlite
| MD5 | 0351b833a5c095852e821535974441c8 |
| SHA1 | bcbf5c294852c2d80af7862d19791b994aea7706 |
| SHA256 | dd13400afe7ebe5d0be37c951ff961be293b63588cc3635a62fa5f071ab69eef |
| SHA512 | 3eaefe9e400fadf0b947036e15b4dc5c7b42fbbcb716426ba478073eff1e7d7bddf3f72c44dfb5fafe6712d7ea9f2c52c172607d719f238a22e432afdb618b97 |
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions.json
| MD5 | e2e8f9cf938f81b1185086b12c5c9d90 |
| SHA1 | b67c857a7002b3262f09ffc9fa8524c58a01e5b9 |
| SHA256 | a053bba02f38179197090a9a9849aab872af5b09dc61b2f69efb0d8ea2d0f5e2 |
| SHA512 | 3bab571f5c43ff72ce1dd654b584d053cba937a3d3cc4d07cbf57ac7acc821b199b90fab66abc62dbe32e75297143c810c995d87df076e75a583e321d081d87f |
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | 47539d0337e97e22a728afc2638d461f |
| SHA1 | d97b37079543b33b9b605c787945f809aed66fd6 |
| SHA256 | 262e52c5bbaa9bcd2dfcb4cf7da83a1efa95ebd0299f82031ad31a6ab19405a5 |
| SHA512 | 3810ebe80173d41785a42459fc5c4a8a31e56294f2c03fe99416925a34d242b88023565057201c9b6dcbdb97c8396d8305a723c0e31bb5b560b031b299672d4a |
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs.js
| MD5 | 8565a303ddc83b03f8662b034597de18 |
| SHA1 | ce6453779eb52055599ddba097a95ab82512ae5b |
| SHA256 | b6ffe8a2973d7050fd5ffcf7ee1c995eef8d8dc5d58cb0a05a6ca0953bd4c6bd |
| SHA512 | 2b667252645b7f1202582beb353fbb2320f81b1f2e42a8327792309709434092a953727b222a5d81bac1482a547a498ca5c9d3d2c772858746cf29d18c684566 |
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\.metadata-v2
| MD5 | 7abc816e004d9ed0f292770cfa8876cb |
| SHA1 | 4a1eeb702543f0819ef7c64b9f3bfd53be292106 |
| SHA256 | 2960d61c10694d76f29beca0eb96c06608cf4bbf479811449a39197e8580842e |
| SHA512 | 9883b894e65a426227ea9808b69e2259f206df76bd9bb9e7c0ebd7521acbdad0a92c4a531f739c93b1e53001eca8a1a42e122baa1e1885b11d4ba34aae24961a |
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\ls-archive.sqlite
| MD5 | d277f533f1d77e26d09bb66764bbeea6 |
| SHA1 | 082920ebe7dfb870cf94a99fc601fd5ae8b456ee |
| SHA256 | 3c957f8d69ccfe73b66c28d378bf301bb1bcb0ceb5c59ac0dafeb5787b24f3c3 |
| SHA512 | 510c78685b20a68160d9041d5a55a022a281fc0fd5777f978dc422d132961bf52ac23a0a95ca47b15715641ecb7a39b359da8d00d305c8543d553c00db54747d |
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | cbb1daad9fc48ab13e35fcd3621a5999 |
| SHA1 | 0eec8ece735465aea259f8223762f93fb13a97a0 |
| SHA256 | 8a03ae38ee38cf04dd9a5e2c5563bfd930886cae2170ed4200829288e5c155da |
| SHA512 | 818629d68123ae629bd5a1c7e768ed79707360457be1b7c50f7c59447bf9ee398fe78c925f037649d6b1ca529a9cf3bf8077b6f525f3e88142c56bc7e5451e8b |
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\.metadata-v2
| MD5 | 2c740091198dcf20b9c600791e2bcc3c |
| SHA1 | dd6f376ba9139ddec20ece64da0760054133db96 |
| SHA256 | e39504c71ba91c438c682a8c83c7ecfc5410b853d7788a4c561a8c6e90bdbe59 |
| SHA512 | a677a432a4af6b5ad0131d224d2e4c999c2340a54ba770f9f39429fd28ad05a921fcf65a1b714af5deae2419abcf8ab38472e15f0f8758ccf7b7769a40bafffc |
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\sessionCheckpoints.json
| MD5 | 48fcad918c62db97e9af1dba1d131473 |
| SHA1 | d89381594d3241b0e645033f67572a5d8c166764 |
| SHA256 | dd8349e2789db1125b477971c5d445b6afb2f6ea3b57de65080631040900fe8c |
| SHA512 | 2278d074aab519859188b047c77fe7b4db718e0af237b63e06a1b095d7a1eb4e07d6ea59cab5d7b1325aae0047fadea36eae12a80bfefe112aab85fc18aa1ca3 |
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\search.json.mozlz4
| MD5 | b6d7fc9b6ebc5f46500acc52bf6c9808 |
| SHA1 | 4fd8111c436d89b83890e98b4cb7d0343e568340 |
| SHA256 | 2bd35c40d02dfca6c685a001287d89c1ec743b8d4d87a0a568c1cbd0b5ba4974 |
| SHA512 | 7e7111112af9448be4da527ae1d76ed93ec1e236dd00db63ff30d93d1f29cd699193e1e2635b110dda3ec36502c25065ef7d1613537451916ea301eb0f3e084b |
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\places.sqlite
| MD5 | 2eeb46e1c58ff1cce4ac2d4d725b2cc6 |
| SHA1 | 89aa36e77e51da31fbbfd682a2acc91f6016d275 |
| SHA256 | e99e5ee165f2a0d5d39c5cc5a1d994c0534cf7caf8779f314f0e92b2d59d2b6a |
| SHA512 | 23d5e39c25375ef4a83713f44615078878253411cd6ca6c4a149de915cd491b328046ddd189a113585361faad6a47ebd6ead31f062681ab25b0f2832a988265e |
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\handlers.json
| MD5 | e7a65c5ead519a7b802f991353c26d3d |
| SHA1 | 34cc3c1cf9bd4912dba5fa422010934e46419fa3 |
| SHA256 | 0e5ce92485da953757f615bad034a43032b220da18f8165dd85347851b56b2d2 |
| SHA512 | 2a6034449ba6f5da8a77870ae665064047cea2460aeb4c8c0b62b308a403fdd30648150209aecc31ab1e50b6d9d94a1f51d3d7d50bbf35ec1b742bff2dbe788d |
C:\Users\Admin\AppData\Local\Temp\tmp6fshdcil\webdriver-py-profilecopy\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
| MD5 | a3fb2788945937b22e92eeeb30fb4f15 |
| SHA1 | 8cade36d4d5067cd9a094ab2e4b3c786e3c160aa |
| SHA256 | 05b98840b05ef2acbac333543e4b7c3d40fee2ce5fb4e29260b05e2ff6fe24cd |
| SHA512 | 4897aefe3a0efffaa3d92842b42fe223f0b9882031a65bea683f4554d1fec92b8a66ea15c67e9b95c7fc12991cde3245010ccfb91768ba233711ced3412c13bc |
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extension-preferences.json
| MD5 | d2e8aceaa00ad916618bea2eee81aedf |
| SHA1 | 28b26f0db0b4b2504a418983089795761c56e4a1 |
| SHA256 | fc52b830f384921b69b457fed04dfb4239fb08e9fe7d8ac07c4c269bd9f6f622 |
| SHA512 | b6cb1f872dfc024d28524976aca3ad8840943ca0fc212326e8b6ee6fe0a57d5120a6c1da824ab70d7f9ee8dd674bdd32ace038db4d893b893830bf3267c6e59d |
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\datareporting\glean\db\data.safe.bin
| MD5 | b1c8aa9861b461806c9e738511edd6ae |
| SHA1 | fe13c1bbc7e323845cbe6a1bb89259cbd05595f8 |
| SHA256 | 7cea48e7add3340b36f47ba4ea2ded8d6cb0423ffc2a64b44d7e86e0507d6b70 |
| SHA512 | 841a0f8c98dd04dc9a4be2f05c34ecd511388c76d08ca0f415bfb6056166d9a521b8bc2c46b74697f3ecdac5141d1fe6af76dd0689350caca14e9f849ee75a8b |
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\cookies.sqlite
| MD5 | 5caa766855d5613a999f71b7812d6451 |
| SHA1 | ad0d9a52a0d5cc7f11858301dbe47377ed99ee37 |
| SHA256 | 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27 |
| SHA512 | 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba |
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\content-prefs.sqlite
| MD5 | 2ec530a71bdac21f299f9ddb823be222 |
| SHA1 | 5425aaf19c0832cda06be506e88f2435f432d287 |
| SHA256 | ccad2cafe84d27b3be67a87f0e32b7670e451c7ceefce6f2aa38f658976334b3 |
| SHA512 | 94eec8b0f59c68331d9187dd4dd4aa2b2c31d844e72bf707cd9e0c7c72c64982a3babcacf3d09a996422281ac5479ee304b41a577e54a74308d7a31a7d7091d4 |
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\containers.json
| MD5 | 26dd091069531a62061de8ca1c56d46b |
| SHA1 | 6c9daa73f096174f28f86c9bb245cb8a540f5c2d |
| SHA256 | 2cde4e7f9f1c6ab6fcf729370237845c72314a6c6d942fab1989f37e6c610a9a |
| SHA512 | 180d42c642f5d1126efbf89af33f1b4d1aa936aa530834b508eabcf3ec845aad91daa871ee6517e1181910f5720edbc3788d6a4b2455f1255d7b52b95de2d66d |
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\times.json
| MD5 | 797325af481a14ae243f10d5f24b4a0d |
| SHA1 | 718b6ed3d9d839b8fe0a0e097b9ac5f5770ed5a1 |
| SHA256 | 1d70eaebce1c81e3241ae47deb92aab50f90dd8baa4c7cb5e9f7eb6b1e66abb1 |
| SHA512 | ac9aa2b028bdffe24831ba50894fb48eb70b100f6973875987e24f075a3e9196f96699667eb3a5d2e4f86041d510447c75fe6e55562813451712878a3411c3b1 |
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage.sqlite
| MD5 | 7f2754df6a4a580b15910f449892766d |
| SHA1 | 9dcaad98563ed89781f53941cbc43db5454de7f5 |
| SHA256 | d3765d63c380e5a79296d566b7869c08b1f4e079787176f29cf2ddcd76330654 |
| SHA512 | 25f0205a8c4aed02e9e1f9ecafffb36cb3bb795ef9f06cc12ede9e8b0459ae5b86573b3b4980b92073a59204eaf314cba34c03b99e90ab98f804fe378fe02839 |
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | ecb1dedf5ef99417494e424ca42eb67f |
| SHA1 | e2a293cbba50c6624e75cdaffe472967f3961023 |
| SHA256 | cccd56daa3559a54db61113fbdb5b6c96649cdd65b5cf14bd442c3f2e3b738be |
| SHA512 | 5ea0645775933d5bd2f913d58e344253a58578c920af95bd0fb81ff4f13a4998a919f0856ffdc97541abf9fc3797558b0f2467bc73214b63c7ce568ba87e550b |
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\compatibility.ini
| MD5 | e50a617598b0f635e6f9ae4a9d445b78 |
| SHA1 | a372ec393dd6271bd00cf02f894152887765da8b |
| SHA256 | c9053fe76caf2607aa3043fa8b60070956198590dd8aab868145e0644cee30f5 |
| SHA512 | e851c226c38d4a6dfe43074d455fd75483d6c9b4d9521280a64f5b1913a055084d7764f13a8d0a12142a716a4031cc2ca4916c131d41c18a4d7a95128cb03bc0 |
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\addonStartup.json.lz4
| MD5 | 85de06e3d4c6f39404776f3c7162c59b |
| SHA1 | 3e4b8ecebaa9c903d220ee23d367be8e8ba27619 |
| SHA256 | 33d83687f45f4dbe12db0a0ce697cbce2c228d71ed474ad10a839ff7ce95012a |
| SHA512 | 6cd4cac7bd74ac01de30d242b2bc75e7dc2e23c0871250ae8176cc947553dbfc702a2392380acdad6bec355aea6dfa95708af54c560330c36c05bb0f34169963 |
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\xulstore.json
| MD5 | 8d689c06cb844185099c0398a280537e |
| SHA1 | 57073c7526ec37e94bb9db44fedc6d50276f7a6b |
| SHA256 | 96729e9b38f216605ff10715f96f364be32f02e2de23ede7e74b78244605124d |
| SHA512 | 3c7df326c695143915df1068cb2c0f58e93e4881b2c4d94b33948b80e954fbd4cf944ae53b4d15002b79fcdb8e88f8e9cf4c89ca50f56b7cfd8a13ea7dd6fff8 |
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\webappsstore.sqlite
| MD5 | 41c22c9f81a84b1b0e5ee7ec2ff7c545 |
| SHA1 | d12424cba9e4e9124bf3f15e556c562b95c9b6a3 |
| SHA256 | 4ffdc78433817da79ad2e84b26a2ffaf62d8c1baf80421751d752c3d8723328f |
| SHA512 | 8b690c55ae0b25aeede62a09dea1ef6b7daa9880ca63c6d4ce192160daded05fe0dc44b115216ce10523e2ec45991873c249f159fe8608712818f5ead327897b |
C:\Users\Admin\AppData\Roaming\tor\cached-microdesc-consensus
| MD5 | 80e882ce8268212cf4db9fbe44f95336 |
| SHA1 | 85abc152168a20d8db2c6501aa43a97ea72efc8c |
| SHA256 | 32c7fa19bdf922f35368bbda1fd91b30fae89f7e8615c8224901e4e3454ee937 |
| SHA512 | eb6fc2086c0c5b1e2207c675e49713961246559ade42f65f5e1d51e6139e503eacceaa57542664f7161dc320df0403d90bc85e499aa2d0f09c4a3d4236920cd5 |
C:\Users\Admin\AppData\Local\Temp\_MEI43402\Tor Browser\Browser\firefox.exe
| MD5 | 65aa9b0f57d72e4d70e9226322221adc |
| SHA1 | 85fec174d0977afd8c0100c9d9b53c958e1949bf |
| SHA256 | 51b63860fd996d6d5b1753ba6bb7f3a4303f13187fbfecc96ba2b6bae52a7410 |
| SHA512 | f84416a5e9293b8b82993e9424b13d5bb8542d1a379d04f498b60f0b5805626b7c97bcc6f86f6cfd33031b0d65d0ad23ce6d836995b5a481ed29f62ef89b2c85 |
C:\Users\Admin\AppData\Roaming\tor\cached-microdescs.new
| MD5 | 60565f08d3ea29f69bdfa9e3f4aca28f |
| SHA1 | a84b2f820e00af31a70b6a3707cb05aa595fdc1f |
| SHA256 | 9a8cba091ed052d92224f4997433738adbe5c25ffa36a8c7dd04962ae311429d |
| SHA512 | 4cce5d6d24d44758e6a473c5293c0e9e5f786faf8ad9b160cb23582559284d256eda10e621abf5c9f23c3aa850f93c328a2610d62c64887a564c2901f7f203ee |
memory/3296-500-0x00007FFDEAF00000-0x00007FFDEAF01000-memory.dmp
memory/3296-499-0x00007FFDEBF20000-0x00007FFDEBF21000-memory.dmp
memory/4060-534-0x000001F324B60000-0x000001F324BCF000-memory.dmp
memory/4060-535-0x000001F325100000-0x000001F325478000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile3CP6Dq\prefs.js
| MD5 | 97c9cc54995dd15e60f0c9600df2ad65 |
| SHA1 | 56999166c983e371e71ac03ee0080daf99f93f75 |
| SHA256 | 0846e3eb45ffef259529b8815b3735b5661e0c76fac16fab99b76a93827f64ca |
| SHA512 | c7ad8fab9fe6e256e4ba3eeb38b8d89662730b35460caa51f0cebcd01128f0b5a9ae28b67da24475209dd5fb2d90f3da48393d75c174e90bc6fbe24e5df65dda |
memory/2944-556-0x00000287D8800000-0x00000287D8810000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile3CP6Dq\extensions.json
| MD5 | 1a93bf1ef0a09713cefdba6ca2fd65e3 |
| SHA1 | 593f600387e0766edcad99b5cfd9b271f733e1b6 |
| SHA256 | 812cb884bb54512ddc9e96dbcfa2ea38caa60daba9bbe46721be47603e0bc691 |
| SHA512 | fd5f25e15275d0ee22ad49ba38f908aef26bb2c5fac0d9075b4794c3206398cef0baedaa4eeee3dd6b643eb6e406d6948e7a25538801ef0620957c6a03468a1d |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile3CP6Dq\prefs-1.js
| MD5 | 7ca41e444dbfab9918176cad5a7ace9a |
| SHA1 | e8a493e1f497134b06a070f77af376de93ce189e |
| SHA256 | 3fff8869e52ed9a91ba225b77eb6c90a0e137da949daaef0de49de919671e98b |
| SHA512 | 8cb99b2e135249551e6c1972be0a78d1f7482a0fbeb0183ccb44e91f683a420ecf29e5b05773603133ab4c580e80f141ef629f08898d11c7d5d578e22f2fc2bc |
memory/3296-616-0x0000020A96FF0000-0x0000020A9705F000-memory.dmp
memory/3296-617-0x0000020A97600000-0x0000020A97978000-memory.dmp
memory/5032-618-0x0000026832470000-0x00000268324DF000-memory.dmp
memory/5032-619-0x0000026832A00000-0x0000026832D78000-memory.dmp
memory/1332-620-0x000001E21A3C0000-0x000001E21A42F000-memory.dmp
memory/1104-623-0x000001648FE00000-0x0000016490178000-memory.dmp
memory/2768-625-0x000001EE34200000-0x000001EE34578000-memory.dmp
memory/2768-624-0x000001EE33C20000-0x000001EE33C8F000-memory.dmp
memory/1332-621-0x000001E21AC00000-0x000001E21AF78000-memory.dmp
memory/1104-622-0x000001648F750000-0x000001648F7BF000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile3CP6Dq\prefs-1.js
| MD5 | 9a151d0fff4d26ecf6ccb3b4cb6b83dc |
| SHA1 | 8dd3f5128e683384fa4316d54710e7bf3fd4b0de |
| SHA256 | fe74d4e591f6624e28901eec6993cf298095c9fdb76062e029af4580e3ad42be |
| SHA512 | b9a1c9e52ab7d9cbad035060c5299985096fcc752b4f272b7aa4451a684bbd96769134708dfb7dd7cb67f347d04ef8e131ec995ce3a0c4d3544d7d82c5fa2cd6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile3CP6Dq\prefs-1.js
| MD5 | ed45dbac2118505c7e2426bf4d738815 |
| SHA1 | 4583ff4e6eb33ddc679a428edfeff13b8fffa3e3 |
| SHA256 | b166abeddccfc578b135609c007f1cefdca4fc890641ea8b7d8fbf51e38dfe09 |
| SHA512 | b3eb67a959062a27328e9d904087a6c41f86f4123c3effda2f6aedba84c1210b58d7ef0af24f92be3d17546a9916c6433aa3a14b66b33e5848744f89e453a945 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile3CP6Dq\prefs.js
| MD5 | 58ae36bb4105cf768829ee38ca92832b |
| SHA1 | c4ca97ee9a65a89eca7ebc4d6326c2a93159abba |
| SHA256 | 08e6206aed7735d5be29555c2185f7fd8081a8aea2d672db09630ef301ba1f87 |
| SHA512 | 788c13ca303eadd1aa056316000017d183cd655bea8d09f2fd6989f8e398fc520bfa8aa25bbb631469576132079ca312f05a5037d72d73bdfae38dec082dc57c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile1iZvCa\sessionCheckpoints.json
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile1iZvCa\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile1iZvCa\extension-preferences.json
| MD5 | b4298c9a240d6b7b63346daf94013802 |
| SHA1 | 9ce98168437854b51b198c16186c05129f0c273b |
| SHA256 | e120cdbe8994b9c61e74492f0fad161abb5b4e18f64d4b786a8c245ae5a384d5 |
| SHA512 | 545becc42b35be10b4c24fdc38ef6b664d167e4288111f31478f476c2c06794efb802ac0fa2b782cddea1283d295a56053e96520b033258bd596ff6fbb4f1b4c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile1iZvCa\startupCache\webext.sc.lz4
| MD5 | 1064fceb2443b4852bf9a0fcc46efb2d |
| SHA1 | b2d358bcb336e924f684e9cce5c95adf1c8eb440 |
| SHA256 | 0ceb2a20ec4e75f2e13fcf7bc0682db4195c6c60f45d640b55e12cddc97b01dc |
| SHA512 | b555106f35963a2aad42521c3b65cfc31dd9729ea3a08a432d05fc149587394b94e0be7ac5511878ac11021d2b0e45962cf7de05efa874b19dc3589d1140f1a7 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile1iZvCa\sessionCheckpoints.json
| MD5 | 99601438ae1349b653fcd00278943f90 |
| SHA1 | 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9 |
| SHA256 | 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a |
| SHA512 | ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile1iZvCa\prefs-1.js
| MD5 | 824bf25151556ec8dd6e37655f3e179d |
| SHA1 | 652261e8d919314e700eb5e17f67d57301d2eea3 |
| SHA256 | bfb30d64fd5d4ac153305eeaf6d5a4c845834017f51d17c520ef050526028259 |
| SHA512 | 0e0b1bf74568a30ad72858a1a79912b811ace60c8e7a81482d1d05cdaaad8d6472094e4a8d09f6eaaf9c24647bf7d23a637d4f70536904ce3d26ee105540a54d |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile1iZvCa\sessionCheckpoints.json
| MD5 | 65690c43c42921410ec8043e34f09079 |
| SHA1 | 362add4dbd0c978ae222a354a4e8d35563da14b4 |
| SHA256 | 7343d5a46e2fca762305a4f85c45484a49c1607ede8e8c4bd12bedd2327edb8d |
| SHA512 | c0208d51cf1586e75f22764b82c48ecbb42c1ff54aa412a85af13d686e0119b4e49e98450d25c70e3792d3b9c2cda0c5ab0c6931ebaf548693bb970a35ae62b9 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile1iZvCa\sessionCheckpoints.json
| MD5 | 2d87ba02e79c11351c1d478b06ca9b29 |
| SHA1 | 4b0fb1927ca869256e9e2e2d480c3feb8e67e6f1 |
| SHA256 | 16b7be97c92e0b75b9f8a3c22e90177941c7e6e3fbb97c8d46432554429f3524 |
| SHA512 | be7e128c140a88348c3676afc49a143227c013056007406c66a3cae16aae170543ca8a0749136702411f502f2c933891d7dcdde0db81c5733415c818f1668185 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile1iZvCa\xulstore.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile1iZvCa\datareporting\glean\db\data.safe.tmp
| MD5 | 7fba44cb533472c1e260d1f28892d86b |
| SHA1 | 727dce051fc511e000053952d568f77b538107bb |
| SHA256 | 14fb5cda1708000576f35c39c15f80a0c653afaf42ed137a3d31678f94b6e8bf |
| SHA512 | 1330b0f39614a3af2a6f5e1ea558b3f5451a7af20b6f7a704784b139a0ec17a20c8d7b903424cb8020a003319a3d75794e9fe8bc0aeb39e81721b9b2fdb9e031 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileviDNYF\user.js
| MD5 | 350caf143499628da6207499e1a8a6e6 |
| SHA1 | 191db005d42cf76e3b5306dd324a9775016bde7a |
| SHA256 | 79b595331d1d70f227e23872185f6968c8dbb87e94a0b7d7107ea0c732b04183 |
| SHA512 | c3f67293ebd9be2ecc89d8d7dd437e1dcef45000c508c128335544505b106506bee2ed0d445a8e33de0123b2be065bbe9ba092548f4821dffc0409eff338966e |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileviDNYF\prefs.js
| MD5 | ace28ed1d7b81923d34c3285a73b489a |
| SHA1 | 8b70993af0f8c3f639f179d9271371052672a1fe |
| SHA256 | 47ddd73cb333572cdae2f7c55eebc1435b97950bc263cf3e2a1e9a8578e71ffd |
| SHA512 | 12831472252a7e78fbfa93133c60dc7af5cd1392721a476bc4001310a3b138e17e453a7a6f85494aad3fc7492c638598365f20ad4ef18f353f7f90849b16a6ee |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileviDNYF\datareporting\glean\db\data.safe.tmp
| MD5 | 1c3c58f7838dde7f753614d170f110fc |
| SHA1 | c17e5a486cecaddd6ced7217d298306850a87f48 |
| SHA256 | 81c14432135b2a50dc505904e87781864ca561efef9e94baeca3704d04e6db3d |
| SHA512 | 9f6e9bcb0bba9e2ce3d7dabe03b061e3fda3f6d7b0249ecf4dbc145dc78844386d047ee2ac95656a025ef808cd0fc451204dc98a1981cf2729091761661a3b49 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileviDNYF\prefs-1.js
| MD5 | eeba6aeadeaadc9e0df466bb76522741 |
| SHA1 | 15f60a1506a282e2a2431973d63a0acbe8484651 |
| SHA256 | 08baf6d00c27a49cfce299e08f4ef2cb3b0e8b40324e868a45f30f600e502138 |
| SHA512 | 6786489068a1d4c9326a9abc456b59eb1b510777bd8d1349c7a7ae760b65b4a32ce852473c9fd5d4e2acde95a93456dff4b5bd81233a9a1dcba6f3c66d3bd569 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileviDNYF\broadcast-listeners.json
| MD5 | 97c3738563a9448365a735f5f29ed3d5 |
| SHA1 | 15a81433236ca6e6ecc4e1c8d0fdb8523b265c57 |
| SHA256 | 63221253f5c30efa214c2cd2adcf51a9c9f9a2c05f119b00a51c9579825c2c24 |
| SHA512 | ed98f42d5d02ab53a9e50f80b312bed4b5d05d053bec582cf9d619ef91251e86cf4f4d1123c645500fc1dc4673b49a8b7badd3f3a39f565ac643ca4fd0157ae6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileviDNYF\prefs-1.js
| MD5 | 967c93e30bb3723fd945d865d22d9445 |
| SHA1 | 3a5561e9b47f960100f55c03ca5150905976cc82 |
| SHA256 | 58d704eb16f3d69795f32444e5ddfa66d2e047a6db65a231f83e15e848f13921 |
| SHA512 | 6d79724c72d865606c85024f7d9e94c4615e5d6fc6a09c8b84474bcbaac3b600dcd3ad424b83128c31a7003bfff6e0109f9afd98da925ebc8fe186cadab55232 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileUQ4QtO\datareporting\glean\db\data.safe.tmp
| MD5 | 7d3d11283370585b060d50a12715851a |
| SHA1 | 3a05d9b7daa2d377d95e7a5f3e8e7a8f705938e3 |
| SHA256 | 86bff840e1bec67b7c91f97f4d37e3a638c5fdc7b56aae210b01745f292347b9 |
| SHA512 | a185a956e7105ad5a903d5d0e780df9421cf7b84ef1f83f7e9f3ab81bf683b440f23e55df4bbd52d60e89af467b5fc949bf1faa7810c523b98c7c2361fde010e |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileUQ4QtO\prefs.js
| MD5 | d2df6dd154b6a4701ab412129273dd0e |
| SHA1 | a1c7696894611ef0be284825d9f777cf5b447117 |
| SHA256 | 74148c63770759099ae041e0a091458b20c47b2334cad7ebcb9a372635ff9f12 |
| SHA512 | 4f1d7e5c94381ea229ba3411c830cb10c4feb4301e2b9da11fc43a96e95714c615e459e8acee7bde8347993944ab4cbd77356575c9740c5a2ad295238ebd9cd4 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileUQ4QtO\prefs-1.js
| MD5 | 0d218ebe50cb931b5abe9a5d0873fdf2 |
| SHA1 | ab44adb87cfa81b0fb3acd78f3007dd59a268c6b |
| SHA256 | 1420eb94df0497083d9aaa784566d7e3adbac1e5e10ba3b551c6a78b1bbd722f |
| SHA512 | 34ed2495fff88469d20afc21a060801d6278e4ada700f8328bf664c4a552b8fe16d23ac47183d0254eef595d8bfa825a51375a16ff2149317e71d6d1fc78d0fc |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileUQ4QtO\startupCache\scriptCache-child-new.bin
| MD5 | 2724d7dd31542eea53805994d9290cd8 |
| SHA1 | 7b5d8536b060269d79848eaa6e2362333bc0f8ec |
| SHA256 | 72f0d983fa1c2017f7402b19caf50305d7bd8001ed4e7797bc3dc0528f3081a1 |
| SHA512 | 6ea98f95ca46f2b83081b546bf6238de11a829853105233bb29cf9ceeb69ace8c69ae90e94c9b5143f91f05713cfbf82f63265733f6233ecf5acb867758c1ee0 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileUQ4QtO\prefs-1.js
| MD5 | 8ed8f9b317304f5b6805efa9fcac74d4 |
| SHA1 | 46235280a96f380c7e495b89c51ab41a5dc9e639 |
| SHA256 | becb573ecec5995b52c564dd227207a3a0682e270ab31ab72b627591f0d7770a |
| SHA512 | 84d7690662ad9d5d1684cc29d40687e5f11e0df45948fd3b0c0deb2d34cc41ade262d828011293747415e8403637711f6d98416855244239620a75e2f9dd6aeb |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileJulh9r\compatibility.ini
| MD5 | 38ebb748ac3902eae6021ef9bc20f3b6 |
| SHA1 | ed03ea1ba3ecb3443980b1ef5d1e3e7f89266828 |
| SHA256 | 0bea846303da7d4c643d62caa05dfabae5c62bef7dc36ede85b58a5a8187f9de |
| SHA512 | 6cfc02d40f30611e8d3de06f02d815bd6449068f1c75a80b7f2c7f8899f5ee05380ff91cd20707d4d778f5be2b0918962356bb21ed7f58b726dc0edb19693dad |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileJulh9r\WebDriverBiDiServer.json
| MD5 | 0cef5cb2c2455e6fa208a9992e2056f0 |
| SHA1 | 31e90336ba2bb4817e7dc03d7b17db518b912858 |
| SHA256 | 8698fc7ce51b1a39dabdf354ba91970fa5bc48a83d0f4fcfdbb31c03d7040820 |
| SHA512 | 8646e3621f4c679d62020f44c42cecf475474743df5f55da0b64f068e8baebb601dac6a5f09577d4554805118480ce3d39451c24d4ef48129a426ad9d29d316c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileJulh9r\prefs-1.js
| MD5 | e7d1462ca682afc96491b9a701c606ef |
| SHA1 | f7b4bf7f4303f3258898eaeb58b074e1f9246a08 |
| SHA256 | 2fd21f4fb4ab5b08600f7f4125745fb1a73570546189d3ccc7cfa8ac2fe3c53d |
| SHA512 | 8dc24c2f06306b208ebac3475696c5b47e0e53a438848528eeafff204a88d39710200e99efaa6b8e1224eb68ca491045cd9378c9b807dc5d5183189aff08ca2e |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileJulh9r\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | 114322c00217fd0fd92e105ff686b935 |
| SHA1 | 660bc1c23cf980cd716d653e1a44951f54fb9d9d |
| SHA256 | 3777631d847a7d345bbeb9d6e04c02dd5b76e04e7aaf667326d281d0c776e8a0 |
| SHA512 | a609f2297072a1b2b45392051c0711c5892cf2a26b3ecc8c66da301c27d188c9be68a33ff7b970f1bf94d6fcd9e3d9521b7d383fc514c456f5daa7be46a0613c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileJulh9r\prefs-1.js
| MD5 | 6f165199f4c2b48d71e47388377bd964 |
| SHA1 | 1fa1213a83f3d7b1789a4dab07fcff0c1789bd46 |
| SHA256 | bbbfd3460e4f48c8e80849019a023ee85f8ca626fcaf87f9a05e699e53ff0f7b |
| SHA512 | 84686e7eb35da9f5d53c9fde7dde4ece5460e3669beb1a62e610ebf25c58a66b4b20db6b7acfed4927c2b019713e493023c0ce49ac13eec3b171878bba91fc18 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileJulh9r\storage-sync-v2.sqlite
| MD5 | bff4d6361e4126d963ab7dffdc7550ce |
| SHA1 | e2660c2f00b0aef4a81972c6a6093935d5aa40d5 |
| SHA256 | ad0828e5ff9d4188151772cd9af85827a431d122901486590c5734b62b4af2d2 |
| SHA512 | 8d967c085d343d50a76cf14e88ed2fb742a7195034ddbaacd57d2c47abf0218a5f6878528a8f37c8f3b61496f61b5e254d205003af87a3cf156ba12ea59f65bc |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileJulh9r\content-prefs.sqlite
| MD5 | b15425d1f21f5708184e35493e63c8a1 |
| SHA1 | e944c1fdf56a3f6a5150b77980e89d48c7b57be2 |
| SHA256 | 7a9012d1846763fe9dcb059035972a023ec29f2b9c03f865f0a6f6df6ef2a6c0 |
| SHA512 | 6b54e30e0a060261bdac98ef818d1053fbabf0d6b8a17efc729942729ed6e6dddb29063b079ddb1dcd1b4edfc85a0311cf821b4b3291372c834a00733456423f |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileJulh9r\datareporting\glean\db\data.safe.tmp
| MD5 | c58234a092f9d899f0a623e28a4ab9db |
| SHA1 | 7398261b70453661c8b84df12e2bde7cbc07474b |
| SHA256 | eaec709a98b57cd9c054a205f9bfa76c7424db2845c077822804f31e16ac134c |
| SHA512 | ae2724fc45a8d9d26e43d86bcc7e20f398d8ab4e251e89550087ace1311c4d2571392f2f0bed78da211fcb28766779c1853b80742faa69f722b2c44c283569fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile3dFeuz\prefs-1.js
| MD5 | 16d000fc41b45f187d749ab30e9f3a7a |
| SHA1 | 6976fa35156c16b9989b511f594a576320ce78f8 |
| SHA256 | 4c80015f33cf36b0f1d3223bc75eebb6178d0b214098a6893caf1f1a22351870 |
| SHA512 | 5ed61a421b72ff2c0a3bfe03747e09b6431396f9104364f520ec3526331af5412fdfc8d635e32c46e57434e959a95c62e83131ebce2f729cc4ed71057bf689ac |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile3dFeuz\prefs-1.js
| MD5 | 83022141b3cebecf4746f25470b55021 |
| SHA1 | 697569ee8c7b3fb2cef2422533db78c504369492 |
| SHA256 | 80e10f857f79bf292fd36c8782ca207fd9d8e8e8fa8ab3c000c111a4d76805c5 |
| SHA512 | bc14b194e2025d876dd77212d02059c8bd0a229ca11f1d29d0c4ec1bbda9786558eb6306426f9e30b6fc12f4721d17f4104826cd2acc609c43bc5a5889594566 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-05-09 01:55
Reported
2024-05-09 02:07
Platform
win7-20240221-en
Max time kernel
300s
Max time network
304s
Command Line
Signatures
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "ver"
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\TorBrowser\Tor\tor.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Users\Admin\AppData\Local\Temp\_MEI21762\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI21762\geckodriver.exe --port 49465 --websocket-port 49466
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 49466 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile9CwujC
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 49466 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile9CwujC
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2840.0.1570763753\688944362" -parentBuildID 20240416150000 -prefsHandle 1216 -prefMapHandle 1208 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\browser" - {b186b0d5-f5b3-49ab-8490-eb7438ef59d2} 2840 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2840.1.409807480\1774006495" -childID 1 -isForBrowser -prefsHandle 1864 -prefMapHandle 1984 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 884 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\browser" - {f0c567ed-fa6c-4dd4-9997-38bb67a9c66f} 2840 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2840.2.1528592481\200868559" -childID 2 -isForBrowser -prefsHandle 2268 -prefMapHandle 2264 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 884 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\browser" - {f75fef08-fd6c-48f9-b1cc-a91892fb2c0a} 2840 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2840.3.71925681\2107482861" -childID 3 -isForBrowser -prefsHandle 2360 -prefMapHandle 2372 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 884 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\browser" - {dbfaec0c-ceee-43b3-b127-4f00ad31ee8c} 2840 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2840.4.1303839266\1749861374" -childID 4 -isForBrowser -prefsHandle 2840 -prefMapHandle 2836 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 884 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\browser" - {a1c3bfd1-514c-456f-bcf9-05aa0c39e9d8} 2840 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2840.5.640882862\182576488" -childID 5 -isForBrowser -prefsHandle 2964 -prefMapHandle 2968 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 884 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\browser" - {1f4505b0-0e6e-4fec-b446-8812df850d4d} 2840 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2840.6.1967568186\1605334545" -childID 6 -isForBrowser -prefsHandle 3124 -prefMapHandle 3128 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 884 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\browser" - {d7710e37-af91-4991-a6e0-684bf8bf7843} 2840 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21762\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI21762\geckodriver.exe --port 49465 --websocket-port 49466
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 49466 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilezlVcfP
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 49466 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilezlVcfP
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2572.0.200295412\1110204925" -parentBuildID 20240416150000 -prefsHandle 1204 -prefMapHandle 1196 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\browser" - {ca78cdae-bd48-4eaf-bcdf-aff7c86b5b8e} 2572 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2572.1.1103165738\2109505000" -childID 1 -isForBrowser -prefsHandle 2096 -prefMapHandle 1992 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 876 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\browser" - {1e607d70-b277-4ea0-9d0a-547ed48e89f4} 2572 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2572.2.354907887\475210926" -childID 2 -isForBrowser -prefsHandle 1944 -prefMapHandle 2208 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 876 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\browser" - {3cab219e-1402-4840-a32f-bf4f9d5f9582} 2572 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2572.3.1855452211\635493443" -childID 3 -isForBrowser -prefsHandle 2516 -prefMapHandle 2520 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 876 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\browser" - {501bf680-3025-4b73-b2e9-0e8a650c8dc5} 2572 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2572.4.532113379\161276579" -childID 4 -isForBrowser -prefsHandle 1088 -prefMapHandle 1080 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 876 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\browser" - {9bd5f3bc-592d-4166-9d3b-2861da852dea} 2572 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2572.5.28140327\899707952" -childID 5 -isForBrowser -prefsHandle 2904 -prefMapHandle 2908 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 876 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\browser" - {8582434e-e3e2-4d5f-920d-27e468a91b79} 2572 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2572.6.196988896\84735220" -childID 6 -isForBrowser -prefsHandle 3060 -prefMapHandle 3064 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 876 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\browser" - {9a76bce0-e61e-4908-a139-92ba0fa95fcc} 2572 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2572.7.1260110236\197467159" -childID 7 -isForBrowser -prefsHandle 7588 -prefMapHandle 7592 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 876 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\browser" - {c43f5a3d-99e3-4b70-ab73-67761c42c14b} 2572 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2572.8.1749415817\942838613" -childID 8 -isForBrowser -prefsHandle 2748 -prefMapHandle 2752 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 876 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\browser" - {15ed293a-972a-499b-b09b-a6f4da7b8e03} 2572 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21762\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI21762\geckodriver.exe --port 49465 --websocket-port 49466
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 49466 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileQwzZCz
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 49466 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileQwzZCz
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2852.0.892724801\1663896738" -parentBuildID 20240416150000 -prefsHandle 1208 -prefMapHandle 1200 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\browser" - {665a9200-c560-4bce-ba5c-e54a12690667} 2852 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2852.1.473860322\470221293" -childID 1 -isForBrowser -prefsHandle 940 -prefMapHandle 616 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 864 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\browser" - {a0e96e66-cc59-4361-a974-f63863b15577} 2852 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2852.2.730132883\1013484390" -childID 2 -isForBrowser -prefsHandle 2200 -prefMapHandle 852 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 864 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\browser" - {1d3fa6da-a5a5-444d-b8e8-930a158c9c6f} 2852 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2852.3.36227773\1078121396" -childID 3 -isForBrowser -prefsHandle 2024 -prefMapHandle 2468 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 864 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\browser" - {0f368a73-6bd4-41de-b90d-af86a2124773} 2852 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2852.4.2098615552\1804015447" -childID 4 -isForBrowser -prefsHandle 2800 -prefMapHandle 2796 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 864 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\browser" - {2f301f62-13b5-4016-80aa-b905218223e6} 2852 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2852.5.343325942\939984344" -childID 5 -isForBrowser -prefsHandle 2920 -prefMapHandle 2924 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 864 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\browser" - {e8d4f783-2c62-4ef8-84d2-cfcc0fbbf2a3} 2852 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2852.6.1993201423\838624643" -childID 6 -isForBrowser -prefsHandle 3080 -prefMapHandle 3084 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 864 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\browser" - {badaa932-cf59-4541-afa3-2087d2967c0f} 2852 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2852.7.391306324\648758135" -childID 7 -isForBrowser -prefsHandle 3232 -prefMapHandle 3108 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 864 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\browser" - {dc888b7a-6b49-49bb-8931-02c9d522eb8a} 2852 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2852.8.236355488\1980559711" -childID 8 -isForBrowser -prefsHandle 3600 -prefMapHandle 3604 -prefsLen 25456 -prefMapSize 245849 -jsInitHandle 864 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\browser" - {76da11e1-1fc9-42cf-9b06-0ab482cd2657} 2852 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21762\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI21762\geckodriver.exe --port 49465 --websocket-port 49466
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 49466 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileiPeGnx
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 49466 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileiPeGnx
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2996.0.1236071386\1886534498" -parentBuildID 20240416150000 -prefsHandle 1216 -prefMapHandle 1208 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\browser" - {fec6913b-af2b-4ab1-8fc7-27e495702373} 2996 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2996.1.101124505\184873135" -childID 1 -isForBrowser -prefsHandle 1932 -prefMapHandle 1120 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 868 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\browser" - {42732dbd-1897-4de7-bc72-fb7e6fa634e6} 2996 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2996.2.2058138626\1417191865" -childID 2 -isForBrowser -prefsHandle 2248 -prefMapHandle 2244 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 868 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\browser" - {e427d165-5638-43d9-b9b5-17c663a10459} 2996 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2996.3.1375870298\13263234" -childID 3 -isForBrowser -prefsHandle 2252 -prefMapHandle 2292 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 868 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\browser" - {44af6474-c2c4-4fe6-adaf-47130a1ad90f} 2996 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2996.4.662935396\1590330377" -childID 4 -isForBrowser -prefsHandle 2700 -prefMapHandle 2688 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 868 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\browser" - {b4fc0d48-d24c-4af0-96ea-c289d4427d6f} 2996 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2996.5.2093232769\611232611" -childID 5 -isForBrowser -prefsHandle 2820 -prefMapHandle 2824 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 868 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\browser" - {25cc1a7e-594d-4930-9b4a-206f67c56e3a} 2996 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2996.6.16462318\1419277946" -childID 6 -isForBrowser -prefsHandle 2976 -prefMapHandle 2980 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 868 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\browser" - {5b3aea0b-06ff-4033-b1f7-2be92e16bca5} 2996 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2996.7.1084002785\1386576401" -childID 7 -isForBrowser -prefsHandle 3368 -prefMapHandle 3372 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 868 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\browser" - {cb9f9e27-4b90-474c-a1b9-573b57f512d3} 2996 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2996.8.229346458\1056835547" -childID 8 -isForBrowser -prefsHandle 3160 -prefMapHandle 1732 -prefsLen 25536 -prefMapSize 245849 -jsInitHandle 868 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\browser" - {87f329bd-f24e-4f9b-8f8c-b01c0193db9d} 2996 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2996.9.1967974646\1699058001" -childID 9 -isForBrowser -prefsHandle 7260 -prefMapHandle 7192 -prefsLen 25536 -prefMapSize 245849 -jsInitHandle 868 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\browser" - {454f1ea0-3611-48a2-be6e-f0f20f5ed78b} 2996 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2996.10.1086784968\1281826275" -childID 10 -isForBrowser -prefsHandle 1108 -prefMapHandle 840 -prefsLen 25536 -prefMapSize 245849 -jsInitHandle 868 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\browser" - {05b2e474-9124-4209-a713-c122d6ea7a10} 2996 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2996.11.1337422591\1784628922" -parentBuildID 20240416150000 -prefsHandle 3328 -prefMapHandle 1956 -prefsLen 27764 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\browser" - {7af8bbda-c0b1-4ebd-a501-40231cbcd211} 2996 rdd
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2996.12.853679736\1774456045" -parentBuildID 20240416150000 -sandboxingKind 1 -prefsHandle 1708 -prefMapHandle 7044 -prefsLen 27764 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\browser" - {4fd2e11a-33ae-4190-a869-83164881e44f} 2996 utility
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2996.13.378502215\882234331" -parentBuildID 20240416150000 -sandboxingKind 0 -prefsHandle 7136 -prefMapHandle 1952 -prefsLen 27764 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\browser" - {46c4c29a-be60-405d-aea3-3c11b1b07fe9} 2996 utility
C:\Users\Admin\AppData\Local\Temp\_MEI21762\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI21762\geckodriver.exe --port 49465 --websocket-port 49466
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 49466 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileWHYAtu
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 49466 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileWHYAtu
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2252.0.358531249\236960464" -parentBuildID 20240416150000 -prefsHandle 1208 -prefMapHandle 1200 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\browser" - {55df89cd-20f4-4e36-93ae-54ba16029b2a} 2252 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2252.1.627377669\1502418289" -childID 1 -isForBrowser -prefsHandle 2052 -prefMapHandle 2044 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 884 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\browser" - {9b9ecb6f-4c60-437b-afb9-7aa8d4c853ba} 2252 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2252.2.960973166\1107622587" -childID 2 -isForBrowser -prefsHandle 2364 -prefMapHandle 2368 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 884 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\browser" - {9d6d8596-6da8-4078-ac82-75f619dbe8cc} 2252 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2252.3.998852943\1329448502" -childID 3 -isForBrowser -prefsHandle 2400 -prefMapHandle 2232 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 884 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\browser" - {b3afb482-2063-4f99-96fa-8d08615c2a02} 2252 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2252.4.1591990311\45358421" -childID 4 -isForBrowser -prefsHandle 2796 -prefMapHandle 1096 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 884 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\browser" - {8c18955a-bcf9-4815-9ece-af4dca6cfdeb} 2252 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2252.5.544903707\1870425097" -childID 5 -isForBrowser -prefsHandle 2948 -prefMapHandle 2952 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 884 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\browser" - {fd872d4e-c3d2-443a-b885-8b47c9f775b9} 2252 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2252.6.1007946226\2127957581" -childID 6 -isForBrowser -prefsHandle 3044 -prefMapHandle 3048 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 884 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\browser" - {bd4ab8eb-1ab7-4ce6-abfa-60ae726e673d} 2252 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21762\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI21762\geckodriver.exe --port 49465 --websocket-port 49466
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 49466 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileNgKK4x
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 49466 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileNgKK4x
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2436.0.822217229\1292294870" -parentBuildID 20240416150000 -prefsHandle 1188 -prefMapHandle 1168 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\browser" - {3b305390-fcf7-4513-88af-911ef337c9a3} 2436 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2436.1.2134074033\1534881363" -childID 1 -isForBrowser -prefsHandle 1896 -prefMapHandle 960 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 860 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\browser" - {90846d23-79a5-48bc-a828-e38b12506f7b} 2436 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2436.2.956158785\1473394414" -childID 2 -isForBrowser -prefsHandle 2256 -prefMapHandle 2252 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 860 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\browser" - {83414275-2d38-4174-9c59-7a12689dd3c9} 2436 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2436.3.1223451884\1276242522" -childID 3 -isForBrowser -prefsHandle 2564 -prefMapHandle 2260 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 860 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\browser" - {202f82d8-6d3a-465d-9a08-bd052a8c39d3} 2436 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2436.4.1070146362\1992056265" -childID 4 -isForBrowser -prefsHandle 2848 -prefMapHandle 2852 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 860 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\browser" - {aa17452f-b131-4c31-b993-b3d95fe923ab} 2436 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2436.5.90723235\158559465" -childID 5 -isForBrowser -prefsHandle 2980 -prefMapHandle 2984 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 860 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\browser" - {c17736fe-a611-42c2-8f9b-af6390c4aef0} 2436 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2436.6.1636430017\1026536347" -childID 6 -isForBrowser -prefsHandle 3132 -prefMapHandle 2836 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 860 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\browser" - {2c8821f4-29c1-468d-a2de-25df5b1ebd90} 2436 tab
Network
| Country | Destination | Domain | Proto |
| DE | 185.220.101.86:9000 | tcp | |
| DE | 37.221.196.71:443 | tcp | |
| GB | 216.205.161.171:9002 | tcp | |
| N/A | 127.0.0.1:49566 | tcp | |
| N/A | 127.0.0.1:49573 | tcp | |
| N/A | 127.0.0.1:49465 | tcp | |
| N/A | 127.0.0.1:49465 | tcp | |
| N/A | 127.0.0.1:49672 | tcp | |
| N/A | 127.0.0.1:49707 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:49465 | tcp | |
| N/A | 127.0.0.1:49465 | tcp | |
| N/A | 127.0.0.1:49465 | tcp | |
| N/A | 127.0.0.1:50146 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50181 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:49465 | tcp | |
| N/A | 127.0.0.1:49465 | tcp | |
| N/A | 127.0.0.1:49465 | tcp | |
| N/A | 127.0.0.1:50787 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50822 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:49465 | tcp | |
| N/A | 127.0.0.1:49465 | tcp | |
| N/A | 127.0.0.1:49465 | tcp | |
| N/A | 127.0.0.1:51364 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51399 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:49465 | tcp | |
| N/A | 127.0.0.1:49465 | tcp | |
| N/A | 127.0.0.1:49465 | tcp | |
| N/A | 127.0.0.1:52178 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:52213 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:49465 | tcp | |
| N/A | 127.0.0.1:49465 | tcp | |
| N/A | 127.0.0.1:49465 | tcp | |
| N/A | 127.0.0.1:52632 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:52667 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\_MEI21762\python38.dll
| MD5 | 26ba25d468a778d37f1a24f4514d9814 |
| SHA1 | b64fe169690557656ede3ae50d3c5a197fea6013 |
| SHA256 | 2f3e368f5bcc1dda5e951682008a509751e6395f7328fd0f02c4e1a11f67c128 |
| SHA512 | 80471bfeeab279ce4adfb9ee1962597fb8e1886b861e31bdff1e3aa0df06d93afeb3a3398e9519bab7152d4bd7d88fa9b328a2d7eb50a91eb60fead268912080 |
\Users\Admin\AppData\Local\Temp\_MEI21762\VCRUNTIME140.dll
| MD5 | 4a365ffdbde27954e768358f4a4ce82e |
| SHA1 | a1b31102eee1d2a4ed1290da2038b7b9f6a104a3 |
| SHA256 | 6a0850419432735a98e56857d5cfce97e9d58a947a9863ca6afadd1c7bcab27c |
| SHA512 | 54e4b6287c4d5a165509047262873085f50953af63ca0dcb7649c22aba5b439ab117a7e0d6e7f0a3e51a23e28a255ffd1ca1ddce4b2ea7f87bca1c9b0dbe2722 |
\Users\Admin\AppData\Local\Temp\_MEI21762\libffi-7.dll
| MD5 | eef7981412be8ea459064d3090f4b3aa |
| SHA1 | c60da4830ce27afc234b3c3014c583f7f0a5a925 |
| SHA256 | f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081 |
| SHA512 | dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016 |
\Users\Admin\AppData\Local\Temp\_MEI21762\_ctypes.pyd
| MD5 | 291a0a9b63bae00a4222a6df71a22023 |
| SHA1 | 7a6a2aad634ec30e8edb2d2d8d0895c708d84551 |
| SHA256 | 820e840759eed12e19f3c485fd819b065b49d9dc704ae3599a63077416d63324 |
| SHA512 | d43ef6fc2595936b17b0a689a00be04968f11d7c28945af4c3a74589bd05f415bf4cb3b4e22ac496490daff533755999a69d5962ccffd12e09c16130ed57fd09 |
C:\Users\Admin\AppData\Local\Temp\_MEI21762\_lzma.pyd
| MD5 | cf9fd17b1706f3044a8f74f6d398d5f1 |
| SHA1 | c5cd0debbde042445b9722a676ff36a0ac3959ad |
| SHA256 | 9209ccc60115727b192bf7771551040ca6fdd50f9bf8c3d2eacbfd424e8245e4 |
| SHA512 | 5fe922c00c6f7fd3cd9bc56fc51de1f44adffbdb0afc0583f1bb08008be628b9ac16f8560b0c3ba16138e1cdcaf1c525ef24241bed804804cdeb5961aed6385a |
\Users\Admin\AppData\Local\Temp\_MEI21762\_bz2.pyd
| MD5 | a49c5f406456b79254eb65d015b81088 |
| SHA1 | cfc2a2a89c63df52947af3610e4d9b8999399c91 |
| SHA256 | ce4ef8ed1e72c1d3a6082d500a17a009eb6e8ed15022bf3b68a22291858feced |
| SHA512 | bbafeff8c101c7425dc9b8789117fe4c5e516d217181d3574d9d81b8fec4b0bd34f1e1fe6e406ae95584dc671f788cd7b05c8d700baf59fbf21de9c902edf7ae |
C:\Users\Admin\AppData\Local\Temp\_MEI21762\base_library.zip
| MD5 | 09f7062e078379845347034c2a63943e |
| SHA1 | 9683dd8ef7d72101674850f3db0e05c14039d5fd |
| SHA256 | 7c1c73de4909d11efb20028f4745a9c8494fb4ee8dcf2f049907115def3d2629 |
| SHA512 | a169825e9b0bb995a115134cf1f7b76a96b651acd472dc4ce8473900d8852fc93b9f87a26d2c64f7bb3dd76d5feb01eeb4af4945e0c0b95d5c9c97938fa85b34 |
\Users\Admin\AppData\Local\Temp\_MEI21762\_socket.pyd
| MD5 | 4827652de133c83fa1cae839b361856c |
| SHA1 | 182f9a04bdc42766cfd5fb352f2cb22e5c26665e |
| SHA256 | 87832a3b89e2ada8f704a8f066013660d591d9ce01ce901cc57a3b973f0858ba |
| SHA512 | 8d66d68613fdba0820257550de3c39b308b1dce659dca953d10a95ff2cf89c31afe512d30ed44422b31117058dc9fa15279e5ac84694da89b47f99b0ad7e338a |
\Users\Admin\AppData\Local\Temp\_MEI21762\libcrypto-1_1.dll
| MD5 | 89511df61678befa2f62f5025c8c8448 |
| SHA1 | df3961f833b4964f70fcf1c002d9fd7309f53ef8 |
| SHA256 | 296426e7ce11bc3d1cfa9f2aeb42f60c974da4af3b3efbeb0ba40e92e5299fdf |
| SHA512 | 9af069ea13551a4672fdd4635d3242e017837b76ab2815788148dd4c44b4cf3a650d43ac79cd2122e1e51e01fb5164e71ff81a829395bdb8e50bb50a33f0a668 |
\Users\Admin\AppData\Local\Temp\_MEI21762\_hashlib.pyd
| MD5 | 5e5af52f42eaf007e3ac73fd2211f048 |
| SHA1 | 1a981e66ab5b03f4a74a6bac6227cd45df78010b |
| SHA256 | a30cf1a40e0b09610e34be187f1396ac5a44dcfb27bc7ff9b450d1318b694c1b |
| SHA512 | bc37625005c3dad1129b158a2f1e91628d5c973961e0efd61513bb6c7b97d77922809afca8039d08c11903734450bc098c6e7b63655ff1e9881323e5cfd739fd |
\Users\Admin\AppData\Local\Temp\_MEI21762\select.pyd
| MD5 | e21cff76db11c1066fd96af86332b640 |
| SHA1 | e78ef7075c479b1d218132d89bf4bec13d54c06a |
| SHA256 | fcc2e09a2355a5546922874fb4cac92ee00a33c0ed6adbc440d128d1e9f4ec28 |
| SHA512 | e86dba2326ca5ea3f5ef3af2abd3c23d5b29b6211acc865b6be5a51d5c8850b7cda8c069e6f631ac62f2047224c4b675bbe6ac97c7ba781de5b8016ebaffd46f |
C:\Users\Admin\AppData\Local\Temp\_MEI21762\_ssl.pyd
| MD5 | d4dfd8c2894670e9f8d6302c09997300 |
| SHA1 | c3a6cc8d8079a06a4cac8950e0baba2b43fb1f8e |
| SHA256 | 0a721fc230eca278a69a2006e13dfa00e698274281378d4df35227e1f68ea3e0 |
| SHA512 | 1422bf45d233e2e3f77dce30ba0123625f2a511f73dfdf42ee093b1755963d9abc371935111c28f0d2c02308c5e82867de2546d871c35e657da32a7182026048 |
\Users\Admin\AppData\Local\Temp\_MEI21762\libssl-1_1.dll
| MD5 | 50bcfb04328fec1a22c31c0e39286470 |
| SHA1 | 3a1b78faf34125c7b8d684419fa715c367db3daa |
| SHA256 | fddd0da02dcd41786e9aa04ba17ba391ce39dae6b1f54cfa1e2bb55bc753fce9 |
| SHA512 | 370e6dfd318d905b79baf1808efbf6da58590f00006513bdaaed0c313f6fa6c36f634ea3b05f916cee59f4db25a23dd9e6f64caf3c04a200e78c193027f57685 |
\Users\Admin\AppData\Local\Temp\_MEI21762\_queue.pyd
| MD5 | dd146e2fa08302496b15118bf47703cf |
| SHA1 | d06813e2fcb30cbb00bb3893f30c2661686cf4b7 |
| SHA256 | 67e4e888559ea2c62ff267b58d7a7e95c2ec361703b5aa232aa8b2a1f96a2051 |
| SHA512 | 5b93a782c9562370fc5b3f289ca422b4d1a1c532e81bd6c95a0063f2e3889ecf828003e42b674439fc7cd0fa72f64ad607bab6910abe9d959a4fb9fb08df263c |
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | 47539d0337e97e22a728afc2638d461f |
| SHA1 | d97b37079543b33b9b605c787945f809aed66fd6 |
| SHA256 | 262e52c5bbaa9bcd2dfcb4cf7da83a1efa95ebd0299f82031ad31a6ab19405a5 |
| SHA512 | 3810ebe80173d41785a42459fc5c4a8a31e56294f2c03fe99416925a34d242b88023565057201c9b6dcbdb97c8396d8305a723c0e31bb5b560b031b299672d4a |
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\containers.json
| MD5 | 26dd091069531a62061de8ca1c56d46b |
| SHA1 | 6c9daa73f096174f28f86c9bb245cb8a540f5c2d |
| SHA256 | 2cde4e7f9f1c6ab6fcf729370237845c72314a6c6d942fab1989f37e6c610a9a |
| SHA512 | 180d42c642f5d1126efbf89af33f1b4d1aa936aa530834b508eabcf3ec845aad91daa871ee6517e1181910f5720edbc3788d6a4b2455f1255d7b52b95de2d66d |
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\compatibility.ini
| MD5 | e50a617598b0f635e6f9ae4a9d445b78 |
| SHA1 | a372ec393dd6271bd00cf02f894152887765da8b |
| SHA256 | c9053fe76caf2607aa3043fa8b60070956198590dd8aab868145e0644cee30f5 |
| SHA512 | e851c226c38d4a6dfe43074d455fd75483d6c9b4d9521280a64f5b1913a055084d7764f13a8d0a12142a716a4031cc2ca4916c131d41c18a4d7a95128cb03bc0 |
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\addonStartup.json.lz4
| MD5 | 85de06e3d4c6f39404776f3c7162c59b |
| SHA1 | 3e4b8ecebaa9c903d220ee23d367be8e8ba27619 |
| SHA256 | 33d83687f45f4dbe12db0a0ce697cbce2c228d71ed474ad10a839ff7ce95012a |
| SHA512 | 6cd4cac7bd74ac01de30d242b2bc75e7dc2e23c0871250ae8176cc947553dbfc702a2392380acdad6bec355aea6dfa95708af54c560330c36c05bb0f34169963 |
C:\Users\Admin\AppData\Local\Temp\_MEI21762\unicodedata.pyd
| MD5 | 601aee84e12b87ca66826dfc7ca57231 |
| SHA1 | 3a7812433ca7d443d4494446a9ced24b6774ceca |
| SHA256 | d8091e62c74e1b2b648086f778c3c41ce01f09661a75ea207d3fea2cf26a8762 |
| SHA512 | 7c2d64623c6cfd66d6729f59909c90aa944e810ff6514c58b2b3142ee90e8660b7ddf7fa187389dd333e47efe8b19e935dd4e9119c15375b69b4880d043877d7 |
C:\Users\Admin\AppData\Local\Temp\_MEI21762\top-1m.csv
| MD5 | ba0857be5e9736dde1f5cc44edd5d21b |
| SHA1 | b130759907909cc97bfe0d9a1fd65b8942c931aa |
| SHA256 | 7800cdef850c31931b2b520a42f858c4feb5ca86d6b3789e6173a02e909595ca |
| SHA512 | 08446902bc588e323b8fc551502ff869be6c2bb64f788d1bebfcc30a04c3e589b0616e84fc55de3d81d7b19b26e690024a442e6a27096808bc613bcecf3f6db4 |
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\content-prefs.sqlite
| MD5 | 2ec530a71bdac21f299f9ddb823be222 |
| SHA1 | 5425aaf19c0832cda06be506e88f2435f432d287 |
| SHA256 | ccad2cafe84d27b3be67a87f0e32b7670e451c7ceefce6f2aa38f658976334b3 |
| SHA512 | 94eec8b0f59c68331d9187dd4dd4aa2b2c31d844e72bf707cd9e0c7c72c64982a3babcacf3d09a996422281ac5479ee304b41a577e54a74308d7a31a7d7091d4 |
C:\Users\Admin\AppData\Local\Temp\_MEI21762\pyexpat.pyd
| MD5 | 2ae23047648257afa90d0ca96811979f |
| SHA1 | 0833cf7ccae477faa4656c74d593d0f59844cadd |
| SHA256 | 5caf51f12406bdb980db1361fab79c51be8cac0a2a0071a083adf4d84f423e95 |
| SHA512 | 13052eb183bb7eb8bb2740ff39f63805b69e920f2e21b482657a9995aa002579a88296b81ec415942511d2ed146689d1868b446f7e698e72da22f5c182706030 |
C:\Users\Admin\AppData\Local\Temp\_MEI21762\nss3.dll
| MD5 | 71747091d34cc634b9ad3c360b45b0a9 |
| SHA1 | 111cf483836f6a392f64bc9398a327be1c43dfc8 |
| SHA256 | 6e69c7c93a9d06c34c5f5429813d3763fe7ae4fb09c1dc5b0f0290b2dd8befcf |
| SHA512 | b911fd3b201a84c7663135c2dbf72e2368d68557181f5e1a32be271b0e73181f34990575fba44002fc92bae7d90caf530b7ec9212d3d022b4526906f0c2eb35a |
C:\Users\Admin\AppData\Local\Temp\_MEI21762\mozglue.dll
| MD5 | 3e4d1ec1d2a6e85593459601b5a0a828 |
| SHA1 | 92ee422285282dcb170cbc7808299d14d8d27963 |
| SHA256 | eefcf97ee8a298c85c9d4d44bb8747c0cca1ef5922e25000814148fd0fbfb2f5 |
| SHA512 | 4fe70fdbf8c902497537fbcda6e96373c636521aba2db52e3047abad37a9b857ab1668f203bcdf2815bbe0c485ec751dd6031043f459fd4af968c5d495e44ba4 |
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions.json
| MD5 | e2e8f9cf938f81b1185086b12c5c9d90 |
| SHA1 | b67c857a7002b3262f09ffc9fa8524c58a01e5b9 |
| SHA256 | a053bba02f38179197090a9a9849aab872af5b09dc61b2f69efb0d8ea2d0f5e2 |
| SHA512 | 3bab571f5c43ff72ce1dd654b584d053cba937a3d3cc4d07cbf57ac7acc821b199b90fab66abc62dbe32e75297143c810c995d87df076e75a583e321d081d87f |
C:\Users\Admin\AppData\Local\Temp\tmphn2xkcq_\webdriver-py-profilecopy\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
| MD5 | a3fb2788945937b22e92eeeb30fb4f15 |
| SHA1 | 8cade36d4d5067cd9a094ab2e4b3c786e3c160aa |
| SHA256 | 05b98840b05ef2acbac333543e4b7c3d40fee2ce5fb4e29260b05e2ff6fe24cd |
| SHA512 | 4897aefe3a0efffaa3d92842b42fe223f0b9882031a65bea683f4554d1fec92b8a66ea15c67e9b95c7fc12991cde3245010ccfb91768ba233711ced3412c13bc |
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extension-preferences.json
| MD5 | d2e8aceaa00ad916618bea2eee81aedf |
| SHA1 | 28b26f0db0b4b2504a418983089795761c56e4a1 |
| SHA256 | fc52b830f384921b69b457fed04dfb4239fb08e9fe7d8ac07c4c269bd9f6f622 |
| SHA512 | b6cb1f872dfc024d28524976aca3ad8840943ca0fc212326e8b6ee6fe0a57d5120a6c1da824ab70d7f9ee8dd674bdd32ace038db4d893b893830bf3267c6e59d |
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\datareporting\glean\db\data.safe.bin
| MD5 | b1c8aa9861b461806c9e738511edd6ae |
| SHA1 | fe13c1bbc7e323845cbe6a1bb89259cbd05595f8 |
| SHA256 | 7cea48e7add3340b36f47ba4ea2ded8d6cb0423ffc2a64b44d7e86e0507d6b70 |
| SHA512 | 841a0f8c98dd04dc9a4be2f05c34ecd511388c76d08ca0f415bfb6056166d9a521b8bc2c46b74697f3ecdac5141d1fe6af76dd0689350caca14e9f849ee75a8b |
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\cookies.sqlite
| MD5 | 5caa766855d5613a999f71b7812d6451 |
| SHA1 | ad0d9a52a0d5cc7f11858301dbe47377ed99ee37 |
| SHA256 | 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27 |
| SHA512 | 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba |
C:\Users\Admin\AppData\Local\Temp\_MEI21762\mozavutil.dll
| MD5 | 4ecbb73d44518fc2b601a1ac9a38dcad |
| SHA1 | f7c96e85d5b32af8efb784e75164ec4f0c6f4f10 |
| SHA256 | 7f629ecfd36353139e9b067dc5ba84b411ed74132aef01b4430ccb016af46a52 |
| SHA512 | 12946996b2bdd87dd08cf046b37ff21dc23ab336c92d2b42cfa2000743c79524205004623b67505294080f60f9b5433005457f8a385e0461cef2cded6aa3d610 |
C:\Users\Admin\AppData\Local\Temp\_MEI21762\lgpllibs.dll
| MD5 | 726abf1280adf3129481b94b2bc644c4 |
| SHA1 | 404f69e71296f2d199535e8a6d9fb56707fcbc5f |
| SHA256 | 8969747ecb7dfd4a6dcb9150017e14ebbf90ce558f6fb469f6b558d039e9259a |
| SHA512 | 160b57aa1a28ff35210cf958fd7821aa2cc1cf6fca1ea38d768fa90111826b096518363b00b6818d21743aefd6bbbfa358fbe2fe3afa95edacb330a747c6e5f3 |
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs.js
| MD5 | 8565a303ddc83b03f8662b034597de18 |
| SHA1 | ce6453779eb52055599ddba097a95ab82512ae5b |
| SHA256 | b6ffe8a2973d7050fd5ffcf7ee1c995eef8d8dc5d58cb0a05a6ca0953bd4c6bd |
| SHA512 | 2b667252645b7f1202582beb353fbb2320f81b1f2e42a8327792309709434092a953727b222a5d81bac1482a547a498ca5c9d3d2c772858746cf29d18c684566 |
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\places.sqlite
| MD5 | 2eeb46e1c58ff1cce4ac2d4d725b2cc6 |
| SHA1 | 89aa36e77e51da31fbbfd682a2acc91f6016d275 |
| SHA256 | e99e5ee165f2a0d5d39c5cc5a1d994c0534cf7caf8779f314f0e92b2d59d2b6a |
| SHA512 | 23d5e39c25375ef4a83713f44615078878253411cd6ca6c4a149de915cd491b328046ddd189a113585361faad6a47ebd6ead31f062681ab25b0f2832a988265e |
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\handlers.json
| MD5 | e7a65c5ead519a7b802f991353c26d3d |
| SHA1 | 34cc3c1cf9bd4912dba5fa422010934e46419fa3 |
| SHA256 | 0e5ce92485da953757f615bad034a43032b220da18f8165dd85347851b56b2d2 |
| SHA512 | 2a6034449ba6f5da8a77870ae665064047cea2460aeb4c8c0b62b308a403fdd30648150209aecc31ab1e50b6d9d94a1f51d3d7d50bbf35ec1b742bff2dbe788d |
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\favicons.sqlite
| MD5 | 0351b833a5c095852e821535974441c8 |
| SHA1 | bcbf5c294852c2d80af7862d19791b994aea7706 |
| SHA256 | dd13400afe7ebe5d0be37c951ff961be293b63588cc3635a62fa5f071ab69eef |
| SHA512 | 3eaefe9e400fadf0b947036e15b4dc5c7b42fbbcb716426ba478073eff1e7d7bddf3f72c44dfb5fafe6712d7ea9f2c52c172607d719f238a22e432afdb618b97 |
C:\Users\Admin\AppData\Local\Temp\_MEI21762\geckodriver.exe
| MD5 | f60c542253cbe94f762e15c7b064b55d |
| SHA1 | 7a32f034217266db6d799893edc976e891a82944 |
| SHA256 | 989c9e22c08924ecb0ce8901889dcb4dc8db33b0b4c8c88ffea38fe89f04c6aa |
| SHA512 | 1a91ba760e9893521e417a4b6ab4a25c1a1d8aadf89ad98a60eb114f65a88f9d2616f3cc102c08b95a0e91d0cb7245ecc2b4fdbbbc17465c57844e6db2b2e8ca |
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\.metadata-v2
| MD5 | 2c740091198dcf20b9c600791e2bcc3c |
| SHA1 | dd6f376ba9139ddec20ece64da0760054133db96 |
| SHA256 | e39504c71ba91c438c682a8c83c7ecfc5410b853d7788a4c561a8c6e90bdbe59 |
| SHA512 | a677a432a4af6b5ad0131d224d2e4c999c2340a54ba770f9f39429fd28ad05a921fcf65a1b714af5deae2419abcf8ab38472e15f0f8758ccf7b7769a40bafffc |
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\sessionCheckpoints.json
| MD5 | 48fcad918c62db97e9af1dba1d131473 |
| SHA1 | d89381594d3241b0e645033f67572a5d8c166764 |
| SHA256 | dd8349e2789db1125b477971c5d445b6afb2f6ea3b57de65080631040900fe8c |
| SHA512 | 2278d074aab519859188b047c77fe7b4db718e0af237b63e06a1b095d7a1eb4e07d6ea59cab5d7b1325aae0047fadea36eae12a80bfefe112aab85fc18aa1ca3 |
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\search.json.mozlz4
| MD5 | b6d7fc9b6ebc5f46500acc52bf6c9808 |
| SHA1 | 4fd8111c436d89b83890e98b4cb7d0343e568340 |
| SHA256 | 2bd35c40d02dfca6c685a001287d89c1ec743b8d4d87a0a568c1cbd0b5ba4974 |
| SHA512 | 7e7111112af9448be4da527ae1d76ed93ec1e236dd00db63ff30d93d1f29cd699193e1e2635b110dda3ec36502c25065ef7d1613537451916ea301eb0f3e084b |
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | ecb1dedf5ef99417494e424ca42eb67f |
| SHA1 | e2a293cbba50c6624e75cdaffe472967f3961023 |
| SHA256 | cccd56daa3559a54db61113fbdb5b6c96649cdd65b5cf14bd442c3f2e3b738be |
| SHA512 | 5ea0645775933d5bd2f913d58e344253a58578c920af95bd0fb81ff4f13a4998a919f0856ffdc97541abf9fc3797558b0f2467bc73214b63c7ce568ba87e550b |
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\webappsstore.sqlite
| MD5 | 41c22c9f81a84b1b0e5ee7ec2ff7c545 |
| SHA1 | d12424cba9e4e9124bf3f15e556c562b95c9b6a3 |
| SHA256 | 4ffdc78433817da79ad2e84b26a2ffaf62d8c1baf80421751d752c3d8723328f |
| SHA512 | 8b690c55ae0b25aeede62a09dea1ef6b7daa9880ca63c6d4ce192160daded05fe0dc44b115216ce10523e2ec45991873c249f159fe8608712818f5ead327897b |
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\times.json
| MD5 | 797325af481a14ae243f10d5f24b4a0d |
| SHA1 | 718b6ed3d9d839b8fe0a0e097b9ac5f5770ed5a1 |
| SHA256 | 1d70eaebce1c81e3241ae47deb92aab50f90dd8baa4c7cb5e9f7eb6b1e66abb1 |
| SHA512 | ac9aa2b028bdffe24831ba50894fb48eb70b100f6973875987e24f075a3e9196f96699667eb3a5d2e4f86041d510447c75fe6e55562813451712878a3411c3b1 |
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\xulstore.json
| MD5 | 8d689c06cb844185099c0398a280537e |
| SHA1 | 57073c7526ec37e94bb9db44fedc6d50276f7a6b |
| SHA256 | 96729e9b38f216605ff10715f96f364be32f02e2de23ede7e74b78244605124d |
| SHA512 | 3c7df326c695143915df1068cb2c0f58e93e4881b2c4d94b33948b80e954fbd4cf944ae53b4d15002b79fcdb8e88f8e9cf4c89ca50f56b7cfd8a13ea7dd6fff8 |
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage.sqlite
| MD5 | 7f2754df6a4a580b15910f449892766d |
| SHA1 | 9dcaad98563ed89781f53941cbc43db5454de7f5 |
| SHA256 | d3765d63c380e5a79296d566b7869c08b1f4e079787176f29cf2ddcd76330654 |
| SHA512 | 25f0205a8c4aed02e9e1f9ecafffb36cb3bb795ef9f06cc12ede9e8b0459ae5b86573b3b4980b92073a59204eaf314cba34c03b99e90ab98f804fe378fe02839 |
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\.metadata-v2
| MD5 | 7abc816e004d9ed0f292770cfa8876cb |
| SHA1 | 4a1eeb702543f0819ef7c64b9f3bfd53be292106 |
| SHA256 | 2960d61c10694d76f29beca0eb96c06608cf4bbf479811449a39197e8580842e |
| SHA512 | 9883b894e65a426227ea9808b69e2259f206df76bd9bb9e7c0ebd7521acbdad0a92c4a531f739c93b1e53001eca8a1a42e122baa1e1885b11d4ba34aae24961a |
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\ls-archive.sqlite
| MD5 | d277f533f1d77e26d09bb66764bbeea6 |
| SHA1 | 082920ebe7dfb870cf94a99fc601fd5ae8b456ee |
| SHA256 | 3c957f8d69ccfe73b66c28d378bf301bb1bcb0ceb5c59ac0dafeb5787b24f3c3 |
| SHA512 | 510c78685b20a68160d9041d5a55a022a281fc0fd5777f978dc422d132961bf52ac23a0a95ca47b15715641ecb7a39b359da8d00d305c8543d553c00db54747d |
C:\Users\Admin\AppData\Local\Temp\_MEI21762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | cbb1daad9fc48ab13e35fcd3621a5999 |
| SHA1 | 0eec8ece735465aea259f8223762f93fb13a97a0 |
| SHA256 | 8a03ae38ee38cf04dd9a5e2c5563bfd930886cae2170ed4200829288e5c155da |
| SHA512 | 818629d68123ae629bd5a1c7e768ed79707360457be1b7c50f7c59447bf9ee398fe78c925f037649d6b1ca529a9cf3bf8077b6f525f3e88142c56bc7e5451e8b |
C:\Users\Admin\AppData\Roaming\tor\cached-microdesc-consensus.tmp
| MD5 | 80e882ce8268212cf4db9fbe44f95336 |
| SHA1 | 85abc152168a20d8db2c6501aa43a97ea72efc8c |
| SHA256 | 32c7fa19bdf922f35368bbda1fd91b30fae89f7e8615c8224901e4e3454ee937 |
| SHA512 | eb6fc2086c0c5b1e2207c675e49713961246559ade42f65f5e1d51e6139e503eacceaa57542664f7161dc320df0403d90bc85e499aa2d0f09c4a3d4236920cd5 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile9CwujC\extensions.json
| MD5 | 30b45140b0b5756e7c64371c1a4bcb5a |
| SHA1 | 5b9c12cf5c3ec8836bf4d9825f6286a8f96891f9 |
| SHA256 | f9fc0c25f35faec57dd1d0b58bdd1e02cd7aa0d3a18bbbf54cb14ab13698e27e |
| SHA512 | 4b786b756bcf3a943f6d265d70dfe4bbde21383b9a8caa7cb17641c9d956b3212700c122939db70513c46a05ddf021964d987edab34350ac658e051ed2a3f08a |
memory/2840-699-0x000000000B8D0000-0x000000000B8E0000-memory.dmp
C:\Users\Admin\AppData\Roaming\tor\cached-microdescs.new
| MD5 | c1664dcd812b5642802c794e61d95692 |
| SHA1 | 59419863b627e86c506ffa51b9c9669263a2b52a |
| SHA256 | 93237ae23080dcbff1a5dadda47a9d7297f54f67c2be81c7c726ac237e3bc2b8 |
| SHA512 | 793dd7313b09427d852f1f767a02064252d456c732206ad35dd47edc73d56c8d033ebd716e87706595ca99d9c682178b2ce601a51b2a7c40f214b7510b6e133c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile9CwujC\prefs-1.js
| MD5 | 2ccfdf75ffd95c7c1721b0cee926f6a7 |
| SHA1 | 844e642adce42ab4372d346ece92ea52c7ea090a |
| SHA256 | b80a5306bcdf102cd24ffe05d022e7f2ed491806fe11370fea4af066fdede482 |
| SHA512 | 79dc78e3ddba7babd1a8139fe8b72dd4749a72c4aafd62a27bad6282cc8973943b46463c411d00586a81c4c31d53a8f0a5acc5eb1dd6220c74a284d352593860 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilezlVcfP\sessionCheckpoints.json
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilezlVcfP\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
memory/2572-1144-0x0000000003CC0000-0x0000000003CD0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilezlVcfP\prefs.js
| MD5 | 0bb9ec2bccd4fd9fdab707849ac370b6 |
| SHA1 | d90e8c33265c71373fd7602854db83d29023f6d4 |
| SHA256 | 40d83991b3740e04c0fe73173281efb6aad5d9817e266498e9168506b8189759 |
| SHA512 | dbcee74cd2d2a5659cff258a61995d503cc3d5463e8ff924e3cb4d3cf5a1e4fb5913c3bb492c7bdaae286ffca3d98616888dd542842c501b404e7771a6d372cf |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilezlVcfP\extension-preferences.json
| MD5 | b4298c9a240d6b7b63346daf94013802 |
| SHA1 | 9ce98168437854b51b198c16186c05129f0c273b |
| SHA256 | e120cdbe8994b9c61e74492f0fad161abb5b4e18f64d4b786a8c245ae5a384d5 |
| SHA512 | 545becc42b35be10b4c24fdc38ef6b664d167e4288111f31478f476c2c06794efb802ac0fa2b782cddea1283d295a56053e96520b033258bd596ff6fbb4f1b4c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilezlVcfP\startupCache\webext.sc.lz4
| MD5 | a6ad1687448c3eec81143e9e14a7cd94 |
| SHA1 | 96ce07835721666896d65c9bf6b2d411d4dc4d3c |
| SHA256 | e804072a25c0cd9c3e4fbccc9fcfc46c55c19f89db1388a206fc68c4889b7176 |
| SHA512 | 59f8943aca3045051a74e503bfa8479aeba3269f78781a810b1b19aba9c0560487f7748ef60ef4e43190699479ab365b846f45278a258d44be030e845232758e |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilezlVcfP\prefs.js
| MD5 | 35a232c19e514103d532a5d54b5e7e97 |
| SHA1 | f3d66c704e747e57a678b743b274851f366e75fc |
| SHA256 | d7ebb13039d2d9b45b8facb327bf50c1d97f2f04a756d933647ed9ef8873a33c |
| SHA512 | cc4e138f2cb0b42d8f138073bd91d6ab5cf68fa2d2eb50940c41aee16f99ba361cc09e8f3f853b35d011494fa8f6a54c1731022e1e611248bd88442dfa0fad2b |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilezlVcfP\prefs-1.js
| MD5 | 243c71ef844678e56af02e923462334a |
| SHA1 | af85e2c39bba8c01d2475bb79135d66e5b8164f8 |
| SHA256 | 1ec5d742a13382d8127ed4cd803dd7b509dfea16f8f1c5d3c98fab5b4bfb400c |
| SHA512 | 68317346f803868d366bd680fcc481f8fa19880a6a981035f830ab29a4675d55dda25299f3f8712c2b93db054e88c79893318fa6f1a92a9d9deccc19ff98faba |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilezlVcfP\xulstore.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilezlVcfP\sessionCheckpoints.json.tmp
| MD5 | 29ce37dc02c78bbe2e5284d350fae004 |
| SHA1 | bab97d5908ea6592aef6b46cee1ded6f34693fa2 |
| SHA256 | 1bfee61e2f346959c53aa41add4b02d2b05c86c9f19ffefe1018f4a964bf4693 |
| SHA512 | 53a9eb746e193c088210d8eaa6218d988f3a67ee4cb21844d682ff0178db040932404f5ce2f3cf8b4576313ba0ec33c04ca288c3412bfa5df7dd8230cc2068bb |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilezlVcfP\sessionCheckpoints.json
| MD5 | 2d87ba02e79c11351c1d478b06ca9b29 |
| SHA1 | 4b0fb1927ca869256e9e2e2d480c3feb8e67e6f1 |
| SHA256 | 16b7be97c92e0b75b9f8a3c22e90177941c7e6e3fbb97c8d46432554429f3524 |
| SHA512 | be7e128c140a88348c3676afc49a143227c013056007406c66a3cae16aae170543ca8a0749136702411f502f2c933891d7dcdde0db81c5733415c818f1668185 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilezlVcfP\sessionCheckpoints.json
| MD5 | 65690c43c42921410ec8043e34f09079 |
| SHA1 | 362add4dbd0c978ae222a354a4e8d35563da14b4 |
| SHA256 | 7343d5a46e2fca762305a4f85c45484a49c1607ede8e8c4bd12bedd2327edb8d |
| SHA512 | c0208d51cf1586e75f22764b82c48ecbb42c1ff54aa412a85af13d686e0119b4e49e98450d25c70e3792d3b9c2cda0c5ab0c6931ebaf548693bb970a35ae62b9 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilezlVcfP\sessionCheckpoints.json
| MD5 | 99601438ae1349b653fcd00278943f90 |
| SHA1 | 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9 |
| SHA256 | 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a |
| SHA512 | ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileQwzZCz\user.js
| MD5 | 736db8c9b955f72129a6644a9c797093 |
| SHA1 | 59f1c80c407e27ffe85407a82f7b7250c5ee3753 |
| SHA256 | 668694ca0485bfb77e7049bad327ba3f83534f31c1d50744f227c996eab4097f |
| SHA512 | 9916d339304272357ff56976bfcb9fd2d607ccbaa33dc40b88618c9ae31833923d3f2e8288cfc1f0090da90803b5e07404c41182155db2d2345df6f63020f217 |
memory/2852-1670-0x0000000007970000-0x0000000007980000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileQwzZCz\startupCache\scriptCache-child-new.bin
| MD5 | 2724d7dd31542eea53805994d9290cd8 |
| SHA1 | 7b5d8536b060269d79848eaa6e2362333bc0f8ec |
| SHA256 | 72f0d983fa1c2017f7402b19caf50305d7bd8001ed4e7797bc3dc0528f3081a1 |
| SHA512 | 6ea98f95ca46f2b83081b546bf6238de11a829853105233bb29cf9ceeb69ace8c69ae90e94c9b5143f91f05713cfbf82f63265733f6233ecf5acb867758c1ee0 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileQwzZCz\prefs-1.js
| MD5 | 398b479a44a0aad3ab87f98ae7e3b826 |
| SHA1 | 4254496964fd234fe1075f12acbfac566749f067 |
| SHA256 | 93140a8a61b1c61562101f3e5418a322aee0f8715f3edf59ad0ab91050e675dc |
| SHA512 | f1414c6b868e17fcb2a5d928b4fc914f49d9ea41ada7a6813f403088653759b6c2f2f25eecc4189f2327c996ea13496a6357638616890fdbd3d9cda8087c5e42 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileQwzZCz\broadcast-listeners.json
| MD5 | 97c3738563a9448365a735f5f29ed3d5 |
| SHA1 | 15a81433236ca6e6ecc4e1c8d0fdb8523b265c57 |
| SHA256 | 63221253f5c30efa214c2cd2adcf51a9c9f9a2c05f119b00a51c9579825c2c24 |
| SHA512 | ed98f42d5d02ab53a9e50f80b312bed4b5d05d053bec582cf9d619ef91251e86cf4f4d1123c645500fc1dc4673b49a8b7badd3f3a39f565ac643ca4fd0157ae6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileQwzZCz\prefs-1.js
| MD5 | 9601156da97c0b8c371512ac83157aee |
| SHA1 | fd34c60d94eef0c2a7a3d294d325980cd0030578 |
| SHA256 | 76a435201586d19ec8fc31f4d577e1d5480b819a435d58373351a15a691b44e0 |
| SHA512 | f1b72273e986fa5c04a9cb8ca0300e8fcf18605a74d3a1d1d1ed3b3bac7a3077c696a5339d4d826eb31a547f70744ba9087a6fe6b71a81d8c840205a796a78b1 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileiPeGnx\datareporting\glean\db\data.safe.tmp
| MD5 | c58234a092f9d899f0a623e28a4ab9db |
| SHA1 | 7398261b70453661c8b84df12e2bde7cbc07474b |
| SHA256 | eaec709a98b57cd9c054a205f9bfa76c7424db2845c077822804f31e16ac134c |
| SHA512 | ae2724fc45a8d9d26e43d86bcc7e20f398d8ab4e251e89550087ace1311c4d2571392f2f0bed78da211fcb28766779c1853b80742faa69f722b2c44c283569fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileiPeGnx\prefs.js
| MD5 | 3a8ca5258e7666ee5815dc03b0a74e8d |
| SHA1 | cf1bb30dc51220089d1cfc47a6fa76fbdd5f7ddc |
| SHA256 | a59f2504b9d95eeff816437feedd1796fbae2f8e71e1bfc2ae7bccccd0831942 |
| SHA512 | 5c4d34f999d70a9f36a5a80c4ed1aeee76ce0a49cf36c0c8480569aa13546059c016999077a9a4c17045c39b49963bea706ed0f53177a7163d44af72fc2c05c3 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileiPeGnx\prefs-1.js
| MD5 | fe192cd6cbe80f56959e8357c1f68392 |
| SHA1 | fe25bc8905dc654739c1993f68b5ead4f3c5c979 |
| SHA256 | a660de71df82eac1f35f3d8a84cd05b275b38df168ad27b06aecd8b155fe030d |
| SHA512 | adfe209bdd843e93498834f497d5f0b58bdfdb533ef709511d242e74e3069f476b180cf20e65835fb40451acfaa77b23a9e1f33c117a2ade49841eb3a1aef6fa |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileiPeGnx\prefs.js
| MD5 | 6ae1419c5d4efa2ede4639be9039cb42 |
| SHA1 | 053d7a61efd7704863aca256f623c42827cbf4af |
| SHA256 | bb279cfac906d9dc4aa50d1e3d89225267ca06ef3f34afafe9b89e9d2199c091 |
| SHA512 | 74e969f3adb6aa8a4ed5c4b61513ce2edce8528a0e03aeb4db63ce69115d915a919afb9b812071030179ded2f55b18d4125a50a6cef70345878b2b8da426a955 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileWHYAtu\compatibility.ini
| MD5 | a19ba0572ea7ff794a5ad5249fb6bf15 |
| SHA1 | f64cd1e871a4042b3f82f284e2c239aa0aa495d8 |
| SHA256 | fad7fc31a5a3e035ed611515ba4105db43ba4b215c9417256ba674084ac315fc |
| SHA512 | 50a168fd0db581c9480f06e8355ec675172cefc792ae2dc98ef982b3abb522c8877d53f1bff4ee0575e5fcc44325501463aea8c7fa6931fd28ade08adc4ade51 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileWHYAtu\WebDriverBiDiServer.json
| MD5 | c0818a5b4f43bdd39f98d4e0d8ec645a |
| SHA1 | 83658639eba39248f968967571551ffdb70dfb46 |
| SHA256 | 8d77366e880ba6bab3f61979f0e932245f0f04f09fadaf07b3565c96ad511f8b |
| SHA512 | 0446864e37949cf1480d06b71fffeaa3cab62c0daf6a640034d10f9a5a6a8b32cd19e5afbbbc984bc0a9a258c543ea9ffc28a94865c60f52786eadb53b684e94 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileWHYAtu\prefs-1.js
| MD5 | 2d967e89f8a561402aa632ec1184d9c8 |
| SHA1 | 31d2b4babd6c3e437cda689abbb209af7d2c9369 |
| SHA256 | cce6ab586d981530124138fa4afd27929dac9c4220e13d2b5d2f84794551b72d |
| SHA512 | a131f1be175a49a6bd7ee767511d25a4617b145454bdb4f9064e8292ca89b71fec2cb85d4edeaeb55da5356831d730be7bc7f3b5c4bb67748bba1c5ae88800b3 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileWHYAtu\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | a7e8b1d3f566481c2b2e65446091f635 |
| SHA1 | 6b28318a1522c85cae81407a413f243e49850908 |
| SHA256 | 619297331642a02115982d010e8ce938f01f949cf7186cdb429e185fa60380df |
| SHA512 | 8a2103e38740731585b116eda50d45c8e34d2795b194ae7670b10e4ada5853eb1772d9a144494b013ec4c22cb4514274289bf6855b53e96cccc7a71b34aa9dfa |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileWHYAtu\storage-sync-v2.sqlite
| MD5 | bff4d6361e4126d963ab7dffdc7550ce |
| SHA1 | e2660c2f00b0aef4a81972c6a6093935d5aa40d5 |
| SHA256 | ad0828e5ff9d4188151772cd9af85827a431d122901486590c5734b62b4af2d2 |
| SHA512 | 8d967c085d343d50a76cf14e88ed2fb742a7195034ddbaacd57d2c47abf0218a5f6878528a8f37c8f3b61496f61b5e254d205003af87a3cf156ba12ea59f65bc |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileWHYAtu\content-prefs.sqlite
| MD5 | b15425d1f21f5708184e35493e63c8a1 |
| SHA1 | e944c1fdf56a3f6a5150b77980e89d48c7b57be2 |
| SHA256 | 7a9012d1846763fe9dcb059035972a023ec29f2b9c03f865f0a6f6df6ef2a6c0 |
| SHA512 | 6b54e30e0a060261bdac98ef818d1053fbabf0d6b8a17efc729942729ed6e6dddb29063b079ddb1dcd1b4edfc85a0311cf821b4b3291372c834a00733456423f |
memory/2436-3335-0x0000000008F70000-0x0000000008F80000-memory.dmp
Analysis: behavioral3
Detonation Overview
Submitted
2024-05-09 01:55
Reported
2024-05-09 02:07
Platform
win10-20240404-en
Max time kernel
300s
Max time network
308s
Command Line
Signatures
Renames multiple (51) files with added filename extension
Executes dropped EXE
Loads dropped DLL
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "ver"
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\TorBrowser\Tor\tor.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Users\Admin\AppData\Local\Temp\_MEI19482\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI19482\geckodriver.exe --port 50041 --websocket-port 50042
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50042 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileHYOKyB
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50042 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileHYOKyB
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="3516.0.1822258934\1380862522" -parentBuildID 20240416150000 -prefsHandle 1480 -prefMapHandle 1472 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {f99998f3-b6e3-4ab2-8d45-b1719e21c938} 3516 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="3516.1.321508550\711798153" -childID 1 -isForBrowser -prefsHandle 2776 -prefMapHandle 2772 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {423cfb53-335a-42b0-b847-41fbd3091194} 3516 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="3516.2.1433710795\1758001403" -childID 2 -isForBrowser -prefsHandle 2988 -prefMapHandle 2984 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {c37eaaad-75e9-4dcb-a8e1-54e8afde2af8} 3516 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="3516.3.1591277280\98057234" -childID 3 -isForBrowser -prefsHandle 3392 -prefMapHandle 3396 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {f4dd53f8-b184-41bc-8e1b-a795df6e6bc6} 3516 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="3516.4.1991188014\2022366662" -childID 4 -isForBrowser -prefsHandle 3024 -prefMapHandle 3624 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {500c1941-ca8c-4c43-8d66-e46eacd9eefd} 3516 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="3516.5.483849719\1367530194" -childID 5 -isForBrowser -prefsHandle 3772 -prefMapHandle 3776 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {f5b5c9f7-722d-4458-bff3-5f539cbd36f4} 3516 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="3516.6.1814680963\1248002743" -childID 6 -isForBrowser -prefsHandle 3824 -prefMapHandle 3832 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {9e211760-ab15-488c-bba9-da5a44cd93ed} 3516 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="3516.7.725702486\5993260" -childID 7 -isForBrowser -prefsHandle 4232 -prefMapHandle 4248 -prefsLen 25536 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {32d9c7d6-6e81-4cc0-b58b-74b13862508d} 3516 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="3516.8.748601667\1775133799" -childID 8 -isForBrowser -prefsHandle 4536 -prefMapHandle 2332 -prefsLen 25536 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {72b18315-4749-46e2-b065-d4bd92da820a} 3516 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI19482\geckodriver.exe --port 50041 --websocket-port 50042
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50042 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilesslU2Z
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50042 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilesslU2Z
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="4936.0.775300968\1460131164" -parentBuildID 20240416150000 -prefsHandle 1492 -prefMapHandle 1480 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {637d9f9c-9fc1-4613-b998-7cdf6596f5e5} 4936 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="4936.1.1101508679\1979403801" -childID 1 -isForBrowser -prefsHandle 2460 -prefMapHandle 2456 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {1ca33321-539c-4c78-81e2-59c58a42e994} 4936 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="4936.2.1218555334\1141120867" -childID 2 -isForBrowser -prefsHandle 2960 -prefMapHandle 2956 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {c49f602c-02d0-4c73-b7c3-b9d3fd94f5ea} 4936 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="4936.3.1824852543\1544292720" -childID 3 -isForBrowser -prefsHandle 3520 -prefMapHandle 3524 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {e0fcbe61-b3e8-471b-bd69-e30868e4af53} 4936 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="4936.4.360108384\490385053" -childID 4 -isForBrowser -prefsHandle 3820 -prefMapHandle 3816 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {e63fab65-957f-4b43-9a88-4cb17fd17c9d} 4936 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="4936.5.930739759\532620519" -childID 5 -isForBrowser -prefsHandle 3964 -prefMapHandle 3968 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {774ab905-9d7f-49e5-9ece-ef28ff19a7ef} 4936 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="4936.6.888420149\1399171276" -childID 6 -isForBrowser -prefsHandle 4024 -prefMapHandle 4028 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {6ea6dd5d-617f-4721-a960-d5b2c9c90655} 4936 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI19482\geckodriver.exe --port 50041 --websocket-port 50042
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50042 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileK3u1gs
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50042 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileK3u1gs
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="1964.0.448077659\790806782" -parentBuildID 20240416150000 -prefsHandle 1480 -prefMapHandle 1456 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {9c3cdb4a-50a6-4f29-9ecb-a1410d72ec16} 1964 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="1964.1.1853649518\608180298" -childID 1 -isForBrowser -prefsHandle 2456 -prefMapHandle 2172 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {836c746e-01fd-4df0-85fb-4a223c5ad8e6} 1964 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="1964.2.269009683\1736003926" -childID 2 -isForBrowser -prefsHandle 2928 -prefMapHandle 2924 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {4babbfc6-77b6-4136-a5c1-16e15c7ad746} 1964 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="1964.3.1121373818\1297225010" -childID 3 -isForBrowser -prefsHandle 2984 -prefMapHandle 3000 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {c912941d-a6d1-41b5-88f5-49596b632822} 1964 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="1964.4.794808125\1153105218" -childID 4 -isForBrowser -prefsHandle 1348 -prefMapHandle 3512 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {b6f81eb4-437f-4a00-a181-81b2022c5068} 1964 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="1964.5.142869669\267555951" -childID 5 -isForBrowser -prefsHandle 3772 -prefMapHandle 3652 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {0b05dce1-93af-4809-a370-0df3be8fbffa} 1964 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="1964.6.609513982\1758836551" -childID 6 -isForBrowser -prefsHandle 4004 -prefMapHandle 4012 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {b989bdeb-65a8-4076-8732-016aef3c49f6} 1964 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="1964.7.329183576\711820303" -childID 7 -isForBrowser -prefsHandle 3408 -prefMapHandle 4428 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {aa58abac-3757-480e-91c5-41ae83f6302b} 1964 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="1964.8.1237276242\1015519738" -parentBuildID 20240416150000 -prefsHandle 4472 -prefMapHandle 2920 -prefsLen 27407 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {37e20ca7-3e02-4054-8a69-59b47150f4f0} 1964 rdd
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="1964.9.1671784692\2069050356" -parentBuildID 20240416150000 -sandboxingKind 1 -prefsHandle 4212 -prefMapHandle 4464 -prefsLen 27407 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {9e5228a0-f219-4d86-9d50-1f7cdb2bf6f3} 1964 utility
C:\Users\Admin\AppData\Local\Temp\_MEI19482\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI19482\geckodriver.exe --port 50041 --websocket-port 50042
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50042 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilejqU7Ku
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50042 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilejqU7Ku
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="4588.0.1655479990\1703753683" -parentBuildID 20240416150000 -prefsHandle 1496 -prefMapHandle 1488 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {cd78eeec-f6b5-4a07-aad9-b2a2239da4aa} 4588 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="4588.1.1881486116\1767334449" -childID 1 -isForBrowser -prefsHandle 2220 -prefMapHandle 2260 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1188 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {d5068a73-f52b-4a83-8d2a-9914ba6db577} 4588 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="4588.2.2083942314\793522760" -childID 2 -isForBrowser -prefsHandle 2944 -prefMapHandle 2940 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1188 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {578f4702-e00f-4c90-9449-befaf05f825a} 4588 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="4588.3.934114084\977846178" -childID 3 -isForBrowser -prefsHandle 3008 -prefMapHandle 2996 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1188 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {8fe8dd55-fdb6-41a8-b302-8f9453dd2851} 4588 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="4588.4.1044542504\659941801" -childID 4 -isForBrowser -prefsHandle 3576 -prefMapHandle 3572 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1188 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {08e7202b-728e-46c3-9228-10bb12849c8f} 4588 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="4588.5.1808275829\1490654505" -childID 5 -isForBrowser -prefsHandle 3800 -prefMapHandle 3796 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1188 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {d180bd8b-be55-47d9-932b-c4a251d596ad} 4588 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="4588.6.152484817\998036557" -childID 6 -isForBrowser -prefsHandle 3984 -prefMapHandle 3980 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1188 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {c8130025-a337-4d38-92d9-81e081c7aba9} 4588 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="4588.7.623519625\1381616207" -childID 7 -isForBrowser -prefsHandle 4320 -prefMapHandle 3576 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1188 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {fff97ebe-b101-4f0f-a5b7-098a8c9977b8} 4588 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI19482\geckodriver.exe --port 50041 --websocket-port 50042
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50042 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileKW5YxK
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50042 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileKW5YxK
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="3624.0.78493402\1498010960" -parentBuildID 20240416150000 -prefsHandle 1496 -prefMapHandle 1480 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {53edf2c9-4fdb-4669-9772-0aecf4910f09} 3624 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="3624.1.923818428\1654232114" -childID 1 -isForBrowser -prefsHandle 2512 -prefMapHandle 2316 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1132 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {e0dec269-b644-48e6-a217-b42b8a723ab3} 3624 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="3624.2.325447187\1995447399" -childID 2 -isForBrowser -prefsHandle 2940 -prefMapHandle 2936 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1132 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {591eeec2-1cad-41cc-9b19-a554c460b0ef} 3624 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="3624.3.1728115076\738369116" -childID 3 -isForBrowser -prefsHandle 3332 -prefMapHandle 1148 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1132 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {36cbb026-4b8f-4a01-97cf-f9b886192680} 3624 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="3624.4.953970729\315342953" -childID 4 -isForBrowser -prefsHandle 3628 -prefMapHandle 3624 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1132 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {b3959d9f-4482-452f-9bed-30afc2ac091d} 3624 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="3624.5.312902119\827154796" -childID 5 -isForBrowser -prefsHandle 3772 -prefMapHandle 3776 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1132 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {0168acdd-4dca-421d-95ff-c924c0dd57e7} 3624 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="3624.6.91453064\1078571693" -childID 6 -isForBrowser -prefsHandle 4028 -prefMapHandle 4024 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1132 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {4f8e4771-75d2-409c-8d40-40abf1241e2d} 3624 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="3624.7.544663831\802384357" -childID 7 -isForBrowser -prefsHandle 4312 -prefMapHandle 4316 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1132 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {0ac53e98-7731-41d3-a8d6-894e5e40d5cf} 3624 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="3624.8.1993404251\1287162062" -parentBuildID 20240416150000 -prefsHandle 4552 -prefMapHandle 3244 -prefsLen 27558 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {0fd5ec64-98f0-4a2d-bdf1-6fdca67d4909} 3624 rdd
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="3624.9.373319037\1543333284" -parentBuildID 20240416150000 -sandboxingKind 1 -prefsHandle 4316 -prefMapHandle 4388 -prefsLen 27558 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {86b27fc6-c5b0-48f7-8502-e77a10c1d424} 3624 utility
C:\Users\Admin\AppData\Local\Temp\_MEI19482\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI19482\geckodriver.exe --port 50041 --websocket-port 50042
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50042 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileFLu21s
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50042 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileFLu21s
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="2876.0.1034432805\647427344" -parentBuildID 20240416150000 -prefsHandle 1492 -prefMapHandle 1480 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {da9720c3-3edc-4cdf-9d6c-160c868adcdd} 2876 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="2876.1.1080640575\1784839629" -childID 1 -isForBrowser -prefsHandle 2124 -prefMapHandle 2508 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {cec93f2d-2886-4022-9e5c-801f78c432af} 2876 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="2876.2.66362507\215893142" -childID 2 -isForBrowser -prefsHandle 2964 -prefMapHandle 2960 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {5293fce8-5d55-4680-b9b6-929d0247edb1} 2876 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="2876.3.1756032067\1469473488" -childID 3 -isForBrowser -prefsHandle 3292 -prefMapHandle 3308 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {6e220369-7bb2-43dc-a36a-8103c58fee8a} 2876 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="2876.4.1923399503\3013560" -childID 4 -isForBrowser -prefsHandle 3392 -prefMapHandle 3352 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {8d7cb4db-cf62-4263-b42f-794ad9628ef6} 2876 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="2876.5.1760384569\561744746" -childID 5 -isForBrowser -prefsHandle 3780 -prefMapHandle 2356 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {a866d034-dd90-4ab3-9cfc-4b68f7f0fba9} 2876 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="2876.6.204127677\719420128" -childID 6 -isForBrowser -prefsHandle 3956 -prefMapHandle 3960 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {5e10f989-2ac6-4848-b41b-d17759b8bf32} 2876 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="2876.7.693575485\1431937366" -childID 7 -isForBrowser -prefsHandle 2988 -prefMapHandle 4284 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {4dcb4ce1-720b-42e2-ac5e-dc3f7ba0bd8e} 2876 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI19482\geckodriver.exe --port 50041 --websocket-port 50042
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50042 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileKjndHA
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50042 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileKjndHA
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="4588.0.1095587427\942765140" -parentBuildID 20240416150000 -prefsHandle 1480 -prefMapHandle 1456 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {52f7c278-74d3-43c5-bb67-0831a2a7ab08} 4588 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="4588.1.217257273\633173276" -childID 1 -isForBrowser -prefsHandle 2612 -prefMapHandle 2608 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1132 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {716883f6-c077-4c3b-a31c-385bab1c8ecc} 4588 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="4588.2.742962337\528614714" -childID 2 -isForBrowser -prefsHandle 2916 -prefMapHandle 2912 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1132 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {f81ab3cc-d75a-4d8f-9c8c-7733a29dd9c4} 4588 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="4588.3.1154618788\1260978515" -childID 3 -isForBrowser -prefsHandle 3004 -prefMapHandle 2992 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1132 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {578b50c1-b84e-4639-a286-f29510732642} 4588 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="4588.4.2064105475\451855283" -childID 4 -isForBrowser -prefsHandle 3696 -prefMapHandle 3128 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1132 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {c21b94aa-19e2-424a-8765-18d937239cee} 4588 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="4588.5.28064550\206496743" -childID 5 -isForBrowser -prefsHandle 3764 -prefMapHandle 3364 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1132 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {30bc430b-8461-4b41-8f4f-6d3e4ea39ff5} 4588 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="4588.6.923761052\1551727825" -childID 6 -isForBrowser -prefsHandle 3816 -prefMapHandle 3820 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1132 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {83908e60-585d-41bc-a481-9f9a7a66f100} 4588 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI19482\geckodriver.exe --port 50041 --websocket-port 50042
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50042 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileuouWcN
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50042 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileuouWcN
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="220.0.1604390314\2102843013" -parentBuildID 20240416150000 -prefsHandle 1468 -prefMapHandle 1456 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {22b663a9-2514-4103-822b-ba9235716ceb} 220 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="220.1.1141226754\135969065" -childID 1 -isForBrowser -prefsHandle 2492 -prefMapHandle 2488 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {bf493774-3cfe-4afe-8d2a-b0c2272d7bda} 220 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="220.2.1699520479\954839981" -childID 2 -isForBrowser -prefsHandle 2944 -prefMapHandle 2940 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {e767f69c-1122-44ae-910c-b14f1221638e} 220 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="220.3.2048463247\1373429585" -childID 3 -isForBrowser -prefsHandle 2852 -prefMapHandle 3108 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {84c21643-112e-4097-8936-0d52500a9a95} 220 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="220.4.2124426010\811691136" -childID 4 -isForBrowser -prefsHandle 1356 -prefMapHandle 1352 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {930d6f2e-08b0-435c-b75e-285b887b731a} 220 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="220.5.353137794\445624673" -childID 5 -isForBrowser -prefsHandle 3728 -prefMapHandle 3732 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {280f5c5b-3957-41a4-a58b-e0abdfe44ce1} 220 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="220.6.166332757\112554499" -childID 6 -isForBrowser -prefsHandle 3992 -prefMapHandle 3988 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {f97e7836-2905-45da-a88a-f40116a3ccc0} 220 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="220.7.420707164\1347255473" -childID 7 -isForBrowser -prefsHandle 4332 -prefMapHandle 4336 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {778258ac-ca97-42d5-adb7-279b9caff9a8} 220 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI19482\geckodriver.exe --port 50041 --websocket-port 50042
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50042 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilefoRPck
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50042 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilefoRPck
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="1464.0.1539229333\1321924695" -parentBuildID 20240416150000 -prefsHandle 1500 -prefMapHandle 1488 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {99c4c011-f4b6-4854-a1cb-fe043ac906fa} 1464 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="1464.1.1787273467\1764060153" -childID 1 -isForBrowser -prefsHandle 2664 -prefMapHandle 2660 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1044 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {01b54396-6ec0-4e9e-905e-90b40322580f} 1464 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="1464.2.1416240213\74048231" -childID 2 -isForBrowser -prefsHandle 2916 -prefMapHandle 2912 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1044 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {5f3e8a09-147c-441c-b0f9-8e5bc3f2741a} 1464 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="1464.3.661129227\1967195963" -childID 3 -isForBrowser -prefsHandle 1388 -prefMapHandle 3224 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1044 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {3fc2590b-792d-4a3f-8572-fc90bf0a7694} 1464 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="1464.4.1972531855\1629389512" -childID 4 -isForBrowser -prefsHandle 2960 -prefMapHandle 2976 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1044 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {d81021b2-28e5-4361-ba58-407562841821} 1464 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="1464.5.187774375\741023345" -childID 5 -isForBrowser -prefsHandle 3808 -prefMapHandle 3804 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1044 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {5206c5ee-aa38-40e5-9f62-c2a8a37389ca} 1464 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="1464.6.1755837445\1958458550" -childID 6 -isForBrowser -prefsHandle 3956 -prefMapHandle 3960 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1044 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {5618aa1d-374f-4fdf-b0ef-fb89bb2bef86} 1464 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe" -contentproc --channel="1464.7.1897666023\1464363213" -childID 7 -isForBrowser -prefsHandle 4220 -prefMapHandle 3984 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1044 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\browser" - {8877f00a-25c6-457f-afb1-06cede7d7584} 1464 tab
Network
| Country | Destination | Domain | Proto |
| US | 65.39.97.13:9002 | tcp | |
| US | 8.8.8.8:53 | 13.97.39.65.in-addr.arpa | udp |
| US | 173.52.94.197:9003 | tcp | |
| PL | 95.214.53.96:8444 | tcp | |
| US | 8.8.8.8:53 | 96.53.214.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 197.94.52.173.in-addr.arpa | udp |
| N/A | 127.0.0.1:50144 | tcp | |
| N/A | 127.0.0.1:50146 | tcp | |
| N/A | 127.0.0.1:50041 | tcp | |
| N/A | 127.0.0.1:50041 | tcp | |
| N/A | 127.0.0.1:50239 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50247 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| US | 8.8.8.8:53 | 29.243.111.52.in-addr.arpa | udp |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:50041 | tcp | |
| N/A | 127.0.0.1:50041 | tcp | |
| N/A | 127.0.0.1:50041 | tcp | |
| N/A | 127.0.0.1:50612 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50620 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50041 | tcp | |
| N/A | 127.0.0.1:50041 | tcp | |
| N/A | 127.0.0.1:50041 | tcp | |
| N/A | 127.0.0.1:50873 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50881 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50041 | tcp | |
| N/A | 127.0.0.1:50041 | tcp | |
| N/A | 127.0.0.1:50041 | tcp | |
| N/A | 127.0.0.1:51195 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51203 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| US | 8.8.8.8:53 | 169.117.168.52.in-addr.arpa | udp |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50041 | tcp | |
| N/A | 127.0.0.1:50041 | tcp | |
| N/A | 127.0.0.1:50041 | tcp | |
| N/A | 127.0.0.1:51496 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51504 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| US | 8.8.8.8:53 | 0.204.248.87.in-addr.arpa | udp |
| N/A | 127.0.0.1:50041 | tcp | |
| N/A | 127.0.0.1:50041 | tcp | |
| N/A | 127.0.0.1:50041 | tcp | |
| N/A | 127.0.0.1:51864 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51872 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:50041 | tcp | |
| N/A | 127.0.0.1:50041 | tcp | |
| N/A | 127.0.0.1:50041 | tcp | |
| N/A | 127.0.0.1:52177 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:52185 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50041 | tcp | |
| N/A | 127.0.0.1:50041 | tcp | |
| N/A | 127.0.0.1:50041 | tcp | |
| N/A | 127.0.0.1:52427 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:52435 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:50041 | tcp | |
| N/A | 127.0.0.1:50041 | tcp | |
| N/A | 127.0.0.1:50041 | tcp | |
| N/A | 127.0.0.1:52774 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:52782 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\_MEI19482\base_library.zip
| MD5 | 09f7062e078379845347034c2a63943e |
| SHA1 | 9683dd8ef7d72101674850f3db0e05c14039d5fd |
| SHA256 | 7c1c73de4909d11efb20028f4745a9c8494fb4ee8dcf2f049907115def3d2629 |
| SHA512 | a169825e9b0bb995a115134cf1f7b76a96b651acd472dc4ce8473900d8852fc93b9f87a26d2c64f7bb3dd76d5feb01eeb4af4945e0c0b95d5c9c97938fa85b34 |
\Users\Admin\AppData\Local\Temp\_MEI19482\VCRUNTIME140.dll
| MD5 | 4a365ffdbde27954e768358f4a4ce82e |
| SHA1 | a1b31102eee1d2a4ed1290da2038b7b9f6a104a3 |
| SHA256 | 6a0850419432735a98e56857d5cfce97e9d58a947a9863ca6afadd1c7bcab27c |
| SHA512 | 54e4b6287c4d5a165509047262873085f50953af63ca0dcb7649c22aba5b439ab117a7e0d6e7f0a3e51a23e28a255ffd1ca1ddce4b2ea7f87bca1c9b0dbe2722 |
\Users\Admin\AppData\Local\Temp\_MEI19482\python38.dll
| MD5 | 26ba25d468a778d37f1a24f4514d9814 |
| SHA1 | b64fe169690557656ede3ae50d3c5a197fea6013 |
| SHA256 | 2f3e368f5bcc1dda5e951682008a509751e6395f7328fd0f02c4e1a11f67c128 |
| SHA512 | 80471bfeeab279ce4adfb9ee1962597fb8e1886b861e31bdff1e3aa0df06d93afeb3a3398e9519bab7152d4bd7d88fa9b328a2d7eb50a91eb60fead268912080 |
C:\Users\Admin\AppData\Local\Temp\_MEI19482\_lzma.pyd
| MD5 | cf9fd17b1706f3044a8f74f6d398d5f1 |
| SHA1 | c5cd0debbde042445b9722a676ff36a0ac3959ad |
| SHA256 | 9209ccc60115727b192bf7771551040ca6fdd50f9bf8c3d2eacbfd424e8245e4 |
| SHA512 | 5fe922c00c6f7fd3cd9bc56fc51de1f44adffbdb0afc0583f1bb08008be628b9ac16f8560b0c3ba16138e1cdcaf1c525ef24241bed804804cdeb5961aed6385a |
\Users\Admin\AppData\Local\Temp\_MEI19482\libcrypto-1_1.dll
| MD5 | 89511df61678befa2f62f5025c8c8448 |
| SHA1 | df3961f833b4964f70fcf1c002d9fd7309f53ef8 |
| SHA256 | 296426e7ce11bc3d1cfa9f2aeb42f60c974da4af3b3efbeb0ba40e92e5299fdf |
| SHA512 | 9af069ea13551a4672fdd4635d3242e017837b76ab2815788148dd4c44b4cf3a650d43ac79cd2122e1e51e01fb5164e71ff81a829395bdb8e50bb50a33f0a668 |
\Users\Admin\AppData\Local\Temp\_MEI19482\_hashlib.pyd
| MD5 | 5e5af52f42eaf007e3ac73fd2211f048 |
| SHA1 | 1a981e66ab5b03f4a74a6bac6227cd45df78010b |
| SHA256 | a30cf1a40e0b09610e34be187f1396ac5a44dcfb27bc7ff9b450d1318b694c1b |
| SHA512 | bc37625005c3dad1129b158a2f1e91628d5c973961e0efd61513bb6c7b97d77922809afca8039d08c11903734450bc098c6e7b63655ff1e9881323e5cfd739fd |
\Users\Admin\AppData\Local\Temp\_MEI19482\_ssl.pyd
| MD5 | d4dfd8c2894670e9f8d6302c09997300 |
| SHA1 | c3a6cc8d8079a06a4cac8950e0baba2b43fb1f8e |
| SHA256 | 0a721fc230eca278a69a2006e13dfa00e698274281378d4df35227e1f68ea3e0 |
| SHA512 | 1422bf45d233e2e3f77dce30ba0123625f2a511f73dfdf42ee093b1755963d9abc371935111c28f0d2c02308c5e82867de2546d871c35e657da32a7182026048 |
\Users\Admin\AppData\Local\Temp\_MEI19482\libssl-1_1.dll
| MD5 | 50bcfb04328fec1a22c31c0e39286470 |
| SHA1 | 3a1b78faf34125c7b8d684419fa715c367db3daa |
| SHA256 | fddd0da02dcd41786e9aa04ba17ba391ce39dae6b1f54cfa1e2bb55bc753fce9 |
| SHA512 | 370e6dfd318d905b79baf1808efbf6da58590f00006513bdaaed0c313f6fa6c36f634ea3b05f916cee59f4db25a23dd9e6f64caf3c04a200e78c193027f57685 |
\Users\Admin\AppData\Local\Temp\_MEI19482\select.pyd
| MD5 | e21cff76db11c1066fd96af86332b640 |
| SHA1 | e78ef7075c479b1d218132d89bf4bec13d54c06a |
| SHA256 | fcc2e09a2355a5546922874fb4cac92ee00a33c0ed6adbc440d128d1e9f4ec28 |
| SHA512 | e86dba2326ca5ea3f5ef3af2abd3c23d5b29b6211acc865b6be5a51d5c8850b7cda8c069e6f631ac62f2047224c4b675bbe6ac97c7ba781de5b8016ebaffd46f |
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\cookies.sqlite
| MD5 | 5caa766855d5613a999f71b7812d6451 |
| SHA1 | ad0d9a52a0d5cc7f11858301dbe47377ed99ee37 |
| SHA256 | 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27 |
| SHA512 | 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba |
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\favicons.sqlite
| MD5 | 0351b833a5c095852e821535974441c8 |
| SHA1 | bcbf5c294852c2d80af7862d19791b994aea7706 |
| SHA256 | dd13400afe7ebe5d0be37c951ff961be293b63588cc3635a62fa5f071ab69eef |
| SHA512 | 3eaefe9e400fadf0b947036e15b4dc5c7b42fbbcb716426ba478073eff1e7d7bddf3f72c44dfb5fafe6712d7ea9f2c52c172607d719f238a22e432afdb618b97 |
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\search.json.mozlz4
| MD5 | b6d7fc9b6ebc5f46500acc52bf6c9808 |
| SHA1 | 4fd8111c436d89b83890e98b4cb7d0343e568340 |
| SHA256 | 2bd35c40d02dfca6c685a001287d89c1ec743b8d4d87a0a568c1cbd0b5ba4974 |
| SHA512 | 7e7111112af9448be4da527ae1d76ed93ec1e236dd00db63ff30d93d1f29cd699193e1e2635b110dda3ec36502c25065ef7d1613537451916ea301eb0f3e084b |
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs.js
| MD5 | 8565a303ddc83b03f8662b034597de18 |
| SHA1 | ce6453779eb52055599ddba097a95ab82512ae5b |
| SHA256 | b6ffe8a2973d7050fd5ffcf7ee1c995eef8d8dc5d58cb0a05a6ca0953bd4c6bd |
| SHA512 | 2b667252645b7f1202582beb353fbb2320f81b1f2e42a8327792309709434092a953727b222a5d81bac1482a547a498ca5c9d3d2c772858746cf29d18c684566 |
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\places.sqlite
| MD5 | 2eeb46e1c58ff1cce4ac2d4d725b2cc6 |
| SHA1 | 89aa36e77e51da31fbbfd682a2acc91f6016d275 |
| SHA256 | e99e5ee165f2a0d5d39c5cc5a1d994c0534cf7caf8779f314f0e92b2d59d2b6a |
| SHA512 | 23d5e39c25375ef4a83713f44615078878253411cd6ca6c4a149de915cd491b328046ddd189a113585361faad6a47ebd6ead31f062681ab25b0f2832a988265e |
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\handlers.json
| MD5 | e7a65c5ead519a7b802f991353c26d3d |
| SHA1 | 34cc3c1cf9bd4912dba5fa422010934e46419fa3 |
| SHA256 | 0e5ce92485da953757f615bad034a43032b220da18f8165dd85347851b56b2d2 |
| SHA512 | 2a6034449ba6f5da8a77870ae665064047cea2460aeb4c8c0b62b308a403fdd30648150209aecc31ab1e50b6d9d94a1f51d3d7d50bbf35ec1b742bff2dbe788d |
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions.json
| MD5 | e2e8f9cf938f81b1185086b12c5c9d90 |
| SHA1 | b67c857a7002b3262f09ffc9fa8524c58a01e5b9 |
| SHA256 | a053bba02f38179197090a9a9849aab872af5b09dc61b2f69efb0d8ea2d0f5e2 |
| SHA512 | 3bab571f5c43ff72ce1dd654b584d053cba937a3d3cc4d07cbf57ac7acc821b199b90fab66abc62dbe32e75297143c810c995d87df076e75a583e321d081d87f |
C:\Users\Admin\AppData\Local\Temp\tmpg2jjhjki\webdriver-py-profilecopy\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
| MD5 | a3fb2788945937b22e92eeeb30fb4f15 |
| SHA1 | 8cade36d4d5067cd9a094ab2e4b3c786e3c160aa |
| SHA256 | 05b98840b05ef2acbac333543e4b7c3d40fee2ce5fb4e29260b05e2ff6fe24cd |
| SHA512 | 4897aefe3a0efffaa3d92842b42fe223f0b9882031a65bea683f4554d1fec92b8a66ea15c67e9b95c7fc12991cde3245010ccfb91768ba233711ced3412c13bc |
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\webappsstore.sqlite
| MD5 | 41c22c9f81a84b1b0e5ee7ec2ff7c545 |
| SHA1 | d12424cba9e4e9124bf3f15e556c562b95c9b6a3 |
| SHA256 | 4ffdc78433817da79ad2e84b26a2ffaf62d8c1baf80421751d752c3d8723328f |
| SHA512 | 8b690c55ae0b25aeede62a09dea1ef6b7daa9880ca63c6d4ce192160daded05fe0dc44b115216ce10523e2ec45991873c249f159fe8608712818f5ead327897b |
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | 47539d0337e97e22a728afc2638d461f |
| SHA1 | d97b37079543b33b9b605c787945f809aed66fd6 |
| SHA256 | 262e52c5bbaa9bcd2dfcb4cf7da83a1efa95ebd0299f82031ad31a6ab19405a5 |
| SHA512 | 3810ebe80173d41785a42459fc5c4a8a31e56294f2c03fe99416925a34d242b88023565057201c9b6dcbdb97c8396d8305a723c0e31bb5b560b031b299672d4a |
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\xulstore.json
| MD5 | 8d689c06cb844185099c0398a280537e |
| SHA1 | 57073c7526ec37e94bb9db44fedc6d50276f7a6b |
| SHA256 | 96729e9b38f216605ff10715f96f364be32f02e2de23ede7e74b78244605124d |
| SHA512 | 3c7df326c695143915df1068cb2c0f58e93e4881b2c4d94b33948b80e954fbd4cf944ae53b4d15002b79fcdb8e88f8e9cf4c89ca50f56b7cfd8a13ea7dd6fff8 |
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\times.json
| MD5 | 797325af481a14ae243f10d5f24b4a0d |
| SHA1 | 718b6ed3d9d839b8fe0a0e097b9ac5f5770ed5a1 |
| SHA256 | 1d70eaebce1c81e3241ae47deb92aab50f90dd8baa4c7cb5e9f7eb6b1e66abb1 |
| SHA512 | ac9aa2b028bdffe24831ba50894fb48eb70b100f6973875987e24f075a3e9196f96699667eb3a5d2e4f86041d510447c75fe6e55562813451712878a3411c3b1 |
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage.sqlite
| MD5 | 7f2754df6a4a580b15910f449892766d |
| SHA1 | 9dcaad98563ed89781f53941cbc43db5454de7f5 |
| SHA256 | d3765d63c380e5a79296d566b7869c08b1f4e079787176f29cf2ddcd76330654 |
| SHA512 | 25f0205a8c4aed02e9e1f9ecafffb36cb3bb795ef9f06cc12ede9e8b0459ae5b86573b3b4980b92073a59204eaf314cba34c03b99e90ab98f804fe378fe02839 |
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | ecb1dedf5ef99417494e424ca42eb67f |
| SHA1 | e2a293cbba50c6624e75cdaffe472967f3961023 |
| SHA256 | cccd56daa3559a54db61113fbdb5b6c96649cdd65b5cf14bd442c3f2e3b738be |
| SHA512 | 5ea0645775933d5bd2f913d58e344253a58578c920af95bd0fb81ff4f13a4998a919f0856ffdc97541abf9fc3797558b0f2467bc73214b63c7ce568ba87e550b |
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\.metadata-v2
| MD5 | 7abc816e004d9ed0f292770cfa8876cb |
| SHA1 | 4a1eeb702543f0819ef7c64b9f3bfd53be292106 |
| SHA256 | 2960d61c10694d76f29beca0eb96c06608cf4bbf479811449a39197e8580842e |
| SHA512 | 9883b894e65a426227ea9808b69e2259f206df76bd9bb9e7c0ebd7521acbdad0a92c4a531f739c93b1e53001eca8a1a42e122baa1e1885b11d4ba34aae24961a |
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\ls-archive.sqlite
| MD5 | d277f533f1d77e26d09bb66764bbeea6 |
| SHA1 | 082920ebe7dfb870cf94a99fc601fd5ae8b456ee |
| SHA256 | 3c957f8d69ccfe73b66c28d378bf301bb1bcb0ceb5c59ac0dafeb5787b24f3c3 |
| SHA512 | 510c78685b20a68160d9041d5a55a022a281fc0fd5777f978dc422d132961bf52ac23a0a95ca47b15715641ecb7a39b359da8d00d305c8543d553c00db54747d |
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | cbb1daad9fc48ab13e35fcd3621a5999 |
| SHA1 | 0eec8ece735465aea259f8223762f93fb13a97a0 |
| SHA256 | 8a03ae38ee38cf04dd9a5e2c5563bfd930886cae2170ed4200829288e5c155da |
| SHA512 | 818629d68123ae629bd5a1c7e768ed79707360457be1b7c50f7c59447bf9ee398fe78c925f037649d6b1ca529a9cf3bf8077b6f525f3e88142c56bc7e5451e8b |
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\.metadata-v2
| MD5 | 2c740091198dcf20b9c600791e2bcc3c |
| SHA1 | dd6f376ba9139ddec20ece64da0760054133db96 |
| SHA256 | e39504c71ba91c438c682a8c83c7ecfc5410b853d7788a4c561a8c6e90bdbe59 |
| SHA512 | a677a432a4af6b5ad0131d224d2e4c999c2340a54ba770f9f39429fd28ad05a921fcf65a1b714af5deae2419abcf8ab38472e15f0f8758ccf7b7769a40bafffc |
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\sessionCheckpoints.json
| MD5 | 48fcad918c62db97e9af1dba1d131473 |
| SHA1 | d89381594d3241b0e645033f67572a5d8c166764 |
| SHA256 | dd8349e2789db1125b477971c5d445b6afb2f6ea3b57de65080631040900fe8c |
| SHA512 | 2278d074aab519859188b047c77fe7b4db718e0af237b63e06a1b095d7a1eb4e07d6ea59cab5d7b1325aae0047fadea36eae12a80bfefe112aab85fc18aa1ca3 |
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extension-preferences.json
| MD5 | d2e8aceaa00ad916618bea2eee81aedf |
| SHA1 | 28b26f0db0b4b2504a418983089795761c56e4a1 |
| SHA256 | fc52b830f384921b69b457fed04dfb4239fb08e9fe7d8ac07c4c269bd9f6f622 |
| SHA512 | b6cb1f872dfc024d28524976aca3ad8840943ca0fc212326e8b6ee6fe0a57d5120a6c1da824ab70d7f9ee8dd674bdd32ace038db4d893b893830bf3267c6e59d |
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\datareporting\glean\db\data.safe.bin
| MD5 | b1c8aa9861b461806c9e738511edd6ae |
| SHA1 | fe13c1bbc7e323845cbe6a1bb89259cbd05595f8 |
| SHA256 | 7cea48e7add3340b36f47ba4ea2ded8d6cb0423ffc2a64b44d7e86e0507d6b70 |
| SHA512 | 841a0f8c98dd04dc9a4be2f05c34ecd511388c76d08ca0f415bfb6056166d9a521b8bc2c46b74697f3ecdac5141d1fe6af76dd0689350caca14e9f849ee75a8b |
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\content-prefs.sqlite
| MD5 | 2ec530a71bdac21f299f9ddb823be222 |
| SHA1 | 5425aaf19c0832cda06be506e88f2435f432d287 |
| SHA256 | ccad2cafe84d27b3be67a87f0e32b7670e451c7ceefce6f2aa38f658976334b3 |
| SHA512 | 94eec8b0f59c68331d9187dd4dd4aa2b2c31d844e72bf707cd9e0c7c72c64982a3babcacf3d09a996422281ac5479ee304b41a577e54a74308d7a31a7d7091d4 |
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\containers.json
| MD5 | 26dd091069531a62061de8ca1c56d46b |
| SHA1 | 6c9daa73f096174f28f86c9bb245cb8a540f5c2d |
| SHA256 | 2cde4e7f9f1c6ab6fcf729370237845c72314a6c6d942fab1989f37e6c610a9a |
| SHA512 | 180d42c642f5d1126efbf89af33f1b4d1aa936aa530834b508eabcf3ec845aad91daa871ee6517e1181910f5720edbc3788d6a4b2455f1255d7b52b95de2d66d |
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\compatibility.ini
| MD5 | e50a617598b0f635e6f9ae4a9d445b78 |
| SHA1 | a372ec393dd6271bd00cf02f894152887765da8b |
| SHA256 | c9053fe76caf2607aa3043fa8b60070956198590dd8aab868145e0644cee30f5 |
| SHA512 | e851c226c38d4a6dfe43074d455fd75483d6c9b4d9521280a64f5b1913a055084d7764f13a8d0a12142a716a4031cc2ca4916c131d41c18a4d7a95128cb03bc0 |
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\addonStartup.json.lz4
| MD5 | 85de06e3d4c6f39404776f3c7162c59b |
| SHA1 | 3e4b8ecebaa9c903d220ee23d367be8e8ba27619 |
| SHA256 | 33d83687f45f4dbe12db0a0ce697cbce2c228d71ed474ad10a839ff7ce95012a |
| SHA512 | 6cd4cac7bd74ac01de30d242b2bc75e7dc2e23c0871250ae8176cc947553dbfc702a2392380acdad6bec355aea6dfa95708af54c560330c36c05bb0f34169963 |
\Users\Admin\AppData\Local\Temp\_MEI19482\_queue.pyd
| MD5 | dd146e2fa08302496b15118bf47703cf |
| SHA1 | d06813e2fcb30cbb00bb3893f30c2661686cf4b7 |
| SHA256 | 67e4e888559ea2c62ff267b58d7a7e95c2ec361703b5aa232aa8b2a1f96a2051 |
| SHA512 | 5b93a782c9562370fc5b3f289ca422b4d1a1c532e81bd6c95a0063f2e3889ecf828003e42b674439fc7cd0fa72f64ad607bab6910abe9d959a4fb9fb08df263c |
\Users\Admin\AppData\Local\Temp\_MEI19482\_socket.pyd
| MD5 | 4827652de133c83fa1cae839b361856c |
| SHA1 | 182f9a04bdc42766cfd5fb352f2cb22e5c26665e |
| SHA256 | 87832a3b89e2ada8f704a8f066013660d591d9ce01ce901cc57a3b973f0858ba |
| SHA512 | 8d66d68613fdba0820257550de3c39b308b1dce659dca953d10a95ff2cf89c31afe512d30ed44422b31117058dc9fa15279e5ac84694da89b47f99b0ad7e338a |
C:\Users\Admin\AppData\Local\Temp\_MEI19482\unicodedata.pyd
| MD5 | 601aee84e12b87ca66826dfc7ca57231 |
| SHA1 | 3a7812433ca7d443d4494446a9ced24b6774ceca |
| SHA256 | d8091e62c74e1b2b648086f778c3c41ce01f09661a75ea207d3fea2cf26a8762 |
| SHA512 | 7c2d64623c6cfd66d6729f59909c90aa944e810ff6514c58b2b3142ee90e8660b7ddf7fa187389dd333e47efe8b19e935dd4e9119c15375b69b4880d043877d7 |
C:\Users\Admin\AppData\Local\Temp\_MEI19482\top-1m.csv
| MD5 | ba0857be5e9736dde1f5cc44edd5d21b |
| SHA1 | b130759907909cc97bfe0d9a1fd65b8942c931aa |
| SHA256 | 7800cdef850c31931b2b520a42f858c4feb5ca86d6b3789e6173a02e909595ca |
| SHA512 | 08446902bc588e323b8fc551502ff869be6c2bb64f788d1bebfcc30a04c3e589b0616e84fc55de3d81d7b19b26e690024a442e6a27096808bc613bcecf3f6db4 |
C:\Users\Admin\AppData\Local\Temp\_MEI19482\pyexpat.pyd
| MD5 | 2ae23047648257afa90d0ca96811979f |
| SHA1 | 0833cf7ccae477faa4656c74d593d0f59844cadd |
| SHA256 | 5caf51f12406bdb980db1361fab79c51be8cac0a2a0071a083adf4d84f423e95 |
| SHA512 | 13052eb183bb7eb8bb2740ff39f63805b69e920f2e21b482657a9995aa002579a88296b81ec415942511d2ed146689d1868b446f7e698e72da22f5c182706030 |
C:\Users\Admin\AppData\Local\Temp\_MEI19482\mozglue.dll
| MD5 | 3e4d1ec1d2a6e85593459601b5a0a828 |
| SHA1 | 92ee422285282dcb170cbc7808299d14d8d27963 |
| SHA256 | eefcf97ee8a298c85c9d4d44bb8747c0cca1ef5922e25000814148fd0fbfb2f5 |
| SHA512 | 4fe70fdbf8c902497537fbcda6e96373c636521aba2db52e3047abad37a9b857ab1668f203bcdf2815bbe0c485ec751dd6031043f459fd4af968c5d495e44ba4 |
C:\Users\Admin\AppData\Local\Temp\_MEI19482\nss3.dll
| MD5 | 71747091d34cc634b9ad3c360b45b0a9 |
| SHA1 | 111cf483836f6a392f64bc9398a327be1c43dfc8 |
| SHA256 | 6e69c7c93a9d06c34c5f5429813d3763fe7ae4fb09c1dc5b0f0290b2dd8befcf |
| SHA512 | b911fd3b201a84c7663135c2dbf72e2368d68557181f5e1a32be271b0e73181f34990575fba44002fc92bae7d90caf530b7ec9212d3d022b4526906f0c2eb35a |
C:\Users\Admin\AppData\Local\Temp\_MEI19482\geckodriver.exe
| MD5 | f60c542253cbe94f762e15c7b064b55d |
| SHA1 | 7a32f034217266db6d799893edc976e891a82944 |
| SHA256 | 989c9e22c08924ecb0ce8901889dcb4dc8db33b0b4c8c88ffea38fe89f04c6aa |
| SHA512 | 1a91ba760e9893521e417a4b6ab4a25c1a1d8aadf89ad98a60eb114f65a88f9d2616f3cc102c08b95a0e91d0cb7245ecc2b4fdbbbc17465c57844e6db2b2e8ca |
C:\Users\Admin\AppData\Local\Temp\_MEI19482\mozavutil.dll
| MD5 | 4ecbb73d44518fc2b601a1ac9a38dcad |
| SHA1 | f7c96e85d5b32af8efb784e75164ec4f0c6f4f10 |
| SHA256 | 7f629ecfd36353139e9b067dc5ba84b411ed74132aef01b4430ccb016af46a52 |
| SHA512 | 12946996b2bdd87dd08cf046b37ff21dc23ab336c92d2b42cfa2000743c79524205004623b67505294080f60f9b5433005457f8a385e0461cef2cded6aa3d610 |
C:\Users\Admin\AppData\Local\Temp\_MEI19482\lgpllibs.dll
| MD5 | 726abf1280adf3129481b94b2bc644c4 |
| SHA1 | 404f69e71296f2d199535e8a6d9fb56707fcbc5f |
| SHA256 | 8969747ecb7dfd4a6dcb9150017e14ebbf90ce558f6fb469f6b558d039e9259a |
| SHA512 | 160b57aa1a28ff35210cf958fd7821aa2cc1cf6fca1ea38d768fa90111826b096518363b00b6818d21743aefd6bbbfa358fbe2fe3afa95edacb330a747c6e5f3 |
\Users\Admin\AppData\Local\Temp\_MEI19482\_bz2.pyd
| MD5 | a49c5f406456b79254eb65d015b81088 |
| SHA1 | cfc2a2a89c63df52947af3610e4d9b8999399c91 |
| SHA256 | ce4ef8ed1e72c1d3a6082d500a17a009eb6e8ed15022bf3b68a22291858feced |
| SHA512 | bbafeff8c101c7425dc9b8789117fe4c5e516d217181d3574d9d81b8fec4b0bd34f1e1fe6e406ae95584dc671f788cd7b05c8d700baf59fbf21de9c902edf7ae |
\Users\Admin\AppData\Local\Temp\_MEI19482\libffi-7.dll
| MD5 | eef7981412be8ea459064d3090f4b3aa |
| SHA1 | c60da4830ce27afc234b3c3014c583f7f0a5a925 |
| SHA256 | f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081 |
| SHA512 | dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016 |
\Users\Admin\AppData\Local\Temp\_MEI19482\_ctypes.pyd
| MD5 | 291a0a9b63bae00a4222a6df71a22023 |
| SHA1 | 7a6a2aad634ec30e8edb2d2d8d0895c708d84551 |
| SHA256 | 820e840759eed12e19f3c485fd819b065b49d9dc704ae3599a63077416d63324 |
| SHA512 | d43ef6fc2595936b17b0a689a00be04968f11d7c28945af4c3a74589bd05f415bf4cb3b4e22ac496490daff533755999a69d5962ccffd12e09c16130ed57fd09 |
C:\Users\Admin\AppData\Local\Temp\_MEI19482\Tor Browser\Browser\firefox.exe
| MD5 | 65aa9b0f57d72e4d70e9226322221adc |
| SHA1 | 85fec174d0977afd8c0100c9d9b53c958e1949bf |
| SHA256 | 51b63860fd996d6d5b1753ba6bb7f3a4303f13187fbfecc96ba2b6bae52a7410 |
| SHA512 | f84416a5e9293b8b82993e9424b13d5bb8542d1a379d04f498b60f0b5805626b7c97bcc6f86f6cfd33031b0d65d0ad23ce6d836995b5a481ed29f62ef89b2c85 |
C:\Users\Admin\AppData\Roaming\tor\cached-microdesc-consensus.tmp
| MD5 | 80e882ce8268212cf4db9fbe44f95336 |
| SHA1 | 85abc152168a20d8db2c6501aa43a97ea72efc8c |
| SHA256 | 32c7fa19bdf922f35368bbda1fd91b30fae89f7e8615c8224901e4e3454ee937 |
| SHA512 | eb6fc2086c0c5b1e2207c675e49713961246559ade42f65f5e1d51e6139e503eacceaa57542664f7161dc320df0403d90bc85e499aa2d0f09c4a3d4236920cd5 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileHYOKyB\extensions.json
| MD5 | ddcc3619c3e54f93ecfebb57e5c11608 |
| SHA1 | 3f3686e42a4f8eb25f46016b7ce2cb4f137c20c3 |
| SHA256 | 273edfa69afb9a683b1dcb172feaf30866726d42a95ce206e761bd5f23ae324f |
| SHA512 | fd88af3108706f3c708316aca3d2ae7124e222a1bff69c3c50643127d34a4016c8d10142d6f44ad2a16773b5422385551169950d63cb6edcf89c541b6a5d784b |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileHYOKyB\prefs.js
| MD5 | c337d85ff90735bbbf396cc5a9236540 |
| SHA1 | 60a7d5322ab46e04bc220affc7abdf6571c040fb |
| SHA256 | 53e10fba53b0d886287f5b93077ac1332224489fe76e049bc9f8b4bf1b8b37cc |
| SHA512 | 41ea241b647e7cb7dd4d5e766f4016704536ec3b287a77850303d67fa0baf93fd3fe6bb0397e96357da73e2a139b24ecc51d19dbc87e72c9d1b971a62d1cbd88 |
C:\Users\Admin\AppData\Roaming\tor\cached-microdescs.new
| MD5 | 18ba85d440766d6ea0eb6e8a4fd85aa1 |
| SHA1 | 1f64068e3f682b2262c2ef29770e59b25355d99a |
| SHA256 | 9525ca60c0baee71378bceb6723be4949903d83e0d3e19e1c1ddc5933c27d297 |
| SHA512 | c4cc5048dcc6073ead2156caaf196423f5d960534b32c3330c3fe9505051e1b771301a2c6c5d5beec3f991a55fbc3c2b45d00d56b775648162abbe719f1fd9ca |
memory/3516-585-0x00000176D79E0000-0x00000176D7B50000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileHYOKyB\prefs-1.js
| MD5 | 78d04b2944c8b12d61d0934a342ab4f8 |
| SHA1 | b625cceeb198909ccfa55f56e0a282512315ecd8 |
| SHA256 | 858ff21b4e4296dff733db55ce96bcea2beec1747ec9001fa9af07247f6a5b5f |
| SHA512 | 233a1026d67e60704aed4d72b34b37f99f3d2fbe771e09dc5bdddc4019a8a2c3e6979a8911811d2da913ce487dea7bfc4e66a3ae8554c7ff59b80d1261ac2401 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileHYOKyB\prefs-1.js
| MD5 | 53670291adbca5a9997247a36cb94d54 |
| SHA1 | b3dd19b117c28806bc2184d7f31d5d0ef547c2bb |
| SHA256 | 0add8fdd07520442ddc2f213fd4375212d7ccb54afc61c78c21cefddf3ee99ea |
| SHA512 | 687a54a3c691438b9ef0a209caca8fa25120786edc28838ab3dfc5210e6e0e218461b01cc8f50824b2635cc67e0a6bc90ecdfb38ac080314fca73c813d32d49d |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilesslU2Z\sessionCheckpoints.json
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilesslU2Z\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
memory/4936-818-0x0000024314760000-0x0000024314770000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilesslU2Z\extension-preferences.json
| MD5 | b4298c9a240d6b7b63346daf94013802 |
| SHA1 | 9ce98168437854b51b198c16186c05129f0c273b |
| SHA256 | e120cdbe8994b9c61e74492f0fad161abb5b4e18f64d4b786a8c245ae5a384d5 |
| SHA512 | 545becc42b35be10b4c24fdc38ef6b664d167e4288111f31478f476c2c06794efb802ac0fa2b782cddea1283d295a56053e96520b033258bd596ff6fbb4f1b4c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilesslU2Z\startupCache\webext.sc.lz4
| MD5 | 1b799cc5b6cf681cfa54d37c8ce8cb06 |
| SHA1 | 2f0fae44eb2fe74542df923e37f0c7e23a74fd17 |
| SHA256 | ce654b3257aec215ee980682aa6a48628dac50252a09301efe8686ff3f406a03 |
| SHA512 | 10263e878623c9375095f150a83e5fe42fb5feccea139e107d37b2337f0c68c4f8a47952247d7e8517876a12dcd696202b8ecdf115577c0e416a489a280451d3 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilesslU2Z\sessionCheckpoints.json
| MD5 | 99601438ae1349b653fcd00278943f90 |
| SHA1 | 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9 |
| SHA256 | 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a |
| SHA512 | ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilesslU2Z\sessionCheckpoints.json
| MD5 | 2d87ba02e79c11351c1d478b06ca9b29 |
| SHA1 | 4b0fb1927ca869256e9e2e2d480c3feb8e67e6f1 |
| SHA256 | 16b7be97c92e0b75b9f8a3c22e90177941c7e6e3fbb97c8d46432554429f3524 |
| SHA512 | be7e128c140a88348c3676afc49a143227c013056007406c66a3cae16aae170543ca8a0749136702411f502f2c933891d7dcdde0db81c5733415c818f1668185 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilesslU2Z\prefs-1.js
| MD5 | 610e55999d37a29a9a1797035d0fe49a |
| SHA1 | 41e515fbde27b551a311227f5a40790ebd6f14ce |
| SHA256 | 62f7319d9a4bd846bd3c2deb8e816b040be78e8e43555ed1d4516dcb1a4c8644 |
| SHA512 | 154ed2ac6aff42cdf6a9b1c2e3b2b7fa8334e75eec9f758cfac2538bed6c633eca54c4b3cc1569af8c3db66783b05c393b319a5bab08c21f8862677606a6a3f4 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilesslU2Z\xulstore.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilesslU2Z\prefs-1.js
| MD5 | c48ae1335442bb3ab15f13c5250fa11e |
| SHA1 | 0cf636e749bdde6d4e7dfa5035f49a8fd26c8920 |
| SHA256 | 483cd64be1266d401d4894de2fa488ff28689d8aea1c2445ee301984c552db50 |
| SHA512 | c883ab2276735f78a4e031c1f4b67df7834cbfd71692a560134923b2633bad9bd2d14a2a9630affb7b00c12dcd8138bdf589a437df5f5d0f9cf73888b6e5abd3 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilesslU2Z\sessionCheckpoints.json
| MD5 | 65690c43c42921410ec8043e34f09079 |
| SHA1 | 362add4dbd0c978ae222a354a4e8d35563da14b4 |
| SHA256 | 7343d5a46e2fca762305a4f85c45484a49c1607ede8e8c4bd12bedd2327edb8d |
| SHA512 | c0208d51cf1586e75f22764b82c48ecbb42c1ff54aa412a85af13d686e0119b4e49e98450d25c70e3792d3b9c2cda0c5ab0c6931ebaf548693bb970a35ae62b9 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileK3u1gs\user.js
| MD5 | 736db8c9b955f72129a6644a9c797093 |
| SHA1 | 59f1c80c407e27ffe85407a82f7b7250c5ee3753 |
| SHA256 | 668694ca0485bfb77e7049bad327ba3f83534f31c1d50744f227c996eab4097f |
| SHA512 | 9916d339304272357ff56976bfcb9fd2d607ccbaa33dc40b88618c9ae31833923d3f2e8288cfc1f0090da90803b5e07404c41182155db2d2345df6f63020f217 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileK3u1gs\startupCache\scriptCache-child-new.bin
| MD5 | 2724d7dd31542eea53805994d9290cd8 |
| SHA1 | 7b5d8536b060269d79848eaa6e2362333bc0f8ec |
| SHA256 | 72f0d983fa1c2017f7402b19caf50305d7bd8001ed4e7797bc3dc0528f3081a1 |
| SHA512 | 6ea98f95ca46f2b83081b546bf6238de11a829853105233bb29cf9ceeb69ace8c69ae90e94c9b5143f91f05713cfbf82f63265733f6233ecf5acb867758c1ee0 |
memory/1964-1141-0x000001F408AF0000-0x000001F408B00000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileK3u1gs\prefs-1.js
| MD5 | 63f854923015d51c44ac85932c36d20a |
| SHA1 | 120d71888848279c5131581e30dab3b9a1af3eda |
| SHA256 | 708f517f9621ee047bb2b66d7e056687518c1e72d82bcfc3be1d73ae048866a5 |
| SHA512 | 7bd2189392458147369719431a324784066a15c6f273e4c95f7783a7c624e3cfec119b289b074d1876360a6074a4e53683dc62238be34ec9de1add2df319864c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileK3u1gs\broadcast-listeners.json
| MD5 | 97c3738563a9448365a735f5f29ed3d5 |
| SHA1 | 15a81433236ca6e6ecc4e1c8d0fdb8523b265c57 |
| SHA256 | 63221253f5c30efa214c2cd2adcf51a9c9f9a2c05f119b00a51c9579825c2c24 |
| SHA512 | ed98f42d5d02ab53a9e50f80b312bed4b5d05d053bec582cf9d619ef91251e86cf4f4d1123c645500fc1dc4673b49a8b7badd3f3a39f565ac643ca4fd0157ae6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileK3u1gs\prefs-1.js
| MD5 | 9334bea0d65dbb18359bfa62cb5f3c9d |
| SHA1 | ef564cc1e48be2dc77ccd8ecf331e100e52bae10 |
| SHA256 | 58b29d89ca1aa71c4ede2ad1077d0c16a633511b6f72670f7cce7d2cf4a1bff5 |
| SHA512 | d88b7a50908c6ade651d30d87b18d485c3e3c93f97542365ae422946b355274d712dcb8b90ac0a20cb28cf6edd6d3f1fccd76fce65dcd6ece938a992e2750f0b |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileK3u1gs\sessionCheckpoints.json.tmp
| MD5 | 29ce37dc02c78bbe2e5284d350fae004 |
| SHA1 | bab97d5908ea6592aef6b46cee1ded6f34693fa2 |
| SHA256 | 1bfee61e2f346959c53aa41add4b02d2b05c86c9f19ffefe1018f4a964bf4693 |
| SHA512 | 53a9eb746e193c088210d8eaa6218d988f3a67ee4cb21844d682ff0178db040932404f5ce2f3cf8b4576313ba0ec33c04ca288c3412bfa5df7dd8230cc2068bb |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileK3u1gs\datareporting\glean\db\data.safe.tmp
| MD5 | 63b1bb87284efe954e1c3ae390e7ee44 |
| SHA1 | 75b297779e1e2a8009276dd8df4507eb57e4e179 |
| SHA256 | b017ee25a7f5c09eb4bf359ca721d67e6e9d9f95f8ce6f741d47f33bde6ef73a |
| SHA512 | f7768cbd7dd80408bd270e5a0dc47df588850203546bbc405adb0b096d00d45010d0fb64d8a6c050c83d81bd313094036f3d3af2916f1328f3899d76fad04895 |
memory/4588-1374-0x0000027570ED0000-0x0000027570EE0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilejqU7Ku\prefs.js
| MD5 | b94c5d1dd7f30920bf0fee1f91d4564e |
| SHA1 | 00976440626762bf90fed0a8f4debf82d54f3aa1 |
| SHA256 | a7d40f70e48f834ba3b98f5b50d5b5e63b9ba58a07341b0a766784961de79acf |
| SHA512 | 237dceda59c4ab9437104af497e770460bba6fa2610b5437b7f89f24534751fa9f07cbed6db6f6bae42cb21480da7022062d01c27b3446482fbf3df24e0dd74b |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilejqU7Ku\prefs.js
| MD5 | c58affd7fbb09174ba41dfba66bdbc49 |
| SHA1 | 93f84b753130efeed2d54b88713a162c28d2e90d |
| SHA256 | 94b012b026b6e077065d6e8afa1590941948c38bec9aa82b4e6df3f0682ac2e6 |
| SHA512 | 02bf77016728397b197a12bd7c97f68d244519baf44900d0e8c3a09273f0b4dc1a3e20aca32540a89418bfb8612c2d39e6403f6a5d97368f6bbdc8fb13ccda37 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilejqU7Ku\prefs-1.js
| MD5 | 9547e7a9937101268234f71721a882d6 |
| SHA1 | 697f6161ac3b72564c349431bd64c4d24d037fdd |
| SHA256 | 068297a979658701023ec93e6475b7420f1d615a677068ae1c0d16ffeafea70e |
| SHA512 | 8bfce9d530c04d07c67c845f5a2b1ed6d3fd9addff2cebed16fa94b66624120ca35a3ce003770764a2625a701c65388f75a1bb649a96c4793ad64d8fd95988af |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileKW5YxK\compatibility.ini
| MD5 | 3bbf3e52353d4d84a2d71d427867b18a |
| SHA1 | b57a8dee05d3da75c92019b8e16f5073a42aa18a |
| SHA256 | e5ce77463d9f6f89aaffa36483203710feb14153e0fd5d84e68a53a7e166d2e1 |
| SHA512 | 9d15487e4b0249a90c4b932c6f8971e51c594078a17ab8f5c7f98b042efa86874504967bd37ce575b96a1e0e527bb280e5e277e5d8ffcb7282d37b884aed779f |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileKW5YxK\WebDriverBiDiServer.json
| MD5 | 664bf25ca745a78554701dae9cf12ff6 |
| SHA1 | 4b1450aa2e9d47d45e44b59ebb17176e6fd690fe |
| SHA256 | e3a5d63d3d67f61e58cffea8db997596659344bc6ccc52788605d8458f808cca |
| SHA512 | ad2378b86cacb84a24a89bbd82fffe996c748cdc9d9eced788a158d2e5c0063cdb7388fb388a864eca81d0eea10f65a31a886747b8392eeaba46ada525880191 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileKW5YxK\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | 0b1bb068734f01783efca63bea911df3 |
| SHA1 | 9a1b95ddb84a29d12aaa8d7257b154fc6e784753 |
| SHA256 | c8ffd0900289ccb9a8cc455cd851128f107018eb22ecd1237720ac54069ffd65 |
| SHA512 | 8b482af3c4771e6d240f3265f0c78785a11199d5c746af8c1f092728aeb789940758d4daedab91d0df2dc422e27e01bfb83554001191d5813b2bcfa428bfad27 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileKW5YxK\prefs.js
| MD5 | 250876cb7197ca3e729a4c2b7424e896 |
| SHA1 | 226049f2911b419d05b72b781e874459f918bf91 |
| SHA256 | 341df68eb5194febf324658ef87672cd58a608b002f1b70698b05df0c0c0f3dc |
| SHA512 | 46e3b3951e138332ac5c7f0f8bd709e45c89e5e95ac86c44adc8d99b4b7a50a2f9a4679675b9096ac7ab16ccbae4d0cc4671532136c467c96ef7290c2d05c38d |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileKW5YxK\prefs-1.js
| MD5 | 8d3c56738311006a6e5e913de9ea3306 |
| SHA1 | d5c993d05dfab38626e704ce7c4a3a2b9fc50070 |
| SHA256 | 94e066a1f47d26254332663d4036e940715d7717d6dc6be443ef179b5c494f01 |
| SHA512 | 3e6cc1a8456128f28170891c3bd8b3aab3c09e36e6b01bd48ba4bc8e451217dafe458bff8348b7d680bb358f05c3eb8c1d08a17ce271a28ae171633af13cd1f5 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileKW5YxK\storage-sync-v2.sqlite
| MD5 | bff4d6361e4126d963ab7dffdc7550ce |
| SHA1 | e2660c2f00b0aef4a81972c6a6093935d5aa40d5 |
| SHA256 | ad0828e5ff9d4188151772cd9af85827a431d122901486590c5734b62b4af2d2 |
| SHA512 | 8d967c085d343d50a76cf14e88ed2fb742a7195034ddbaacd57d2c47abf0218a5f6878528a8f37c8f3b61496f61b5e254d205003af87a3cf156ba12ea59f65bc |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileKW5YxK\content-prefs.sqlite
| MD5 | b15425d1f21f5708184e35493e63c8a1 |
| SHA1 | e944c1fdf56a3f6a5150b77980e89d48c7b57be2 |
| SHA256 | 7a9012d1846763fe9dcb059035972a023ec29f2b9c03f865f0a6f6df6ef2a6c0 |
| SHA512 | 6b54e30e0a060261bdac98ef818d1053fbabf0d6b8a17efc729942729ed6e6dddb29063b079ddb1dcd1b4edfc85a0311cf821b4b3291372c834a00733456423f |
memory/2876-1942-0x0000017C92300000-0x0000017C92310000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileFLu21s\datareporting\glean\db\data.safe.tmp
| MD5 | 7d3d11283370585b060d50a12715851a |
| SHA1 | 3a05d9b7daa2d377d95e7a5f3e8e7a8f705938e3 |
| SHA256 | 86bff840e1bec67b7c91f97f4d37e3a638c5fdc7b56aae210b01745f292347b9 |
| SHA512 | a185a956e7105ad5a903d5d0e780df9421cf7b84ef1f83f7e9f3ab81bf683b440f23e55df4bbd52d60e89af467b5fc949bf1faa7810c523b98c7c2361fde010e |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileFLu21s\prefs.js
| MD5 | 5ee361686766dad43076d613392d22f7 |
| SHA1 | aab935d4ac4eeda2f9a4c99e30e554cf88b08b66 |
| SHA256 | 179e2e0c0297340cb9efe9e0fd316b5d3dc8a20f142cff4f00b7f779bf903455 |
| SHA512 | 9eadf044cca4317d424f12f36845b11588b902125e8b87fc32c65589487baae35b6bba3943913064a566794be8c78fbbaec9e612372c56c5999e924fc0bd2ea5 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileFLu21s\prefs-1.js
| MD5 | a9210d9a513fe178b7954ea7c0e60064 |
| SHA1 | 2ee28a7e7fc170b05a0747ab7148b465b4f47607 |
| SHA256 | 0486d5a35905fbef6b5f1d6734b662f25f0f292b626afbfbdb674f5c9c93bc5e |
| SHA512 | 7b3a70917ff818e822d6c9bacb3a2602ec5c3793230fd5f3528d92fe355eaf5f35801b7c85dc4b85695c7c205f529b1e203544e350690a66bc53692a0ff48518 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileFLu21s\prefs-1.js
| MD5 | 7f2746f4c69daf1e77514fcb62fdbdf8 |
| SHA1 | a33e4dd494ce9dc03bc4cb92f780c0ad107829a8 |
| SHA256 | 97b73d5cd4947726a8312f0b2f0c15ffd1f6367d072a59d0b19174ee628ce8f4 |
| SHA512 | dec1eceb10771f175afcd622a9d82d2eab0de1d8f26890d2d1b2116bcf7dd35bfe3cb6c9ed5baa25a04dead474282a1dc2c8d67b234dd60f4ffbdbb2465273eb |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileFLu21s\prefs-1.js
| MD5 | f0f9f2d09514b3f3a63de6eafad518d8 |
| SHA1 | 8da12364bf42edb499fcb0ecd51360cda0f3a1b4 |
| SHA256 | b009230d5b7e2f2a81f4fac3c51df943ee74da9d4d5950cb6bdc2cd47fe2d665 |
| SHA512 | 9210d5ea41fae1d2962c0811fbc4fd98dca8468c3a8378b615f4ea1d0767c5f156bc00729e546aa12af8ab343123761dc06736297f6e39cef5f6dd6e8591ed6d |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileFLu21s\datareporting\glean\db\data.safe.tmp
| MD5 | c58234a092f9d899f0a623e28a4ab9db |
| SHA1 | 7398261b70453661c8b84df12e2bde7cbc07474b |
| SHA256 | eaec709a98b57cd9c054a205f9bfa76c7424db2845c077822804f31e16ac134c |
| SHA512 | ae2724fc45a8d9d26e43d86bcc7e20f398d8ab4e251e89550087ace1311c4d2571392f2f0bed78da211fcb28766779c1853b80742faa69f722b2c44c283569fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileKjndHA\prefs-1.js
| MD5 | 7486977577551f9889a7e50098aaf5c9 |
| SHA1 | 7021d30a2ca5acbb22f1b0773e4f31c8aa6b8117 |
| SHA256 | 50aadfed276be7229ec3ca424efdab5b37edba07e7070eafbbee74248915fde1 |
| SHA512 | 48561e01e4f52d845f9ce0dc20d6e896146962ef14f4215d81cd313ffb09578fc17ca11a0cdb74643ff45340bb0c5e3836197ce346f18d1c395ff3e7309b9396 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileuouWcN\datareporting\glean\db\data.safe.tmp
| MD5 | 1c3c58f7838dde7f753614d170f110fc |
| SHA1 | c17e5a486cecaddd6ced7217d298306850a87f48 |
| SHA256 | 81c14432135b2a50dc505904e87781864ca561efef9e94baeca3704d04e6db3d |
| SHA512 | 9f6e9bcb0bba9e2ce3d7dabe03b061e3fda3f6d7b0249ecf4dbc145dc78844386d047ee2ac95656a025ef808cd0fc451204dc98a1981cf2729091761661a3b49 |
memory/220-2450-0x000001DD2D260000-0x000001DD2D270000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileuouWcN\prefs.js
| MD5 | 755b61567b529545b1a12ced1d3a8e8c |
| SHA1 | b2d21f9ac0a77949790be164045699f8161e62f5 |
| SHA256 | 7e3adf9b57a0684b8b40b38c38b53064b448bd0d4df67085d9fbb9b18c13f1ed |
| SHA512 | 7fa4cb805ff2cc356eb6f51d1693f515c864ecd934374c55f60795e6d377d4976c6a6f211341572ff3e33eb4c67e0643d7b09b835420f890dd2e865075219897 |