Analysis Overview
SHA256
88093c75834d60df3b4b6f4df642bb28dc749f4bd562f587fa8f9e30e97d3c5c
Threat Level: Shows suspicious behavior
The file heavy.exe was found to be: Shows suspicious behavior.
Malicious Activity Summary
Executes dropped EXE
Loads dropped DLL
Checks computer location settings
Checks whether UAC is enabled
Enumerates physical storage devices
Detects Pyinstaller
Unsigned PE
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Checks processor information in registry
Modifies registry class
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-05-09 01:57
Signatures
Detects Pyinstaller
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-09 01:55
Reported
2024-05-09 02:07
Platform
win10-20240404-en
Max time kernel
301s
Max time network
308s
Command Line
Signatures
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "ver"
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\TorBrowser\Tor\tor.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Users\Admin\AppData\Local\Temp\_MEI17682\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI17682\geckodriver.exe --port 50042 --websocket-port 50043
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50043 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilekJuz44
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50043 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilekJuz44
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" -contentproc --channel="5108.0.446521384\1347972851" -parentBuildID 20240416150000 -prefsHandle 1480 -prefMapHandle 1456 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\browser" - {ec439d1d-dc4a-4969-8fe8-cdecf279df9e} 5108 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" -contentproc --channel="5108.1.1931298827\2049998729" -childID 1 -isForBrowser -prefsHandle 2092 -prefMapHandle 2584 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\browser" - {72dd07de-5c44-4ed1-84ac-e85217d8a498} 5108 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" -contentproc --channel="5108.2.471610062\741100005" -childID 2 -isForBrowser -prefsHandle 2964 -prefMapHandle 2960 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\browser" - {29685976-527f-4bad-8671-360afc134579} 5108 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" -contentproc --channel="5108.3.974481805\877237391" -childID 3 -isForBrowser -prefsHandle 3136 -prefMapHandle 3164 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\browser" - {7904bc5f-8aec-4ce5-886c-53ed671f5edb} 5108 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" -contentproc --channel="5108.4.1453444250\2016895169" -childID 4 -isForBrowser -prefsHandle 1348 -prefMapHandle 3388 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\browser" - {f0b77fc1-df8e-4fa3-95f0-a00dfee14471} 5108 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" -contentproc --channel="5108.5.1852267013\646345614" -childID 5 -isForBrowser -prefsHandle 3768 -prefMapHandle 3772 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\browser" - {55b012cd-1a8a-4391-855c-6e55918802c8} 5108 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" -contentproc --channel="5108.6.680533416\1857262716" -childID 6 -isForBrowser -prefsHandle 3828 -prefMapHandle 3836 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\browser" - {652aaf5b-9ecc-4559-aee5-844d1c067487} 5108 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" -contentproc --channel="5108.7.1305128827\1463072536" -childID 7 -isForBrowser -prefsHandle 4264 -prefMapHandle 4268 -prefsLen 25536 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\browser" - {45ece22a-a84c-437c-8508-b03490eba3ee} 5108 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17682\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI17682\geckodriver.exe --port 50042 --websocket-port 50043
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50043 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilekphdje
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50043 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilekphdje
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" -contentproc --channel="5012.0.863998861\251394694" -parentBuildID 20240416150000 -prefsHandle 1488 -prefMapHandle 1480 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\browser" - {55cb8a8f-1729-4607-beab-9f58c22ecb50} 5012 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" -contentproc --channel="5012.1.326405812\1534564197" -childID 1 -isForBrowser -prefsHandle 2312 -prefMapHandle 2328 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1144 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\browser" - {0a11a219-2dce-40e1-9079-cef6b24af669} 5012 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" -contentproc --channel="5012.2.1237659393\1973295669" -childID 2 -isForBrowser -prefsHandle 2700 -prefMapHandle 2820 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1144 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\browser" - {3aa8a778-a8c5-476e-a462-6c0af7a7e1c0} 5012 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" -contentproc --channel="5012.3.1334899475\1877967637" -childID 3 -isForBrowser -prefsHandle 3460 -prefMapHandle 3456 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1144 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\browser" - {fc96ef6e-9b34-420b-bfd2-df2fb4b434f8} 5012 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" -contentproc --channel="5012.4.832972846\638802038" -childID 4 -isForBrowser -prefsHandle 3588 -prefMapHandle 3584 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1144 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\browser" - {8df6b8b4-f96c-4a55-898e-23a69389241a} 5012 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" -contentproc --channel="5012.5.501997285\1825181594" -childID 5 -isForBrowser -prefsHandle 3820 -prefMapHandle 3804 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1144 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\browser" - {06969942-4979-4954-a4bb-5bb5b02934f7} 5012 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" -contentproc --channel="5012.6.1129365473\1270307742" -childID 6 -isForBrowser -prefsHandle 3876 -prefMapHandle 3880 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1144 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\browser" - {cd9a1c4b-0b37-4ac8-9601-59e3fba2c2c6} 5012 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17682\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI17682\geckodriver.exe --port 50042 --websocket-port 50043
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50043 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileU9SfiC
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50043 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileU9SfiC
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" -contentproc --channel="4524.0.1613597044\600979560" -parentBuildID 20240416150000 -prefsHandle 1484 -prefMapHandle 1472 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\browser" - {76fd1561-ffaf-4b7e-8dde-24446c5f5858} 4524 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" -contentproc --channel="4524.1.1857545110\716384053" -childID 1 -isForBrowser -prefsHandle 2240 -prefMapHandle 2340 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\browser" - {460c5d28-27d2-431b-8634-e3a44d013079} 4524 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" -contentproc --channel="4524.2.1398809148\657085258" -childID 2 -isForBrowser -prefsHandle 2952 -prefMapHandle 2948 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\browser" - {96ab7dc6-5fa8-429e-96bb-7c99c469eaa5} 4524 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" -contentproc --channel="4524.3.1721184049\1869354989" -childID 3 -isForBrowser -prefsHandle 3376 -prefMapHandle 3380 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\browser" - {624da79a-9719-4ca7-bbcc-54031c6771a3} 4524 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" -contentproc --channel="4524.4.290336474\1154587896" -childID 4 -isForBrowser -prefsHandle 3636 -prefMapHandle 3632 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\browser" - {78e78083-93df-4a0e-9a74-5ba731fa909a} 4524 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" -contentproc --channel="4524.5.747684925\2077833963" -childID 5 -isForBrowser -prefsHandle 3752 -prefMapHandle 3748 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\browser" - {b4bc8caf-61e7-4e9f-8aad-8e46bc329b82} 4524 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" -contentproc --channel="4524.6.855206744\1896349842" -childID 6 -isForBrowser -prefsHandle 3848 -prefMapHandle 3852 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\browser" - {2ac8f61c-8ef2-4b17-a8dd-ec7fd5406001} 4524 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" -contentproc --channel="4524.7.1368122711\1797434853" -childID 7 -isForBrowser -prefsHandle 4360 -prefMapHandle 4356 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\browser" - {eb1a430e-dceb-4c3e-8465-8ecf6468b2b1} 4524 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17682\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI17682\geckodriver.exe --port 50042 --websocket-port 50043
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50043 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilef4eqcz
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50043 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilef4eqcz
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" -contentproc --channel="2444.0.1976080341\1679196789" -parentBuildID 20240416150000 -prefsHandle 1480 -prefMapHandle 1472 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\browser" - {5c16fe53-8d44-464c-aac9-f8d5d7711dd0} 2444 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" -contentproc --channel="2444.1.1960252989\678363137" -childID 1 -isForBrowser -prefsHandle 2388 -prefMapHandle 2204 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1176 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\browser" - {e4639ae3-fdf1-4402-862f-a2f567aba622} 2444 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" -contentproc --channel="2444.2.422697171\1812498819" -childID 2 -isForBrowser -prefsHandle 2948 -prefMapHandle 2944 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1176 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\browser" - {5b566240-27d3-43e8-9d67-675969a9da48} 2444 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" -contentproc --channel="2444.3.1608242765\610845119" -childID 3 -isForBrowser -prefsHandle 3224 -prefMapHandle 3228 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1176 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\browser" - {c8d64a10-f056-479f-b5d6-ad6c8605948d} 2444 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" -contentproc --channel="2444.4.10589162\1716036345" -childID 4 -isForBrowser -prefsHandle 3224 -prefMapHandle 3260 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1176 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\browser" - {648ba182-f067-4e8a-9e7b-dcbfa86f49b3} 2444 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" -contentproc --channel="2444.5.1057714043\161265722" -childID 5 -isForBrowser -prefsHandle 3500 -prefMapHandle 3540 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1176 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\browser" - {95d98881-e43e-4977-bb38-35aa434a349d} 2444 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" -contentproc --channel="2444.6.17655839\1537005132" -childID 6 -isForBrowser -prefsHandle 3880 -prefMapHandle 3876 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1176 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\browser" - {d4b03611-870c-43bb-8992-1a1fcc18107d} 2444 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" -contentproc --channel="2444.7.1461046623\1045057967" -childID 7 -isForBrowser -prefsHandle 4284 -prefMapHandle 3648 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1176 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\browser" - {5ce847bb-89b5-4dc3-9c21-113ea36074fe} 2444 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17682\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI17682\geckodriver.exe --port 50042 --websocket-port 50043
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50043 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile3zcHGK
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50043 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile3zcHGK
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" -contentproc --channel="3180.0.515160234\1929448838" -parentBuildID 20240416150000 -prefsHandle 1488 -prefMapHandle 1472 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\browser" - {6b69ca95-b79f-4dc8-bd73-9f87e3de8715} 3180 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" -contentproc --channel="3180.1.1232819214\369039097" -childID 1 -isForBrowser -prefsHandle 2256 -prefMapHandle 2212 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1120 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\browser" - {f74a503b-9b82-4910-938b-73b15269ac74} 3180 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" -contentproc --channel="3180.2.808948506\1201348627" -childID 2 -isForBrowser -prefsHandle 2956 -prefMapHandle 2952 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1120 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\browser" - {b569025c-6ce1-4c2d-be37-4e94d0a6d1d7} 3180 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" -contentproc --channel="3180.3.720592793\1830665916" -childID 3 -isForBrowser -prefsHandle 3288 -prefMapHandle 2988 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1120 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\browser" - {3830f4d2-2c33-42a0-91fe-6cf8efd628ab} 3180 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" -contentproc --channel="3180.4.1574712953\619440518" -childID 4 -isForBrowser -prefsHandle 3636 -prefMapHandle 3632 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1120 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\browser" - {cc0945ee-7752-4e90-813c-7dbd80754f98} 3180 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" -contentproc --channel="3180.5.1602455513\1233710657" -childID 5 -isForBrowser -prefsHandle 3840 -prefMapHandle 3836 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1120 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\browser" - {f88b914d-1010-4904-a1a2-f2a053c4f208} 3180 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" -contentproc --channel="3180.6.1099015747\1637977473" -childID 6 -isForBrowser -prefsHandle 3984 -prefMapHandle 3988 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1120 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\browser" - {7732cb0e-c8b5-4086-bdb8-a039a8bc562f} 3180 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" -contentproc --channel="3180.7.643540783\1389345271" -childID 7 -isForBrowser -prefsHandle 4312 -prefMapHandle 4316 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1120 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\browser" - {19e3defa-d1e0-45aa-b4f8-cdafad5959f5} 3180 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17682\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI17682\geckodriver.exe --port 50042 --websocket-port 50043
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50043 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZIx2bW
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50043 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZIx2bW
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" -contentproc --channel="3352.0.1253293851\1060185116" -parentBuildID 20240416150000 -prefsHandle 1488 -prefMapHandle 1464 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\browser" - {0ce6a4e2-dcea-4baf-b2f0-c46a876dfb1f} 3352 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" -contentproc --channel="3352.1.1998782002\1939200478" -childID 1 -isForBrowser -prefsHandle 2260 -prefMapHandle 2276 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1108 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\browser" - {d1200ff0-cd3d-4452-b7a5-c350b6d6828b} 3352 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" -contentproc --channel="3352.2.1285489507\966513227" -childID 2 -isForBrowser -prefsHandle 3076 -prefMapHandle 3080 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1108 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\browser" - {64088f89-966e-448a-9cd7-e94d5ae3de24} 3352 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" -contentproc --channel="3352.3.468794430\1292096625" -childID 3 -isForBrowser -prefsHandle 3100 -prefMapHandle 3232 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1108 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\browser" - {0c95b1c0-f2df-45c9-abae-27d2edf48154} 3352 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" -contentproc --channel="3352.4.78070381\113700742" -childID 4 -isForBrowser -prefsHandle 1372 -prefMapHandle 1368 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1108 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\browser" - {0c004af5-2ab2-482e-8826-8c9609b3c332} 3352 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" -contentproc --channel="3352.5.1128539870\1638345079" -childID 5 -isForBrowser -prefsHandle 1360 -prefMapHandle 1356 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1108 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\browser" - {69f0777e-627c-4b81-a122-24662d4311a4} 3352 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" -contentproc --channel="3352.6.47156952\1703797488" -childID 6 -isForBrowser -prefsHandle 3876 -prefMapHandle 3880 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1108 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\browser" - {4373a6b5-e4e7-4b2e-8cd8-6f39077ed421} 3352 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" -contentproc --channel="3352.7.1969682216\523267296" -childID 7 -isForBrowser -prefsHandle 4380 -prefMapHandle 4368 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1108 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\browser" - {a5a2cf98-a21d-4cb0-94be-14c8fd74cab3} 3352 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" -contentproc --channel="3352.8.1029248805\507119669" -childID 8 -isForBrowser -prefsHandle 4216 -prefMapHandle 4220 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1108 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\browser" - {ce70d3dc-428d-4ada-af54-ca2438637f55} 3352 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17682\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI17682\geckodriver.exe --port 50042 --websocket-port 50043
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50043 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile9nKKDv
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50043 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile9nKKDv
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" -contentproc --channel="4128.0.1565631540\1873159405" -parentBuildID 20240416150000 -prefsHandle 1488 -prefMapHandle 1464 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\browser" - {9f5088d1-8d21-4729-b079-eebb472ba07f} 4128 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" -contentproc --channel="4128.1.362140609\983515894" -childID 1 -isForBrowser -prefsHandle 2200 -prefMapHandle 2080 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1120 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\browser" - {a175c0fc-c721-4848-864b-9f2ea2d67e87} 4128 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" -contentproc --channel="4128.2.1794599883\1143380658" -childID 2 -isForBrowser -prefsHandle 2952 -prefMapHandle 2948 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1120 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\browser" - {54c0f071-a306-44fa-a686-e3d4fce807f7} 4128 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" -contentproc --channel="4128.3.1792348056\146022304" -childID 3 -isForBrowser -prefsHandle 2968 -prefMapHandle 3404 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1120 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\browser" - {1d5161d3-56bf-483d-9819-2aaa25eb9630} 4128 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" -contentproc --channel="4128.4.517735029\845788231" -childID 4 -isForBrowser -prefsHandle 1364 -prefMapHandle 1360 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1120 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\browser" - {f686ebe6-1fff-4937-98c7-7ec1ab3f2e04} 4128 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" -contentproc --channel="4128.5.74363028\2021719317" -childID 5 -isForBrowser -prefsHandle 3044 -prefMapHandle 3544 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1120 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\browser" - {79f302e4-3ac4-4ff4-8883-04b0aff9e34c} 4128 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" -contentproc --channel="4128.6.1148650835\609764317" -childID 6 -isForBrowser -prefsHandle 4088 -prefMapHandle 4092 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1120 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\browser" - {7e3bfc4f-2756-42a4-bc72-58f0b6735a64} 4128 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe" -contentproc --channel="4128.7.1800154060\1607909990" -childID 7 -isForBrowser -prefsHandle 3964 -prefMapHandle 1360 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1120 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\browser" - {ca18f815-867f-423e-8e36-9f193a6349e4} 4128 tab
Network
| Country | Destination | Domain | Proto |
| DK | 185.129.61.5:443 | tcp | |
| CA | 159.2.191.175:59001 | tcp | |
| HU | 185.225.69.232:443 | tcp | |
| US | 8.8.8.8:53 | 232.69.225.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.0.8.0.8.0.8.0.ip6.arpa | udp |
| US | 15.204.220.109:8443 | tcp | |
| FI | 65.21.94.13:9443 | tcp | |
| US | 8.8.8.8:53 | 13.94.21.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 109.220.204.15.in-addr.arpa | udp |
| N/A | 127.0.0.1:50145 | tcp | |
| N/A | 127.0.0.1:50147 | tcp | |
| N/A | 127.0.0.1:50042 | tcp | |
| N/A | 127.0.0.1:50042 | tcp | |
| N/A | 127.0.0.1:50242 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50250 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:50042 | tcp | |
| N/A | 127.0.0.1:50042 | tcp | |
| N/A | 127.0.0.1:50042 | tcp | |
| N/A | 127.0.0.1:50621 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50629 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:50042 | tcp | |
| N/A | 127.0.0.1:50042 | tcp | |
| N/A | 127.0.0.1:50042 | tcp | |
| N/A | 127.0.0.1:50893 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50901 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| US | 8.8.8.8:53 | 210.143.182.52.in-addr.arpa | udp |
| N/A | 127.0.0.1:50042 | tcp | |
| N/A | 127.0.0.1:50042 | tcp | |
| N/A | 127.0.0.1:50042 | tcp | |
| N/A | 127.0.0.1:51184 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51192 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:50042 | tcp | |
| N/A | 127.0.0.1:50042 | tcp | |
| N/A | 127.0.0.1:50042 | tcp | |
| N/A | 127.0.0.1:51519 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51527 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| US | 8.8.8.8:53 | 25.140.123.92.in-addr.arpa | udp |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:50042 | tcp | |
| N/A | 127.0.0.1:50042 | tcp | |
| N/A | 127.0.0.1:50042 | tcp | |
| N/A | 127.0.0.1:51832 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51840 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:50042 | tcp | |
| N/A | 127.0.0.1:50042 | tcp | |
| N/A | 127.0.0.1:50042 | tcp | |
| N/A | 127.0.0.1:52173 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:52181 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\_MEI17682\python38.dll
| MD5 | 5bbf6fb8fff2262a0c367c011bbf1fd0 |
| SHA1 | 7fc6f1ae4508c7f860fa7d2b73c188bff27d2d6e |
| SHA256 | 58c2d2bd5e50158c8b4c81249d73b8ba2d70bc4db65dbf785d1950ce60aea6d2 |
| SHA512 | 8930e2faa06d1e086e4c56cbac8efcc6b3da563f2008488f927398e51fea17ddf6c66c40190d106944acb91f6206e54ce0282a1415c0db073e6eb15069e33ad9 |
\Users\Admin\AppData\Local\Temp\_MEI17682\libffi-7.dll
| MD5 | eef7981412be8ea459064d3090f4b3aa |
| SHA1 | c60da4830ce27afc234b3c3014c583f7f0a5a925 |
| SHA256 | f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081 |
| SHA512 | dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016 |
C:\Users\Admin\AppData\Local\Temp\_MEI17682\_ssl.pyd
| MD5 | d4dfd8c2894670e9f8d6302c09997300 |
| SHA1 | c3a6cc8d8079a06a4cac8950e0baba2b43fb1f8e |
| SHA256 | 0a721fc230eca278a69a2006e13dfa00e698274281378d4df35227e1f68ea3e0 |
| SHA512 | 1422bf45d233e2e3f77dce30ba0123625f2a511f73dfdf42ee093b1755963d9abc371935111c28f0d2c02308c5e82867de2546d871c35e657da32a7182026048 |
C:\Users\Admin\AppData\Local\Temp\_MEI17682\_socket.pyd
| MD5 | 4827652de133c83fa1cae839b361856c |
| SHA1 | 182f9a04bdc42766cfd5fb352f2cb22e5c26665e |
| SHA256 | 87832a3b89e2ada8f704a8f066013660d591d9ce01ce901cc57a3b973f0858ba |
| SHA512 | 8d66d68613fdba0820257550de3c39b308b1dce659dca953d10a95ff2cf89c31afe512d30ed44422b31117058dc9fa15279e5ac84694da89b47f99b0ad7e338a |
C:\Users\Admin\AppData\Local\Temp\_MEI17682\_queue.pyd
| MD5 | dd146e2fa08302496b15118bf47703cf |
| SHA1 | d06813e2fcb30cbb00bb3893f30c2661686cf4b7 |
| SHA256 | 67e4e888559ea2c62ff267b58d7a7e95c2ec361703b5aa232aa8b2a1f96a2051 |
| SHA512 | 5b93a782c9562370fc5b3f289ca422b4d1a1c532e81bd6c95a0063f2e3889ecf828003e42b674439fc7cd0fa72f64ad607bab6910abe9d959a4fb9fb08df263c |
C:\Users\Admin\AppData\Local\Temp\_MEI17682\_hashlib.pyd
| MD5 | 5e5af52f42eaf007e3ac73fd2211f048 |
| SHA1 | 1a981e66ab5b03f4a74a6bac6227cd45df78010b |
| SHA256 | a30cf1a40e0b09610e34be187f1396ac5a44dcfb27bc7ff9b450d1318b694c1b |
| SHA512 | bc37625005c3dad1129b158a2f1e91628d5c973961e0efd61513bb6c7b97d77922809afca8039d08c11903734450bc098c6e7b63655ff1e9881323e5cfd739fd |
\Users\Admin\AppData\Local\Temp\_MEI17682\libcrypto-1_1.dll
| MD5 | 89511df61678befa2f62f5025c8c8448 |
| SHA1 | df3961f833b4964f70fcf1c002d9fd7309f53ef8 |
| SHA256 | 296426e7ce11bc3d1cfa9f2aeb42f60c974da4af3b3efbeb0ba40e92e5299fdf |
| SHA512 | 9af069ea13551a4672fdd4635d3242e017837b76ab2815788148dd4c44b4cf3a650d43ac79cd2122e1e51e01fb5164e71ff81a829395bdb8e50bb50a33f0a668 |
\Users\Admin\AppData\Local\Temp\_MEI17682\libssl-1_1.dll
| MD5 | 50bcfb04328fec1a22c31c0e39286470 |
| SHA1 | 3a1b78faf34125c7b8d684419fa715c367db3daa |
| SHA256 | fddd0da02dcd41786e9aa04ba17ba391ce39dae6b1f54cfa1e2bb55bc753fce9 |
| SHA512 | 370e6dfd318d905b79baf1808efbf6da58590f00006513bdaaed0c313f6fa6c36f634ea3b05f916cee59f4db25a23dd9e6f64caf3c04a200e78c193027f57685 |
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\compatibility.ini
| MD5 | e50a617598b0f635e6f9ae4a9d445b78 |
| SHA1 | a372ec393dd6271bd00cf02f894152887765da8b |
| SHA256 | c9053fe76caf2607aa3043fa8b60070956198590dd8aab868145e0644cee30f5 |
| SHA512 | e851c226c38d4a6dfe43074d455fd75483d6c9b4d9521280a64f5b1913a055084d7764f13a8d0a12142a716a4031cc2ca4916c131d41c18a4d7a95128cb03bc0 |
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | f3f55cfed1db00a7ca5b252c8da9daa6 |
| SHA1 | 7d701244151349bee2e580e2b791b1fc47d0f402 |
| SHA256 | 630c7cb6f3d4fb4710faa84302294565a60a1ba723d331cc3002bf73f8d0431c |
| SHA512 | de13880db5aa19cc11562eed00bbf6109d21f1ab0825c97d10c35ce4044e1eebbf7b9fe47a712546cbf129fd75e33cc1f92656742194f01e8dfe652eda1e6f9b |
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | dff7c11471a2f55c9dcdbffacbdd24e6 |
| SHA1 | a86bf99113b0118aaeca6ff79a53d2b1a68b85a8 |
| SHA256 | 88a08a38f16810abfce451d234a6e02bf61a808bce1a897b6dbc399d0e1a90f5 |
| SHA512 | f56698f649e4b688dcc2bd4b4f573bcf5ef4a5464290f82766e5bfe35c9f85ca2d619f6800b86356c31b9d4875d8e46909a07166593da8cca5f612069d836b48 |
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\xulstore.json
| MD5 | 8d689c06cb844185099c0398a280537e |
| SHA1 | 57073c7526ec37e94bb9db44fedc6d50276f7a6b |
| SHA256 | 96729e9b38f216605ff10715f96f364be32f02e2de23ede7e74b78244605124d |
| SHA512 | 3c7df326c695143915df1068cb2c0f58e93e4881b2c4d94b33948b80e954fbd4cf944ae53b4d15002b79fcdb8e88f8e9cf4c89ca50f56b7cfd8a13ea7dd6fff8 |
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\webappsstore.sqlite
| MD5 | 41c22c9f81a84b1b0e5ee7ec2ff7c545 |
| SHA1 | d12424cba9e4e9124bf3f15e556c562b95c9b6a3 |
| SHA256 | 4ffdc78433817da79ad2e84b26a2ffaf62d8c1baf80421751d752c3d8723328f |
| SHA512 | 8b690c55ae0b25aeede62a09dea1ef6b7daa9880ca63c6d4ce192160daded05fe0dc44b115216ce10523e2ec45991873c249f159fe8608712818f5ead327897b |
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\times.json
| MD5 | 797325af481a14ae243f10d5f24b4a0d |
| SHA1 | 718b6ed3d9d839b8fe0a0e097b9ac5f5770ed5a1 |
| SHA256 | 1d70eaebce1c81e3241ae47deb92aab50f90dd8baa4c7cb5e9f7eb6b1e66abb1 |
| SHA512 | ac9aa2b028bdffe24831ba50894fb48eb70b100f6973875987e24f075a3e9196f96699667eb3a5d2e4f86041d510447c75fe6e55562813451712878a3411c3b1 |
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage.sqlite
| MD5 | 7f2754df6a4a580b15910f449892766d |
| SHA1 | 9dcaad98563ed89781f53941cbc43db5454de7f5 |
| SHA256 | d3765d63c380e5a79296d566b7869c08b1f4e079787176f29cf2ddcd76330654 |
| SHA512 | 25f0205a8c4aed02e9e1f9ecafffb36cb3bb795ef9f06cc12ede9e8b0459ae5b86573b3b4980b92073a59204eaf314cba34c03b99e90ab98f804fe378fe02839 |
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | ecb1dedf5ef99417494e424ca42eb67f |
| SHA1 | e2a293cbba50c6624e75cdaffe472967f3961023 |
| SHA256 | cccd56daa3559a54db61113fbdb5b6c96649cdd65b5cf14bd442c3f2e3b738be |
| SHA512 | 5ea0645775933d5bd2f913d58e344253a58578c920af95bd0fb81ff4f13a4998a919f0856ffdc97541abf9fc3797558b0f2467bc73214b63c7ce568ba87e550b |
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\.metadata-v2
| MD5 | 7abc816e004d9ed0f292770cfa8876cb |
| SHA1 | 4a1eeb702543f0819ef7c64b9f3bfd53be292106 |
| SHA256 | 2960d61c10694d76f29beca0eb96c06608cf4bbf479811449a39197e8580842e |
| SHA512 | 9883b894e65a426227ea9808b69e2259f206df76bd9bb9e7c0ebd7521acbdad0a92c4a531f739c93b1e53001eca8a1a42e122baa1e1885b11d4ba34aae24961a |
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\ls-archive.sqlite
| MD5 | d277f533f1d77e26d09bb66764bbeea6 |
| SHA1 | 082920ebe7dfb870cf94a99fc601fd5ae8b456ee |
| SHA256 | 3c957f8d69ccfe73b66c28d378bf301bb1bcb0ceb5c59ac0dafeb5787b24f3c3 |
| SHA512 | 510c78685b20a68160d9041d5a55a022a281fc0fd5777f978dc422d132961bf52ac23a0a95ca47b15715641ecb7a39b359da8d00d305c8543d553c00db54747d |
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | cbb1daad9fc48ab13e35fcd3621a5999 |
| SHA1 | 0eec8ece735465aea259f8223762f93fb13a97a0 |
| SHA256 | 8a03ae38ee38cf04dd9a5e2c5563bfd930886cae2170ed4200829288e5c155da |
| SHA512 | 818629d68123ae629bd5a1c7e768ed79707360457be1b7c50f7c59447bf9ee398fe78c925f037649d6b1ca529a9cf3bf8077b6f525f3e88142c56bc7e5451e8b |
\Users\Admin\AppData\Local\Temp\_MEI17682\unicodedata.pyd
| MD5 | 601aee84e12b87ca66826dfc7ca57231 |
| SHA1 | 3a7812433ca7d443d4494446a9ced24b6774ceca |
| SHA256 | d8091e62c74e1b2b648086f778c3c41ce01f09661a75ea207d3fea2cf26a8762 |
| SHA512 | 7c2d64623c6cfd66d6729f59909c90aa944e810ff6514c58b2b3142ee90e8660b7ddf7fa187389dd333e47efe8b19e935dd4e9119c15375b69b4880d043877d7 |
C:\Users\Admin\AppData\Local\Temp\_MEI17682\geckodriver.exe
| MD5 | 0c5db0eb17c8d3d150f83fe1f6f1cdac |
| SHA1 | c4ec34bd1ddfa10b7f9573bd8b78e2156df072a9 |
| SHA256 | 12fc60109b5babb7220ae9b1ba044c03362c14571ddbc0cdbf862b9cf099b716 |
| SHA512 | 5a7312adc507ac1c59ae543d06a943f01214b7e417e9f992beea3a3b782480c8806e42afa96e8eb66ce394a2b6b47052260ed0b509d08e7db0a64f493e85aee7 |
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\.metadata-v2
| MD5 | 2c740091198dcf20b9c600791e2bcc3c |
| SHA1 | dd6f376ba9139ddec20ece64da0760054133db96 |
| SHA256 | e39504c71ba91c438c682a8c83c7ecfc5410b853d7788a4c561a8c6e90bdbe59 |
| SHA512 | a677a432a4af6b5ad0131d224d2e4c999c2340a54ba770f9f39429fd28ad05a921fcf65a1b714af5deae2419abcf8ab38472e15f0f8758ccf7b7769a40bafffc |
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\sessionCheckpoints.json
| MD5 | 48fcad918c62db97e9af1dba1d131473 |
| SHA1 | d89381594d3241b0e645033f67572a5d8c166764 |
| SHA256 | dd8349e2789db1125b477971c5d445b6afb2f6ea3b57de65080631040900fe8c |
| SHA512 | 2278d074aab519859188b047c77fe7b4db718e0af237b63e06a1b095d7a1eb4e07d6ea59cab5d7b1325aae0047fadea36eae12a80bfefe112aab85fc18aa1ca3 |
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\search.json.mozlz4
| MD5 | b6d7fc9b6ebc5f46500acc52bf6c9808 |
| SHA1 | 4fd8111c436d89b83890e98b4cb7d0343e568340 |
| SHA256 | 2bd35c40d02dfca6c685a001287d89c1ec743b8d4d87a0a568c1cbd0b5ba4974 |
| SHA512 | 7e7111112af9448be4da527ae1d76ed93ec1e236dd00db63ff30d93d1f29cd699193e1e2635b110dda3ec36502c25065ef7d1613537451916ea301eb0f3e084b |
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs.js
| MD5 | 8565a303ddc83b03f8662b034597de18 |
| SHA1 | ce6453779eb52055599ddba097a95ab82512ae5b |
| SHA256 | b6ffe8a2973d7050fd5ffcf7ee1c995eef8d8dc5d58cb0a05a6ca0953bd4c6bd |
| SHA512 | 2b667252645b7f1202582beb353fbb2320f81b1f2e42a8327792309709434092a953727b222a5d81bac1482a547a498ca5c9d3d2c772858746cf29d18c684566 |
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\places.sqlite
| MD5 | 298e9a431569a0e92f05bc5842bf662f |
| SHA1 | 4368a26d11f6e851a0100e89d8bdd4e1bd7fc565 |
| SHA256 | 138a6552551731ff915a29123472423a322a6af3c660240c742cfa84726e53de |
| SHA512 | 70032aaa53bd3a9b8c1b3822901592b88f547809fab89297a44a997b152de054acd8eb5f22ab5ff7326fec266a28cbfa820c768c298cd31d58dffad3abe8030d |
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\handlers.json
| MD5 | e7a65c5ead519a7b802f991353c26d3d |
| SHA1 | 34cc3c1cf9bd4912dba5fa422010934e46419fa3 |
| SHA256 | 0e5ce92485da953757f615bad034a43032b220da18f8165dd85347851b56b2d2 |
| SHA512 | 2a6034449ba6f5da8a77870ae665064047cea2460aeb4c8c0b62b308a403fdd30648150209aecc31ab1e50b6d9d94a1f51d3d7d50bbf35ec1b742bff2dbe788d |
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\favicons.sqlite
| MD5 | eafb41f5645a7cae998d6cd243be6ada |
| SHA1 | fdb83d0ada365d1c95d68fa756ef28c30303e9b9 |
| SHA256 | fe7551d078fb3a6f56ce355138cf9e939ede4367cc65c8a78ebbd5acf913f963 |
| SHA512 | f971f408fd940e4e675e29aa694ce1b5394e4781cafd7c72843dd71d5ceeadcc9a89bf94ec6da2c1bb3d0137cd752db5622b4ad4c5af3a87c861fb84444aff42 |
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions.json
| MD5 | e2e8f9cf938f81b1185086b12c5c9d90 |
| SHA1 | b67c857a7002b3262f09ffc9fa8524c58a01e5b9 |
| SHA256 | a053bba02f38179197090a9a9849aab872af5b09dc61b2f69efb0d8ea2d0f5e2 |
| SHA512 | 3bab571f5c43ff72ce1dd654b584d053cba937a3d3cc4d07cbf57ac7acc821b199b90fab66abc62dbe32e75297143c810c995d87df076e75a583e321d081d87f |
C:\Users\Admin\AppData\Local\Temp\tmpe0nyo3u5\webdriver-py-profilecopy\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
| MD5 | a3fb2788945937b22e92eeeb30fb4f15 |
| SHA1 | 8cade36d4d5067cd9a094ab2e4b3c786e3c160aa |
| SHA256 | 05b98840b05ef2acbac333543e4b7c3d40fee2ce5fb4e29260b05e2ff6fe24cd |
| SHA512 | 4897aefe3a0efffaa3d92842b42fe223f0b9882031a65bea683f4554d1fec92b8a66ea15c67e9b95c7fc12991cde3245010ccfb91768ba233711ced3412c13bc |
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extension-preferences.json
| MD5 | d2e8aceaa00ad916618bea2eee81aedf |
| SHA1 | 28b26f0db0b4b2504a418983089795761c56e4a1 |
| SHA256 | fc52b830f384921b69b457fed04dfb4239fb08e9fe7d8ac07c4c269bd9f6f622 |
| SHA512 | b6cb1f872dfc024d28524976aca3ad8840943ca0fc212326e8b6ee6fe0a57d5120a6c1da824ab70d7f9ee8dd674bdd32ace038db4d893b893830bf3267c6e59d |
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\datareporting\glean\db\data.safe.bin
| MD5 | b1c8aa9861b461806c9e738511edd6ae |
| SHA1 | fe13c1bbc7e323845cbe6a1bb89259cbd05595f8 |
| SHA256 | 7cea48e7add3340b36f47ba4ea2ded8d6cb0423ffc2a64b44d7e86e0507d6b70 |
| SHA512 | 841a0f8c98dd04dc9a4be2f05c34ecd511388c76d08ca0f415bfb6056166d9a521b8bc2c46b74697f3ecdac5141d1fe6af76dd0689350caca14e9f849ee75a8b |
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\cookies.sqlite
| MD5 | 5caa766855d5613a999f71b7812d6451 |
| SHA1 | ad0d9a52a0d5cc7f11858301dbe47377ed99ee37 |
| SHA256 | 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27 |
| SHA512 | 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba |
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\content-prefs.sqlite
| MD5 | 2ec530a71bdac21f299f9ddb823be222 |
| SHA1 | 5425aaf19c0832cda06be506e88f2435f432d287 |
| SHA256 | ccad2cafe84d27b3be67a87f0e32b7670e451c7ceefce6f2aa38f658976334b3 |
| SHA512 | 94eec8b0f59c68331d9187dd4dd4aa2b2c31d844e72bf707cd9e0c7c72c64982a3babcacf3d09a996422281ac5479ee304b41a577e54a74308d7a31a7d7091d4 |
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\containers.json
| MD5 | 26dd091069531a62061de8ca1c56d46b |
| SHA1 | 6c9daa73f096174f28f86c9bb245cb8a540f5c2d |
| SHA256 | 2cde4e7f9f1c6ab6fcf729370237845c72314a6c6d942fab1989f37e6c610a9a |
| SHA512 | 180d42c642f5d1126efbf89af33f1b4d1aa936aa530834b508eabcf3ec845aad91daa871ee6517e1181910f5720edbc3788d6a4b2455f1255d7b52b95de2d66d |
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\addonStartup.json.lz4
| MD5 | 85de06e3d4c6f39404776f3c7162c59b |
| SHA1 | 3e4b8ecebaa9c903d220ee23d367be8e8ba27619 |
| SHA256 | 33d83687f45f4dbe12db0a0ce697cbce2c228d71ed474ad10a839ff7ce95012a |
| SHA512 | 6cd4cac7bd74ac01de30d242b2bc75e7dc2e23c0871250ae8176cc947553dbfc702a2392380acdad6bec355aea6dfa95708af54c560330c36c05bb0f34169963 |
C:\Users\Admin\AppData\Local\Temp\tmpe0nyo3u5\webdriver-py-profilecopy\favicons.sqlite
| MD5 | c8b513740236fd5e2c42cd68a7cb4006 |
| SHA1 | b0a8633be6a4f2cc7294a148ead5a07e42b132ec |
| SHA256 | abb20247291fbb197afea2b89bdeff233bff926de58afc91284f42072c43b3c3 |
| SHA512 | f507f161fa66ed09dcdd3185e3642f0eef837fa0c0889e712f55e40da1ac46a682e9ba948ca8860d653d7ac7ab70881d07592e3fd1c13f72da55fe0d43d1c0c3 |
C:\Users\Admin\AppData\Local\Temp\tmpe0nyo3u5\webdriver-py-profilecopy\places.sqlite
| MD5 | c887ddee86a256ee285a0a08b0f2ee92 |
| SHA1 | 2a8d30adf798f2a558567174eed00083bcb1983a |
| SHA256 | d5d8152cf37a5144033d6e620a66acb14ba1f1bf4f33bde0055f5ea9efc9b8ba |
| SHA512 | 0035cfc296a3ebde627ec851639efb9977e0a7b0f50363bb91ab7e5b64f5087b54de681d9bc6c8e4ed950af5ce60760db662044c6e0c6cdc22bfea1c1d645123 |
C:\Users\Admin\AppData\Local\Temp\_MEI17682\Tor Browser\Browser\firefox.exe
| MD5 | 65aa9b0f57d72e4d70e9226322221adc |
| SHA1 | 85fec174d0977afd8c0100c9d9b53c958e1949bf |
| SHA256 | 51b63860fd996d6d5b1753ba6bb7f3a4303f13187fbfecc96ba2b6bae52a7410 |
| SHA512 | f84416a5e9293b8b82993e9424b13d5bb8542d1a379d04f498b60f0b5805626b7c97bcc6f86f6cfd33031b0d65d0ad23ce6d836995b5a481ed29f62ef89b2c85 |
\Users\Admin\AppData\Local\Temp\_MEI17682\select.pyd
| MD5 | e21cff76db11c1066fd96af86332b640 |
| SHA1 | e78ef7075c479b1d218132d89bf4bec13d54c06a |
| SHA256 | fcc2e09a2355a5546922874fb4cac92ee00a33c0ed6adbc440d128d1e9f4ec28 |
| SHA512 | e86dba2326ca5ea3f5ef3af2abd3c23d5b29b6211acc865b6be5a51d5c8850b7cda8c069e6f631ac62f2047224c4b675bbe6ac97c7ba781de5b8016ebaffd46f |
C:\Users\Admin\AppData\Local\Temp\_MEI17682\top-1m.csv
| MD5 | b58bc1699f12cd6f5703e2af300807f0 |
| SHA1 | b0e76b91c811586a6055fdc339984eeb9e8bcd77 |
| SHA256 | ead0c526b160ad6b8d30ee0851f2df0e2a52e55285afe154ffac8e5b80588b24 |
| SHA512 | 3127bce4d91c4e7e5ee47e99748a5253cc8e9e3135f7450b01795b42c18e5d3fc698eaae7e547af7c5ae6f73dd4c8aed7d5a83ad0a93c19070fcae0e0b1c64d0 |
C:\Users\Admin\AppData\Local\Temp\_MEI17682\pyexpat.pyd
| MD5 | 2ae23047648257afa90d0ca96811979f |
| SHA1 | 0833cf7ccae477faa4656c74d593d0f59844cadd |
| SHA256 | 5caf51f12406bdb980db1361fab79c51be8cac0a2a0071a083adf4d84f423e95 |
| SHA512 | 13052eb183bb7eb8bb2740ff39f63805b69e920f2e21b482657a9995aa002579a88296b81ec415942511d2ed146689d1868b446f7e698e72da22f5c182706030 |
C:\Users\Admin\AppData\Local\Temp\_MEI17682\nss3.dll
| MD5 | c41186be6dfeab0f5560925d513e76e0 |
| SHA1 | 95cef9187d4b3a402a5eb69ddc94e09c8488374b |
| SHA256 | c97e4243863fa797372049dfca6953077436c0bbe9d0f28fa6b4c114af2ce827 |
| SHA512 | 1a1e52028cccf7ad85f1a0281c1efa13b441041599b1d08a64b0e93fa2ac23d892995ef19bf3da2fc6f3d5a244d396fdda110ffbc10e715e763ff900854bb1d5 |
C:\Users\Admin\AppData\Local\Temp\_MEI17682\mozglue.dll
| MD5 | 500873bf52d38268fb29e69bc4d978ad |
| SHA1 | 5aa1eebc1dfd4b71d2c4cdc5a78ae9469f477d3f |
| SHA256 | e08d53dab75d57f2861246a726ba79da5047e19d5e61d56981e71f625303c690 |
| SHA512 | 03e7ec4382f394a1e1fcc2a0de64ad86da1536037e8820644198b351707ed7d5694495ac09a458d76b3c11a3aa1a5f7546ce411cf49955dbf3f14e72c36ca71d |
C:\Users\Admin\AppData\Local\Temp\_MEI17682\mozavutil.dll
| MD5 | 4ecbb73d44518fc2b601a1ac9a38dcad |
| SHA1 | f7c96e85d5b32af8efb784e75164ec4f0c6f4f10 |
| SHA256 | 7f629ecfd36353139e9b067dc5ba84b411ed74132aef01b4430ccb016af46a52 |
| SHA512 | 12946996b2bdd87dd08cf046b37ff21dc23ab336c92d2b42cfa2000743c79524205004623b67505294080f60f9b5433005457f8a385e0461cef2cded6aa3d610 |
C:\Users\Admin\AppData\Local\Temp\_MEI17682\libcrypto-1_1.dll
| MD5 | 9745a302ba079a1da099ca5bb2d29e67 |
| SHA1 | 1180e5767cd3a3db0b482c351fb3b0731c79139d |
| SHA256 | c3a6a2661986fea8dfadf20fa682ae75a7f779e8465742079d37a2d7a2152380 |
| SHA512 | dd2ab9d7cfd10f4b1228910a2db481060f2352fba78b95d193b915b2ef601aff421f662b7c446717ff4a279299b5c319ac74ad16d1493fd9f026602dfa748de4 |
C:\Users\Admin\AppData\Local\Temp\_MEI17682\lgpllibs.dll
| MD5 | 726abf1280adf3129481b94b2bc644c4 |
| SHA1 | 404f69e71296f2d199535e8a6d9fb56707fcbc5f |
| SHA256 | 8969747ecb7dfd4a6dcb9150017e14ebbf90ce558f6fb469f6b558d039e9259a |
| SHA512 | 160b57aa1a28ff35210cf958fd7821aa2cc1cf6fca1ea38d768fa90111826b096518363b00b6818d21743aefd6bbbfa358fbe2fe3afa95edacb330a747c6e5f3 |
C:\Users\Admin\AppData\Local\Temp\_MEI17682\geckodriver.exe
| MD5 | a828b1ae8ac0eaf48a27e278ec08f3d2 |
| SHA1 | 56b2ace518b895664547ffa1d29b4816b1db7027 |
| SHA256 | f6cd909f38dc36aefc347a1b35f9d4f47502e22355d2af30489e858c865a4938 |
| SHA512 | b0be97c4b29ec45a44fe2e9d80b8d9aa116cb292fb29ee05d4cd02cd5fd9849c0a8ef21514e463d7554ae550c93561c1061bb6981417fb2d4d429ecacb2903b5 |
\Users\Admin\AppData\Local\Temp\_MEI17682\_lzma.pyd
| MD5 | cf9fd17b1706f3044a8f74f6d398d5f1 |
| SHA1 | c5cd0debbde042445b9722a676ff36a0ac3959ad |
| SHA256 | 9209ccc60115727b192bf7771551040ca6fdd50f9bf8c3d2eacbfd424e8245e4 |
| SHA512 | 5fe922c00c6f7fd3cd9bc56fc51de1f44adffbdb0afc0583f1bb08008be628b9ac16f8560b0c3ba16138e1cdcaf1c525ef24241bed804804cdeb5961aed6385a |
\Users\Admin\AppData\Local\Temp\_MEI17682\_bz2.pyd
| MD5 | a49c5f406456b79254eb65d015b81088 |
| SHA1 | cfc2a2a89c63df52947af3610e4d9b8999399c91 |
| SHA256 | ce4ef8ed1e72c1d3a6082d500a17a009eb6e8ed15022bf3b68a22291858feced |
| SHA512 | bbafeff8c101c7425dc9b8789117fe4c5e516d217181d3574d9d81b8fec4b0bd34f1e1fe6e406ae95584dc671f788cd7b05c8d700baf59fbf21de9c902edf7ae |
\Users\Admin\AppData\Local\Temp\_MEI17682\_ctypes.pyd
| MD5 | 291a0a9b63bae00a4222a6df71a22023 |
| SHA1 | 7a6a2aad634ec30e8edb2d2d8d0895c708d84551 |
| SHA256 | 820e840759eed12e19f3c485fd819b065b49d9dc704ae3599a63077416d63324 |
| SHA512 | d43ef6fc2595936b17b0a689a00be04968f11d7c28945af4c3a74589bd05f415bf4cb3b4e22ac496490daff533755999a69d5962ccffd12e09c16130ed57fd09 |
C:\Users\Admin\AppData\Local\Temp\_MEI17682\base_library.zip
| MD5 | 2953eae4b9bccffa772d0f47d26d3355 |
| SHA1 | e7edad0c368cba096effeb867be315a1218b416b |
| SHA256 | 866e571842ee26330002d42161c392840e52c3744e3fdbc7c1b1381a1b8de52b |
| SHA512 | e6ccee2dab67ec7a019d102713c06f6f9e6753e5e4b5da82ef551b50f177fb8f44c8b6b2dd6759228395a18e8a97a03870707044e6417615b849c46b621d6c56 |
\Users\Admin\AppData\Local\Temp\_MEI17682\VCRUNTIME140.dll
| MD5 | 4a365ffdbde27954e768358f4a4ce82e |
| SHA1 | a1b31102eee1d2a4ed1290da2038b7b9f6a104a3 |
| SHA256 | 6a0850419432735a98e56857d5cfce97e9d58a947a9863ca6afadd1c7bcab27c |
| SHA512 | 54e4b6287c4d5a165509047262873085f50953af63ca0dcb7649c22aba5b439ab117a7e0d6e7f0a3e51a23e28a255ffd1ca1ddce4b2ea7f87bca1c9b0dbe2722 |
\Users\Admin\AppData\Local\Temp\_MEI17682\python38.dll
| MD5 | c40c36a527b224a242b22a301df7bf0c |
| SHA1 | 41099f8b597e5ba6f4e7b8cdac655fa432a5ee28 |
| SHA256 | 68cc16d68ad3cc8632942005625dbf23aa90b9a00c18ebe83981f66c8a34830e |
| SHA512 | 97008b6af13408d061341a881a1285b2c810dedc30948d0785e19d25526320ef9304170572c637d66d9c7470a9dd007f1a8417305d9e63fe0ca8c3ca5b537e50 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilekJuz44\extensions.json
| MD5 | f3f89d85461f1ef9060bffafcb62a40b |
| SHA1 | 6eeaf2aa374bd3a3090262725d828c27763d3806 |
| SHA256 | ce55be5f1c39e6bbd5dfbfb7e91a638c9ac65e23211c7e7ac6473ced82d682b4 |
| SHA512 | 53a8e64075273cfade846e2e6dd3c9aa9144ea8d2a99ab0e0d2f6dc043f2f0bb379607ee3b6c66de6dbb780cd79ee535f36eab2396b2dc891b9fcb6098a94412 |
C:\Users\Admin\AppData\Roaming\tor\cached-microdesc-consensus.tmp
| MD5 | 5f9be6b584bc3d9efc1491e71e1cc0e0 |
| SHA1 | 80b14aa244578f2857f128411962adac06527b00 |
| SHA256 | 8147f1949f6ddc5c9a4bc359969118b9cb2ba2fb6631625eb97eb01112ba5a5d |
| SHA512 | 25f37a2ba795ef3e030476f73f08358bc995a3e0bf4c56ceaa5b6b9fa7bc348813480bb7298e08120955581d2989496e362f831d0e3fa09843b50bb6ae4323cd |
memory/5108-575-0x000002656D4E0000-0x000002656D650000-memory.dmp
C:\Users\Admin\AppData\Roaming\tor\cached-microdescs.new
| MD5 | c11f0dc145da56001a2ace3818bcc816 |
| SHA1 | 7c93c37ecc25088b6b724d135b85eb4df843ace6 |
| SHA256 | 1b87653d1ccffeafa890ea36f2e30831321bd044c91403a41556e0c0ffa81f5c |
| SHA512 | c9bd24e210974fd4971817f28dac5a8a8927e8ec4f51bde22a786da66bc2ab533e2b0a6f24da879ed2f2c5ffeeff1b2b905746235b74eaa933f69c3d1b5d61ae |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilekJuz44\prefs-1.js
| MD5 | 1b15ac9bc2e935d6d5289258a05c7ebe |
| SHA1 | 179cd1a0be55bbbe1f74b3175f18f52658eec10d |
| SHA256 | 3b0dee5f1aa015eccf56cf2ba0899662d76fc4b37c2624270747f6132f9c1cd8 |
| SHA512 | 25a4f9b7b0795ba9c4469caac7dd41d1b801575835da19d1dc68d3b8e964cdb4ca2ca4c35f1ab1c22728010ae506a23a8fa374cbb655cdcc70000f793e925379 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilekJuz44\prefs-1.js
| MD5 | 1f821a9ce01a4693fbec5510f232a3f6 |
| SHA1 | 734a4117133a354d9bc457a896ed241d6f0c246f |
| SHA256 | bf935b63a370391ccf399adb4efb73847447690849b53488ad5b85ad2c791d11 |
| SHA512 | 33cf5ce757d8273e63e3daeb33cb4d4ffa4935fc588c2f8a61b01ce954bcbb8bb9983095ba12ecba25a474ab2c93f024ff78293b0c4c090f6a5d3e6ba075a551 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilekphdje\sessionCheckpoints.json
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilekphdje\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
memory/5012-838-0x00000292C83D0000-0x00000292C83E0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilekphdje\extension-preferences.json
| MD5 | b4298c9a240d6b7b63346daf94013802 |
| SHA1 | 9ce98168437854b51b198c16186c05129f0c273b |
| SHA256 | e120cdbe8994b9c61e74492f0fad161abb5b4e18f64d4b786a8c245ae5a384d5 |
| SHA512 | 545becc42b35be10b4c24fdc38ef6b664d167e4288111f31478f476c2c06794efb802ac0fa2b782cddea1283d295a56053e96520b033258bd596ff6fbb4f1b4c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilekphdje\startupCache\webext.sc.lz4
| MD5 | 2de7cb20e9d3f41175278fc48b61fea6 |
| SHA1 | 8d99273629e1691b1878b54c9fe843c3456dfc3c |
| SHA256 | 49a3cb75e3cbdfe0c1fad8b78c7037d5916b9ef0215d7cfc5fbfdc698d0c721d |
| SHA512 | 0ddb204e739f45a977f90987546f951053bdfcefc65e09ec076a78513716dd56ca48d4bcba0e9dc792efee1f2a89aefa90bd12b6efb370af95d8b4d42d2031ca |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilekphdje\prefs-1.js
| MD5 | 70ae42789ca2c1ef94d31e6d9ddfd9d2 |
| SHA1 | 63478eb18e516580e9f092b66566625d8419dc14 |
| SHA256 | 50f603db5180e5e9ff8532e1be7c02362f43300e148754bc35ac0c9f4a2b7b1f |
| SHA512 | 572720de408c8df2c421643c55e44084954083fbbd615f6c27d29c3d19b55b163e483fedec318779e58981af69db2fafee10980fd4faccd3be5bfe0606c25d6d |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilekphdje\broadcast-listeners.json
| MD5 | 97c3738563a9448365a735f5f29ed3d5 |
| SHA1 | 15a81433236ca6e6ecc4e1c8d0fdb8523b265c57 |
| SHA256 | 63221253f5c30efa214c2cd2adcf51a9c9f9a2c05f119b00a51c9579825c2c24 |
| SHA512 | ed98f42d5d02ab53a9e50f80b312bed4b5d05d053bec582cf9d619ef91251e86cf4f4d1123c645500fc1dc4673b49a8b7badd3f3a39f565ac643ca4fd0157ae6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilekphdje\sessionCheckpoints.json
| MD5 | 99601438ae1349b653fcd00278943f90 |
| SHA1 | 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9 |
| SHA256 | 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a |
| SHA512 | ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilekphdje\sessionCheckpoints.json
| MD5 | 65690c43c42921410ec8043e34f09079 |
| SHA1 | 362add4dbd0c978ae222a354a4e8d35563da14b4 |
| SHA256 | 7343d5a46e2fca762305a4f85c45484a49c1607ede8e8c4bd12bedd2327edb8d |
| SHA512 | c0208d51cf1586e75f22764b82c48ecbb42c1ff54aa412a85af13d686e0119b4e49e98450d25c70e3792d3b9c2cda0c5ab0c6931ebaf548693bb970a35ae62b9 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilekphdje\sessionCheckpoints.json.tmp
| MD5 | 29ce37dc02c78bbe2e5284d350fae004 |
| SHA1 | bab97d5908ea6592aef6b46cee1ded6f34693fa2 |
| SHA256 | 1bfee61e2f346959c53aa41add4b02d2b05c86c9f19ffefe1018f4a964bf4693 |
| SHA512 | 53a9eb746e193c088210d8eaa6218d988f3a67ee4cb21844d682ff0178db040932404f5ce2f3cf8b4576313ba0ec33c04ca288c3412bfa5df7dd8230cc2068bb |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilekphdje\sessionCheckpoints.json
| MD5 | 2d87ba02e79c11351c1d478b06ca9b29 |
| SHA1 | 4b0fb1927ca869256e9e2e2d480c3feb8e67e6f1 |
| SHA256 | 16b7be97c92e0b75b9f8a3c22e90177941c7e6e3fbb97c8d46432554429f3524 |
| SHA512 | be7e128c140a88348c3676afc49a143227c013056007406c66a3cae16aae170543ca8a0749136702411f502f2c933891d7dcdde0db81c5733415c818f1668185 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilekphdje\xulstore.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileU9SfiC\user.js
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileU9SfiC\datareporting\glean\db\data.safe.tmp
| MD5 | 7d3d11283370585b060d50a12715851a |
| SHA1 | 3a05d9b7daa2d377d95e7a5f3e8e7a8f705938e3 |
| SHA256 | 86bff840e1bec67b7c91f97f4d37e3a638c5fdc7b56aae210b01745f292347b9 |
| SHA512 | a185a956e7105ad5a903d5d0e780df9421cf7b84ef1f83f7e9f3ab81bf683b440f23e55df4bbd52d60e89af467b5fc949bf1faa7810c523b98c7c2361fde010e |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileU9SfiC\datareporting\glean\db\data.safe.tmp
| MD5 | 63b1bb87284efe954e1c3ae390e7ee44 |
| SHA1 | 75b297779e1e2a8009276dd8df4507eb57e4e179 |
| SHA256 | b017ee25a7f5c09eb4bf359ca721d67e6e9d9f95f8ce6f741d47f33bde6ef73a |
| SHA512 | f7768cbd7dd80408bd270e5a0dc47df588850203546bbc405adb0b096d00d45010d0fb64d8a6c050c83d81bd313094036f3d3af2916f1328f3899d76fad04895 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileU9SfiC\startupCache\scriptCache-child-new.bin
| MD5 | 2724d7dd31542eea53805994d9290cd8 |
| SHA1 | 7b5d8536b060269d79848eaa6e2362333bc0f8ec |
| SHA256 | 72f0d983fa1c2017f7402b19caf50305d7bd8001ed4e7797bc3dc0528f3081a1 |
| SHA512 | 6ea98f95ca46f2b83081b546bf6238de11a829853105233bb29cf9ceeb69ace8c69ae90e94c9b5143f91f05713cfbf82f63265733f6233ecf5acb867758c1ee0 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileU9SfiC\prefs-1.js
| MD5 | f17e45f43420089dee5dfe5973fc427f |
| SHA1 | 560ada3b2ea07deb30a2f199797bade4eebfb790 |
| SHA256 | cb70db1f3a8e159acfaa01db5d947474cd1cd495ca577cd7418c82f3650a501f |
| SHA512 | 2adee6316e9b134a41ccb5636bca527c71e7b44b346439c1e2ccbc4d8bb6e6f66dd53ac57f715cad33c53a3f49b1fa45912df7a868714d94716853da769ac56c |
memory/2444-1342-0x00000223F1070000-0x00000223F1080000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilef4eqcz\prefs.js
| MD5 | d5fdc3c867ab55beb53f2ee592033a6a |
| SHA1 | b7cfd5056f4649110650c5ae8ee1634813366d48 |
| SHA256 | ee1a04ad12315f02cef01067bb42377be6b33aa885928c8b0157daae2e8ea45e |
| SHA512 | 61572cc33b2b46f44b371594656a3285d119647d31af867969e30bfe047ccb78b42ff512236c6ec2ca5dde32d35df449a853f418e97630ea696099ff5af238a0 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilef4eqcz\prefs.js
| MD5 | feaa99475e25137d42bd7f1b59963e51 |
| SHA1 | bba267259f69d9828bca0db7e7e03e273edd41d3 |
| SHA256 | a1b8622546d4e2874887cfd36d78727982fe4d1bec6b9525c6ebf04dfd34ee02 |
| SHA512 | 9835233c7233c36f618b8566c6f29eb0953eda34b159ba9b52bfbb72e24353a6a411c4fba7dfc69f1d8cf88fbb489a0a3fb2c4dde681c44723654cba8764b785 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilef4eqcz\prefs-1.js
| MD5 | 4a12a5723d11c217b555b661c8d48d93 |
| SHA1 | a9354356dfb8115a70d46d305ef530cd2c192e1a |
| SHA256 | 074e6008d9d55bc2d4c55f094ca714512b5914bd75098561dde607bcf4ef2647 |
| SHA512 | 0eed867721ff1239ea43046585b799a7237af17723980514a23914f2ee3f0f2afbfa59d834ae8d98205364b7aab399f08129e1c16f43e41729b3467123bb3bed |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilef4eqcz\prefs-1.js
| MD5 | 4d514a73e4bb7377779cda0ab4912ad2 |
| SHA1 | fdb3928688bb55701fb7e54ebc08d5c452d9b66f |
| SHA256 | 674b2ace0bfd9433e9212bd5ee67a8a34e3ba8ad25bad96df7b8b017e05761a3 |
| SHA512 | b5242f7418f2c76ed4cc4988cbb5655346427a522ca3f5778c996c9d245f8a704882d6be50b0b98b1d3d9910a65007755b0d7beb5af3126affd5a3c63ede0061 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile3zcHGK\compatibility.ini
| MD5 | 33b6d3a4a38677a8dc28756823d328ab |
| SHA1 | 557e8f4f74e4bab46368b36873c534709491614a |
| SHA256 | 8e01c0d78ae1473d5be2b707a5783bd920cd786f5cfd81d1e82da4c622e9acf5 |
| SHA512 | 5b603a7fcba741b1a38f22a44926fd87deb015a2d0a433bdbb7fa67e7e92ae640db43dae7655a32809b23f54d68bbec83ed55adc2bb3ba95d6f178b70f83dd88 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile3zcHGK\WebDriverBiDiServer.json
| MD5 | 9a67ae82d235120f39c697257eadfebf |
| SHA1 | a82d5409dbda1f3c5d69b7d2c298c0f4a2afb34f |
| SHA256 | 2f18d89da280aa8b6b54c71f381d916d2b0737030bf45e4dcaea1fea553bf325 |
| SHA512 | eb3657be34dc5297986b65283b1610a663834b394e84798f7090a4cc81da9aee0fc6016dceda7da9cffd820d80b6bd2ba9d13683ec983e8325ef4786fbb03506 |
memory/3180-1634-0x0000026322AD0000-0x0000026322AE0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile3zcHGK\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | 7688856f4b607076ae8f844b0d2aa417 |
| SHA1 | f4a6224c857851a8f221af144a1b39f23bc59b88 |
| SHA256 | 5d3a1a97d040633ead3a07ff6cd706093b032796086f39b47c644131778d311c |
| SHA512 | 96a77d69e135760c4c2672e7a0610e4ddab773b3847af4a68ce91130306c61b71a6a925ac1d24289ab878761467a35c10169dca8f836be43fd0d2bb21d881e84 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile3zcHGK\prefs-1.js
| MD5 | 63a7174ac2bdce8c818c499916bffe39 |
| SHA1 | 82f2d0daa2e55e224f80bb736ee03766873dd0aa |
| SHA256 | 81c1337e2febec8d493dc216fac6e8b3805685c401ad2236f35c777b95baadb1 |
| SHA512 | 816b9048d0fb0364802940d5d43099ce0e0d7cad2d5efae659da008fcca5429cc527fcea1644c6bf06f2f89aa92144e9051fdd921b745c8975d659c3e21858c6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile3zcHGK\prefs-1.js
| MD5 | 62c461784601c0547ccd390134a3e5a2 |
| SHA1 | ee32805613300e40bcfdc8d7228723e1923f9a86 |
| SHA256 | e2b60be1c5df2bf6b662b00643bbd05e24210dad9b8888c91e063b2cce5f817f |
| SHA512 | 3cab68b9396a166dd7ee1bcfd9d6a95e180c5194a88277daba28efeebbd58f7c915801531a646899f51a7b9fcb52ed8ce88eb06a0deee7ea54187bbb98694cd4 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile3zcHGK\storage-sync-v2.sqlite
| MD5 | bff4d6361e4126d963ab7dffdc7550ce |
| SHA1 | e2660c2f00b0aef4a81972c6a6093935d5aa40d5 |
| SHA256 | ad0828e5ff9d4188151772cd9af85827a431d122901486590c5734b62b4af2d2 |
| SHA512 | 8d967c085d343d50a76cf14e88ed2fb742a7195034ddbaacd57d2c47abf0218a5f6878528a8f37c8f3b61496f61b5e254d205003af87a3cf156ba12ea59f65bc |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile3zcHGK\content-prefs.sqlite
| MD5 | b15425d1f21f5708184e35493e63c8a1 |
| SHA1 | e944c1fdf56a3f6a5150b77980e89d48c7b57be2 |
| SHA256 | 7a9012d1846763fe9dcb059035972a023ec29f2b9c03f865f0a6f6df6ef2a6c0 |
| SHA512 | 6b54e30e0a060261bdac98ef818d1053fbabf0d6b8a17efc729942729ed6e6dddb29063b079ddb1dcd1b4edfc85a0311cf821b4b3291372c834a00733456423f |
memory/3352-1906-0x0000021F4A800000-0x0000021F4A810000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZIx2bW\prefs-1.js
| MD5 | ec7dbe367122b3e2cf37ef00fa0d7d99 |
| SHA1 | 591f692e015d7f263ab72ea58fb04c790e6dcc88 |
| SHA256 | b000353ad6a94228080c4982a89f26caea8932a12b105f26961b80640c8fb2e5 |
| SHA512 | b5fe520714a64df1dabd50290d8f470fbc42f1fb1aeee571e20b9e6fa937ca6d99815fa44e2a6e8b0ea5a97e06dd2be4493c1095d8f4de373d9170c731b03903 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZIx2bW\prefs-1.js
| MD5 | c5eea960b444c86d62c33c90bc453d31 |
| SHA1 | 5b88fe31b3e2ecd7bd796421400b0d4dff49a04c |
| SHA256 | d21484b24541b17a896c66ae3f0b76227b372e544a0612c2d6c626f3faf8cd80 |
| SHA512 | 74579d02ca71dbc86aad6f2bbc7631ca17bf381075d145e08eb4655b7701ef91aee221a927f4739849e82294d2c5672ea2ca8cfc36859a0181396dde61fe0960 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZIx2bW\prefs-1.js
| MD5 | 09523c35c90f534d8fd8c2e39f5785ca |
| SHA1 | abe274103904710029b8a92378ecde04d755a2c4 |
| SHA256 | bcd316d3516ea0c516891714bdd7cd6061251d4899094865d8bcadc53fcedbd7 |
| SHA512 | 3b1b04e91acb2b9e951bfd1ba51cce8120acc9fb1b66ecd9392128c1082b094da4c8a5b5b7ca961f993bd1a68d6afc8bd7dbcbc0b32ba65d0b321bc053dbaac5 |
memory/4128-2194-0x000001F6B66F0000-0x000001F6B6700000-memory.dmp
Analysis: behavioral2
Detonation Overview
Submitted
2024-05-09 01:55
Reported
2024-05-09 02:07
Platform
win7-20240508-en
Max time kernel
298s
Max time network
306s
Command Line
Signatures
Executes dropped EXE
Loads dropped DLL
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "ver"
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\TorBrowser\Tor\tor.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Users\Admin\AppData\Local\Temp\_MEI21962\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI21962\geckodriver.exe --port 49467 --websocket-port 49468
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 49468 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileKq4gk6
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 49468 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileKq4gk6
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe" -contentproc --channel="2652.0.716967490\607485300" -parentBuildID 20240416150000 -prefsHandle 1236 -prefMapHandle 1208 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\browser" - {9c2abc61-1894-4ba9-8f15-efa18a353f8d} 2652 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe" -contentproc --channel="2652.1.2017806138\34600518" -childID 1 -isForBrowser -prefsHandle 2192 -prefMapHandle 2188 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 820 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\browser" - {7944d663-ca73-41fb-957c-c51573831c1c} 2652 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe" -contentproc --channel="2652.2.1511817910\856280387" -childID 2 -isForBrowser -prefsHandle 1968 -prefMapHandle 1948 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 820 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\browser" - {0c135542-0e0e-4869-a337-c607ee0d6772} 2652 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe" -contentproc --channel="2652.3.1705431039\406378735" -childID 3 -isForBrowser -prefsHandle 2612 -prefMapHandle 2608 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 820 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\browser" - {df62ce08-336f-43b8-90f3-7e267199cd61} 2652 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe" -contentproc --channel="2652.4.1520121935\24046881" -childID 4 -isForBrowser -prefsHandle 2652 -prefMapHandle 2644 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 820 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\browser" - {cecc28cb-bedc-45a1-89ab-c522ec7f0e9d} 2652 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe" -contentproc --channel="2652.5.2013399404\1077336642" -childID 5 -isForBrowser -prefsHandle 2952 -prefMapHandle 2956 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 820 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\browser" - {04c5d39b-e59a-4c51-a4ca-ac8a1c1fcde1} 2652 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe" -contentproc --channel="2652.6.503910775\319232042" -childID 6 -isForBrowser -prefsHandle 3116 -prefMapHandle 3120 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 820 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\browser" - {5db4d25c-e2d0-4730-8ab6-c1707029a93f} 2652 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe" -contentproc --channel="2652.7.1831790878\1022326159" -childID 7 -isForBrowser -prefsHandle 3184 -prefMapHandle 3444 -prefsLen 25412 -prefMapSize 245849 -jsInitHandle 820 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\browser" - {3ad03488-908a-44eb-a44a-d81f1999b4a9} 2652 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe" -contentproc --channel="2652.8.391645109\99791521" -childID 8 -isForBrowser -prefsHandle 3024 -prefMapHandle 2872 -prefsLen 25456 -prefMapSize 245849 -jsInitHandle 820 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\browser" - {2672bbac-ab1e-468b-aa88-fd1f595f13df} 2652 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21962\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI21962\geckodriver.exe --port 49467 --websocket-port 49468
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 49468 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilenAGR03
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 49468 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilenAGR03
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe" -contentproc --channel="1600.0.1391340828\1277189654" -parentBuildID 20240416150000 -prefsHandle 1196 -prefMapHandle 1188 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\browser" - {ef515c17-d2fc-4d9f-9796-1e4e715ec43e} 1600 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe" -contentproc --channel="1600.1.1139086892\1326825800" -childID 1 -isForBrowser -prefsHandle 2184 -prefMapHandle 2168 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 584 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\browser" - {25fc43f3-b727-48cd-9c29-1fbb14cb91fe} 1600 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe" -contentproc --channel="1600.2.380580247\285133514" -childID 2 -isForBrowser -prefsHandle 1728 -prefMapHandle 1852 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 584 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\browser" - {978d4f66-f1db-40f8-88e8-1f67ef5abbf9} 1600 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe" -contentproc --channel="1600.3.971679126\2008882774" -childID 3 -isForBrowser -prefsHandle 2460 -prefMapHandle 2496 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 584 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\browser" - {128e89eb-dc17-43a3-859f-8f064ce70049} 1600 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe" -contentproc --channel="1600.4.174900299\1112212145" -childID 4 -isForBrowser -prefsHandle 2824 -prefMapHandle 2828 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 584 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\browser" - {1fde9c16-8a56-40d8-8261-3dcc1f2fca40} 1600 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe" -contentproc --channel="1600.5.421419118\255485257" -childID 5 -isForBrowser -prefsHandle 2900 -prefMapHandle 2904 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 584 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\browser" - {ea6d79f3-d3c9-4ed4-8296-2e01fe8ff2ae} 1600 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe" -contentproc --channel="1600.6.554899586\1881294212" -childID 6 -isForBrowser -prefsHandle 3056 -prefMapHandle 3060 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 584 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\browser" - {5e42dcda-ac26-418a-ae2a-9763f48a1b1c} 1600 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe" -contentproc --channel="1600.7.1205229018\1574759289" -childID 7 -isForBrowser -prefsHandle 2956 -prefMapHandle 2900 -prefsLen 25536 -prefMapSize 245849 -jsInitHandle 584 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\browser" - {8911559f-4240-403e-af7d-472499ca830a} 1600 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21962\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI21962\geckodriver.exe --port 49467 --websocket-port 49468
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 49468 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilebm58Nk
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 49468 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilebm58Nk
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe" -contentproc --channel="2256.0.296583712\134856658" -parentBuildID 20240416150000 -prefsHandle 1212 -prefMapHandle 1204 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\browser" - {32ff56e2-e82a-45bf-80d3-cda684ca5c1e} 2256 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe" -contentproc --channel="2256.1.1308344440\2064188339" -childID 1 -isForBrowser -prefsHandle 2148 -prefMapHandle 548 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 820 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\browser" - {729c6211-d5e3-4ab1-a84d-f66781e35458} 2256 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe" -contentproc --channel="2256.2.293608281\1550849147" -childID 2 -isForBrowser -prefsHandle 2156 -prefMapHandle 2076 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 820 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\browser" - {ffc02854-2b35-460a-b3aa-e286594cb57d} 2256 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe" -contentproc --channel="2256.3.1682834018\1379249533" -childID 3 -isForBrowser -prefsHandle 2620 -prefMapHandle 2616 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 820 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\browser" - {38cb0e58-97c9-4e3d-a2a8-00109cd2faa2} 2256 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe" -contentproc --channel="2256.4.2123214137\2058730536" -childID 4 -isForBrowser -prefsHandle 2820 -prefMapHandle 2824 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 820 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\browser" - {704a30fc-ae44-4b3f-b015-1c2dd94f58f4} 2256 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe" -contentproc --channel="2256.5.258225551\1707285803" -childID 5 -isForBrowser -prefsHandle 2944 -prefMapHandle 2948 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 820 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\browser" - {6d2dd011-282c-48a2-b947-fe6a3a2b2da9} 2256 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe" -contentproc --channel="2256.6.647178605\786020241" -childID 6 -isForBrowser -prefsHandle 3024 -prefMapHandle 3028 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 820 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\browser" - {5f672ccd-2d53-4808-b4e5-c2bc28bdbb83} 2256 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe" -contentproc --channel="2256.7.1534567201\535805008" -childID 7 -isForBrowser -prefsHandle 1696 -prefMapHandle 3268 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 820 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\browser" - {1dd3f46d-5fc1-4cd6-a8d3-87cc32e11d5c} 2256 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21962\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI21962\geckodriver.exe --port 49467 --websocket-port 49468
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 49468 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileuMA8iZ
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 49468 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileuMA8iZ
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe" -contentproc --channel="2808.0.1419526178\720249747" -parentBuildID 20240416150000 -prefsHandle 1244 -prefMapHandle 1236 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\browser" - {fa4577ed-6f2a-46d8-82c6-7871a0cb1001} 2808 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe" -contentproc --channel="2808.1.915909027\639524401" -childID 1 -isForBrowser -prefsHandle 2032 -prefMapHandle 1576 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 584 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\browser" - {a69c07e4-a756-44e9-a14b-5e4babebe780} 2808 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe" -contentproc --channel="2808.2.66513998\920346755" -childID 2 -isForBrowser -prefsHandle 2312 -prefMapHandle 2316 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 584 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\browser" - {5a425abb-952e-41c2-9e20-8c7439823f9b} 2808 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe" -contentproc --channel="2808.3.293933115\157580302" -childID 3 -isForBrowser -prefsHandle 2792 -prefMapHandle 2796 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 584 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\browser" - {d617ebe2-13a8-40ca-814c-c00ddbea8af6} 2808 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe" -contentproc --channel="2808.4.94527655\1740569973" -childID 4 -isForBrowser -prefsHandle 2384 -prefMapHandle 2376 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 584 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\browser" - {a5ca255b-5995-4ed7-b0c3-55baa8aff45d} 2808 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe" -contentproc --channel="2808.5.1702634736\2047266293" -childID 5 -isForBrowser -prefsHandle 2864 -prefMapHandle 2868 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 584 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\browser" - {6ee25fe1-d4d8-4e60-a54a-b60aa452e369} 2808 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe" -contentproc --channel="2808.6.2133086680\1484643483" -childID 6 -isForBrowser -prefsHandle 3036 -prefMapHandle 3040 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 584 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\browser" - {4a0fdf6d-70d7-42d9-ac9f-3e5fc655b0ed} 2808 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe" -contentproc --channel="2808.7.1968082612\567107295" -childID 7 -isForBrowser -prefsHandle 3372 -prefMapHandle 2800 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 584 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\browser" - {a8d6f2e6-22f6-48bc-82c3-e79588741775} 2808 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21962\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI21962\geckodriver.exe --port 49467 --websocket-port 49468
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 49468 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileK2oIqO
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 49468 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileK2oIqO
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe" -contentproc --channel="576.0.897377604\185692122" -parentBuildID 20240416150000 -prefsHandle 1212 -prefMapHandle 1204 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\browser" - {0fccca08-60e3-468d-8f5e-70fb4f226ec7} 576 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe" -contentproc --channel="576.1.553940754\1602223209" -childID 1 -isForBrowser -prefsHandle 1944 -prefMapHandle 592 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 860 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\browser" - {d0a47428-d3d9-4590-937e-724492a1bccf} 576 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe" -contentproc --channel="576.2.1313857204\486245500" -childID 2 -isForBrowser -prefsHandle 2108 -prefMapHandle 2180 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 860 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\browser" - {05763e40-00c5-44e2-a44f-9e8856344db9} 576 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe" -contentproc --channel="576.3.1452164388\1725989363" -childID 3 -isForBrowser -prefsHandle 2408 -prefMapHandle 2280 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 860 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\browser" - {2ab12890-0066-47ed-8a37-55fbd9245999} 576 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe" -contentproc --channel="576.4.739078980\1799441099" -childID 4 -isForBrowser -prefsHandle 1076 -prefMapHandle 1072 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 860 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\browser" - {80947c67-49f9-4090-b62b-6a138712131c} 576 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe" -contentproc --channel="576.5.225719077\1334700485" -childID 5 -isForBrowser -prefsHandle 2892 -prefMapHandle 2896 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 860 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\browser" - {07e9c1ab-ca93-41c5-bd72-939426befc31} 576 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe" -contentproc --channel="576.6.1862705561\122803799" -childID 6 -isForBrowser -prefsHandle 3048 -prefMapHandle 3052 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 860 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\browser" - {1a6861ce-917c-4890-8ae5-ff41934e40a4} 576 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe" -contentproc --channel="576.7.768426784\358521012" -childID 7 -isForBrowser -prefsHandle 3428 -prefMapHandle 3228 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 860 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\browser" - {da5910e6-be1d-4f53-9495-38181a4768fd} 576 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21962\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI21962\geckodriver.exe --port 49467 --websocket-port 49468
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 49468 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileMugQGN
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 49468 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileMugQGN
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe" -contentproc --channel="780.0.1442671427\1605662679" -parentBuildID 20240416150000 -prefsHandle 1236 -prefMapHandle 1216 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\browser" - {0bc71b9d-c2da-4fcf-817e-51001a295d4a} 780 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe" -contentproc --channel="780.1.332789538\1045341708" -childID 1 -isForBrowser -prefsHandle 1868 -prefMapHandle 1920 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 576 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\browser" - {b40ad7fd-1f76-40e0-a0d3-a1478c8aadde} 780 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe" -contentproc --channel="780.2.1164152384\1452830009" -childID 2 -isForBrowser -prefsHandle 2276 -prefMapHandle 2280 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 576 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\browser" - {6a7786c3-1118-4829-9287-241b62b988ba} 780 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe" -contentproc --channel="780.3.1173167282\999423557" -childID 3 -isForBrowser -prefsHandle 2700 -prefMapHandle 2660 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 576 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\browser" - {8a044e50-b856-4418-aaf0-ec8def6337ac} 780 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe" -contentproc --channel="780.4.1346789552\1406904189" -childID 4 -isForBrowser -prefsHandle 2276 -prefMapHandle 2428 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 576 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\browser" - {b9c6c793-0737-434c-a2d8-e655aa85c611} 780 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe" -contentproc --channel="780.5.752449919\1452472908" -childID 5 -isForBrowser -prefsHandle 2732 -prefMapHandle 2952 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 576 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\browser" - {9c160d13-912d-464a-993b-57543b943078} 780 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe" -contentproc --channel="780.6.84030248\1505385732" -childID 6 -isForBrowser -prefsHandle 3068 -prefMapHandle 3076 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 576 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\browser" - {63c6511e-cf5d-460c-8bf6-169da6d990a3} 780 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe" -contentproc --channel="780.7.1290633699\586379625" -childID 7 -isForBrowser -prefsHandle 3320 -prefMapHandle 3316 -prefsLen 25536 -prefMapSize 245849 -jsInitHandle 576 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\browser" - {a9daa28b-b726-4193-9841-30ce7525fdd5} 780 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe" -contentproc --channel="780.8.1645881863\1847284041" -childID 8 -isForBrowser -prefsHandle 3624 -prefMapHandle 2808 -prefsLen 25536 -prefMapSize 245849 -jsInitHandle 576 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\browser" - {6c010b28-8c20-4415-9a3d-c5a1a9af2351} 780 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\firefox.exe" -contentproc --channel="780.9.356201078\1200249086" -childID 9 -isForBrowser -prefsHandle 7372 -prefMapHandle 7376 -prefsLen 25536 -prefMapSize 245849 -jsInitHandle 576 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\browser" - {d6300801-006f-4a10-b75b-79a35920fa8a} 780 tab
Network
| Country | Destination | Domain | Proto |
| US | 65.39.97.13:9002 | tcp | |
| N/A | 127.0.0.1:49563 | tcp | |
| N/A | 127.0.0.1:49570 | tcp | |
| N/A | 127.0.0.1:49467 | tcp | |
| N/A | 127.0.0.1:49467 | tcp | |
| N/A | 127.0.0.1:49467 | tcp | |
| N/A | 127.0.0.1:49666 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:49703 | tcp | |
| FI | 95.216.22.87:4080 | tcp | |
| DE | 176.9.39.196:9001 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:49467 | tcp | |
| N/A | 127.0.0.1:49467 | tcp | |
| N/A | 127.0.0.1:49467 | tcp | |
| N/A | 127.0.0.1:50251 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50286 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:49467 | tcp | |
| N/A | 127.0.0.1:49467 | tcp | |
| N/A | 127.0.0.1:49467 | tcp | |
| N/A | 127.0.0.1:50772 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50807 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:49467 | tcp | |
| N/A | 127.0.0.1:49467 | tcp | |
| N/A | 127.0.0.1:49467 | tcp | |
| N/A | 127.0.0.1:51278 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51313 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:49467 | tcp | |
| N/A | 127.0.0.1:49467 | tcp | |
| N/A | 127.0.0.1:49467 | tcp | |
| N/A | 127.0.0.1:51802 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51837 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:49467 | tcp | |
| N/A | 127.0.0.1:49467 | tcp | |
| N/A | 127.0.0.1:49467 | tcp | |
| N/A | 127.0.0.1:52335 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:52370 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\_MEI21962\python38.dll
| MD5 | 26ba25d468a778d37f1a24f4514d9814 |
| SHA1 | b64fe169690557656ede3ae50d3c5a197fea6013 |
| SHA256 | 2f3e368f5bcc1dda5e951682008a509751e6395f7328fd0f02c4e1a11f67c128 |
| SHA512 | 80471bfeeab279ce4adfb9ee1962597fb8e1886b861e31bdff1e3aa0df06d93afeb3a3398e9519bab7152d4bd7d88fa9b328a2d7eb50a91eb60fead268912080 |
C:\Users\Admin\AppData\Local\Temp\_MEI21962\VCRUNTIME140.dll
| MD5 | 4a365ffdbde27954e768358f4a4ce82e |
| SHA1 | a1b31102eee1d2a4ed1290da2038b7b9f6a104a3 |
| SHA256 | 6a0850419432735a98e56857d5cfce97e9d58a947a9863ca6afadd1c7bcab27c |
| SHA512 | 54e4b6287c4d5a165509047262873085f50953af63ca0dcb7649c22aba5b439ab117a7e0d6e7f0a3e51a23e28a255ffd1ca1ddce4b2ea7f87bca1c9b0dbe2722 |
C:\Users\Admin\AppData\Local\Temp\_MEI21962\base_library.zip
| MD5 | 09f7062e078379845347034c2a63943e |
| SHA1 | 9683dd8ef7d72101674850f3db0e05c14039d5fd |
| SHA256 | 7c1c73de4909d11efb20028f4745a9c8494fb4ee8dcf2f049907115def3d2629 |
| SHA512 | a169825e9b0bb995a115134cf1f7b76a96b651acd472dc4ce8473900d8852fc93b9f87a26d2c64f7bb3dd76d5feb01eeb4af4945e0c0b95d5c9c97938fa85b34 |
\Users\Admin\AppData\Local\Temp\_MEI21962\_ctypes.pyd
| MD5 | 291a0a9b63bae00a4222a6df71a22023 |
| SHA1 | 7a6a2aad634ec30e8edb2d2d8d0895c708d84551 |
| SHA256 | 820e840759eed12e19f3c485fd819b065b49d9dc704ae3599a63077416d63324 |
| SHA512 | d43ef6fc2595936b17b0a689a00be04968f11d7c28945af4c3a74589bd05f415bf4cb3b4e22ac496490daff533755999a69d5962ccffd12e09c16130ed57fd09 |
C:\Users\Admin\AppData\Local\Temp\_MEI21962\nss3.dll
| MD5 | 71747091d34cc634b9ad3c360b45b0a9 |
| SHA1 | 111cf483836f6a392f64bc9398a327be1c43dfc8 |
| SHA256 | 6e69c7c93a9d06c34c5f5429813d3763fe7ae4fb09c1dc5b0f0290b2dd8befcf |
| SHA512 | b911fd3b201a84c7663135c2dbf72e2368d68557181f5e1a32be271b0e73181f34990575fba44002fc92bae7d90caf530b7ec9212d3d022b4526906f0c2eb35a |
C:\Users\Admin\AppData\Local\Temp\_MEI21962\mozglue.dll
| MD5 | 3e4d1ec1d2a6e85593459601b5a0a828 |
| SHA1 | 92ee422285282dcb170cbc7808299d14d8d27963 |
| SHA256 | eefcf97ee8a298c85c9d4d44bb8747c0cca1ef5922e25000814148fd0fbfb2f5 |
| SHA512 | 4fe70fdbf8c902497537fbcda6e96373c636521aba2db52e3047abad37a9b857ab1668f203bcdf2815bbe0c485ec751dd6031043f459fd4af968c5d495e44ba4 |
C:\Users\Admin\AppData\Local\Temp\_MEI21962\mozavutil.dll
| MD5 | 4ecbb73d44518fc2b601a1ac9a38dcad |
| SHA1 | f7c96e85d5b32af8efb784e75164ec4f0c6f4f10 |
| SHA256 | 7f629ecfd36353139e9b067dc5ba84b411ed74132aef01b4430ccb016af46a52 |
| SHA512 | 12946996b2bdd87dd08cf046b37ff21dc23ab336c92d2b42cfa2000743c79524205004623b67505294080f60f9b5433005457f8a385e0461cef2cded6aa3d610 |
C:\Users\Admin\AppData\Local\Temp\_MEI21962\libssl-1_1.dll
| MD5 | 50bcfb04328fec1a22c31c0e39286470 |
| SHA1 | 3a1b78faf34125c7b8d684419fa715c367db3daa |
| SHA256 | fddd0da02dcd41786e9aa04ba17ba391ce39dae6b1f54cfa1e2bb55bc753fce9 |
| SHA512 | 370e6dfd318d905b79baf1808efbf6da58590f00006513bdaaed0c313f6fa6c36f634ea3b05f916cee59f4db25a23dd9e6f64caf3c04a200e78c193027f57685 |
C:\Users\Admin\AppData\Local\Temp\_MEI21962\libcrypto-1_1.dll
| MD5 | 89511df61678befa2f62f5025c8c8448 |
| SHA1 | df3961f833b4964f70fcf1c002d9fd7309f53ef8 |
| SHA256 | 296426e7ce11bc3d1cfa9f2aeb42f60c974da4af3b3efbeb0ba40e92e5299fdf |
| SHA512 | 9af069ea13551a4672fdd4635d3242e017837b76ab2815788148dd4c44b4cf3a650d43ac79cd2122e1e51e01fb5164e71ff81a829395bdb8e50bb50a33f0a668 |
C:\Users\Admin\AppData\Local\Temp\_MEI21962\lgpllibs.dll
| MD5 | 726abf1280adf3129481b94b2bc644c4 |
| SHA1 | 404f69e71296f2d199535e8a6d9fb56707fcbc5f |
| SHA256 | 8969747ecb7dfd4a6dcb9150017e14ebbf90ce558f6fb469f6b558d039e9259a |
| SHA512 | 160b57aa1a28ff35210cf958fd7821aa2cc1cf6fca1ea38d768fa90111826b096518363b00b6818d21743aefd6bbbfa358fbe2fe3afa95edacb330a747c6e5f3 |
C:\Users\Admin\AppData\Local\Temp\_MEI21962\geckodriver.exe
| MD5 | f60c542253cbe94f762e15c7b064b55d |
| SHA1 | 7a32f034217266db6d799893edc976e891a82944 |
| SHA256 | 989c9e22c08924ecb0ce8901889dcb4dc8db33b0b4c8c88ffea38fe89f04c6aa |
| SHA512 | 1a91ba760e9893521e417a4b6ab4a25c1a1d8aadf89ad98a60eb114f65a88f9d2616f3cc102c08b95a0e91d0cb7245ecc2b4fdbbbc17465c57844e6db2b2e8ca |
\Users\Admin\AppData\Local\Temp\_MEI21962\_lzma.pyd
| MD5 | cf9fd17b1706f3044a8f74f6d398d5f1 |
| SHA1 | c5cd0debbde042445b9722a676ff36a0ac3959ad |
| SHA256 | 9209ccc60115727b192bf7771551040ca6fdd50f9bf8c3d2eacbfd424e8245e4 |
| SHA512 | 5fe922c00c6f7fd3cd9bc56fc51de1f44adffbdb0afc0583f1bb08008be628b9ac16f8560b0c3ba16138e1cdcaf1c525ef24241bed804804cdeb5961aed6385a |
\Users\Admin\AppData\Local\Temp\_MEI21962\_bz2.pyd
| MD5 | a49c5f406456b79254eb65d015b81088 |
| SHA1 | cfc2a2a89c63df52947af3610e4d9b8999399c91 |
| SHA256 | ce4ef8ed1e72c1d3a6082d500a17a009eb6e8ed15022bf3b68a22291858feced |
| SHA512 | bbafeff8c101c7425dc9b8789117fe4c5e516d217181d3574d9d81b8fec4b0bd34f1e1fe6e406ae95584dc671f788cd7b05c8d700baf59fbf21de9c902edf7ae |
\Users\Admin\AppData\Local\Temp\_MEI21962\libffi-7.dll
| MD5 | eef7981412be8ea459064d3090f4b3aa |
| SHA1 | c60da4830ce27afc234b3c3014c583f7f0a5a925 |
| SHA256 | f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081 |
| SHA512 | dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016 |
\Users\Admin\AppData\Local\Temp\_MEI21962\_socket.pyd
| MD5 | 4827652de133c83fa1cae839b361856c |
| SHA1 | 182f9a04bdc42766cfd5fb352f2cb22e5c26665e |
| SHA256 | 87832a3b89e2ada8f704a8f066013660d591d9ce01ce901cc57a3b973f0858ba |
| SHA512 | 8d66d68613fdba0820257550de3c39b308b1dce659dca953d10a95ff2cf89c31afe512d30ed44422b31117058dc9fa15279e5ac84694da89b47f99b0ad7e338a |
\Users\Admin\AppData\Local\Temp\_MEI21962\_hashlib.pyd
| MD5 | 5e5af52f42eaf007e3ac73fd2211f048 |
| SHA1 | 1a981e66ab5b03f4a74a6bac6227cd45df78010b |
| SHA256 | a30cf1a40e0b09610e34be187f1396ac5a44dcfb27bc7ff9b450d1318b694c1b |
| SHA512 | bc37625005c3dad1129b158a2f1e91628d5c973961e0efd61513bb6c7b97d77922809afca8039d08c11903734450bc098c6e7b63655ff1e9881323e5cfd739fd |
C:\Users\Admin\AppData\Local\Temp\_MEI21962\_ssl.pyd
| MD5 | d4dfd8c2894670e9f8d6302c09997300 |
| SHA1 | c3a6cc8d8079a06a4cac8950e0baba2b43fb1f8e |
| SHA256 | 0a721fc230eca278a69a2006e13dfa00e698274281378d4df35227e1f68ea3e0 |
| SHA512 | 1422bf45d233e2e3f77dce30ba0123625f2a511f73dfdf42ee093b1755963d9abc371935111c28f0d2c02308c5e82867de2546d871c35e657da32a7182026048 |
C:\Users\Admin\AppData\Local\Temp\_MEI21962\_queue.pyd
| MD5 | dd146e2fa08302496b15118bf47703cf |
| SHA1 | d06813e2fcb30cbb00bb3893f30c2661686cf4b7 |
| SHA256 | 67e4e888559ea2c62ff267b58d7a7e95c2ec361703b5aa232aa8b2a1f96a2051 |
| SHA512 | 5b93a782c9562370fc5b3f289ca422b4d1a1c532e81bd6c95a0063f2e3889ecf828003e42b674439fc7cd0fa72f64ad607bab6910abe9d959a4fb9fb08df263c |
C:\Users\Admin\AppData\Local\Temp\_MEI21962\unicodedata.pyd
| MD5 | 601aee84e12b87ca66826dfc7ca57231 |
| SHA1 | 3a7812433ca7d443d4494446a9ced24b6774ceca |
| SHA256 | d8091e62c74e1b2b648086f778c3c41ce01f09661a75ea207d3fea2cf26a8762 |
| SHA512 | 7c2d64623c6cfd66d6729f59909c90aa944e810ff6514c58b2b3142ee90e8660b7ddf7fa187389dd333e47efe8b19e935dd4e9119c15375b69b4880d043877d7 |
C:\Users\Admin\AppData\Local\Temp\_MEI21962\top-1m.csv
| MD5 | ba0857be5e9736dde1f5cc44edd5d21b |
| SHA1 | b130759907909cc97bfe0d9a1fd65b8942c931aa |
| SHA256 | 7800cdef850c31931b2b520a42f858c4feb5ca86d6b3789e6173a02e909595ca |
| SHA512 | 08446902bc588e323b8fc551502ff869be6c2bb64f788d1bebfcc30a04c3e589b0616e84fc55de3d81d7b19b26e690024a442e6a27096808bc613bcecf3f6db4 |
C:\Users\Admin\AppData\Local\Temp\_MEI21962\select.pyd
| MD5 | e21cff76db11c1066fd96af86332b640 |
| SHA1 | e78ef7075c479b1d218132d89bf4bec13d54c06a |
| SHA256 | fcc2e09a2355a5546922874fb4cac92ee00a33c0ed6adbc440d128d1e9f4ec28 |
| SHA512 | e86dba2326ca5ea3f5ef3af2abd3c23d5b29b6211acc865b6be5a51d5c8850b7cda8c069e6f631ac62f2047224c4b675bbe6ac97c7ba781de5b8016ebaffd46f |
C:\Users\Admin\AppData\Local\Temp\_MEI21962\pyexpat.pyd
| MD5 | 2ae23047648257afa90d0ca96811979f |
| SHA1 | 0833cf7ccae477faa4656c74d593d0f59844cadd |
| SHA256 | 5caf51f12406bdb980db1361fab79c51be8cac0a2a0071a083adf4d84f423e95 |
| SHA512 | 13052eb183bb7eb8bb2740ff39f63805b69e920f2e21b482657a9995aa002579a88296b81ec415942511d2ed146689d1868b446f7e698e72da22f5c182706030 |
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\addonStartup.json.lz4
| MD5 | 85de06e3d4c6f39404776f3c7162c59b |
| SHA1 | 3e4b8ecebaa9c903d220ee23d367be8e8ba27619 |
| SHA256 | 33d83687f45f4dbe12db0a0ce697cbce2c228d71ed474ad10a839ff7ce95012a |
| SHA512 | 6cd4cac7bd74ac01de30d242b2bc75e7dc2e23c0871250ae8176cc947553dbfc702a2392380acdad6bec355aea6dfa95708af54c560330c36c05bb0f34169963 |
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\compatibility.ini
| MD5 | e50a617598b0f635e6f9ae4a9d445b78 |
| SHA1 | a372ec393dd6271bd00cf02f894152887765da8b |
| SHA256 | c9053fe76caf2607aa3043fa8b60070956198590dd8aab868145e0644cee30f5 |
| SHA512 | e851c226c38d4a6dfe43074d455fd75483d6c9b4d9521280a64f5b1913a055084d7764f13a8d0a12142a716a4031cc2ca4916c131d41c18a4d7a95128cb03bc0 |
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\containers.json
| MD5 | 26dd091069531a62061de8ca1c56d46b |
| SHA1 | 6c9daa73f096174f28f86c9bb245cb8a540f5c2d |
| SHA256 | 2cde4e7f9f1c6ab6fcf729370237845c72314a6c6d942fab1989f37e6c610a9a |
| SHA512 | 180d42c642f5d1126efbf89af33f1b4d1aa936aa530834b508eabcf3ec845aad91daa871ee6517e1181910f5720edbc3788d6a4b2455f1255d7b52b95de2d66d |
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\webappsstore.sqlite
| MD5 | 41c22c9f81a84b1b0e5ee7ec2ff7c545 |
| SHA1 | d12424cba9e4e9124bf3f15e556c562b95c9b6a3 |
| SHA256 | 4ffdc78433817da79ad2e84b26a2ffaf62d8c1baf80421751d752c3d8723328f |
| SHA512 | 8b690c55ae0b25aeede62a09dea1ef6b7daa9880ca63c6d4ce192160daded05fe0dc44b115216ce10523e2ec45991873c249f159fe8608712818f5ead327897b |
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\times.json
| MD5 | 797325af481a14ae243f10d5f24b4a0d |
| SHA1 | 718b6ed3d9d839b8fe0a0e097b9ac5f5770ed5a1 |
| SHA256 | 1d70eaebce1c81e3241ae47deb92aab50f90dd8baa4c7cb5e9f7eb6b1e66abb1 |
| SHA512 | ac9aa2b028bdffe24831ba50894fb48eb70b100f6973875987e24f075a3e9196f96699667eb3a5d2e4f86041d510447c75fe6e55562813451712878a3411c3b1 |
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage.sqlite
| MD5 | 7f2754df6a4a580b15910f449892766d |
| SHA1 | 9dcaad98563ed89781f53941cbc43db5454de7f5 |
| SHA256 | d3765d63c380e5a79296d566b7869c08b1f4e079787176f29cf2ddcd76330654 |
| SHA512 | 25f0205a8c4aed02e9e1f9ecafffb36cb3bb795ef9f06cc12ede9e8b0459ae5b86573b3b4980b92073a59204eaf314cba34c03b99e90ab98f804fe378fe02839 |
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | ecb1dedf5ef99417494e424ca42eb67f |
| SHA1 | e2a293cbba50c6624e75cdaffe472967f3961023 |
| SHA256 | cccd56daa3559a54db61113fbdb5b6c96649cdd65b5cf14bd442c3f2e3b738be |
| SHA512 | 5ea0645775933d5bd2f913d58e344253a58578c920af95bd0fb81ff4f13a4998a919f0856ffdc97541abf9fc3797558b0f2467bc73214b63c7ce568ba87e550b |
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\.metadata-v2
| MD5 | 7abc816e004d9ed0f292770cfa8876cb |
| SHA1 | 4a1eeb702543f0819ef7c64b9f3bfd53be292106 |
| SHA256 | 2960d61c10694d76f29beca0eb96c06608cf4bbf479811449a39197e8580842e |
| SHA512 | 9883b894e65a426227ea9808b69e2259f206df76bd9bb9e7c0ebd7521acbdad0a92c4a531f739c93b1e53001eca8a1a42e122baa1e1885b11d4ba34aae24961a |
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\ls-archive.sqlite
| MD5 | d277f533f1d77e26d09bb66764bbeea6 |
| SHA1 | 082920ebe7dfb870cf94a99fc601fd5ae8b456ee |
| SHA256 | 3c957f8d69ccfe73b66c28d378bf301bb1bcb0ceb5c59ac0dafeb5787b24f3c3 |
| SHA512 | 510c78685b20a68160d9041d5a55a022a281fc0fd5777f978dc422d132961bf52ac23a0a95ca47b15715641ecb7a39b359da8d00d305c8543d553c00db54747d |
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | 47539d0337e97e22a728afc2638d461f |
| SHA1 | d97b37079543b33b9b605c787945f809aed66fd6 |
| SHA256 | 262e52c5bbaa9bcd2dfcb4cf7da83a1efa95ebd0299f82031ad31a6ab19405a5 |
| SHA512 | 3810ebe80173d41785a42459fc5c4a8a31e56294f2c03fe99416925a34d242b88023565057201c9b6dcbdb97c8396d8305a723c0e31bb5b560b031b299672d4a |
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | cbb1daad9fc48ab13e35fcd3621a5999 |
| SHA1 | 0eec8ece735465aea259f8223762f93fb13a97a0 |
| SHA256 | 8a03ae38ee38cf04dd9a5e2c5563bfd930886cae2170ed4200829288e5c155da |
| SHA512 | 818629d68123ae629bd5a1c7e768ed79707360457be1b7c50f7c59447bf9ee398fe78c925f037649d6b1ca529a9cf3bf8077b6f525f3e88142c56bc7e5451e8b |
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\.metadata-v2
| MD5 | 2c740091198dcf20b9c600791e2bcc3c |
| SHA1 | dd6f376ba9139ddec20ece64da0760054133db96 |
| SHA256 | e39504c71ba91c438c682a8c83c7ecfc5410b853d7788a4c561a8c6e90bdbe59 |
| SHA512 | a677a432a4af6b5ad0131d224d2e4c999c2340a54ba770f9f39429fd28ad05a921fcf65a1b714af5deae2419abcf8ab38472e15f0f8758ccf7b7769a40bafffc |
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\sessionCheckpoints.json
| MD5 | 48fcad918c62db97e9af1dba1d131473 |
| SHA1 | d89381594d3241b0e645033f67572a5d8c166764 |
| SHA256 | dd8349e2789db1125b477971c5d445b6afb2f6ea3b57de65080631040900fe8c |
| SHA512 | 2278d074aab519859188b047c77fe7b4db718e0af237b63e06a1b095d7a1eb4e07d6ea59cab5d7b1325aae0047fadea36eae12a80bfefe112aab85fc18aa1ca3 |
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\search.json.mozlz4
| MD5 | b6d7fc9b6ebc5f46500acc52bf6c9808 |
| SHA1 | 4fd8111c436d89b83890e98b4cb7d0343e568340 |
| SHA256 | 2bd35c40d02dfca6c685a001287d89c1ec743b8d4d87a0a568c1cbd0b5ba4974 |
| SHA512 | 7e7111112af9448be4da527ae1d76ed93ec1e236dd00db63ff30d93d1f29cd699193e1e2635b110dda3ec36502c25065ef7d1613537451916ea301eb0f3e084b |
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs.js
| MD5 | 8565a303ddc83b03f8662b034597de18 |
| SHA1 | ce6453779eb52055599ddba097a95ab82512ae5b |
| SHA256 | b6ffe8a2973d7050fd5ffcf7ee1c995eef8d8dc5d58cb0a05a6ca0953bd4c6bd |
| SHA512 | 2b667252645b7f1202582beb353fbb2320f81b1f2e42a8327792309709434092a953727b222a5d81bac1482a547a498ca5c9d3d2c772858746cf29d18c684566 |
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\places.sqlite
| MD5 | 2eeb46e1c58ff1cce4ac2d4d725b2cc6 |
| SHA1 | 89aa36e77e51da31fbbfd682a2acc91f6016d275 |
| SHA256 | e99e5ee165f2a0d5d39c5cc5a1d994c0534cf7caf8779f314f0e92b2d59d2b6a |
| SHA512 | 23d5e39c25375ef4a83713f44615078878253411cd6ca6c4a149de915cd491b328046ddd189a113585361faad6a47ebd6ead31f062681ab25b0f2832a988265e |
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\handlers.json
| MD5 | e7a65c5ead519a7b802f991353c26d3d |
| SHA1 | 34cc3c1cf9bd4912dba5fa422010934e46419fa3 |
| SHA256 | 0e5ce92485da953757f615bad034a43032b220da18f8165dd85347851b56b2d2 |
| SHA512 | 2a6034449ba6f5da8a77870ae665064047cea2460aeb4c8c0b62b308a403fdd30648150209aecc31ab1e50b6d9d94a1f51d3d7d50bbf35ec1b742bff2dbe788d |
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\favicons.sqlite
| MD5 | 0351b833a5c095852e821535974441c8 |
| SHA1 | bcbf5c294852c2d80af7862d19791b994aea7706 |
| SHA256 | dd13400afe7ebe5d0be37c951ff961be293b63588cc3635a62fa5f071ab69eef |
| SHA512 | 3eaefe9e400fadf0b947036e15b4dc5c7b42fbbcb716426ba478073eff1e7d7bddf3f72c44dfb5fafe6712d7ea9f2c52c172607d719f238a22e432afdb618b97 |
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions.json
| MD5 | e2e8f9cf938f81b1185086b12c5c9d90 |
| SHA1 | b67c857a7002b3262f09ffc9fa8524c58a01e5b9 |
| SHA256 | a053bba02f38179197090a9a9849aab872af5b09dc61b2f69efb0d8ea2d0f5e2 |
| SHA512 | 3bab571f5c43ff72ce1dd654b584d053cba937a3d3cc4d07cbf57ac7acc821b199b90fab66abc62dbe32e75297143c810c995d87df076e75a583e321d081d87f |
C:\Users\Admin\AppData\Local\Temp\tmpekecm8hs\webdriver-py-profilecopy\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
| MD5 | a3fb2788945937b22e92eeeb30fb4f15 |
| SHA1 | 8cade36d4d5067cd9a094ab2e4b3c786e3c160aa |
| SHA256 | 05b98840b05ef2acbac333543e4b7c3d40fee2ce5fb4e29260b05e2ff6fe24cd |
| SHA512 | 4897aefe3a0efffaa3d92842b42fe223f0b9882031a65bea683f4554d1fec92b8a66ea15c67e9b95c7fc12991cde3245010ccfb91768ba233711ced3412c13bc |
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extension-preferences.json
| MD5 | d2e8aceaa00ad916618bea2eee81aedf |
| SHA1 | 28b26f0db0b4b2504a418983089795761c56e4a1 |
| SHA256 | fc52b830f384921b69b457fed04dfb4239fb08e9fe7d8ac07c4c269bd9f6f622 |
| SHA512 | b6cb1f872dfc024d28524976aca3ad8840943ca0fc212326e8b6ee6fe0a57d5120a6c1da824ab70d7f9ee8dd674bdd32ace038db4d893b893830bf3267c6e59d |
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\datareporting\glean\db\data.safe.bin
| MD5 | b1c8aa9861b461806c9e738511edd6ae |
| SHA1 | fe13c1bbc7e323845cbe6a1bb89259cbd05595f8 |
| SHA256 | 7cea48e7add3340b36f47ba4ea2ded8d6cb0423ffc2a64b44d7e86e0507d6b70 |
| SHA512 | 841a0f8c98dd04dc9a4be2f05c34ecd511388c76d08ca0f415bfb6056166d9a521b8bc2c46b74697f3ecdac5141d1fe6af76dd0689350caca14e9f849ee75a8b |
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\cookies.sqlite
| MD5 | 5caa766855d5613a999f71b7812d6451 |
| SHA1 | ad0d9a52a0d5cc7f11858301dbe47377ed99ee37 |
| SHA256 | 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27 |
| SHA512 | 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba |
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\content-prefs.sqlite
| MD5 | 2ec530a71bdac21f299f9ddb823be222 |
| SHA1 | 5425aaf19c0832cda06be506e88f2435f432d287 |
| SHA256 | ccad2cafe84d27b3be67a87f0e32b7670e451c7ceefce6f2aa38f658976334b3 |
| SHA512 | 94eec8b0f59c68331d9187dd4dd4aa2b2c31d844e72bf707cd9e0c7c72c64982a3babcacf3d09a996422281ac5479ee304b41a577e54a74308d7a31a7d7091d4 |
C:\Users\Admin\AppData\Local\Temp\_MEI21962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\xulstore.json
| MD5 | 8d689c06cb844185099c0398a280537e |
| SHA1 | 57073c7526ec37e94bb9db44fedc6d50276f7a6b |
| SHA256 | 96729e9b38f216605ff10715f96f364be32f02e2de23ede7e74b78244605124d |
| SHA512 | 3c7df326c695143915df1068cb2c0f58e93e4881b2c4d94b33948b80e954fbd4cf944ae53b4d15002b79fcdb8e88f8e9cf4c89ca50f56b7cfd8a13ea7dd6fff8 |
C:\Users\Admin\AppData\Roaming\tor\cached-microdesc-consensus.tmp
| MD5 | 80e882ce8268212cf4db9fbe44f95336 |
| SHA1 | 85abc152168a20d8db2c6501aa43a97ea72efc8c |
| SHA256 | 32c7fa19bdf922f35368bbda1fd91b30fae89f7e8615c8224901e4e3454ee937 |
| SHA512 | eb6fc2086c0c5b1e2207c675e49713961246559ade42f65f5e1d51e6139e503eacceaa57542664f7161dc320df0403d90bc85e499aa2d0f09c4a3d4236920cd5 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileKq4gk6\extensions.json
| MD5 | b1d67bc760fc04fa6131047b5071e3ba |
| SHA1 | 29af15f48c2d3675377b91a0a2ca16ea2c2d3c17 |
| SHA256 | e82ba78835fa3ae6e7e0b332ee8ff022c8af819013faf4510452f22eb9458f4b |
| SHA512 | 4330f9ac5924adef934f3f15e60b7e5b3fdae31bd635cd6e3f128e75a3ff419b3644ac78feb2f24d7870beb60160d0702dd389eb7dec2ef245e751fa2f702de8 |
C:\Users\Admin\AppData\Roaming\tor\cached-microdescs.new
| MD5 | 2a79c41336036fd07256da9f6f40451b |
| SHA1 | 3086bbc88041df0572781d7e5f48aea0c6451a99 |
| SHA256 | 6a32d15955518b535f50e7c341673f98e789ec4757240b2114cefdcb88cc2e74 |
| SHA512 | cf8f03963e55d307937276c8072c98c47096d273d13ee2a16f0ff53854fa2e4dc44cb2d2961895a4f84ccf503c00293aaf037dd24be6c5320ee8bbe2b3f2aa7f |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileKq4gk6\prefs-1.js
| MD5 | 9c800189f242e42917496180735160b4 |
| SHA1 | 73d1429df711e742f2d7ba26d1ede2c03c3cf19f |
| SHA256 | adb1525ba9fac1786ebb1cd01b467267e7c977500e44298b3e1a1735be96f9f5 |
| SHA512 | 05fedda0c1fea45a7d0755b34d2318777f56bf574c0588ebb0cf5fbd255acd168a0e3e51eaa81b60fbea6d5742e7e6d363b4b788b069ef2b51c51efa18e93ef2 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileKq4gk6\prefs-1.js
| MD5 | d283b73e41616df91d2c83188328268b |
| SHA1 | f7f9e4bda919ffb58689245cfbc164ba362520a2 |
| SHA256 | eec447b34a2c592045655850433d2429db033b204bc4a4a6027d56b1264c81dd |
| SHA512 | 869a2bab319919e169c7a1fa4685da477e3aa1976dfaa7909bcfa21e323c0f0dd86454d554450b1b7800d808b95971a462f1f35143512d42450e41ae704b1ebb |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilenAGR03\sessionCheckpoints.json
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilenAGR03\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilenAGR03\extension-preferences.json
| MD5 | b4298c9a240d6b7b63346daf94013802 |
| SHA1 | 9ce98168437854b51b198c16186c05129f0c273b |
| SHA256 | e120cdbe8994b9c61e74492f0fad161abb5b4e18f64d4b786a8c245ae5a384d5 |
| SHA512 | 545becc42b35be10b4c24fdc38ef6b664d167e4288111f31478f476c2c06794efb802ac0fa2b782cddea1283d295a56053e96520b033258bd596ff6fbb4f1b4c |
memory/1600-1232-0x000000000A710000-0x000000000A720000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilenAGR03\startupCache\webext.sc.lz4
| MD5 | 64acd7fb090c33f935b463337c899275 |
| SHA1 | 4f689f229fd8a7134ef794761dc607aca493aa1f |
| SHA256 | 6dbd56c7bcafd3395925c339651ea3b2657bcb85a08eadc15159567b700653d5 |
| SHA512 | 076a9770eb3ee9a90e553f3361fcfc5483dad036f1d798fe67038815ecb99d3db11d304627ac64da2360458bda4c1165ba4d72eaae4c54fed470ff87827e3657 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilenAGR03\prefs-1.js
| MD5 | fb472998f7ab468cb6a5d249791ea224 |
| SHA1 | 11cffb4c832547e754a2b2c6111d6d418d3532e9 |
| SHA256 | 76bc4a6bc6adfb72e54c16f31ceb82b186d94c54e8e9570a2b4a6ae97b4320cd |
| SHA512 | faec40160e271d1710252ad91f0321d5fe6e99a89e1a59d1cb6ee1eb32155af54f25b1f5eaacae96be9e5e6fa6a68d7cf757a6b77cdfff03c5b57feea5dc56a3 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilenAGR03\broadcast-listeners.json
| MD5 | 97c3738563a9448365a735f5f29ed3d5 |
| SHA1 | 15a81433236ca6e6ecc4e1c8d0fdb8523b265c57 |
| SHA256 | 63221253f5c30efa214c2cd2adcf51a9c9f9a2c05f119b00a51c9579825c2c24 |
| SHA512 | ed98f42d5d02ab53a9e50f80b312bed4b5d05d053bec582cf9d619ef91251e86cf4f4d1123c645500fc1dc4673b49a8b7badd3f3a39f565ac643ca4fd0157ae6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilenAGR03\prefs-1.js
| MD5 | 966d36d8ce875872e25e9bf30a3c7bb2 |
| SHA1 | 45fcf2946811b7cda912b89f196dda7224cbfbd9 |
| SHA256 | 70c3bf0cfeac0a3680be19691ea6e4a11de35a91bed230261379fbc5389dacaa |
| SHA512 | d52f01e31b6fdea993d75b4629d2f98f18c61416f9a37d51d569f7cb604d6475f9a18c0525fc7e02a03e31768d1109fda4bdd32b462a84af4d0b226adad84ddc |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilenAGR03\sessionCheckpoints.json
| MD5 | 99601438ae1349b653fcd00278943f90 |
| SHA1 | 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9 |
| SHA256 | 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a |
| SHA512 | ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilenAGR03\sessionCheckpoints.json
| MD5 | 65690c43c42921410ec8043e34f09079 |
| SHA1 | 362add4dbd0c978ae222a354a4e8d35563da14b4 |
| SHA256 | 7343d5a46e2fca762305a4f85c45484a49c1607ede8e8c4bd12bedd2327edb8d |
| SHA512 | c0208d51cf1586e75f22764b82c48ecbb42c1ff54aa412a85af13d686e0119b4e49e98450d25c70e3792d3b9c2cda0c5ab0c6931ebaf548693bb970a35ae62b9 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilenAGR03\sessionCheckpoints.json
| MD5 | 2d87ba02e79c11351c1d478b06ca9b29 |
| SHA1 | 4b0fb1927ca869256e9e2e2d480c3feb8e67e6f1 |
| SHA256 | 16b7be97c92e0b75b9f8a3c22e90177941c7e6e3fbb97c8d46432554429f3524 |
| SHA512 | be7e128c140a88348c3676afc49a143227c013056007406c66a3cae16aae170543ca8a0749136702411f502f2c933891d7dcdde0db81c5733415c818f1668185 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilenAGR03\prefs-1.js
| MD5 | 6498369af90bc1805b9bcb5c799cfd5c |
| SHA1 | 75da8ac3236d2d03394e6e27d1547ffd2326d11f |
| SHA256 | 50c6874120da9c294c9ed599cc53efc111c83b8dc56f7591e310fd31acfa1c07 |
| SHA512 | 064874b4b50feab92a051415315c44feee57b9003f000a63d500f404521a000e7ccc6c63ac2074b581458ae02faf36d2b4747e43d70c2595809d99ae26f72882 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilenAGR03\prefs.js
| MD5 | 410df5fab9819e54b7e9309f3d1e01d9 |
| SHA1 | 3136608c8ae3601cf9d0909bb9f140ad014575cd |
| SHA256 | 29d6796e731203f46417311242868ae3d683a923ea552d472733ccfb8becddf6 |
| SHA512 | cef2052d8335884215b7884b2ab4485700efeee399080d5f2ab5c0e29d3ee295aeefab629b1e5c35020a3c7cccf9dcc9b9388e2504e68e2f870c5ce75c2939f5 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilenAGR03\xulstore.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilebm58Nk\user.js
| MD5 | 736db8c9b955f72129a6644a9c797093 |
| SHA1 | 59f1c80c407e27ffe85407a82f7b7250c5ee3753 |
| SHA256 | 668694ca0485bfb77e7049bad327ba3f83534f31c1d50744f227c996eab4097f |
| SHA512 | 9916d339304272357ff56976bfcb9fd2d607ccbaa33dc40b88618c9ae31833923d3f2e8288cfc1f0090da90803b5e07404c41182155db2d2345df6f63020f217 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilebm58Nk\prefs-1.js
| MD5 | ccf574d166c146490a218a16e6989fdd |
| SHA1 | 3126909415ac4f0c5663ffb6e0a4480ab84f6b61 |
| SHA256 | b5bfbf702f3c83361d0f00d568ec039db49c1b1efd4c40db1e0c3ec6a61f8aef |
| SHA512 | 69891b0c4e0dc2aef887817bf421c2254e5b370acdcfd0d5b3d4893db5c7763a20ebbf37b210bce48610041452d10d4fb83ce4f1f0502b9113f6633908984623 |
memory/2256-1733-0x00000000034C0000-0x00000000034D0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilebm58Nk\startupCache\scriptCache-child-new.bin
| MD5 | 2724d7dd31542eea53805994d9290cd8 |
| SHA1 | 7b5d8536b060269d79848eaa6e2362333bc0f8ec |
| SHA256 | 72f0d983fa1c2017f7402b19caf50305d7bd8001ed4e7797bc3dc0528f3081a1 |
| SHA512 | 6ea98f95ca46f2b83081b546bf6238de11a829853105233bb29cf9ceeb69ace8c69ae90e94c9b5143f91f05713cfbf82f63265733f6233ecf5acb867758c1ee0 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilebm58Nk\prefs-1.js
| MD5 | 5dcbf5074267b3f8b18cbd2807667b01 |
| SHA1 | e2831987715ce77e4e097508d28a1565d4b81493 |
| SHA256 | c7479d6c9fd12108c441e5803ef8f3b503efd26209b746ddf9585ce54cd9e260 |
| SHA512 | f20f480b963e4d57f58a3652bae7ac31558a736a86b7506aa69cd293776aea4b4fbbb33dd3a46b076c854cb9e31f3f15ffb8b8ca23fef70bf28d5441eb9a4126 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileuMA8iZ\datareporting\glean\db\data.safe.tmp
| MD5 | 63b1bb87284efe954e1c3ae390e7ee44 |
| SHA1 | 75b297779e1e2a8009276dd8df4507eb57e4e179 |
| SHA256 | b017ee25a7f5c09eb4bf359ca721d67e6e9d9f95f8ce6f741d47f33bde6ef73a |
| SHA512 | f7768cbd7dd80408bd270e5a0dc47df588850203546bbc405adb0b096d00d45010d0fb64d8a6c050c83d81bd313094036f3d3af2916f1328f3899d76fad04895 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileuMA8iZ\datareporting\glean\db\data.safe.tmp
| MD5 | c58234a092f9d899f0a623e28a4ab9db |
| SHA1 | 7398261b70453661c8b84df12e2bde7cbc07474b |
| SHA256 | eaec709a98b57cd9c054a205f9bfa76c7424db2845c077822804f31e16ac134c |
| SHA512 | ae2724fc45a8d9d26e43d86bcc7e20f398d8ab4e251e89550087ace1311c4d2571392f2f0bed78da211fcb28766779c1853b80742faa69f722b2c44c283569fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileuMA8iZ\prefs-1.js
| MD5 | d77ec573b2a68eae3a47259351ea5a5e |
| SHA1 | 3de8344c240297484b02b6109ddfc80fae335989 |
| SHA256 | c14e83e42b647f03e939abf21e874d5feed86a93e8a35ba8eceadd73914d0774 |
| SHA512 | 27c2767723020caae747708ba3e68fa227a2066d1f5588486043d89bb67b63d6e49fd13c79e361284ef3a1cf9e5f230c0e37d015f5785169a3597630e3cdec6e |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileuMA8iZ\sessionCheckpoints.json
| MD5 | 29ce37dc02c78bbe2e5284d350fae004 |
| SHA1 | bab97d5908ea6592aef6b46cee1ded6f34693fa2 |
| SHA256 | 1bfee61e2f346959c53aa41add4b02d2b05c86c9f19ffefe1018f4a964bf4693 |
| SHA512 | 53a9eb746e193c088210d8eaa6218d988f3a67ee4cb21844d682ff0178db040932404f5ce2f3cf8b4576313ba0ec33c04ca288c3412bfa5df7dd8230cc2068bb |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileuMA8iZ\prefs-1.js
| MD5 | ad58ac363ffd2ccb554f4ee140b2753e |
| SHA1 | 3b54317fa42c9431874b7cb602ee7ae96425a036 |
| SHA256 | 08a09a5de6117fe001c8fd9534d3c1da096bd49a099bed76aa6e1bb375d012ef |
| SHA512 | 3b57680c257f0918f17cf6bc6c9a491cf99bb9b1b33cbec53f3335451af9dbf27630b89fa8e0f5c29cd4ce5239a8b9bc1329b34a9c06e0962ddcebfa6bd08349 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileK2oIqO\compatibility.ini
| MD5 | 02135720e8de62d237f6573145f32ef1 |
| SHA1 | 3a5a521acda74a93f43f3a05075c3f4a4c98e63d |
| SHA256 | ef96d954a9b2a5183f6b02e53fdf633dd985cbf6a8a1c2feef2f91b876f52cd8 |
| SHA512 | 4351a6a9afe5d0627859ee2df1b8fddadba74689bc5823660f396a1563c8aa48b4d2ffe4bf74f6bb2f4142e77cb90dc87bdf54f8a7bbd046befe592474c8a399 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileK2oIqO\WebDriverBiDiServer.json
| MD5 | 588c0fd9303cd517cd8991361ee77d43 |
| SHA1 | f0e98d927756b403434bf9779828b202470dadda |
| SHA256 | 0c97cca358390c391b821938ce78ee3f21d8791b5ed8366cb37716268b3cca0c |
| SHA512 | fc0efcd87d52f97acc5eea271a8d87917210642231ed3df53c45745a89cb56461da742084ea69c8c0a605c582a7b954ea3a386e09769d2aca6a9a45b08656046 |
memory/576-2655-0x0000000007540000-0x0000000007550000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileK2oIqO\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | 0e1508fec71ae7b356294f74cd4decac |
| SHA1 | f2a055317131f1a2db4701c6d8aa669520f776e1 |
| SHA256 | ab12441c308c4d3606941d9d2f4deae7c2030aaf8ba6236d2ee1280109ce195b |
| SHA512 | 2553e91d82cfa2dd249ae758c0e814a80446bcd4917e3ef8923770fc97cc40a5635561150a6107c0327bff127368dc9576f81c4838fb0244f11c1d482b4907d4 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileK2oIqO\prefs-1.js
| MD5 | 9d22dc42167795ce2af8a20c9ad72339 |
| SHA1 | c736ae19568e1980405133f9df5642d6dc92bb92 |
| SHA256 | 73affa766ecbe02c5687b631781a58cf8fce35cc7acaf30caa11ad454cf048e3 |
| SHA512 | f22bd8df11847b1600b01438fdc4d0b338e1f9255f966894c80e7b59b1cdde8661e93fcbacc9b57b809c64ccdeca69bc29ab77cb88153e8fdfac02d25d2dc2e3 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileK2oIqO\storage-sync-v2.sqlite
| MD5 | bff4d6361e4126d963ab7dffdc7550ce |
| SHA1 | e2660c2f00b0aef4a81972c6a6093935d5aa40d5 |
| SHA256 | ad0828e5ff9d4188151772cd9af85827a431d122901486590c5734b62b4af2d2 |
| SHA512 | 8d967c085d343d50a76cf14e88ed2fb742a7195034ddbaacd57d2c47abf0218a5f6878528a8f37c8f3b61496f61b5e254d205003af87a3cf156ba12ea59f65bc |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileK2oIqO\content-prefs.sqlite
| MD5 | b15425d1f21f5708184e35493e63c8a1 |
| SHA1 | e944c1fdf56a3f6a5150b77980e89d48c7b57be2 |
| SHA256 | 7a9012d1846763fe9dcb059035972a023ec29f2b9c03f865f0a6f6df6ef2a6c0 |
| SHA512 | 6b54e30e0a060261bdac98ef818d1053fbabf0d6b8a17efc729942729ed6e6dddb29063b079ddb1dcd1b4edfc85a0311cf821b4b3291372c834a00733456423f |
memory/780-3164-0x000000000AFF0000-0x000000000B000000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileMugQGN\datareporting\glean\db\data.safe.tmp
| MD5 | 7fba44cb533472c1e260d1f28892d86b |
| SHA1 | 727dce051fc511e000053952d568f77b538107bb |
| SHA256 | 14fb5cda1708000576f35c39c15f80a0c653afaf42ed137a3d31678f94b6e8bf |
| SHA512 | 1330b0f39614a3af2a6f5e1ea558b3f5451a7af20b6f7a704784b139a0ec17a20c8d7b903424cb8020a003319a3d75794e9fe8bc0aeb39e81721b9b2fdb9e031 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileMugQGN\prefs-1.js
| MD5 | 75265989dbc526ac2142e207e26ad140 |
| SHA1 | a64cf7a2cbb4b0d0883e32c07618d35260306be0 |
| SHA256 | acf93817775969d9ff7b7b8069dbc14e9f693a583d248295fc5d4c38e86eca73 |
| SHA512 | e52cc602a16a911bc886ae5cd2c1564e37a6e33975330fd4cefa619fab602efe3e931705b8e33605c6d70f8fffe85d8c41be6782d39d50da778e96bbfc7ab6a3 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileMugQGN\prefs-1.js
| MD5 | 5fb9f69e48c64d1b46b75a4d67fd32d9 |
| SHA1 | 99d07bec9bd36c80b30d42f3c339acd95ce897b7 |
| SHA256 | 36068a9450e74bbfc3e9c54a9d288d34b2cfa05efe1998db25c60413709f7439 |
| SHA512 | 344dbcdde747d67aaebf390cecbcdfeaa75795c2798ae38f62ea181c5c88ab9cdca89c614999eae77f2e0f24287c8d4db1d553221c13d83b57216b5a121dc5b5 |
Analysis: behavioral3
Detonation Overview
Submitted
2024-05-09 01:55
Reported
2024-05-09 02:07
Platform
win10-20240404-en
Max time kernel
293s
Max time network
309s
Command Line
Signatures
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "ver"
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\TorBrowser\Tor\tor.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Users\Admin\AppData\Local\Temp\_MEI21922\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI21922\geckodriver.exe --port 50037 --websocket-port 50038
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50038 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilecJxtrc
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50038 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilecJxtrc
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe" -contentproc --channel="600.0.784597735\1485685801" -parentBuildID 20240416150000 -prefsHandle 1464 -prefMapHandle 1440 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\browser" - {f48d2deb-3dd2-4295-b5b7-a59fdb494151} 600 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe" -contentproc --channel="600.1.280783273\850107284" -childID 1 -isForBrowser -prefsHandle 2084 -prefMapHandle 2416 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\browser" - {d2f9b09a-5749-40f7-b069-dedc61197943} 600 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe" -contentproc --channel="600.2.458772014\221433406" -childID 2 -isForBrowser -prefsHandle 2924 -prefMapHandle 2896 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\browser" - {ffc3661a-bf51-4101-95c2-388a85519ca5} 600 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe" -contentproc --channel="600.3.1681916934\34502078" -childID 3 -isForBrowser -prefsHandle 2996 -prefMapHandle 2980 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\browser" - {f09a3b7b-68e0-406b-8cbe-f4dfbc137dc1} 600 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe" -contentproc --channel="600.4.1645437357\358160927" -childID 4 -isForBrowser -prefsHandle 3120 -prefMapHandle 3208 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\browser" - {85ef0636-e38e-47fd-8652-199aad3e1b28} 600 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe" -contentproc --channel="600.5.928598044\428338229" -childID 5 -isForBrowser -prefsHandle 3700 -prefMapHandle 3632 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\browser" - {8fe6fc90-6e24-41b1-b679-c5998beb7671} 600 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe" -contentproc --channel="600.6.1126549905\1845647718" -childID 6 -isForBrowser -prefsHandle 3212 -prefMapHandle 3100 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\browser" - {a4399ec8-96f2-434a-bc1b-ca701d90591c} 600 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21922\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI21922\geckodriver.exe --port 50037 --websocket-port 50038
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50038 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileb5O0oU
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50038 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileb5O0oU
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe" -contentproc --channel="1936.0.1847431897\1723778988" -parentBuildID 20240416150000 -prefsHandle 1472 -prefMapHandle 1448 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\browser" - {dccc4672-2e7a-4541-ae87-681f6fbf7541} 1936 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe" -contentproc --channel="1936.1.596051355\2033489318" -childID 1 -isForBrowser -prefsHandle 2680 -prefMapHandle 2688 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\browser" - {9dc46b61-356f-4d9a-a576-d59ee2802a34} 1936 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe" -contentproc --channel="1936.2.34829954\1585949328" -childID 2 -isForBrowser -prefsHandle 2936 -prefMapHandle 2932 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\browser" - {4f54b1f3-daa0-4824-9903-9b5ed2da3420} 1936 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe" -contentproc --channel="1936.3.1777539279\1549979554" -childID 3 -isForBrowser -prefsHandle 2952 -prefMapHandle 2948 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\browser" - {d365495d-d8be-46b0-b4ee-57f6a22bfea0} 1936 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe" -contentproc --channel="1936.4.1400003072\1708799039" -childID 4 -isForBrowser -prefsHandle 3668 -prefMapHandle 3664 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\browser" - {22f37706-98c7-4253-8d6b-72ea80543adb} 1936 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe" -contentproc --channel="1936.5.2092628686\94547656" -childID 5 -isForBrowser -prefsHandle 3820 -prefMapHandle 3824 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\browser" - {8fede69f-6d30-454a-bd38-eb1498246b44} 1936 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe" -contentproc --channel="1936.6.161910640\1088646172" -childID 6 -isForBrowser -prefsHandle 3604 -prefMapHandle 3596 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\browser" - {26b1934e-6e4e-4bc8-9d49-97033fff2041} 1936 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe" -contentproc --channel="1936.7.357080847\1151100465" -childID 7 -isForBrowser -prefsHandle 4312 -prefMapHandle 4316 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\browser" - {05cda7a7-c110-4035-a099-33e6b0dc8939} 1936 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe" -contentproc --channel="1936.8.2142704230\2031785427" -childID 8 -isForBrowser -prefsHandle 7576 -prefMapHandle 7740 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\browser" - {b227e361-1c8f-4b73-a8e8-9214b475af0a} 1936 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe" -contentproc --channel="1936.9.175456840\1302226233" -childID 9 -isForBrowser -prefsHandle 8556 -prefMapHandle 7296 -prefsLen 25332 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\browser" - {e5d5940d-fc0e-4b49-a201-8f71d148fb98} 1936 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe" -contentproc --channel="1936.10.507976920\1428849303" -parentBuildID 20240416150000 -prefsHandle 8340 -prefMapHandle 8436 -prefsLen 27602 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\browser" - {3e56380d-8285-4e2d-82e2-1eadbb0c5f6b} 1936 rdd
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe" -contentproc --channel="1936.11.2120035388\593475005" -parentBuildID 20240416150000 -sandboxingKind 1 -prefsHandle 8276 -prefMapHandle 8424 -prefsLen 27602 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\browser" - {a60f8135-e7da-4076-a34c-d0dfa4c1b1c5} 1936 utility
C:\Users\Admin\AppData\Local\Temp\_MEI21922\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI21922\geckodriver.exe --port 50037 --websocket-port 50038
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50038 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileFeQGRZ
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50038 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileFeQGRZ
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe" -contentproc --channel="6024.0.1681085725\410905305" -parentBuildID 20240416150000 -prefsHandle 1484 -prefMapHandle 1472 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\browser" - {da6b27ab-e535-47c7-abe4-44cdde8c950d} 6024 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe" -contentproc --channel="6024.1.386794270\358582759" -childID 1 -isForBrowser -prefsHandle 2492 -prefMapHandle 2488 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1076 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\browser" - {29c628c5-d365-44e8-85cf-5e399f6014c7} 6024 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe" -contentproc --channel="6024.2.2057812788\1236989202" -childID 2 -isForBrowser -prefsHandle 2920 -prefMapHandle 2904 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1076 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\browser" - {63f4eed7-d8c6-498a-a0d4-1968c802aac1} 6024 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe" -contentproc --channel="6024.3.1315912344\116743668" -childID 3 -isForBrowser -prefsHandle 3640 -prefMapHandle 3644 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1076 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\browser" - {32bc9235-4963-4e64-9563-939ca8d408ed} 6024 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe" -contentproc --channel="6024.4.547568868\1078812584" -childID 4 -isForBrowser -prefsHandle 3816 -prefMapHandle 3812 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1076 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\browser" - {364aa08b-25e3-4be5-bade-a61617c705c3} 6024 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe" -contentproc --channel="6024.5.2020465667\1396713382" -childID 5 -isForBrowser -prefsHandle 3336 -prefMapHandle 3340 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1076 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\browser" - {2e2d49c1-864a-4bd8-b854-d6fd809e5ead} 6024 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe" -contentproc --channel="6024.6.246507020\700225546" -childID 6 -isForBrowser -prefsHandle 3948 -prefMapHandle 3952 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1076 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\browser" - {a9805b95-6470-4f09-a5ba-16933f74d06c} 6024 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe" -contentproc --channel="6024.7.1616277606\1737950706" -childID 7 -isForBrowser -prefsHandle 4288 -prefMapHandle 4104 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1076 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\browser" - {b8054e8d-235b-4246-9ccd-eab5f47f4b65} 6024 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21922\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI21922\geckodriver.exe --port 50037 --websocket-port 50038
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50038 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilemVG8pu
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50038 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilemVG8pu
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe" -contentproc --channel="5504.0.263833340\806005824" -parentBuildID 20240416150000 -prefsHandle 1464 -prefMapHandle 1448 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\browser" - {4780063d-d5dc-4c97-8f12-1f731f792b3f} 5504 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe" -contentproc --channel="5504.1.1911927854\624384049" -childID 1 -isForBrowser -prefsHandle 2192 -prefMapHandle 2092 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1168 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\browser" - {79a1d959-6576-41d2-ac77-63c1d4d0d146} 5504 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe" -contentproc --channel="5504.2.419093792\663131098" -childID 2 -isForBrowser -prefsHandle 2928 -prefMapHandle 2924 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1168 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\browser" - {f01a6266-8743-43e1-999c-8f2b5320bedb} 5504 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe" -contentproc --channel="5504.3.226057632\1324478630" -childID 3 -isForBrowser -prefsHandle 2944 -prefMapHandle 3332 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1168 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\browser" - {cd34948b-c701-4bdc-ab41-12afd1cfab67} 5504 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe" -contentproc --channel="5504.4.599283854\305492471" -childID 4 -isForBrowser -prefsHandle 3804 -prefMapHandle 3800 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1168 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\browser" - {14e163ef-dafd-4479-8dd2-964c5d0e89a9} 5504 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe" -contentproc --channel="5504.5.862863401\936434491" -childID 5 -isForBrowser -prefsHandle 3952 -prefMapHandle 3956 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1168 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\browser" - {6a467138-965a-42e4-8787-529aee0fd8a3} 5504 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe" -contentproc --channel="5504.6.404689791\38922478" -childID 6 -isForBrowser -prefsHandle 3312 -prefMapHandle 3308 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1168 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\browser" - {4055929c-c064-432f-8233-a2ecb0f439e6} 5504 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe" -contentproc --channel="5504.7.1911881128\1176443844" -childID 7 -isForBrowser -prefsHandle 4360 -prefMapHandle 3980 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1168 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\browser" - {693367cf-c6e4-4842-b9e9-060d1614d907} 5504 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21922\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI21922\geckodriver.exe --port 50037 --websocket-port 50038
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50038 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofiletlhCul
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50038 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofiletlhCul
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe" -contentproc --channel="5028.0.253346282\2112816178" -parentBuildID 20240416150000 -prefsHandle 1520 -prefMapHandle 1496 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\browser" - {b0448c18-dde6-4a17-b702-99486b7888bc} 5028 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe" -contentproc --channel="5028.1.250775163\1974471398" -childID 1 -isForBrowser -prefsHandle 2664 -prefMapHandle 2680 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1132 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\browser" - {962cddf6-eb5a-4f19-8277-eadb919889a3} 5028 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe" -contentproc --channel="5028.2.1431140531\1462878518" -childID 2 -isForBrowser -prefsHandle 2996 -prefMapHandle 2972 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1132 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\browser" - {810fe685-74ea-4e11-af64-ced3babc49e4} 5028 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe" -contentproc --channel="5028.3.2010125208\770654372" -childID 3 -isForBrowser -prefsHandle 3068 -prefMapHandle 3056 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1132 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\browser" - {6c8f381e-d6c8-4798-9160-f33ce7510fdf} 5028 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe" -contentproc --channel="5028.4.1628123147\755465759" -childID 4 -isForBrowser -prefsHandle 3348 -prefMapHandle 3364 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1132 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\browser" - {d56442d6-c4a5-4a63-a018-c0b60109e20b} 5028 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe" -contentproc --channel="5028.5.917363157\1697470894" -childID 5 -isForBrowser -prefsHandle 3324 -prefMapHandle 3340 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1132 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\browser" - {a281acbb-a558-4613-8d34-396e9710918a} 5028 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe" -contentproc --channel="5028.6.352315016\239876428" -childID 6 -isForBrowser -prefsHandle 4048 -prefMapHandle 4052 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1132 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\browser" - {448a28a3-78b6-4e01-885f-8e3b423b1c0e} 5028 tab
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe" -contentproc --channel="5028.7.579954288\896074121" -childID 7 -isForBrowser -prefsHandle 4368 -prefMapHandle 4364 -prefsLen 25412 -prefMapSize 245849 -jsInitHandle 1132 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\browser" - {06c50e96-1ef7-4fd8-afec-0d0672391d55} 5028 tab
Network
| Country | Destination | Domain | Proto |
| US | 173.73.134.86:9001 | tcp | |
| US | 8.8.8.8:53 | 86.134.73.173.in-addr.arpa | udp |
| HU | 37.120.144.222:9001 | tcp | |
| FI | 65.108.231.17:9001 | tcp | |
| FI | 135.181.124.214:9055 | tcp | |
| US | 8.8.8.8:53 | 17.231.108.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 214.124.181.135.in-addr.arpa | udp |
| N/A | 127.0.0.1:50140 | tcp | |
| N/A | 127.0.0.1:50142 | tcp | |
| N/A | 127.0.0.1:50037 | tcp | |
| N/A | 127.0.0.1:50037 | tcp | |
| N/A | 127.0.0.1:50235 | tcp | |
| N/A | 127.0.0.1:50243 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| US | 8.8.8.8:53 | udp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:50037 | tcp | |
| N/A | 127.0.0.1:50037 | tcp | |
| N/A | 127.0.0.1:50037 | tcp | |
| N/A | 127.0.0.1:50537 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50545 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| US | 8.8.8.8:53 | udp | |
| US | 52.111.227.13:443 | tcp | |
| US | 8.8.8.8:53 | udp | |
| N/A | 127.0.0.1:50037 | tcp | |
| N/A | 127.0.0.1:50037 | tcp | |
| N/A | 127.0.0.1:50037 | tcp | |
| N/A | 127.0.0.1:50914 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50922 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50037 | tcp | |
| N/A | 127.0.0.1:50037 | tcp | |
| N/A | 127.0.0.1:50037 | tcp | |
| N/A | 127.0.0.1:51221 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51229 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| US | 8.8.8.8:53 | 0.204.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.72.42.20.in-addr.arpa | udp |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50037 | tcp | |
| N/A | 127.0.0.1:50037 | tcp | |
| N/A | 127.0.0.1:50037 | tcp | |
| N/A | 127.0.0.1:51535 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51543 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| US | 8.8.8.8:53 | 25.140.123.92.in-addr.arpa | udp |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\_MEI21922\base_library.zip
| MD5 | 196fc7563beec5caf7c72cfefe27a4c0 |
| SHA1 | c3d9ecb19ed275d5e72dd2a2b8e63ae4b1339614 |
| SHA256 | ca9d50db79635bc360319cbb7ef3054ebb5824298e72663f38a1389575e839a4 |
| SHA512 | f0d6d9eae8fa63bc1922a8092236ab832c5d640d2775f985b13cd661796ee68b0c690146e84e2d54f55b374b38345d7f4c295d403ea6ade60b268d9a56cd139e |
C:\Users\Admin\AppData\Local\Temp\_MEI21922\unicodedata.pyd
| MD5 | 74f0f14027b885ef241534fa196562c4 |
| SHA1 | ce3b7da95afcc5d5a1ba98b3559838fd5c590ad4 |
| SHA256 | 0699d54b62a6af51ba3066d2234cdd0993888e96e508f6601bbc072c5ed850c5 |
| SHA512 | 44e53181dbf565f374ffe66f8963d2e48733325df23fd0d4e3d4ecc23a7dcbebc5553a8aba83e918a59263c43a29d2873f252249e43d20525def232fdff0ac18 |
\Users\Admin\AppData\Local\Temp\_MEI21922\libcrypto-1_1.dll
| MD5 | 0941c662082b05ebe62291f286a83e8c |
| SHA1 | 07c8641b96a52915ea5d30d5891478556f8d9208 |
| SHA256 | 5fb7a352f7446297b524902cd1bf9f4e6f2fb60cfb2daa9e3fa0f76ce91f9c27 |
| SHA512 | d0dae6006c1d1978f3166ab3663ca14f50f0b3699357ce89cc53cad0ffec81c089355c5980bea7ad527030fdd12a26cc0cb6422a933e207226e77d2730d69da4 |
\Users\Admin\AppData\Local\Temp\_MEI21922\libssl-1_1.dll
| MD5 | 50bcfb04328fec1a22c31c0e39286470 |
| SHA1 | 3a1b78faf34125c7b8d684419fa715c367db3daa |
| SHA256 | fddd0da02dcd41786e9aa04ba17ba391ce39dae6b1f54cfa1e2bb55bc753fce9 |
| SHA512 | 370e6dfd318d905b79baf1808efbf6da58590f00006513bdaaed0c313f6fa6c36f634ea3b05f916cee59f4db25a23dd9e6f64caf3c04a200e78c193027f57685 |
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\datareporting\glean\db\data.safe.bin
| MD5 | b1c8aa9861b461806c9e738511edd6ae |
| SHA1 | fe13c1bbc7e323845cbe6a1bb89259cbd05595f8 |
| SHA256 | 7cea48e7add3340b36f47ba4ea2ded8d6cb0423ffc2a64b44d7e86e0507d6b70 |
| SHA512 | 841a0f8c98dd04dc9a4be2f05c34ecd511388c76d08ca0f415bfb6056166d9a521b8bc2c46b74697f3ecdac5141d1fe6af76dd0689350caca14e9f849ee75a8b |
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | f3f55cfed1db00a7ca5b252c8da9daa6 |
| SHA1 | 7d701244151349bee2e580e2b791b1fc47d0f402 |
| SHA256 | 630c7cb6f3d4fb4710faa84302294565a60a1ba723d331cc3002bf73f8d0431c |
| SHA512 | de13880db5aa19cc11562eed00bbf6109d21f1ab0825c97d10c35ce4044e1eebbf7b9fe47a712546cbf129fd75e33cc1f92656742194f01e8dfe652eda1e6f9b |
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | 486fe872808014e51f75515c56a40cb6 |
| SHA1 | e7fa97e2e174aaa9badd0a04818364a9083874be |
| SHA256 | 90f55bbc9ddc538491475502e381a01c26472773900c41c1db19bc89860f6a08 |
| SHA512 | f2b0cb9a683e3e19d995040339660da9f2903dff885fba6f5a76adf7113e4d0789aeb295b4a33905615bd9efb8c733ad8cb349af6ba8015e0013546aea91ee8a |
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\xulstore.json
| MD5 | 8d689c06cb844185099c0398a280537e |
| SHA1 | 57073c7526ec37e94bb9db44fedc6d50276f7a6b |
| SHA256 | 96729e9b38f216605ff10715f96f364be32f02e2de23ede7e74b78244605124d |
| SHA512 | 3c7df326c695143915df1068cb2c0f58e93e4881b2c4d94b33948b80e954fbd4cf944ae53b4d15002b79fcdb8e88f8e9cf4c89ca50f56b7cfd8a13ea7dd6fff8 |
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\webappsstore.sqlite
| MD5 | 41c22c9f81a84b1b0e5ee7ec2ff7c545 |
| SHA1 | d12424cba9e4e9124bf3f15e556c562b95c9b6a3 |
| SHA256 | 4ffdc78433817da79ad2e84b26a2ffaf62d8c1baf80421751d752c3d8723328f |
| SHA512 | 8b690c55ae0b25aeede62a09dea1ef6b7daa9880ca63c6d4ce192160daded05fe0dc44b115216ce10523e2ec45991873c249f159fe8608712818f5ead327897b |
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\times.json
| MD5 | 797325af481a14ae243f10d5f24b4a0d |
| SHA1 | 718b6ed3d9d839b8fe0a0e097b9ac5f5770ed5a1 |
| SHA256 | 1d70eaebce1c81e3241ae47deb92aab50f90dd8baa4c7cb5e9f7eb6b1e66abb1 |
| SHA512 | ac9aa2b028bdffe24831ba50894fb48eb70b100f6973875987e24f075a3e9196f96699667eb3a5d2e4f86041d510447c75fe6e55562813451712878a3411c3b1 |
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage.sqlite
| MD5 | 7f2754df6a4a580b15910f449892766d |
| SHA1 | 9dcaad98563ed89781f53941cbc43db5454de7f5 |
| SHA256 | d3765d63c380e5a79296d566b7869c08b1f4e079787176f29cf2ddcd76330654 |
| SHA512 | 25f0205a8c4aed02e9e1f9ecafffb36cb3bb795ef9f06cc12ede9e8b0459ae5b86573b3b4980b92073a59204eaf314cba34c03b99e90ab98f804fe378fe02839 |
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | ecb1dedf5ef99417494e424ca42eb67f |
| SHA1 | e2a293cbba50c6624e75cdaffe472967f3961023 |
| SHA256 | cccd56daa3559a54db61113fbdb5b6c96649cdd65b5cf14bd442c3f2e3b738be |
| SHA512 | 5ea0645775933d5bd2f913d58e344253a58578c920af95bd0fb81ff4f13a4998a919f0856ffdc97541abf9fc3797558b0f2467bc73214b63c7ce568ba87e550b |
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\.metadata-v2
| MD5 | 7abc816e004d9ed0f292770cfa8876cb |
| SHA1 | 4a1eeb702543f0819ef7c64b9f3bfd53be292106 |
| SHA256 | 2960d61c10694d76f29beca0eb96c06608cf4bbf479811449a39197e8580842e |
| SHA512 | 9883b894e65a426227ea9808b69e2259f206df76bd9bb9e7c0ebd7521acbdad0a92c4a531f739c93b1e53001eca8a1a42e122baa1e1885b11d4ba34aae24961a |
\Users\Admin\AppData\Local\Temp\_MEI21922\unicodedata.pyd
| MD5 | 601aee84e12b87ca66826dfc7ca57231 |
| SHA1 | 3a7812433ca7d443d4494446a9ced24b6774ceca |
| SHA256 | d8091e62c74e1b2b648086f778c3c41ce01f09661a75ea207d3fea2cf26a8762 |
| SHA512 | 7c2d64623c6cfd66d6729f59909c90aa944e810ff6514c58b2b3142ee90e8660b7ddf7fa187389dd333e47efe8b19e935dd4e9119c15375b69b4880d043877d7 |
C:\Users\Admin\AppData\Local\Temp\_MEI21922\geckodriver.exe
| MD5 | cc3d9fd2d0d1fe7415f80f1b8338bb83 |
| SHA1 | 4a2ce0dcfe92fa580b235d025fbb87902548f78e |
| SHA256 | 65f327d15e6634a75457968c1351533a5fc92a906487611a3a78d380c54b99b3 |
| SHA512 | da17ce903cd4c09ebe53345940ca41d34089958b225537e727301273ab5845419d36a86d0574567b73b5dc7031c1bcfbd86106651db8f10ac413065dd27607d2 |
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\ls-archive.sqlite
| MD5 | d277f533f1d77e26d09bb66764bbeea6 |
| SHA1 | 082920ebe7dfb870cf94a99fc601fd5ae8b456ee |
| SHA256 | 3c957f8d69ccfe73b66c28d378bf301bb1bcb0ceb5c59ac0dafeb5787b24f3c3 |
| SHA512 | 510c78685b20a68160d9041d5a55a022a281fc0fd5777f978dc422d132961bf52ac23a0a95ca47b15715641ecb7a39b359da8d00d305c8543d553c00db54747d |
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | cbb1daad9fc48ab13e35fcd3621a5999 |
| SHA1 | 0eec8ece735465aea259f8223762f93fb13a97a0 |
| SHA256 | 8a03ae38ee38cf04dd9a5e2c5563bfd930886cae2170ed4200829288e5c155da |
| SHA512 | 818629d68123ae629bd5a1c7e768ed79707360457be1b7c50f7c59447bf9ee398fe78c925f037649d6b1ca529a9cf3bf8077b6f525f3e88142c56bc7e5451e8b |
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\.metadata-v2
| MD5 | 2c740091198dcf20b9c600791e2bcc3c |
| SHA1 | dd6f376ba9139ddec20ece64da0760054133db96 |
| SHA256 | e39504c71ba91c438c682a8c83c7ecfc5410b853d7788a4c561a8c6e90bdbe59 |
| SHA512 | a677a432a4af6b5ad0131d224d2e4c999c2340a54ba770f9f39429fd28ad05a921fcf65a1b714af5deae2419abcf8ab38472e15f0f8758ccf7b7769a40bafffc |
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\sessionCheckpoints.json
| MD5 | 48fcad918c62db97e9af1dba1d131473 |
| SHA1 | d89381594d3241b0e645033f67572a5d8c166764 |
| SHA256 | dd8349e2789db1125b477971c5d445b6afb2f6ea3b57de65080631040900fe8c |
| SHA512 | 2278d074aab519859188b047c77fe7b4db718e0af237b63e06a1b095d7a1eb4e07d6ea59cab5d7b1325aae0047fadea36eae12a80bfefe112aab85fc18aa1ca3 |
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\search.json.mozlz4
| MD5 | b6d7fc9b6ebc5f46500acc52bf6c9808 |
| SHA1 | 4fd8111c436d89b83890e98b4cb7d0343e568340 |
| SHA256 | 2bd35c40d02dfca6c685a001287d89c1ec743b8d4d87a0a568c1cbd0b5ba4974 |
| SHA512 | 7e7111112af9448be4da527ae1d76ed93ec1e236dd00db63ff30d93d1f29cd699193e1e2635b110dda3ec36502c25065ef7d1613537451916ea301eb0f3e084b |
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs.js
| MD5 | 8565a303ddc83b03f8662b034597de18 |
| SHA1 | ce6453779eb52055599ddba097a95ab82512ae5b |
| SHA256 | b6ffe8a2973d7050fd5ffcf7ee1c995eef8d8dc5d58cb0a05a6ca0953bd4c6bd |
| SHA512 | 2b667252645b7f1202582beb353fbb2320f81b1f2e42a8327792309709434092a953727b222a5d81bac1482a547a498ca5c9d3d2c772858746cf29d18c684566 |
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\places.sqlite
| MD5 | 53979ab0bb6af588eafd096e7ddec628 |
| SHA1 | 6a8efe246b23c243d93d8f020b21cc2d49c81816 |
| SHA256 | a0b39a28c4af2db84121332570441aabd2ff293b19e5728424686f0dc87454c7 |
| SHA512 | 3107d390f3588bdae429d05b7c6a3afc5d037cd7957a1b11a59ce493781a7e140a3df0cb8bd1183e6b762dc7254d0448f36673d448d109440920c8d0c664086c |
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\handlers.json
| MD5 | e7a65c5ead519a7b802f991353c26d3d |
| SHA1 | 34cc3c1cf9bd4912dba5fa422010934e46419fa3 |
| SHA256 | 0e5ce92485da953757f615bad034a43032b220da18f8165dd85347851b56b2d2 |
| SHA512 | 2a6034449ba6f5da8a77870ae665064047cea2460aeb4c8c0b62b308a403fdd30648150209aecc31ab1e50b6d9d94a1f51d3d7d50bbf35ec1b742bff2dbe788d |
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\favicons.sqlite
| MD5 | cef7e290b89aea3372d2ca019c5ed6a1 |
| SHA1 | 2def39d23c90ec7099b0ae7fe160b82505dac63b |
| SHA256 | f2c482fe41b468e670ca6b93c3be99e805a8f65ddfa5b24a47266876b6ddfc2a |
| SHA512 | c905b7ce4e3e9c67d8453d225f5f54e224ce151816723f8f44cd3ddd0ce3d9d69e024d00a37d8cb33817f381273e478097eb68121794b7c67666b13da5c60018 |
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions.json
| MD5 | e2e8f9cf938f81b1185086b12c5c9d90 |
| SHA1 | b67c857a7002b3262f09ffc9fa8524c58a01e5b9 |
| SHA256 | a053bba02f38179197090a9a9849aab872af5b09dc61b2f69efb0d8ea2d0f5e2 |
| SHA512 | 3bab571f5c43ff72ce1dd654b584d053cba937a3d3cc4d07cbf57ac7acc821b199b90fab66abc62dbe32e75297143c810c995d87df076e75a583e321d081d87f |
C:\Users\Admin\AppData\Local\Temp\tmppxyt11b5\webdriver-py-profilecopy\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
| MD5 | a3fb2788945937b22e92eeeb30fb4f15 |
| SHA1 | 8cade36d4d5067cd9a094ab2e4b3c786e3c160aa |
| SHA256 | 05b98840b05ef2acbac333543e4b7c3d40fee2ce5fb4e29260b05e2ff6fe24cd |
| SHA512 | 4897aefe3a0efffaa3d92842b42fe223f0b9882031a65bea683f4554d1fec92b8a66ea15c67e9b95c7fc12991cde3245010ccfb91768ba233711ced3412c13bc |
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
| MD5 | 99e05b86c897bbc2a33698d443d918c7 |
| SHA1 | 54b10038ed0559b7e8b9f3d115702e7ddf1662e5 |
| SHA256 | 1fe298050cf93ccc745b1bef4dc34436f49f35429d5c418b3900d5a1f0d7ec01 |
| SHA512 | fa4052a39d0cb28ffe750d2ec42dacec6c0837d72cf9715d74a20083fd2086f61acbbca53b453ba591f357cde536c2688d31b94f6b739a4596b03e30c310b47c |
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extension-preferences.json
| MD5 | d2e8aceaa00ad916618bea2eee81aedf |
| SHA1 | 28b26f0db0b4b2504a418983089795761c56e4a1 |
| SHA256 | fc52b830f384921b69b457fed04dfb4239fb08e9fe7d8ac07c4c269bd9f6f622 |
| SHA512 | b6cb1f872dfc024d28524976aca3ad8840943ca0fc212326e8b6ee6fe0a57d5120a6c1da824ab70d7f9ee8dd674bdd32ace038db4d893b893830bf3267c6e59d |
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\cookies.sqlite
| MD5 | 5caa766855d5613a999f71b7812d6451 |
| SHA1 | ad0d9a52a0d5cc7f11858301dbe47377ed99ee37 |
| SHA256 | 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27 |
| SHA512 | 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba |
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\content-prefs.sqlite
| MD5 | 2ec530a71bdac21f299f9ddb823be222 |
| SHA1 | 5425aaf19c0832cda06be506e88f2435f432d287 |
| SHA256 | ccad2cafe84d27b3be67a87f0e32b7670e451c7ceefce6f2aa38f658976334b3 |
| SHA512 | 94eec8b0f59c68331d9187dd4dd4aa2b2c31d844e72bf707cd9e0c7c72c64982a3babcacf3d09a996422281ac5479ee304b41a577e54a74308d7a31a7d7091d4 |
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\containers.json
| MD5 | 26dd091069531a62061de8ca1c56d46b |
| SHA1 | 6c9daa73f096174f28f86c9bb245cb8a540f5c2d |
| SHA256 | 2cde4e7f9f1c6ab6fcf729370237845c72314a6c6d942fab1989f37e6c610a9a |
| SHA512 | 180d42c642f5d1126efbf89af33f1b4d1aa936aa530834b508eabcf3ec845aad91daa871ee6517e1181910f5720edbc3788d6a4b2455f1255d7b52b95de2d66d |
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\compatibility.ini
| MD5 | e50a617598b0f635e6f9ae4a9d445b78 |
| SHA1 | a372ec393dd6271bd00cf02f894152887765da8b |
| SHA256 | c9053fe76caf2607aa3043fa8b60070956198590dd8aab868145e0644cee30f5 |
| SHA512 | e851c226c38d4a6dfe43074d455fd75483d6c9b4d9521280a64f5b1913a055084d7764f13a8d0a12142a716a4031cc2ca4916c131d41c18a4d7a95128cb03bc0 |
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\addonStartup.json.lz4
| MD5 | 85de06e3d4c6f39404776f3c7162c59b |
| SHA1 | 3e4b8ecebaa9c903d220ee23d367be8e8ba27619 |
| SHA256 | 33d83687f45f4dbe12db0a0ce697cbce2c228d71ed474ad10a839ff7ce95012a |
| SHA512 | 6cd4cac7bd74ac01de30d242b2bc75e7dc2e23c0871250ae8176cc947553dbfc702a2392380acdad6bec355aea6dfa95708af54c560330c36c05bb0f34169963 |
C:\Users\Admin\AppData\Local\Temp\tmppxyt11b5\webdriver-py-profilecopy\favicons.sqlite
| MD5 | a25f4695bbc2cc3bb10bfc72fe8c7c91 |
| SHA1 | 746ab4d71282026d95f6ff41dbec04eb801f0ff3 |
| SHA256 | a813d451fefd83c27db756cb1482a8877ef260059ac06eceb462c07f16afcbca |
| SHA512 | 914a179074abbb31753501a96d0be7271af768c91dfdfa25f57d97ea65241fa5fa2fb64c3b07e069e2e745a99775cc45a8695a6581950246ad741166344602a0 |
\Users\Admin\AppData\Local\Temp\_MEI21922\_queue.pyd
| MD5 | dd146e2fa08302496b15118bf47703cf |
| SHA1 | d06813e2fcb30cbb00bb3893f30c2661686cf4b7 |
| SHA256 | 67e4e888559ea2c62ff267b58d7a7e95c2ec361703b5aa232aa8b2a1f96a2051 |
| SHA512 | 5b93a782c9562370fc5b3f289ca422b4d1a1c532e81bd6c95a0063f2e3889ecf828003e42b674439fc7cd0fa72f64ad607bab6910abe9d959a4fb9fb08df263c |
C:\Users\Admin\AppData\Local\Temp\_MEI21922\Tor Browser\Browser\firefox.exe
| MD5 | 4b8a97c46229512e9cdd73103b9dd509 |
| SHA1 | 6b00b5f1ae7f031ab3df533bd0ee620100fc9e39 |
| SHA256 | 3f00fd6dd1d025f9639e1bd3a5e0f01dd273abc095bce9886a5cbdfa2da23c0b |
| SHA512 | d0b554cdfce241affc78e0b47a9ad605d41fb28771fe155f642f00c0824272cddb54a706eff77a3bafd84c7124e28ce09a51da10ffc97d862eb9bcf8faff381d |
\Users\Admin\AppData\Local\Temp\_MEI21922\_ssl.pyd
| MD5 | d4dfd8c2894670e9f8d6302c09997300 |
| SHA1 | c3a6cc8d8079a06a4cac8950e0baba2b43fb1f8e |
| SHA256 | 0a721fc230eca278a69a2006e13dfa00e698274281378d4df35227e1f68ea3e0 |
| SHA512 | 1422bf45d233e2e3f77dce30ba0123625f2a511f73dfdf42ee093b1755963d9abc371935111c28f0d2c02308c5e82867de2546d871c35e657da32a7182026048 |
\Users\Admin\AppData\Local\Temp\_MEI21922\select.pyd
| MD5 | e21cff76db11c1066fd96af86332b640 |
| SHA1 | e78ef7075c479b1d218132d89bf4bec13d54c06a |
| SHA256 | fcc2e09a2355a5546922874fb4cac92ee00a33c0ed6adbc440d128d1e9f4ec28 |
| SHA512 | e86dba2326ca5ea3f5ef3af2abd3c23d5b29b6211acc865b6be5a51d5c8850b7cda8c069e6f631ac62f2047224c4b675bbe6ac97c7ba781de5b8016ebaffd46f |
\Users\Admin\AppData\Local\Temp\_MEI21922\_socket.pyd
| MD5 | 4827652de133c83fa1cae839b361856c |
| SHA1 | 182f9a04bdc42766cfd5fb352f2cb22e5c26665e |
| SHA256 | 87832a3b89e2ada8f704a8f066013660d591d9ce01ce901cc57a3b973f0858ba |
| SHA512 | 8d66d68613fdba0820257550de3c39b308b1dce659dca953d10a95ff2cf89c31afe512d30ed44422b31117058dc9fa15279e5ac84694da89b47f99b0ad7e338a |
\Users\Admin\AppData\Local\Temp\_MEI21922\_hashlib.pyd
| MD5 | 5e5af52f42eaf007e3ac73fd2211f048 |
| SHA1 | 1a981e66ab5b03f4a74a6bac6227cd45df78010b |
| SHA256 | a30cf1a40e0b09610e34be187f1396ac5a44dcfb27bc7ff9b450d1318b694c1b |
| SHA512 | bc37625005c3dad1129b158a2f1e91628d5c973961e0efd61513bb6c7b97d77922809afca8039d08c11903734450bc098c6e7b63655ff1e9881323e5cfd739fd |
C:\Users\Admin\AppData\Local\Temp\_MEI21922\top-1m.csv
| MD5 | e332a31381c6ca9db2b50f1ce430d38d |
| SHA1 | f89de1dc4757367477344ec569983fa8004de7fc |
| SHA256 | 499a94f6ff83bcd4389e3e590c146a19a51a10dd4c12f077e7510aa209a5bc0e |
| SHA512 | d7f14f04fc25fe85a3981eefca46a6bfeed806447a9c443347572b9a7dd5e8ab038c77e07f4413190b5e4ad0286d7d83860bc51ed516a29f962df80973005ca9 |
C:\Users\Admin\AppData\Local\Temp\_MEI21922\pyexpat.pyd
| MD5 | 2ae23047648257afa90d0ca96811979f |
| SHA1 | 0833cf7ccae477faa4656c74d593d0f59844cadd |
| SHA256 | 5caf51f12406bdb980db1361fab79c51be8cac0a2a0071a083adf4d84f423e95 |
| SHA512 | 13052eb183bb7eb8bb2740ff39f63805b69e920f2e21b482657a9995aa002579a88296b81ec415942511d2ed146689d1868b446f7e698e72da22f5c182706030 |
C:\Users\Admin\AppData\Local\Temp\_MEI21922\nss3.dll
| MD5 | 994bfc2fc10158225503b93c393502ce |
| SHA1 | 66026e54aa8b516df5363571774dc234da41be9a |
| SHA256 | 0f24198a691bf78dbc6e6d69698307c9f9834dd7615f96508204d365fee188e1 |
| SHA512 | 2233393819136e00ed4d0ba4af07528d6a73e0dce0b85793479fa500f03d3e55820618428d2b85af6c316726593c1c056964adf5823ab4135a236bc3801b6abe |
C:\Users\Admin\AppData\Local\Temp\_MEI21922\mozglue.dll
| MD5 | 9788a793767bf2ccc0653826b7ea6047 |
| SHA1 | 46a7b82adf41139dfe068738044178e34e1802cd |
| SHA256 | 395818586871d29d755cdc19cbf763afc6f328f53e745b3482a01bd34cd6f0e9 |
| SHA512 | 2c26922c28d34550b9bb88c7952255bcb4e16cbf405bd0dc3adebc45f3702be4cbc7dbbad90b53f51d02403d2736d06869185331050825d60a3f99c31f6a045c |
C:\Users\Admin\AppData\Local\Temp\_MEI21922\mozavutil.dll
| MD5 | 4ecbb73d44518fc2b601a1ac9a38dcad |
| SHA1 | f7c96e85d5b32af8efb784e75164ec4f0c6f4f10 |
| SHA256 | 7f629ecfd36353139e9b067dc5ba84b411ed74132aef01b4430ccb016af46a52 |
| SHA512 | 12946996b2bdd87dd08cf046b37ff21dc23ab336c92d2b42cfa2000743c79524205004623b67505294080f60f9b5433005457f8a385e0461cef2cded6aa3d610 |
C:\Users\Admin\AppData\Local\Temp\_MEI21922\libssl-1_1.dll
| MD5 | 75c95d1a05191a2f9101e24f60b6eff7 |
| SHA1 | f6136241c5983c4461df069c24a8669fac614539 |
| SHA256 | e3eaafdb87602671c30409f941651bfbcc42a0068337f605ff5a38d6283e1788 |
| SHA512 | 71c894f6232c1b392184daa816adacad058af56e4b05bfdec8e0f1a535c5e4f277bac3b043e92a257bc427727be149e73165fe871442fc77f7a34dbf42f208dd |
C:\Users\Admin\AppData\Local\Temp\_MEI21922\libcrypto-1_1.dll
| MD5 | 0cc0b6733ecdc66c8e91671fcf7611b0 |
| SHA1 | 3389ed728579c290be22c2b1f0e622fc00534726 |
| SHA256 | 4c2c0b4a920aa353b43c5bf065720e9da8a1e1d2a3f2da91072bdeb43df0b3c3 |
| SHA512 | 6d0b83b9607ec09a5dbd7bf783fc696454d98197baaa417c1435aaa9aeed996903a57076e7451d89b9909924639e0a1725a9354299999eaa8bca26171b17d795 |
C:\Users\Admin\AppData\Local\Temp\_MEI21922\lgpllibs.dll
| MD5 | 726abf1280adf3129481b94b2bc644c4 |
| SHA1 | 404f69e71296f2d199535e8a6d9fb56707fcbc5f |
| SHA256 | 8969747ecb7dfd4a6dcb9150017e14ebbf90ce558f6fb469f6b558d039e9259a |
| SHA512 | 160b57aa1a28ff35210cf958fd7821aa2cc1cf6fca1ea38d768fa90111826b096518363b00b6818d21743aefd6bbbfa358fbe2fe3afa95edacb330a747c6e5f3 |
\Users\Admin\AppData\Local\Temp\_MEI21922\_lzma.pyd
| MD5 | cf9fd17b1706f3044a8f74f6d398d5f1 |
| SHA1 | c5cd0debbde042445b9722a676ff36a0ac3959ad |
| SHA256 | 9209ccc60115727b192bf7771551040ca6fdd50f9bf8c3d2eacbfd424e8245e4 |
| SHA512 | 5fe922c00c6f7fd3cd9bc56fc51de1f44adffbdb0afc0583f1bb08008be628b9ac16f8560b0c3ba16138e1cdcaf1c525ef24241bed804804cdeb5961aed6385a |
\Users\Admin\AppData\Local\Temp\_MEI21922\_bz2.pyd
| MD5 | a49c5f406456b79254eb65d015b81088 |
| SHA1 | cfc2a2a89c63df52947af3610e4d9b8999399c91 |
| SHA256 | ce4ef8ed1e72c1d3a6082d500a17a009eb6e8ed15022bf3b68a22291858feced |
| SHA512 | bbafeff8c101c7425dc9b8789117fe4c5e516d217181d3574d9d81b8fec4b0bd34f1e1fe6e406ae95584dc671f788cd7b05c8d700baf59fbf21de9c902edf7ae |
\Users\Admin\AppData\Local\Temp\_MEI21922\libffi-7.dll
| MD5 | eef7981412be8ea459064d3090f4b3aa |
| SHA1 | c60da4830ce27afc234b3c3014c583f7f0a5a925 |
| SHA256 | f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081 |
| SHA512 | dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016 |
\Users\Admin\AppData\Local\Temp\_MEI21922\_ctypes.pyd
| MD5 | 291a0a9b63bae00a4222a6df71a22023 |
| SHA1 | 7a6a2aad634ec30e8edb2d2d8d0895c708d84551 |
| SHA256 | 820e840759eed12e19f3c485fd819b065b49d9dc704ae3599a63077416d63324 |
| SHA512 | d43ef6fc2595936b17b0a689a00be04968f11d7c28945af4c3a74589bd05f415bf4cb3b4e22ac496490daff533755999a69d5962ccffd12e09c16130ed57fd09 |
\Users\Admin\AppData\Local\Temp\_MEI21922\VCRUNTIME140.dll
| MD5 | 4a365ffdbde27954e768358f4a4ce82e |
| SHA1 | a1b31102eee1d2a4ed1290da2038b7b9f6a104a3 |
| SHA256 | 6a0850419432735a98e56857d5cfce97e9d58a947a9863ca6afadd1c7bcab27c |
| SHA512 | 54e4b6287c4d5a165509047262873085f50953af63ca0dcb7649c22aba5b439ab117a7e0d6e7f0a3e51a23e28a255ffd1ca1ddce4b2ea7f87bca1c9b0dbe2722 |
\Users\Admin\AppData\Local\Temp\_MEI21922\python38.dll
| MD5 | 9c431463ff706a3c718ba3a77ac7d11e |
| SHA1 | 960101720789a956fa08a5f8f094c40082316153 |
| SHA256 | 97c2dd9878b3cacc8b12d3096131377dcb0cad38a3fab88362df8789e8c1d84c |
| SHA512 | 052b14f2aeb8b90b9f0f8dec66ed5fb5047da00729b39975f4c26ba25fa3c3c9721c9289a2612adffd4560d4eaaac3b8727ccbfa57a591c69b32faf2e9861693 |
C:\Users\Admin\AppData\Local\Temp\_MEI21922\python38.dll
| MD5 | c40c36a527b224a242b22a301df7bf0c |
| SHA1 | 41099f8b597e5ba6f4e7b8cdac655fa432a5ee28 |
| SHA256 | 68cc16d68ad3cc8632942005625dbf23aa90b9a00c18ebe83981f66c8a34830e |
| SHA512 | 97008b6af13408d061341a881a1285b2c810dedc30948d0785e19d25526320ef9304170572c637d66d9c7470a9dd007f1a8417305d9e63fe0ca8c3ca5b537e50 |
memory/600-542-0x000002B7DC1F0000-0x000002B7DC200000-memory.dmp
C:\Users\Admin\AppData\Roaming\tor\cached-microdesc-consensus.tmp
| MD5 | 4c17d8aab9d46a4167d874cad4e3a7e3 |
| SHA1 | 243133d6f00280d4a85c5700c178e5801020a193 |
| SHA256 | 6cf46d9fa63bb1c4d252204aae09e4f5f5ea0ffe634a1cf7b30272d8a1f334f9 |
| SHA512 | 2880b24cd4cf54e494bf939e59f2b4180e68f7372a6a55e3c378652df4c1f5d45a443b07c6ea47a7363c939e94c0d57a2eb16462acbd92d232e4a7a218ac4f6a |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilecJxtrc\extensions.json
| MD5 | 82bc79c7cdfa8d74a75d96e11d6c7f08 |
| SHA1 | aa421cd3ccd22db7bca97d1f2d31faa3fe739698 |
| SHA256 | eb093886e29d6227f4bddc233ab186c1e83afba9759e4b29cd0fcbcc399294e1 |
| SHA512 | c81bf25dd27bad7994b62ad751883b29c4f7d595e20ced7c7db91b96c9ee3dc7579b70cb91e7efd431aeb24a769a851aac0aa81258095f418a5f96bc70cd41b4 |
C:\Users\Admin\AppData\Roaming\tor\cached-microdescs.new
| MD5 | 803f55cf90d887aeb8992532129c0bb5 |
| SHA1 | 143c1d312d78146948be051635c24b0ef5c65807 |
| SHA256 | 7ba4c90aa3674460d0db2d2a75b4374233121e9ccc44b8349b9d61ac2450f330 |
| SHA512 | fad1665516002be366df7360c66ccf4dd207e15e5a63fc6965d270d42703886c4c40d39d0ec85354e479a3524c38f5320be8a12c2d86f096106cd6fe45e1faec |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilecJxtrc\prefs-1.js
| MD5 | eb893aec4cbe62571887128e3480dd6c |
| SHA1 | 7de2035003106da8195ac9fbc6f5fa5c36659528 |
| SHA256 | 5411d179c1fdc7844315ac3e7f78f575dbd94ffd69620e1fc1203f495d7ed703 |
| SHA512 | 4b793175d9573b48d719fa3087f83e244c4adeb2f16fc88808ea6fc1c2cec8e24beedb465e1d5693d65f38369f3ac5539805dc2b6b012c2e381eddb47ad628fc |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileb5O0oU\sessionCheckpoints.json
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileb5O0oU\prefs-1.js
| MD5 | e2eff44f57fed70ea2c4fabc937d1994 |
| SHA1 | 3c358d6a13d6604ed5bfd6a426d6bdb7134cfb9c |
| SHA256 | bb32e8edbfc80e71557a7ec4ad0745c9b6a86c008ce6e1471e9d001f6b59fa6a |
| SHA512 | ce7e87f5b0a915e9872eb5fcf35c461a96b57bc28b676916ed21874107ebd0b0114420cffc4da326af07457794a3cb7798021fe2572494c662ef98ccc577ec57 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileb5O0oU\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
memory/1936-797-0x0000019808290000-0x00000198082A0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileb5O0oU\extension-preferences.json
| MD5 | b4298c9a240d6b7b63346daf94013802 |
| SHA1 | 9ce98168437854b51b198c16186c05129f0c273b |
| SHA256 | e120cdbe8994b9c61e74492f0fad161abb5b4e18f64d4b786a8c245ae5a384d5 |
| SHA512 | 545becc42b35be10b4c24fdc38ef6b664d167e4288111f31478f476c2c06794efb802ac0fa2b782cddea1283d295a56053e96520b033258bd596ff6fbb4f1b4c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileb5O0oU\startupCache\webext.sc.lz4
| MD5 | 1b799cc5b6cf681cfa54d37c8ce8cb06 |
| SHA1 | 2f0fae44eb2fe74542df923e37f0c7e23a74fd17 |
| SHA256 | ce654b3257aec215ee980682aa6a48628dac50252a09301efe8686ff3f406a03 |
| SHA512 | 10263e878623c9375095f150a83e5fe42fb5feccea139e107d37b2337f0c68c4f8a47952247d7e8517876a12dcd696202b8ecdf115577c0e416a489a280451d3 |
memory/1936-851-0x000001987CCE0000-0x000001987CE50000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileb5O0oU\prefs-1.js
| MD5 | 182a4f986c2cd1ab39a758eedaf6d339 |
| SHA1 | 68c4c4487520d224d790f2af625d46dd81269b48 |
| SHA256 | da2d1b6075268af741197fdde0ae9250af7f8f5cfe5e7948a5246bc9a3bc9f5b |
| SHA512 | 84b3baeec93b0658453086c6f7cbaaa100d4518fa1579538f639f079d2d000161da7a94f1de607f788c1c79e5ce354d74fed81c81730bd67998e9eff8cf20a6c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileb5O0oU\broadcast-listeners.json
| MD5 | 97c3738563a9448365a735f5f29ed3d5 |
| SHA1 | 15a81433236ca6e6ecc4e1c8d0fdb8523b265c57 |
| SHA256 | 63221253f5c30efa214c2cd2adcf51a9c9f9a2c05f119b00a51c9579825c2c24 |
| SHA512 | ed98f42d5d02ab53a9e50f80b312bed4b5d05d053bec582cf9d619ef91251e86cf4f4d1123c645500fc1dc4673b49a8b7badd3f3a39f565ac643ca4fd0157ae6 |
memory/1936-891-0x00000198092A0000-0x00000198092B0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileb5O0oU\sessionCheckpoints.json
| MD5 | 99601438ae1349b653fcd00278943f90 |
| SHA1 | 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9 |
| SHA256 | 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a |
| SHA512 | ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileb5O0oU\sessionCheckpoints.json
| MD5 | 65690c43c42921410ec8043e34f09079 |
| SHA1 | 362add4dbd0c978ae222a354a4e8d35563da14b4 |
| SHA256 | 7343d5a46e2fca762305a4f85c45484a49c1607ede8e8c4bd12bedd2327edb8d |
| SHA512 | c0208d51cf1586e75f22764b82c48ecbb42c1ff54aa412a85af13d686e0119b4e49e98450d25c70e3792d3b9c2cda0c5ab0c6931ebaf548693bb970a35ae62b9 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileb5O0oU\xulstore.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileb5O0oU\datareporting\glean\db\data.safe.tmp
| MD5 | 63b1bb87284efe954e1c3ae390e7ee44 |
| SHA1 | 75b297779e1e2a8009276dd8df4507eb57e4e179 |
| SHA256 | b017ee25a7f5c09eb4bf359ca721d67e6e9d9f95f8ce6f741d47f33bde6ef73a |
| SHA512 | f7768cbd7dd80408bd270e5a0dc47df588850203546bbc405adb0b096d00d45010d0fb64d8a6c050c83d81bd313094036f3d3af2916f1328f3899d76fad04895 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileb5O0oU\sessionCheckpoints.json
| MD5 | 2d87ba02e79c11351c1d478b06ca9b29 |
| SHA1 | 4b0fb1927ca869256e9e2e2d480c3feb8e67e6f1 |
| SHA256 | 16b7be97c92e0b75b9f8a3c22e90177941c7e6e3fbb97c8d46432554429f3524 |
| SHA512 | be7e128c140a88348c3676afc49a143227c013056007406c66a3cae16aae170543ca8a0749136702411f502f2c933891d7dcdde0db81c5733415c818f1668185 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileFeQGRZ\user.js
| MD5 | 736db8c9b955f72129a6644a9c797093 |
| SHA1 | 59f1c80c407e27ffe85407a82f7b7250c5ee3753 |
| SHA256 | 668694ca0485bfb77e7049bad327ba3f83534f31c1d50744f227c996eab4097f |
| SHA512 | 9916d339304272357ff56976bfcb9fd2d607ccbaa33dc40b88618c9ae31833923d3f2e8288cfc1f0090da90803b5e07404c41182155db2d2345df6f63020f217 |
memory/6024-1107-0x00000228FEB40000-0x00000228FEB50000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileFeQGRZ\prefs.js
| MD5 | c54601042f3637d704892b94abe2d425 |
| SHA1 | 95646ce79d1e64455588c2ea510a00bff18146ce |
| SHA256 | 8a14b98d0ccf00ce75691e2bca6aaeb97463bd71a113e94f6c4a4dd0a82ecbd9 |
| SHA512 | ee96c3bf790ee9a7109df414ccb32bfaa1543321ef7c2ca8dd5b709e77bf58b33db650a273df2c84097a63ba8a5fcf4a8167cd366bfba1982f990087cb85fc8f |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileFeQGRZ\startupCache\scriptCache-child-new.bin
| MD5 | 2724d7dd31542eea53805994d9290cd8 |
| SHA1 | 7b5d8536b060269d79848eaa6e2362333bc0f8ec |
| SHA256 | 72f0d983fa1c2017f7402b19caf50305d7bd8001ed4e7797bc3dc0528f3081a1 |
| SHA512 | 6ea98f95ca46f2b83081b546bf6238de11a829853105233bb29cf9ceeb69ace8c69ae90e94c9b5143f91f05713cfbf82f63265733f6233ecf5acb867758c1ee0 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileFeQGRZ\prefs.js
| MD5 | 57c87ff3b1cdc1671e9fee5815158b04 |
| SHA1 | 7e08bae22ce602b96e89c126294e43cceab1cc86 |
| SHA256 | acbe2b8da10e6e9023b54e5127c5a4ba4f7b42e1789db065f83814c133b63547 |
| SHA512 | 54a22b62507726ef4299004f50c0e0fada422eac3a380fa773c959b735abd41153bf09414994401387c3a9b184d400f37094610d28007c6161d0e7f5b4d81288 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileFeQGRZ\prefs-1.js
| MD5 | da906aa76b19621a0ba33bd165fdabd6 |
| SHA1 | 02b464337954f3f93996a45b76e5dfb93332ef98 |
| SHA256 | 913383dfd1037d5ea09a38d46a7c079b992cfd835e4d84f7774213afe624179e |
| SHA512 | a1eb9618cb81ae29fd2c3259943e9437cc15c51d4000dd01dab6dffb26eb8250c3ef87407aa1526f4971db2c70b7ef69d2ced975d63748a1d20ee2e6dcc0e327 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileFeQGRZ\sessionCheckpoints.json.tmp
| MD5 | 29ce37dc02c78bbe2e5284d350fae004 |
| SHA1 | bab97d5908ea6592aef6b46cee1ded6f34693fa2 |
| SHA256 | 1bfee61e2f346959c53aa41add4b02d2b05c86c9f19ffefe1018f4a964bf4693 |
| SHA512 | 53a9eb746e193c088210d8eaa6218d988f3a67ee4cb21844d682ff0178db040932404f5ce2f3cf8b4576313ba0ec33c04ca288c3412bfa5df7dd8230cc2068bb |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileFeQGRZ\prefs-1.js
| MD5 | 3aded57188ffb2e189c3234d06875583 |
| SHA1 | 91ba7924202f0ed48298cc15b893544e8d8b616d |
| SHA256 | 5671c053703605735bc4941306e811d25325dfe6d3692f18c2a22e19fe059a30 |
| SHA512 | 6ae19b8cc57aa4c31b884bdac4910014f63ac598a6f9829f886d782bd68c44b68408a0d7333be78ee74b08784c67e128dc0410f0103c39adf768c4261d5247c2 |
memory/5504-1387-0x0000013D334A0000-0x0000013D334B0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilemVG8pu\prefs.js
| MD5 | 2ecf22a40d768b5ac819cf748eabe29b |
| SHA1 | 68ade9ee0d7ab24fcdbb6426ec36cd971f07dc14 |
| SHA256 | c0ef727c8c10d3262de1f87279506de9c90b360bf6780e933d59c6c4e7bb6eae |
| SHA512 | 931722e6cb723ef92c294201c2e2d7ba5de303c01fa787f607b86b95247b844b0124d2b200f4e2fc94363485c283ca52e9344765aad07b98ac6c0fc9334b0df6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilemVG8pu\prefs.js
| MD5 | 94a69514b0f8ec394f5b3e87841fe99c |
| SHA1 | ddd91d785ca7fd55b070de56492f71fbe0194d19 |
| SHA256 | 68a42db7ffeeb85b88292c501ca0123e943312c9ca0d23c012ea76718ea6519c |
| SHA512 | dbe4979432b2582721f5b8b2ab85f2b5a37def19d27329fa3a1052e41e38b6cceb54b7331cf5a1aadacbb30f7600c46eb89ed58d3e80f52017557b6f035914d1 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilemVG8pu\prefs-1.js
| MD5 | e3c26f77ca8a259e53f69ad0eaf75b9f |
| SHA1 | 082e2b2fc68d096b8df1bb1d1b531ff3cee3ebb3 |
| SHA256 | c5b9e510b6b1e1ba8ac9f816350ccdb6f703843ccf70e30046c68d1d56d13ce8 |
| SHA512 | cd75ce82dce950649244230c09bd34f9c5e0f2015e6bf4f822a422e070c1e988b5b5b880effb8f10470e6f829c4ef28b998151537273b4e47c238350d0f54ebd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilemVG8pu\prefs-1.js
| MD5 | 0b7013c1c5c3e58052eda3325c9fa146 |
| SHA1 | a2f93de5b2416d5be041f3d4aff1ea508126a1ee |
| SHA256 | 7d8430756824b4371f2bc2e9e0e75a45bc3ecd9ca64021b3bc181d660e4525ce |
| SHA512 | 5c618bed6cab26df20439ffbd3c1522153ab6864c869835d616b232bc5c777bb4038ac3ab92837ce46cd3d8186530ea3ee2d6a30ec4f9b66654cbd924407c2b8 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofiletlhCul\compatibility.ini
| MD5 | 0ac4329c3e1c0a83847c807fdec84296 |
| SHA1 | 1e572b7c5eb8c95fa9fe536897c6bf382c0bb507 |
| SHA256 | bb8d21c764e2d288705d890e54a5b795ad9fd715c3517ee2747e3da8b97cca6b |
| SHA512 | 0aa770108d580d3a9e8c1a665056fb72206b0b5111570360e11b2b99b44e424c5215292657aef8d03fe1c3fd78d1ffd6be1b84d10cd2e5edb0888320fd5f161f |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofiletlhCul\WebDriverBiDiServer.json
| MD5 | f37734326c42ba13c915dc4e70eebafd |
| SHA1 | f4f39cb5b10f83af174c564c0922615351870e75 |
| SHA256 | 3acc4bb12c1b5be69a50733a288b930691fdb3aebc9ef171f52643828a57fe50 |
| SHA512 | 809638245a076e55031bbce9e1033e2d1933220ac9905e1ac5420d7e588c5ebfd12f05f49b1f641da83eec089859e3f8a9ccc675717b99fbcb6473b183585238 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofiletlhCul\datareporting\glean\db\data.safe.tmp
| MD5 | 1c3c58f7838dde7f753614d170f110fc |
| SHA1 | c17e5a486cecaddd6ced7217d298306850a87f48 |
| SHA256 | 81c14432135b2a50dc505904e87781864ca561efef9e94baeca3704d04e6db3d |
| SHA512 | 9f6e9bcb0bba9e2ce3d7dabe03b061e3fda3f6d7b0249ecf4dbc145dc78844386d047ee2ac95656a025ef808cd0fc451204dc98a1981cf2729091761661a3b49 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofiletlhCul\startupCache\scriptCache-new.bin
| MD5 | 427842bad9632fdf94fcb6db89481239 |
| SHA1 | 05c636e2e999f5e2c841a0bb3e9b2677840ae56d |
| SHA256 | b29497d7b0af08fd0a0da3026b0353b81c22678025ce558a431780e5e7558b0f |
| SHA512 | 43dda4b328321f3aa2299238f63f5174ac551611c05ef3adc7bb160eb1ab9f60ece7a2241f33d06948ec4719495e47fa0c963654bbfaf3c832f044479084715c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofiletlhCul\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | f6c699df85081f4f67d328ce08810306 |
| SHA1 | fac9a74d43cbd144888835ff9040592765a3c471 |
| SHA256 | 780f6da1b81fcaa30cb74ac218df04486766a1f5bf64b280ccc7ba0e53118b4b |
| SHA512 | 43af8e1f3818ebbe7ea645747c9b37cfb80637d14411a1b6976963e5a75a153ed2885e5bedf52df89fddb15234943ce908bf2fa66d8ed26738cb12d1e57d571f |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofiletlhCul\prefs-1.js
| MD5 | dfc0d6b7c7785b31bc8c36934bb2e734 |
| SHA1 | aab242d8c31c74d9fe3486849677132c68a6991e |
| SHA256 | aa066ade2370f4625ece9d4309f92d19ba70a339625a662555ae1a47507d8273 |
| SHA512 | 47f3fc50994bd3ae63225a524e102ebb7e8459ee6deb924ae55cd3f8773aca0096239ff1090c025e83f7458f9ce3cd31273a33b1d5b646045d547e6cc2b25c57 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofiletlhCul\prefs-1.js
| MD5 | df2f59d8b624d868444f41368f11698a |
| SHA1 | 5ee164c63b53febe63ae1f2192182ed6025009bd |
| SHA256 | 24a0c04118d7beeee79ed3774597f44b4f9d340e237edbeb06fe6b725a8eac86 |
| SHA512 | 592ce9327581877ebf440c5aa5daf00d766d98c4d018f88a9dd526e5bb22df7964d6ee07370ef005be582d4252ac3f0374ab619061ef4f7b13b08239e81318b4 |
Analysis: behavioral4
Detonation Overview
Submitted
2024-05-09 01:55
Reported
2024-05-09 02:09
Platform
win10v2004-20240226-en
Max time kernel
326s
Max time network
353s
Command Line
Signatures
Executes dropped EXE
Loads dropped DLL
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=3660 --field-trial-handle=2236,i,5367110156796017614,12594004256180761011,262144 --variations-seed-version /prefetch:8
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "ver"
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\TorBrowser\Tor\tor.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Users\Admin\AppData\Local\Temp\_MEI41082\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI41082\geckodriver.exe --port 50110 --websocket-port 50111
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50111 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile1VC7RN
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50111 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile1VC7RN
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe" -contentproc --channel="2332.0.2044521872\2054890505" -parentBuildID 20240416150000 -prefsHandle 1660 -prefMapHandle 1652 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\browser" - {0a0b9942-65f1-48b4-ac2b-4072be73f5fe} 2332 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe" -contentproc --channel="2332.1.505465268\1098713440" -childID 1 -isForBrowser -prefsHandle 2632 -prefMapHandle 2628 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1228 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\browser" - {0b337244-1827-43c3-914c-6083e139e028} 2332 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe" -contentproc --channel="2332.2.1535867009\972740113" -childID 2 -isForBrowser -prefsHandle 3204 -prefMapHandle 3200 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1228 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\browser" - {25bcb92b-feef-4dd6-aff6-2472f9e9b41b} 2332 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe" -contentproc --channel="2332.3.1258234181\1140376751" -childID 3 -isForBrowser -prefsHandle 3816 -prefMapHandle 3812 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1228 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\browser" - {4cdcb8ac-59f4-4034-8c8f-cc53e9d23e59} 2332 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe" -contentproc --channel="2332.4.1529499410\2101051092" -childID 4 -isForBrowser -prefsHandle 3752 -prefMapHandle 3224 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1228 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\browser" - {3487fddc-11b3-41db-b0f7-831a34c449ed} 2332 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe" -contentproc --channel="2332.5.1044424503\1418210917" -childID 5 -isForBrowser -prefsHandle 4256 -prefMapHandle 3344 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1228 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\browser" - {9f6e5c8d-b5d7-4780-b938-9ecd89bc69f0} 2332 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe" -contentproc --channel="2332.6.571536364\1982599592" -childID 6 -isForBrowser -prefsHandle 3776 -prefMapHandle 3732 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1228 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\browser" - {f8c0b299-8ff9-4ff3-aedb-451b02eeb652} 2332 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41082\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI41082\geckodriver.exe --port 50110 --websocket-port 50111
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50111 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileh9nQqv
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50111 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileh9nQqv
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe" -contentproc --channel="4520.0.1625220841\621441144" -parentBuildID 20240416150000 -prefsHandle 1648 -prefMapHandle 1640 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\browser" - {6258df4b-7776-4b8c-a73c-beae6d1f681b} 4520 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe" -contentproc --channel="4520.1.2048130422\951527892" -childID 1 -isForBrowser -prefsHandle 2628 -prefMapHandle 2624 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1284 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\browser" - {dfe4a244-6ce7-40b0-91b4-6cdea89cc271} 4520 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe" -contentproc --channel="4520.2.465627117\552966074" -childID 2 -isForBrowser -prefsHandle 3192 -prefMapHandle 3188 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1284 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\browser" - {b9e23e80-6393-4bb7-8153-209f57557855} 4520 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe" -contentproc --channel="4520.3.677678850\849414047" -childID 3 -isForBrowser -prefsHandle 3208 -prefMapHandle 3244 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1284 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\browser" - {24140762-8cae-4da6-950b-81e17591799c} 4520 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe" -contentproc --channel="4520.4.1230452256\1082055796" -childID 4 -isForBrowser -prefsHandle 3988 -prefMapHandle 3984 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1284 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\browser" - {d187cd13-6d83-4d22-aa31-0508d856f3a0} 4520 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe" -contentproc --channel="4520.5.1269103710\244522374" -childID 5 -isForBrowser -prefsHandle 4144 -prefMapHandle 4148 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1284 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\browser" - {1ad4a39a-57d2-448b-92f9-39e82a812ff4} 4520 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe" -contentproc --channel="4520.6.1412952041\1374392491" -childID 6 -isForBrowser -prefsHandle 4344 -prefMapHandle 4348 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1284 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\browser" - {3014b609-e412-4e94-858e-d345498dc3e5} 4520 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe" -contentproc --channel="4520.7.2101668339\790268137" -childID 7 -isForBrowser -prefsHandle 4756 -prefMapHandle 3752 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1284 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\browser" - {5b42d4c4-e3da-4653-8288-e91184709b6e} 4520 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41082\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI41082\geckodriver.exe --port 50110 --websocket-port 50111
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50111 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileKTu9UO
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50111 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileKTu9UO
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe" -contentproc --channel="1128.0.267889221\526007262" -parentBuildID 20240416150000 -prefsHandle 1684 -prefMapHandle 1676 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\browser" - {f021ab7d-f1fb-4f1d-a44e-6970cd8f7afa} 1128 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe" -contentproc --channel="1128.1.2102172198\1913850811" -childID 1 -isForBrowser -prefsHandle 2464 -prefMapHandle 2588 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1280 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\browser" - {a8353532-6ab8-428b-99f1-66458e5be2be} 1128 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe" -contentproc --channel="1128.2.1257714485\2126482595" -childID 2 -isForBrowser -prefsHandle 3200 -prefMapHandle 3196 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1280 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\browser" - {4852aa95-b5a9-4764-8f9a-447de23dd927} 1128 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe" -contentproc --channel="1128.3.116701618\1475936099" -childID 3 -isForBrowser -prefsHandle 2216 -prefMapHandle 3176 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1280 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\browser" - {e86e2630-d713-4cdc-bb71-c6f95513adfa} 1128 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe" -contentproc --channel="1128.4.1769460152\1074037941" -childID 4 -isForBrowser -prefsHandle 1532 -prefMapHandle 1528 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1280 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\browser" - {d2235239-88ab-4bb3-8628-6894e60e4d07} 1128 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe" -contentproc --channel="1128.5.1782567632\614421298" -childID 5 -isForBrowser -prefsHandle 3956 -prefMapHandle 3952 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1280 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\browser" - {9c5f60ed-6c84-4c32-bbff-40e09db54ea6} 1128 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe" -contentproc --channel="1128.6.1699948845\2016789964" -childID 6 -isForBrowser -prefsHandle 4064 -prefMapHandle 4068 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1280 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\browser" - {6229ae8b-6528-4653-99fd-b6ca9019a9bb} 1128 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe" -contentproc --channel="1128.7.687681768\1186246826" -childID 7 -isForBrowser -prefsHandle 4552 -prefMapHandle 3496 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1280 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\browser" - {164ce387-580a-4eb5-9d08-99485661a2a7} 1128 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41082\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI41082\geckodriver.exe --port 50110 --websocket-port 50111
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50111 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilesZKXXz
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50111 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilesZKXXz
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe" -contentproc --channel="5228.0.215161601\325876401" -parentBuildID 20240416150000 -prefsHandle 1660 -prefMapHandle 1652 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\browser" - {0522bb74-1ea8-4ae9-80c8-323dedfc65c9} 5228 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe" -contentproc --channel="5228.1.228525687\282775825" -childID 1 -isForBrowser -prefsHandle 2672 -prefMapHandle 2604 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1268 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\browser" - {67f7a1ba-e209-4d03-84b5-8001167fd193} 5228 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe" -contentproc --channel="5228.2.959852694\1096142927" -childID 2 -isForBrowser -prefsHandle 3220 -prefMapHandle 3216 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1268 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\browser" - {01840c86-b83a-4b78-a6ad-3aa2baa12a28} 5228 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe" -contentproc --channel="5228.3.1308171289\948887239" -childID 3 -isForBrowser -prefsHandle 3312 -prefMapHandle 3316 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1268 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\browser" - {2149da75-4641-42e7-ae21-4c3c3b54f1e0} 5228 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe" -contentproc --channel="5228.4.1313525630\2026790070" -childID 4 -isForBrowser -prefsHandle 3284 -prefMapHandle 3632 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1268 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\browser" - {627c12cb-c913-4319-a503-be9e8f20a675} 5228 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe" -contentproc --channel="5228.5.1533819182\1838267475" -childID 5 -isForBrowser -prefsHandle 3884 -prefMapHandle 3880 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1268 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\browser" - {7e5cae0b-015b-4a67-b116-b7a593fe583c} 5228 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe" -contentproc --channel="5228.6.1426366842\682706509" -childID 6 -isForBrowser -prefsHandle 4020 -prefMapHandle 4024 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1268 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\browser" - {5dd9034b-cff6-4f0f-9461-6a478c2c8987} 5228 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe" -contentproc --channel="5228.7.1091582809\1871232633" -childID 7 -isForBrowser -prefsHandle 4292 -prefMapHandle 4408 -prefsLen 25491 -prefMapSize 245849 -jsInitHandle 1268 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\browser" - {6b167a04-88c2-4445-8968-2d97a1767fca} 5228 tab
Network
| Country | Destination | Domain | Proto |
| US | 20.231.121.79:80 | tcp | |
| US | 13.107.246.64:443 | tcp | |
| US | 8.8.8.8:53 | 79.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.17.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 139.53.16.96.in-addr.arpa | udp |
| FI | 185.103.110.65:9000 | tcp | |
| US | 8.8.8.8:53 | 65.110.103.185.in-addr.arpa | udp |
| N/A | 127.0.0.1:50204 | tcp | |
| N/A | 127.0.0.1:50206 | tcp | |
| N/A | 127.0.0.1:50110 | tcp | |
| N/A | 127.0.0.1:50110 | tcp | |
| N/A | 127.0.0.1:50308 | tcp | |
| N/A | 127.0.0.1:50316 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| US | 8.8.8.8:53 | 21.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | 196.249.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| N/A | 127.0.0.1:9151 | tcp | |
| US | 66.165.241.228:9001 | tcp | |
| US | 8.8.8.8:53 | 228.241.165.66.in-addr.arpa | udp |
| UA | 185.66.91.18:9001 | tcp | |
| PL | 194.61.121.11:443 | tcp | |
| US | 8.8.8.8:53 | 11.121.61.194.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.91.66.185.in-addr.arpa | udp |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| US | 8.8.8.8:53 | 28.118.140.52.in-addr.arpa | udp |
| N/A | 127.0.0.1:9151 | tcp | |
| US | 8.8.8.8:53 | 7.173.189.20.in-addr.arpa | udp |
| N/A | 127.0.0.1:50110 | tcp | |
| N/A | 127.0.0.1:50110 | tcp | |
| N/A | 127.0.0.1:50110 | tcp | |
| N/A | 127.0.0.1:50766 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50774 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| US | 8.8.8.8:53 | chromewebstore.googleapis.com | udp |
| US | 8.8.8.8:53 | chromewebstore.googleapis.com | udp |
| GB | 216.58.212.234:443 | chromewebstore.googleapis.com | tcp |
| US | 8.8.8.8:53 | 234.212.58.216.in-addr.arpa | udp |
| N/A | 127.0.0.1:50110 | tcp | |
| N/A | 127.0.0.1:50110 | tcp | |
| N/A | 127.0.0.1:50110 | tcp | |
| N/A | 127.0.0.1:51196 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51204 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50110 | tcp | |
| N/A | 127.0.0.1:50110 | tcp | |
| N/A | 127.0.0.1:50110 | tcp | |
| N/A | 127.0.0.1:51540 | tcp | |
| N/A | 127.0.0.1:51548 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\_MEI41082\python38.dll
| MD5 | 26ba25d468a778d37f1a24f4514d9814 |
| SHA1 | b64fe169690557656ede3ae50d3c5a197fea6013 |
| SHA256 | 2f3e368f5bcc1dda5e951682008a509751e6395f7328fd0f02c4e1a11f67c128 |
| SHA512 | 80471bfeeab279ce4adfb9ee1962597fb8e1886b861e31bdff1e3aa0df06d93afeb3a3398e9519bab7152d4bd7d88fa9b328a2d7eb50a91eb60fead268912080 |
C:\Users\Admin\AppData\Local\Temp\_MEI41082\base_library.zip
| MD5 | 09f7062e078379845347034c2a63943e |
| SHA1 | 9683dd8ef7d72101674850f3db0e05c14039d5fd |
| SHA256 | 7c1c73de4909d11efb20028f4745a9c8494fb4ee8dcf2f049907115def3d2629 |
| SHA512 | a169825e9b0bb995a115134cf1f7b76a96b651acd472dc4ce8473900d8852fc93b9f87a26d2c64f7bb3dd76d5feb01eeb4af4945e0c0b95d5c9c97938fa85b34 |
C:\Users\Admin\AppData\Local\Temp\_MEI41082\VCRUNTIME140.dll
| MD5 | 4a365ffdbde27954e768358f4a4ce82e |
| SHA1 | a1b31102eee1d2a4ed1290da2038b7b9f6a104a3 |
| SHA256 | 6a0850419432735a98e56857d5cfce97e9d58a947a9863ca6afadd1c7bcab27c |
| SHA512 | 54e4b6287c4d5a165509047262873085f50953af63ca0dcb7649c22aba5b439ab117a7e0d6e7f0a3e51a23e28a255ffd1ca1ddce4b2ea7f87bca1c9b0dbe2722 |
C:\Users\Admin\AppData\Local\Temp\_MEI41082\_ctypes.pyd
| MD5 | 291a0a9b63bae00a4222a6df71a22023 |
| SHA1 | 7a6a2aad634ec30e8edb2d2d8d0895c708d84551 |
| SHA256 | 820e840759eed12e19f3c485fd819b065b49d9dc704ae3599a63077416d63324 |
| SHA512 | d43ef6fc2595936b17b0a689a00be04968f11d7c28945af4c3a74589bd05f415bf4cb3b4e22ac496490daff533755999a69d5962ccffd12e09c16130ed57fd09 |
C:\Users\Admin\AppData\Local\Temp\_MEI41082\libffi-7.dll
| MD5 | eef7981412be8ea459064d3090f4b3aa |
| SHA1 | c60da4830ce27afc234b3c3014c583f7f0a5a925 |
| SHA256 | f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081 |
| SHA512 | dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016 |
C:\Users\Admin\AppData\Local\Temp\_MEI41082\_bz2.pyd
| MD5 | a49c5f406456b79254eb65d015b81088 |
| SHA1 | cfc2a2a89c63df52947af3610e4d9b8999399c91 |
| SHA256 | ce4ef8ed1e72c1d3a6082d500a17a009eb6e8ed15022bf3b68a22291858feced |
| SHA512 | bbafeff8c101c7425dc9b8789117fe4c5e516d217181d3574d9d81b8fec4b0bd34f1e1fe6e406ae95584dc671f788cd7b05c8d700baf59fbf21de9c902edf7ae |
C:\Users\Admin\AppData\Local\Temp\_MEI41082\_lzma.pyd
| MD5 | cf9fd17b1706f3044a8f74f6d398d5f1 |
| SHA1 | c5cd0debbde042445b9722a676ff36a0ac3959ad |
| SHA256 | 9209ccc60115727b192bf7771551040ca6fdd50f9bf8c3d2eacbfd424e8245e4 |
| SHA512 | 5fe922c00c6f7fd3cd9bc56fc51de1f44adffbdb0afc0583f1bb08008be628b9ac16f8560b0c3ba16138e1cdcaf1c525ef24241bed804804cdeb5961aed6385a |
C:\Users\Admin\AppData\Local\Temp\_MEI41082\_ssl.pyd
| MD5 | d4dfd8c2894670e9f8d6302c09997300 |
| SHA1 | c3a6cc8d8079a06a4cac8950e0baba2b43fb1f8e |
| SHA256 | 0a721fc230eca278a69a2006e13dfa00e698274281378d4df35227e1f68ea3e0 |
| SHA512 | 1422bf45d233e2e3f77dce30ba0123625f2a511f73dfdf42ee093b1755963d9abc371935111c28f0d2c02308c5e82867de2546d871c35e657da32a7182026048 |
C:\Users\Admin\AppData\Local\Temp\_MEI41082\_socket.pyd
| MD5 | 4827652de133c83fa1cae839b361856c |
| SHA1 | 182f9a04bdc42766cfd5fb352f2cb22e5c26665e |
| SHA256 | 87832a3b89e2ada8f704a8f066013660d591d9ce01ce901cc57a3b973f0858ba |
| SHA512 | 8d66d68613fdba0820257550de3c39b308b1dce659dca953d10a95ff2cf89c31afe512d30ed44422b31117058dc9fa15279e5ac84694da89b47f99b0ad7e338a |
C:\Users\Admin\AppData\Local\Temp\_MEI41082\_hashlib.pyd
| MD5 | 5e5af52f42eaf007e3ac73fd2211f048 |
| SHA1 | 1a981e66ab5b03f4a74a6bac6227cd45df78010b |
| SHA256 | a30cf1a40e0b09610e34be187f1396ac5a44dcfb27bc7ff9b450d1318b694c1b |
| SHA512 | bc37625005c3dad1129b158a2f1e91628d5c973961e0efd61513bb6c7b97d77922809afca8039d08c11903734450bc098c6e7b63655ff1e9881323e5cfd739fd |
C:\Users\Admin\AppData\Local\Temp\_MEI41082\_queue.pyd
| MD5 | dd146e2fa08302496b15118bf47703cf |
| SHA1 | d06813e2fcb30cbb00bb3893f30c2661686cf4b7 |
| SHA256 | 67e4e888559ea2c62ff267b58d7a7e95c2ec361703b5aa232aa8b2a1f96a2051 |
| SHA512 | 5b93a782c9562370fc5b3f289ca422b4d1a1c532e81bd6c95a0063f2e3889ecf828003e42b674439fc7cd0fa72f64ad607bab6910abe9d959a4fb9fb08df263c |
C:\Users\Admin\AppData\Local\Temp\_MEI41082\unicodedata.pyd
| MD5 | 601aee84e12b87ca66826dfc7ca57231 |
| SHA1 | 3a7812433ca7d443d4494446a9ced24b6774ceca |
| SHA256 | d8091e62c74e1b2b648086f778c3c41ce01f09661a75ea207d3fea2cf26a8762 |
| SHA512 | 7c2d64623c6cfd66d6729f59909c90aa944e810ff6514c58b2b3142ee90e8660b7ddf7fa187389dd333e47efe8b19e935dd4e9119c15375b69b4880d043877d7 |
C:\Users\Admin\AppData\Local\Temp\_MEI41082\top-1m.csv
| MD5 | ba0857be5e9736dde1f5cc44edd5d21b |
| SHA1 | b130759907909cc97bfe0d9a1fd65b8942c931aa |
| SHA256 | 7800cdef850c31931b2b520a42f858c4feb5ca86d6b3789e6173a02e909595ca |
| SHA512 | 08446902bc588e323b8fc551502ff869be6c2bb64f788d1bebfcc30a04c3e589b0616e84fc55de3d81d7b19b26e690024a442e6a27096808bc613bcecf3f6db4 |
C:\Users\Admin\AppData\Local\Temp\_MEI41082\select.pyd
| MD5 | e21cff76db11c1066fd96af86332b640 |
| SHA1 | e78ef7075c479b1d218132d89bf4bec13d54c06a |
| SHA256 | fcc2e09a2355a5546922874fb4cac92ee00a33c0ed6adbc440d128d1e9f4ec28 |
| SHA512 | e86dba2326ca5ea3f5ef3af2abd3c23d5b29b6211acc865b6be5a51d5c8850b7cda8c069e6f631ac62f2047224c4b675bbe6ac97c7ba781de5b8016ebaffd46f |
C:\Users\Admin\AppData\Local\Temp\_MEI41082\pyexpat.pyd
| MD5 | 2ae23047648257afa90d0ca96811979f |
| SHA1 | 0833cf7ccae477faa4656c74d593d0f59844cadd |
| SHA256 | 5caf51f12406bdb980db1361fab79c51be8cac0a2a0071a083adf4d84f423e95 |
| SHA512 | 13052eb183bb7eb8bb2740ff39f63805b69e920f2e21b482657a9995aa002579a88296b81ec415942511d2ed146689d1868b446f7e698e72da22f5c182706030 |
C:\Users\Admin\AppData\Local\Temp\_MEI41082\nss3.dll
| MD5 | 71747091d34cc634b9ad3c360b45b0a9 |
| SHA1 | 111cf483836f6a392f64bc9398a327be1c43dfc8 |
| SHA256 | 6e69c7c93a9d06c34c5f5429813d3763fe7ae4fb09c1dc5b0f0290b2dd8befcf |
| SHA512 | b911fd3b201a84c7663135c2dbf72e2368d68557181f5e1a32be271b0e73181f34990575fba44002fc92bae7d90caf530b7ec9212d3d022b4526906f0c2eb35a |
C:\Users\Admin\AppData\Local\Temp\_MEI41082\mozglue.dll
| MD5 | 3e4d1ec1d2a6e85593459601b5a0a828 |
| SHA1 | 92ee422285282dcb170cbc7808299d14d8d27963 |
| SHA256 | eefcf97ee8a298c85c9d4d44bb8747c0cca1ef5922e25000814148fd0fbfb2f5 |
| SHA512 | 4fe70fdbf8c902497537fbcda6e96373c636521aba2db52e3047abad37a9b857ab1668f203bcdf2815bbe0c485ec751dd6031043f459fd4af968c5d495e44ba4 |
C:\Users\Admin\AppData\Local\Temp\_MEI41082\mozavutil.dll
| MD5 | 4ecbb73d44518fc2b601a1ac9a38dcad |
| SHA1 | f7c96e85d5b32af8efb784e75164ec4f0c6f4f10 |
| SHA256 | 7f629ecfd36353139e9b067dc5ba84b411ed74132aef01b4430ccb016af46a52 |
| SHA512 | 12946996b2bdd87dd08cf046b37ff21dc23ab336c92d2b42cfa2000743c79524205004623b67505294080f60f9b5433005457f8a385e0461cef2cded6aa3d610 |
C:\Users\Admin\AppData\Local\Temp\_MEI41082\libssl-1_1.dll
| MD5 | 50bcfb04328fec1a22c31c0e39286470 |
| SHA1 | 3a1b78faf34125c7b8d684419fa715c367db3daa |
| SHA256 | fddd0da02dcd41786e9aa04ba17ba391ce39dae6b1f54cfa1e2bb55bc753fce9 |
| SHA512 | 370e6dfd318d905b79baf1808efbf6da58590f00006513bdaaed0c313f6fa6c36f634ea3b05f916cee59f4db25a23dd9e6f64caf3c04a200e78c193027f57685 |
C:\Users\Admin\AppData\Local\Temp\_MEI41082\libcrypto-1_1.dll
| MD5 | 89511df61678befa2f62f5025c8c8448 |
| SHA1 | df3961f833b4964f70fcf1c002d9fd7309f53ef8 |
| SHA256 | 296426e7ce11bc3d1cfa9f2aeb42f60c974da4af3b3efbeb0ba40e92e5299fdf |
| SHA512 | 9af069ea13551a4672fdd4635d3242e017837b76ab2815788148dd4c44b4cf3a650d43ac79cd2122e1e51e01fb5164e71ff81a829395bdb8e50bb50a33f0a668 |
C:\Users\Admin\AppData\Local\Temp\_MEI41082\lgpllibs.dll
| MD5 | 726abf1280adf3129481b94b2bc644c4 |
| SHA1 | 404f69e71296f2d199535e8a6d9fb56707fcbc5f |
| SHA256 | 8969747ecb7dfd4a6dcb9150017e14ebbf90ce558f6fb469f6b558d039e9259a |
| SHA512 | 160b57aa1a28ff35210cf958fd7821aa2cc1cf6fca1ea38d768fa90111826b096518363b00b6818d21743aefd6bbbfa358fbe2fe3afa95edacb330a747c6e5f3 |
C:\Users\Admin\AppData\Local\Temp\_MEI41082\geckodriver.exe
| MD5 | f60c542253cbe94f762e15c7b064b55d |
| SHA1 | 7a32f034217266db6d799893edc976e891a82944 |
| SHA256 | 989c9e22c08924ecb0ce8901889dcb4dc8db33b0b4c8c88ffea38fe89f04c6aa |
| SHA512 | 1a91ba760e9893521e417a4b6ab4a25c1a1d8aadf89ad98a60eb114f65a88f9d2616f3cc102c08b95a0e91d0cb7245ecc2b4fdbbbc17465c57844e6db2b2e8ca |
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\compatibility.ini
| MD5 | e50a617598b0f635e6f9ae4a9d445b78 |
| SHA1 | a372ec393dd6271bd00cf02f894152887765da8b |
| SHA256 | c9053fe76caf2607aa3043fa8b60070956198590dd8aab868145e0644cee30f5 |
| SHA512 | e851c226c38d4a6dfe43074d455fd75483d6c9b4d9521280a64f5b1913a055084d7764f13a8d0a12142a716a4031cc2ca4916c131d41c18a4d7a95128cb03bc0 |
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\addonStartup.json.lz4
| MD5 | 85de06e3d4c6f39404776f3c7162c59b |
| SHA1 | 3e4b8ecebaa9c903d220ee23d367be8e8ba27619 |
| SHA256 | 33d83687f45f4dbe12db0a0ce697cbce2c228d71ed474ad10a839ff7ce95012a |
| SHA512 | 6cd4cac7bd74ac01de30d242b2bc75e7dc2e23c0871250ae8176cc947553dbfc702a2392380acdad6bec355aea6dfa95708af54c560330c36c05bb0f34169963 |
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\datareporting\glean\db\data.safe.bin
| MD5 | b1c8aa9861b461806c9e738511edd6ae |
| SHA1 | fe13c1bbc7e323845cbe6a1bb89259cbd05595f8 |
| SHA256 | 7cea48e7add3340b36f47ba4ea2ded8d6cb0423ffc2a64b44d7e86e0507d6b70 |
| SHA512 | 841a0f8c98dd04dc9a4be2f05c34ecd511388c76d08ca0f415bfb6056166d9a521b8bc2c46b74697f3ecdac5141d1fe6af76dd0689350caca14e9f849ee75a8b |
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\favicons.sqlite
| MD5 | 0351b833a5c095852e821535974441c8 |
| SHA1 | bcbf5c294852c2d80af7862d19791b994aea7706 |
| SHA256 | dd13400afe7ebe5d0be37c951ff961be293b63588cc3635a62fa5f071ab69eef |
| SHA512 | 3eaefe9e400fadf0b947036e15b4dc5c7b42fbbcb716426ba478073eff1e7d7bddf3f72c44dfb5fafe6712d7ea9f2c52c172607d719f238a22e432afdb618b97 |
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | 47539d0337e97e22a728afc2638d461f |
| SHA1 | d97b37079543b33b9b605c787945f809aed66fd6 |
| SHA256 | 262e52c5bbaa9bcd2dfcb4cf7da83a1efa95ebd0299f82031ad31a6ab19405a5 |
| SHA512 | 3810ebe80173d41785a42459fc5c4a8a31e56294f2c03fe99416925a34d242b88023565057201c9b6dcbdb97c8396d8305a723c0e31bb5b560b031b299672d4a |
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs.js
| MD5 | 8565a303ddc83b03f8662b034597de18 |
| SHA1 | ce6453779eb52055599ddba097a95ab82512ae5b |
| SHA256 | b6ffe8a2973d7050fd5ffcf7ee1c995eef8d8dc5d58cb0a05a6ca0953bd4c6bd |
| SHA512 | 2b667252645b7f1202582beb353fbb2320f81b1f2e42a8327792309709434092a953727b222a5d81bac1482a547a498ca5c9d3d2c772858746cf29d18c684566 |
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\.metadata-v2
| MD5 | 7abc816e004d9ed0f292770cfa8876cb |
| SHA1 | 4a1eeb702543f0819ef7c64b9f3bfd53be292106 |
| SHA256 | 2960d61c10694d76f29beca0eb96c06608cf4bbf479811449a39197e8580842e |
| SHA512 | 9883b894e65a426227ea9808b69e2259f206df76bd9bb9e7c0ebd7521acbdad0a92c4a531f739c93b1e53001eca8a1a42e122baa1e1885b11d4ba34aae24961a |
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\ls-archive.sqlite
| MD5 | d277f533f1d77e26d09bb66764bbeea6 |
| SHA1 | 082920ebe7dfb870cf94a99fc601fd5ae8b456ee |
| SHA256 | 3c957f8d69ccfe73b66c28d378bf301bb1bcb0ceb5c59ac0dafeb5787b24f3c3 |
| SHA512 | 510c78685b20a68160d9041d5a55a022a281fc0fd5777f978dc422d132961bf52ac23a0a95ca47b15715641ecb7a39b359da8d00d305c8543d553c00db54747d |
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | cbb1daad9fc48ab13e35fcd3621a5999 |
| SHA1 | 0eec8ece735465aea259f8223762f93fb13a97a0 |
| SHA256 | 8a03ae38ee38cf04dd9a5e2c5563bfd930886cae2170ed4200829288e5c155da |
| SHA512 | 818629d68123ae629bd5a1c7e768ed79707360457be1b7c50f7c59447bf9ee398fe78c925f037649d6b1ca529a9cf3bf8077b6f525f3e88142c56bc7e5451e8b |
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\.metadata-v2
| MD5 | 2c740091198dcf20b9c600791e2bcc3c |
| SHA1 | dd6f376ba9139ddec20ece64da0760054133db96 |
| SHA256 | e39504c71ba91c438c682a8c83c7ecfc5410b853d7788a4c561a8c6e90bdbe59 |
| SHA512 | a677a432a4af6b5ad0131d224d2e4c999c2340a54ba770f9f39429fd28ad05a921fcf65a1b714af5deae2419abcf8ab38472e15f0f8758ccf7b7769a40bafffc |
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\sessionCheckpoints.json
| MD5 | 48fcad918c62db97e9af1dba1d131473 |
| SHA1 | d89381594d3241b0e645033f67572a5d8c166764 |
| SHA256 | dd8349e2789db1125b477971c5d445b6afb2f6ea3b57de65080631040900fe8c |
| SHA512 | 2278d074aab519859188b047c77fe7b4db718e0af237b63e06a1b095d7a1eb4e07d6ea59cab5d7b1325aae0047fadea36eae12a80bfefe112aab85fc18aa1ca3 |
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\search.json.mozlz4
| MD5 | b6d7fc9b6ebc5f46500acc52bf6c9808 |
| SHA1 | 4fd8111c436d89b83890e98b4cb7d0343e568340 |
| SHA256 | 2bd35c40d02dfca6c685a001287d89c1ec743b8d4d87a0a568c1cbd0b5ba4974 |
| SHA512 | 7e7111112af9448be4da527ae1d76ed93ec1e236dd00db63ff30d93d1f29cd699193e1e2635b110dda3ec36502c25065ef7d1613537451916ea301eb0f3e084b |
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\places.sqlite
| MD5 | 2eeb46e1c58ff1cce4ac2d4d725b2cc6 |
| SHA1 | 89aa36e77e51da31fbbfd682a2acc91f6016d275 |
| SHA256 | e99e5ee165f2a0d5d39c5cc5a1d994c0534cf7caf8779f314f0e92b2d59d2b6a |
| SHA512 | 23d5e39c25375ef4a83713f44615078878253411cd6ca6c4a149de915cd491b328046ddd189a113585361faad6a47ebd6ead31f062681ab25b0f2832a988265e |
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\handlers.json
| MD5 | e7a65c5ead519a7b802f991353c26d3d |
| SHA1 | 34cc3c1cf9bd4912dba5fa422010934e46419fa3 |
| SHA256 | 0e5ce92485da953757f615bad034a43032b220da18f8165dd85347851b56b2d2 |
| SHA512 | 2a6034449ba6f5da8a77870ae665064047cea2460aeb4c8c0b62b308a403fdd30648150209aecc31ab1e50b6d9d94a1f51d3d7d50bbf35ec1b742bff2dbe788d |
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions.json
| MD5 | e2e8f9cf938f81b1185086b12c5c9d90 |
| SHA1 | b67c857a7002b3262f09ffc9fa8524c58a01e5b9 |
| SHA256 | a053bba02f38179197090a9a9849aab872af5b09dc61b2f69efb0d8ea2d0f5e2 |
| SHA512 | 3bab571f5c43ff72ce1dd654b584d053cba937a3d3cc4d07cbf57ac7acc821b199b90fab66abc62dbe32e75297143c810c995d87df076e75a583e321d081d87f |
C:\Users\Admin\AppData\Local\Temp\tmpdjvo5tre\webdriver-py-profilecopy\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
| MD5 | a3fb2788945937b22e92eeeb30fb4f15 |
| SHA1 | 8cade36d4d5067cd9a094ab2e4b3c786e3c160aa |
| SHA256 | 05b98840b05ef2acbac333543e4b7c3d40fee2ce5fb4e29260b05e2ff6fe24cd |
| SHA512 | 4897aefe3a0efffaa3d92842b42fe223f0b9882031a65bea683f4554d1fec92b8a66ea15c67e9b95c7fc12991cde3245010ccfb91768ba233711ced3412c13bc |
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extension-preferences.json
| MD5 | d2e8aceaa00ad916618bea2eee81aedf |
| SHA1 | 28b26f0db0b4b2504a418983089795761c56e4a1 |
| SHA256 | fc52b830f384921b69b457fed04dfb4239fb08e9fe7d8ac07c4c269bd9f6f622 |
| SHA512 | b6cb1f872dfc024d28524976aca3ad8840943ca0fc212326e8b6ee6fe0a57d5120a6c1da824ab70d7f9ee8dd674bdd32ace038db4d893b893830bf3267c6e59d |
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\cookies.sqlite
| MD5 | 5caa766855d5613a999f71b7812d6451 |
| SHA1 | ad0d9a52a0d5cc7f11858301dbe47377ed99ee37 |
| SHA256 | 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27 |
| SHA512 | 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba |
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\content-prefs.sqlite
| MD5 | 2ec530a71bdac21f299f9ddb823be222 |
| SHA1 | 5425aaf19c0832cda06be506e88f2435f432d287 |
| SHA256 | ccad2cafe84d27b3be67a87f0e32b7670e451c7ceefce6f2aa38f658976334b3 |
| SHA512 | 94eec8b0f59c68331d9187dd4dd4aa2b2c31d844e72bf707cd9e0c7c72c64982a3babcacf3d09a996422281ac5479ee304b41a577e54a74308d7a31a7d7091d4 |
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\containers.json
| MD5 | 26dd091069531a62061de8ca1c56d46b |
| SHA1 | 6c9daa73f096174f28f86c9bb245cb8a540f5c2d |
| SHA256 | 2cde4e7f9f1c6ab6fcf729370237845c72314a6c6d942fab1989f37e6c610a9a |
| SHA512 | 180d42c642f5d1126efbf89af33f1b4d1aa936aa530834b508eabcf3ec845aad91daa871ee6517e1181910f5720edbc3788d6a4b2455f1255d7b52b95de2d66d |
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | ecb1dedf5ef99417494e424ca42eb67f |
| SHA1 | e2a293cbba50c6624e75cdaffe472967f3961023 |
| SHA256 | cccd56daa3559a54db61113fbdb5b6c96649cdd65b5cf14bd442c3f2e3b738be |
| SHA512 | 5ea0645775933d5bd2f913d58e344253a58578c920af95bd0fb81ff4f13a4998a919f0856ffdc97541abf9fc3797558b0f2467bc73214b63c7ce568ba87e550b |
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage.sqlite
| MD5 | 7f2754df6a4a580b15910f449892766d |
| SHA1 | 9dcaad98563ed89781f53941cbc43db5454de7f5 |
| SHA256 | d3765d63c380e5a79296d566b7869c08b1f4e079787176f29cf2ddcd76330654 |
| SHA512 | 25f0205a8c4aed02e9e1f9ecafffb36cb3bb795ef9f06cc12ede9e8b0459ae5b86573b3b4980b92073a59204eaf314cba34c03b99e90ab98f804fe378fe02839 |
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\webappsstore.sqlite
| MD5 | 41c22c9f81a84b1b0e5ee7ec2ff7c545 |
| SHA1 | d12424cba9e4e9124bf3f15e556c562b95c9b6a3 |
| SHA256 | 4ffdc78433817da79ad2e84b26a2ffaf62d8c1baf80421751d752c3d8723328f |
| SHA512 | 8b690c55ae0b25aeede62a09dea1ef6b7daa9880ca63c6d4ce192160daded05fe0dc44b115216ce10523e2ec45991873c249f159fe8608712818f5ead327897b |
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\times.json
| MD5 | 797325af481a14ae243f10d5f24b4a0d |
| SHA1 | 718b6ed3d9d839b8fe0a0e097b9ac5f5770ed5a1 |
| SHA256 | 1d70eaebce1c81e3241ae47deb92aab50f90dd8baa4c7cb5e9f7eb6b1e66abb1 |
| SHA512 | ac9aa2b028bdffe24831ba50894fb48eb70b100f6973875987e24f075a3e9196f96699667eb3a5d2e4f86041d510447c75fe6e55562813451712878a3411c3b1 |
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\xulstore.json
| MD5 | 8d689c06cb844185099c0398a280537e |
| SHA1 | 57073c7526ec37e94bb9db44fedc6d50276f7a6b |
| SHA256 | 96729e9b38f216605ff10715f96f364be32f02e2de23ede7e74b78244605124d |
| SHA512 | 3c7df326c695143915df1068cb2c0f58e93e4881b2c4d94b33948b80e954fbd4cf944ae53b4d15002b79fcdb8e88f8e9cf4c89ca50f56b7cfd8a13ea7dd6fff8 |
C:\Users\Admin\AppData\Local\Temp\_MEI41082\Tor Browser\Browser\firefox.exe
| MD5 | 65aa9b0f57d72e4d70e9226322221adc |
| SHA1 | 85fec174d0977afd8c0100c9d9b53c958e1949bf |
| SHA256 | 51b63860fd996d6d5b1753ba6bb7f3a4303f13187fbfecc96ba2b6bae52a7410 |
| SHA512 | f84416a5e9293b8b82993e9424b13d5bb8542d1a379d04f498b60f0b5805626b7c97bcc6f86f6cfd33031b0d65d0ad23ce6d836995b5a481ed29f62ef89b2c85 |
memory/3972-485-0x00007FFC0E430000-0x00007FFC0E431000-memory.dmp
memory/3972-484-0x00007FFC0D930000-0x00007FFC0D931000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile1VC7RN\extensions.json
| MD5 | 541e3e2fd82b7f91ce0db4b20e7ccbf3 |
| SHA1 | 52a5d62653ecaab46e162eb6c955d3efd193e2c3 |
| SHA256 | 5621bede0a9bd83592a0b772fda214b1e535f53eda287026699a14f57e41a946 |
| SHA512 | 292014880920104cb12bafb4540848e63f141fc918ed8627fe3e720a89a457693426359158420d09527a0ddd273014418f96fab7c0d56d2990b4bfa0b30b9249 |
memory/996-520-0x000002B29B810000-0x000002B29B87B000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile1VC7RN\addonStartup.json.lz4
| MD5 | 6f298ed823058ebcfa98af7ac05269fc |
| SHA1 | bbd2ac17f107c454d09ec877353195cef7f50846 |
| SHA256 | 3639e22dd09cac75211a045afa9fbae676dcb361d3a9214b6308c2e62515ec3b |
| SHA512 | 09cbe4f590d99fea9d8bfb454bbdc878134645dfca355193be4f8a23c4b8624faa16c9228944b1e765fbab9dc2b125354d30648c939081c2469c0e72a1fcd2ee |
memory/996-535-0x000002B29BD00000-0x000002B29BDCD000-memory.dmp
memory/2332-555-0x00000212CDBC0000-0x00000212CDBD0000-memory.dmp
memory/3972-587-0x0000026697600000-0x00000266976CD000-memory.dmp
memory/3972-586-0x0000026697070000-0x00000266970DB000-memory.dmp
memory/1140-594-0x0000023347830000-0x000002334789B000-memory.dmp
memory/1140-595-0x0000023347E00000-0x0000023347ECD000-memory.dmp
C:\Users\Admin\AppData\Roaming\tor\cached-microdesc-consensus.tmp
| MD5 | 80e882ce8268212cf4db9fbe44f95336 |
| SHA1 | 85abc152168a20d8db2c6501aa43a97ea72efc8c |
| SHA256 | 32c7fa19bdf922f35368bbda1fd91b30fae89f7e8615c8224901e4e3454ee937 |
| SHA512 | eb6fc2086c0c5b1e2207c675e49713961246559ade42f65f5e1d51e6139e503eacceaa57542664f7161dc320df0403d90bc85e499aa2d0f09c4a3d4236920cd5 |
memory/716-605-0x000001AAC5D00000-0x000001AAC5DCD000-memory.dmp
memory/716-604-0x000001AAC57B0000-0x000001AAC581B000-memory.dmp
memory/1860-606-0x0000026DD1810000-0x0000026DD187B000-memory.dmp
memory/1860-607-0x0000026DD1D00000-0x0000026DD1DCD000-memory.dmp
memory/468-609-0x0000021E4D800000-0x0000021E4D8CD000-memory.dmp
memory/468-608-0x0000021E4D2D0000-0x0000021E4D33B000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile1VC7RN\prefs-1.js
| MD5 | 42b22b5e930d06efb8b8eebeb6a4a5a5 |
| SHA1 | 9d0106689b8b6d1f0ed9d58aaf0a72f2cdf1b25b |
| SHA256 | 8f0ee0097228ecf451fc7a0875dff12f6d4856dd28168a049f811318aa14d383 |
| SHA512 | 18ea7f719153843d705184d2ed5384b435d8e8a720efeaaa487ecf3e8948dfbfaeb557fba18f7c41dfa6e91e388bbb930e48306f6f30bf90a0cecd5280f2bccd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile1VC7RN\prefs-1.js
| MD5 | 3466ce669341d2511345a4be5148439e |
| SHA1 | e6c0c7929ed80daef6da0e35f78061e72a9b000a |
| SHA256 | d68016b4ce6ab283100e742b50c90b22b5713d37da6c79143208889f00bb5c76 |
| SHA512 | 54e9af4580d329548ac7bfc29443bac17bf36ea7a9a8019fb2cc6b5662465e1d71fb101d3ba747c199a7297697885c29b57323f87c4d97cb979e01f443d6ef28 |
C:\Users\Admin\AppData\Roaming\tor\cached-microdescs.new
| MD5 | 7f845e8af4691dee8564588baefc0ed7 |
| SHA1 | cbb30ec5cacd348e1bdc3d41a70f1bd4e5413f25 |
| SHA256 | 653ee9acc3c4da9a16e66f66ac7349bb311f25e8964605c65c9d804e3bf5e439 |
| SHA512 | 80ad3db36de0994dccef5399fa8482709b519ae539612dba4fb4a801709336a948314a17e2762cae083cf6579917415f620f0b65c31eb8d0486a399fac8f7717 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile1VC7RN\prefs-1.js
| MD5 | 54e50527e1332f1924f3960f20c7ee09 |
| SHA1 | 2ea7d62c5cf1c7cb02a55b5334b9f9c825980653 |
| SHA256 | 5c24721e5c46d4928bde83c780fbdaac57203f5bba0677ddd44dbc4aab227dc4 |
| SHA512 | 57902835ce203525186aca74ff28b331fcbe4be6c7539cee1662ccf6b51d673852cc68fee59734cf4cbfa49369435b3b78c24af9610bb2fdf1ad222e673ac6da |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileh9nQqv\sessionCheckpoints.json
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileh9nQqv\prefs-1.js
| MD5 | d12ebe86063ccdef79c45224dffc8377 |
| SHA1 | 1b0a53473e1e5eb837d94cc1a5d76b7870eee2a6 |
| SHA256 | fde79d4ace57a14811e9733357e0b166c3849d3d3224b87c5f67cb2bc7937ba9 |
| SHA512 | a319a06177d2dbefaa19fe1135647331b29177f4eec3c4791799d0e744e23416b7242d19f54214610c6084065100e7a467222aada05f504b0bc5aaa1e25588b0 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileh9nQqv\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileh9nQqv\extension-preferences.json
| MD5 | b4298c9a240d6b7b63346daf94013802 |
| SHA1 | 9ce98168437854b51b198c16186c05129f0c273b |
| SHA256 | e120cdbe8994b9c61e74492f0fad161abb5b4e18f64d4b786a8c245ae5a384d5 |
| SHA512 | 545becc42b35be10b4c24fdc38ef6b664d167e4288111f31478f476c2c06794efb802ac0fa2b782cddea1283d295a56053e96520b033258bd596ff6fbb4f1b4c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileh9nQqv\datareporting\glean\db\data.safe.tmp
| MD5 | 7fba44cb533472c1e260d1f28892d86b |
| SHA1 | 727dce051fc511e000053952d568f77b538107bb |
| SHA256 | 14fb5cda1708000576f35c39c15f80a0c653afaf42ed137a3d31678f94b6e8bf |
| SHA512 | 1330b0f39614a3af2a6f5e1ea558b3f5451a7af20b6f7a704784b139a0ec17a20c8d7b903424cb8020a003319a3d75794e9fe8bc0aeb39e81721b9b2fdb9e031 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileh9nQqv\startupCache\webext.sc.lz4
| MD5 | 1b799cc5b6cf681cfa54d37c8ce8cb06 |
| SHA1 | 2f0fae44eb2fe74542df923e37f0c7e23a74fd17 |
| SHA256 | ce654b3257aec215ee980682aa6a48628dac50252a09301efe8686ff3f406a03 |
| SHA512 | 10263e878623c9375095f150a83e5fe42fb5feccea139e107d37b2337f0c68c4f8a47952247d7e8517876a12dcd696202b8ecdf115577c0e416a489a280451d3 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileh9nQqv\prefs-1.js
| MD5 | 46e42a4bd6c1b3946affc5f9bb733890 |
| SHA1 | 1d466f5534794bdaa710a6dfd609ffcce394610e |
| SHA256 | eeccd66f9bb145d95db847b004cc0c7f93d467f0ed814201d52d8395247106d0 |
| SHA512 | 2594aa1861989a84cb5c8d69af483ef1f6d6cc4c941a8b0f56d816d2041843b65885f2bd0708cdd412adbdb904971ded24ce9a0481b7441f05ad27c9bdbe942d |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileh9nQqv\broadcast-listeners.json
| MD5 | 97c3738563a9448365a735f5f29ed3d5 |
| SHA1 | 15a81433236ca6e6ecc4e1c8d0fdb8523b265c57 |
| SHA256 | 63221253f5c30efa214c2cd2adcf51a9c9f9a2c05f119b00a51c9579825c2c24 |
| SHA512 | ed98f42d5d02ab53a9e50f80b312bed4b5d05d053bec582cf9d619ef91251e86cf4f4d1123c645500fc1dc4673b49a8b7badd3f3a39f565ac643ca4fd0157ae6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileh9nQqv\prefs-1.js
| MD5 | 0b244c4755d618904138f8a330248935 |
| SHA1 | 6ff6f1f3fc292d3dc03852b18c8647493c1b65dc |
| SHA256 | 74be421f7318f554a1337c7eff24a45a520b18f3529c47e9dd809e9fcc3bfecc |
| SHA512 | a778b98d0cf81f7c8ac292a847c27dbec1352af041cdffb016dbc4325edf979da6ebf1a81d687b4897481612fdeb4b74cb2f4b8526a08670a7e83785b8c3c48d |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileh9nQqv\sessionCheckpoints.json
| MD5 | 99601438ae1349b653fcd00278943f90 |
| SHA1 | 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9 |
| SHA256 | 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a |
| SHA512 | ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileh9nQqv\sessionCheckpoints.json
| MD5 | 65690c43c42921410ec8043e34f09079 |
| SHA1 | 362add4dbd0c978ae222a354a4e8d35563da14b4 |
| SHA256 | 7343d5a46e2fca762305a4f85c45484a49c1607ede8e8c4bd12bedd2327edb8d |
| SHA512 | c0208d51cf1586e75f22764b82c48ecbb42c1ff54aa412a85af13d686e0119b4e49e98450d25c70e3792d3b9c2cda0c5ab0c6931ebaf548693bb970a35ae62b9 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileh9nQqv\sessionCheckpoints.json
| MD5 | 2d87ba02e79c11351c1d478b06ca9b29 |
| SHA1 | 4b0fb1927ca869256e9e2e2d480c3feb8e67e6f1 |
| SHA256 | 16b7be97c92e0b75b9f8a3c22e90177941c7e6e3fbb97c8d46432554429f3524 |
| SHA512 | be7e128c140a88348c3676afc49a143227c013056007406c66a3cae16aae170543ca8a0749136702411f502f2c933891d7dcdde0db81c5733415c818f1668185 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileh9nQqv\sessionCheckpoints.json
| MD5 | 29ce37dc02c78bbe2e5284d350fae004 |
| SHA1 | bab97d5908ea6592aef6b46cee1ded6f34693fa2 |
| SHA256 | 1bfee61e2f346959c53aa41add4b02d2b05c86c9f19ffefe1018f4a964bf4693 |
| SHA512 | 53a9eb746e193c088210d8eaa6218d988f3a67ee4cb21844d682ff0178db040932404f5ce2f3cf8b4576313ba0ec33c04ca288c3412bfa5df7dd8230cc2068bb |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileh9nQqv\xulstore.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileh9nQqv\prefs-1.js
| MD5 | 646197ba3fb1e8d39ff6b9a639462abe |
| SHA1 | 84c884aa13d4520d1e8e69ebebec8e576141a6d0 |
| SHA256 | cd825a7a992c4a349bb9e6751a1f3aca8261c0677f6a9be50b9884a665061264 |
| SHA512 | 515d7e654959696452da7c0948b00544760c250716f1f30b4ad011c71d80a3882c6a39651200ef0a025ed1c7eac297b4c41dd716487f5e467d1c2245f041a87d |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileKTu9UO\user.js
| MD5 | 5efb5f46183456a97d0bb24819bef833 |
| SHA1 | dbf04c199c7abde4f99e09be1048f97fce609b95 |
| SHA256 | 8abd81bccfd7440001c88fa719295d38fd8cbc8fa476888362a7286bdfeccba3 |
| SHA512 | 40c3c37a1885c172aa7547bf388c880617f9de9baf6ed24d2300db0f72313fbb9cc3eec5f9c09d84f5523918aafbfb3f9ebf3333874ad1f5285af7c7fd256bb3 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileKTu9UO\prefs.js
| MD5 | f4a0653321bac635689172c3c55009ac |
| SHA1 | bd4dfbaf799bbcff2b68ceecc383229e958a4411 |
| SHA256 | 9bd3d8e23b21f941da39c46dee59a9d707620103b4d88bbf4e19032dbf427c49 |
| SHA512 | 555ddb18102c43bb7fff481d68c56135ed97c4dabeeb606e00031100c75ee4e12cf45ecd7eb9bfcc3e6125ed2110eca13538d353a4502798df77b40ec8bd0808 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileKTu9UO\startupCache\scriptCache-child-new.bin
| MD5 | 2724d7dd31542eea53805994d9290cd8 |
| SHA1 | 7b5d8536b060269d79848eaa6e2362333bc0f8ec |
| SHA256 | 72f0d983fa1c2017f7402b19caf50305d7bd8001ed4e7797bc3dc0528f3081a1 |
| SHA512 | 6ea98f95ca46f2b83081b546bf6238de11a829853105233bb29cf9ceeb69ace8c69ae90e94c9b5143f91f05713cfbf82f63265733f6233ecf5acb867758c1ee0 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileKTu9UO\prefs.js
| MD5 | c5b8c7c3537b44edf0155ae11e67783f |
| SHA1 | e92c129af68836109c2c4f2f9fc23ab04d3eb235 |
| SHA256 | 86fc1b2acd81e581572db8389f425871d1761658a128e3cb59f3179a78ee0d44 |
| SHA512 | 7a26347ed3040c801c347c40d4fe41a085fe815743c427124dcfd97dee9aa25edaa0a68e4fecaf020480d5ffda166154c48d72a5fd2c7ab1fa990d904fa32cbe |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileKTu9UO\prefs-1.js
| MD5 | ea309a7586875f139c051256b6094468 |
| SHA1 | b4ae18fa3ee7605d76dfc6cd97a39773a376fc98 |
| SHA256 | b1af7462c1ac38f29fb2e43f6d9342bc3d26ef31fa9587548713d369f9132100 |
| SHA512 | bee2c20a1810dbba89e73770cd9697b6b814e0ce097ddc984491f52afbe877245ae77069a6afdbeaed6810573fdf397bed815969642e78545508e3d6d8f5f288 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileKTu9UO\prefs-1.js
| MD5 | ee1b66ea7b64b34b1bb17ef260eb096f |
| SHA1 | 129ab3fe65103cf7ccad22e996d4efe6ed47cab4 |
| SHA256 | ba12dee754c7fe149776c49ead63573244f8c309ef9cd75e425a48352bf9a260 |
| SHA512 | e75c8a89c134a76e4ebb1e3b534a201274af05c3bda3cd8d51ac4bf117f051cc23b378c25e35a051919ac2b2a1ae8d1a66f4377df15a8c0fb997aab5c151e07e |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilesZKXXz\datareporting\glean\db\data.safe.tmp
| MD5 | 7d3d11283370585b060d50a12715851a |
| SHA1 | 3a05d9b7daa2d377d95e7a5f3e8e7a8f705938e3 |
| SHA256 | 86bff840e1bec67b7c91f97f4d37e3a638c5fdc7b56aae210b01745f292347b9 |
| SHA512 | a185a956e7105ad5a903d5d0e780df9421cf7b84ef1f83f7e9f3ab81bf683b440f23e55df4bbd52d60e89af467b5fc949bf1faa7810c523b98c7c2361fde010e |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilesZKXXz\prefs.js
| MD5 | 548364bc733f0ebf6fa0243614bd7349 |
| SHA1 | c9e1178a7e8ea3a46eb4f0c9112240225414ff4e |
| SHA256 | 46ea9d552ce5f7740388e7ef0451ae6d4c358d0f95db4d42eef6169fdcb73655 |
| SHA512 | 2f279a4ab589d424f80121d7a0a5aaa8c88429788b5095c34ef70394462941f4ff28a86d1d54db650f991d3928cdaf1c998dee62f8e0267b2eeed75175d3485e |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilesZKXXz\prefs-1.js
| MD5 | 07eea3e8ff85a4bb4ca579a3293ab7e0 |
| SHA1 | 3fede1785cfcc86705a545fb66eb8a74e6fc0c4a |
| SHA256 | 5e2c800a2a81b0caa06bffff0e06d248d82e83baa820a0138673b9e5d4029684 |
| SHA512 | 530da0df7505ea03286bdbdcb9293c612324af806d05e10e8c7533d3e5d5786fa81355db7a0155d9fa21c4341b0b7625ab515b9905aebe81fd54eca0b93f0490 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilesZKXXz\prefs-1.js
| MD5 | 574d13cdb10960547cc2484aaae2fc83 |
| SHA1 | a1979246d7a7b881e141bcd453fc211f85b073b3 |
| SHA256 | bdbfa8271086911237d523bdf5af61c15478b1ec4dfe43935c4c64c155d4f17b |
| SHA512 | 8f8943e8aff1f6cd7e08e65b6dc86b550a3a1b15bc401a8b2d38374464af1c5fa66d678754e143833649f701b5403978e1fda62155577d4787d79363710b105a |
Analysis: behavioral5
Detonation Overview
Submitted
2024-05-09 01:55
Reported
2024-05-09 02:07
Platform
win11-20240426-en
Max time kernel
300s
Max time network
306s
Command Line
Signatures
Executes dropped EXE
Loads dropped DLL
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-2551177587-3778486488-1329702901-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2551177587-3778486488-1329702901-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2551177587-3778486488-1329702901-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2551177587-3778486488-1329702901-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2551177587-3778486488-1329702901-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "ver"
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\TorBrowser\Tor\tor.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Users\Admin\AppData\Local\Temp\_MEI39762\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI39762\geckodriver.exe --port 50009 --websocket-port 50010
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50010 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileB8xwIH
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50010 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileB8xwIH
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2884.0.421989850\2105449892" -parentBuildID 20240416150000 -prefsHandle 1700 -prefMapHandle 1680 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\browser" - {a8bb5814-efa6-4b85-8a91-952f9a418dd9} 2884 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2884.1.555815200\1719340220" -childID 1 -isForBrowser -prefsHandle 2660 -prefMapHandle 2304 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1360 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\browser" - {900c8345-6080-432f-9c07-8418104268d8} 2884 tab
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2884.2.597693601\882416799" -childID 2 -isForBrowser -prefsHandle 2920 -prefMapHandle 2660 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1360 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\browser" - {e173b2df-1f29-495b-8575-bd52b5699b2e} 2884 tab
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2884.3.1359815515\363790523" -childID 3 -isForBrowser -prefsHandle 3704 -prefMapHandle 3708 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1360 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\browser" - {4c895130-e7d0-4474-9341-3bf619974e73} 2884 tab
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2884.4.1321236527\63358844" -childID 4 -isForBrowser -prefsHandle 1548 -prefMapHandle 1544 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1360 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\browser" - {37fd0dcc-827f-425b-b410-34743b2bc802} 2884 tab
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2884.5.1939095488\228507887" -childID 5 -isForBrowser -prefsHandle 3960 -prefMapHandle 3956 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1360 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\browser" - {10bbbb35-2641-491a-907e-7ef807ed085d} 2884 tab
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2884.6.188387885\1687863518" -childID 6 -isForBrowser -prefsHandle 3208 -prefMapHandle 3332 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1360 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\browser" - {4a0c46cb-2d40-4ddc-b082-4e63fc8ee9c3} 2884 tab
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2884.7.2112278517\1538632704" -childID 7 -isForBrowser -prefsHandle 4524 -prefMapHandle 3960 -prefsLen 25367 -prefMapSize 245849 -jsInitHandle 1360 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\browser" - {a6ce3543-1fcc-47c9-b2e2-056568da7cf3} 2884 tab
C:\Users\Admin\AppData\Local\Temp\_MEI39762\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI39762\geckodriver.exe --port 50009 --websocket-port 50010
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50010 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileVoCbcX
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50010 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileVoCbcX
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4728.0.129088898\1342904109" -parentBuildID 20240416150000 -prefsHandle 1708 -prefMapHandle 1700 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\browser" - {8a806d3c-01b4-4637-8e4c-e846392a7228} 4728 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4728.1.1065024089\350858047" -childID 1 -isForBrowser -prefsHandle 2392 -prefMapHandle 2744 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1360 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\browser" - {211e9d65-6fe9-44d7-9282-aee45580dc07} 4728 tab
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4728.2.547599208\2139851954" -childID 2 -isForBrowser -prefsHandle 3200 -prefMapHandle 3196 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1360 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\browser" - {d755cfc0-5448-4ad8-8a10-4fe7740619c4} 4728 tab
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4728.3.756246008\1921924361" -childID 3 -isForBrowser -prefsHandle 3212 -prefMapHandle 3124 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1360 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\browser" - {be7eb80e-df5b-45cb-9e69-6a139b573177} 4728 tab
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4728.4.1734441291\1341879228" -childID 4 -isForBrowser -prefsHandle 3296 -prefMapHandle 3124 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1360 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\browser" - {f5d2e66c-627f-4ad9-bd9b-e90aec7a2970} 4728 tab
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4728.5.958167935\693832975" -childID 5 -isForBrowser -prefsHandle 3760 -prefMapHandle 3868 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1360 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\browser" - {cd50b718-792e-4e00-ac6d-7278893c5520} 4728 tab
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4728.6.874272291\1924673496" -childID 6 -isForBrowser -prefsHandle 3884 -prefMapHandle 3880 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1360 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\browser" - {23bf3dcc-6a76-4601-97cf-024893057ec6} 4728 tab
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4728.7.1999647272\1609320490" -childID 7 -isForBrowser -prefsHandle 4468 -prefMapHandle 4464 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1360 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\browser" - {e2d7bce1-7d51-46e2-975c-ad79b3709f36} 4728 tab
C:\Users\Admin\AppData\Local\Temp\_MEI39762\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI39762\geckodriver.exe --port 50009 --websocket-port 50010
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50010 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileWRo0dS
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50010 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileWRo0dS
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1004.0.62329615\829204239" -parentBuildID 20240416150000 -prefsHandle 1700 -prefMapHandle 1692 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\browser" - {fddf33fd-42ce-4ab9-be96-5b25bc3e830a} 1004 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1004.1.1778068178\1240814096" -childID 1 -isForBrowser -prefsHandle 2732 -prefMapHandle 2728 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1348 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\browser" - {577c144e-aefc-4eac-bd38-e4e15744b83e} 1004 tab
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1004.2.1371715511\2130520559" -childID 2 -isForBrowser -prefsHandle 3084 -prefMapHandle 3080 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1348 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\browser" - {8eefa9d6-6f85-4b53-ab6a-f6afa4060833} 1004 tab
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1004.3.2017868820\1449332432" -childID 3 -isForBrowser -prefsHandle 3256 -prefMapHandle 3244 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1348 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\browser" - {1d1a1fef-26a0-4bc9-a658-9fd8ba7ee4d4} 1004 tab
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1004.4.66265165\767803526" -childID 4 -isForBrowser -prefsHandle 3724 -prefMapHandle 3720 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1348 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\browser" - {8fcc6021-2729-43c9-a761-c33cae8aee43} 1004 tab
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1004.5.1544978423\834404677" -childID 5 -isForBrowser -prefsHandle 3968 -prefMapHandle 3964 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1348 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\browser" - {66d20097-3d1f-4d6f-9025-4de40842d1e7} 1004 tab
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1004.6.419588560\646073656" -childID 6 -isForBrowser -prefsHandle 4064 -prefMapHandle 4068 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1348 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\browser" - {81b2e62b-82ea-46b1-9259-7e071395cb94} 1004 tab
C:\Users\Admin\AppData\Local\Temp\_MEI39762\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI39762\geckodriver.exe --port 50009 --websocket-port 50010
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50010 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileA8nPoZ
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50010 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileA8nPoZ
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe" -contentproc --channel="3204.0.1194840892\779347181" -parentBuildID 20240416150000 -prefsHandle 1700 -prefMapHandle 1680 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\browser" - {26eae2c9-15aa-4762-b25a-3f32c0d6f3cd} 3204 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe" -contentproc --channel="3204.1.282622441\481415555" -childID 1 -isForBrowser -prefsHandle 2456 -prefMapHandle 2844 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1296 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\browser" - {9fe71428-ee7e-464e-997e-04ccece83d06} 3204 tab
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe" -contentproc --channel="3204.2.1440403364\318732376" -childID 2 -isForBrowser -prefsHandle 3080 -prefMapHandle 3076 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1296 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\browser" - {2183e437-32bf-4daf-895f-84bd52e2834f} 3204 tab
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe" -contentproc --channel="3204.3.1013070743\939730148" -childID 3 -isForBrowser -prefsHandle 3676 -prefMapHandle 3680 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1296 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\browser" - {c42394dd-37ec-4172-9440-7bd1f4680198} 3204 tab
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe" -contentproc --channel="3204.4.53932218\1879759299" -childID 4 -isForBrowser -prefsHandle 3644 -prefMapHandle 3168 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1296 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\browser" - {e9ba11c9-101b-4bcb-a356-34d9c7757960} 3204 tab
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe" -contentproc --channel="3204.5.1066640923\1564189219" -childID 5 -isForBrowser -prefsHandle 3448 -prefMapHandle 3428 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1296 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\browser" - {f86b6b35-00de-49dd-9288-0877e9cccfc9} 3204 tab
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe" -contentproc --channel="3204.6.2118509917\944242563" -childID 6 -isForBrowser -prefsHandle 4084 -prefMapHandle 4080 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1296 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\browser" - {7db51b4b-fc02-40b0-8625-1fc1e24d1409} 3204 tab
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe" -contentproc --channel="3204.7.363096648\18657983" -childID 7 -isForBrowser -prefsHandle 4376 -prefMapHandle 4372 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1296 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\browser" - {128fdd9b-84cf-46b1-80ef-5dc123077f1b} 3204 tab
C:\Users\Admin\AppData\Local\Temp\_MEI39762\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI39762\geckodriver.exe --port 50009 --websocket-port 50010
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50010 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilewTrhlw
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50010 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilewTrhlw
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4184.0.37529565\318870096" -parentBuildID 20240416150000 -prefsHandle 1708 -prefMapHandle 1700 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\browser" - {44bb326d-04b3-4ed1-8e87-579ef1b1a001} 4184 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4184.1.1168511313\1461420259" -childID 1 -isForBrowser -prefsHandle 2800 -prefMapHandle 1412 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1288 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\browser" - {b503709c-934d-44d0-a512-2e509c0dc1f2} 4184 tab
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4184.2.1521118548\688668413" -childID 2 -isForBrowser -prefsHandle 3132 -prefMapHandle 3128 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1288 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\browser" - {70997038-ea4e-410f-928d-5535a03582f8} 4184 tab
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4184.3.813951356\1673320147" -childID 3 -isForBrowser -prefsHandle 3148 -prefMapHandle 3260 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1288 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\browser" - {130c5966-da54-48ba-995a-7651639aa313} 4184 tab
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4184.4.70234769\1681654973" -childID 4 -isForBrowser -prefsHandle 1552 -prefMapHandle 1548 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1288 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\browser" - {83077fdf-9130-4761-b4dc-19897ceebe86} 4184 tab
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4184.5.696411574\592007126" -childID 5 -isForBrowser -prefsHandle 3956 -prefMapHandle 3952 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1288 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\browser" - {8126261c-6dd7-47e9-a2f3-1985ad896a40} 4184 tab
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4184.6.1202405481\1741534970" -childID 6 -isForBrowser -prefsHandle 4052 -prefMapHandle 4056 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1288 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\browser" - {ed6025bd-3956-43b0-981e-6f9ae2cb6fc0} 4184 tab
Network
| Country | Destination | Domain | Proto |
| LU | 107.189.1.9:9100 | tcp | |
| US | 8.8.8.8:53 | 9.1.189.107.in-addr.arpa | udp |
| DE | 94.130.51.212:9090 | tcp | |
| BG | 82.118.242.226:9001 | tcp | |
| US | 8.8.8.8:53 | 212.51.130.94.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.242.118.82.in-addr.arpa | udp |
| N/A | 127.0.0.1:50112 | tcp | |
| N/A | 127.0.0.1:50114 | tcp | |
| N/A | 127.0.0.1:50009 | tcp | |
| N/A | 127.0.0.1:50009 | tcp | |
| N/A | 127.0.0.1:50217 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50225 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50009 | tcp | |
| N/A | 127.0.0.1:50009 | tcp | |
| N/A | 127.0.0.1:50009 | tcp | |
| N/A | 127.0.0.1:50572 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50580 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50009 | tcp | |
| N/A | 127.0.0.1:50009 | tcp | |
| N/A | 127.0.0.1:50009 | tcp | |
| N/A | 127.0.0.1:50873 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50881 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| US | 52.111.227.13:443 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50009 | tcp | |
| N/A | 127.0.0.1:50009 | tcp | |
| N/A | 127.0.0.1:50009 | tcp | |
| N/A | 127.0.0.1:51192 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51200 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:50009 | tcp | |
| N/A | 127.0.0.1:50009 | tcp | |
| N/A | 127.0.0.1:50009 | tcp | |
| N/A | 127.0.0.1:51567 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51575 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\_MEI39762\_ctypes.pyd
| MD5 | 291a0a9b63bae00a4222a6df71a22023 |
| SHA1 | 7a6a2aad634ec30e8edb2d2d8d0895c708d84551 |
| SHA256 | 820e840759eed12e19f3c485fd819b065b49d9dc704ae3599a63077416d63324 |
| SHA512 | d43ef6fc2595936b17b0a689a00be04968f11d7c28945af4c3a74589bd05f415bf4cb3b4e22ac496490daff533755999a69d5962ccffd12e09c16130ed57fd09 |
C:\Users\Admin\AppData\Local\Temp\_MEI39762\_ssl.pyd
| MD5 | d4dfd8c2894670e9f8d6302c09997300 |
| SHA1 | c3a6cc8d8079a06a4cac8950e0baba2b43fb1f8e |
| SHA256 | 0a721fc230eca278a69a2006e13dfa00e698274281378d4df35227e1f68ea3e0 |
| SHA512 | 1422bf45d233e2e3f77dce30ba0123625f2a511f73dfdf42ee093b1755963d9abc371935111c28f0d2c02308c5e82867de2546d871c35e657da32a7182026048 |
C:\Users\Admin\AppData\Local\Temp\_MEI39762\libssl-1_1.dll
| MD5 | 75c95d1a05191a2f9101e24f60b6eff7 |
| SHA1 | f6136241c5983c4461df069c24a8669fac614539 |
| SHA256 | e3eaafdb87602671c30409f941651bfbcc42a0068337f605ff5a38d6283e1788 |
| SHA512 | 71c894f6232c1b392184daa816adacad058af56e4b05bfdec8e0f1a535c5e4f277bac3b043e92a257bc427727be149e73165fe871442fc77f7a34dbf42f208dd |
C:\Users\Admin\AppData\Local\Temp\_MEI39762\_queue.pyd
| MD5 | dd146e2fa08302496b15118bf47703cf |
| SHA1 | d06813e2fcb30cbb00bb3893f30c2661686cf4b7 |
| SHA256 | 67e4e888559ea2c62ff267b58d7a7e95c2ec361703b5aa232aa8b2a1f96a2051 |
| SHA512 | 5b93a782c9562370fc5b3f289ca422b4d1a1c532e81bd6c95a0063f2e3889ecf828003e42b674439fc7cd0fa72f64ad607bab6910abe9d959a4fb9fb08df263c |
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | ecb1dedf5ef99417494e424ca42eb67f |
| SHA1 | e2a293cbba50c6624e75cdaffe472967f3961023 |
| SHA256 | cccd56daa3559a54db61113fbdb5b6c96649cdd65b5cf14bd442c3f2e3b738be |
| SHA512 | 5ea0645775933d5bd2f913d58e344253a58578c920af95bd0fb81ff4f13a4998a919f0856ffdc97541abf9fc3797558b0f2467bc73214b63c7ce568ba87e550b |
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | dff7c11471a2f55c9dcdbffacbdd24e6 |
| SHA1 | a86bf99113b0118aaeca6ff79a53d2b1a68b85a8 |
| SHA256 | 88a08a38f16810abfce451d234a6e02bf61a808bce1a897b6dbc399d0e1a90f5 |
| SHA512 | f56698f649e4b688dcc2bd4b4f573bcf5ef4a5464290f82766e5bfe35c9f85ca2d619f6800b86356c31b9d4875d8e46909a07166593da8cca5f612069d836b48 |
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | 486fe872808014e51f75515c56a40cb6 |
| SHA1 | e7fa97e2e174aaa9badd0a04818364a9083874be |
| SHA256 | 90f55bbc9ddc538491475502e381a01c26472773900c41c1db19bc89860f6a08 |
| SHA512 | f2b0cb9a683e3e19d995040339660da9f2903dff885fba6f5a76adf7113e4d0789aeb295b4a33905615bd9efb8c733ad8cb349af6ba8015e0013546aea91ee8a |
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\.metadata-v2
| MD5 | 7abc816e004d9ed0f292770cfa8876cb |
| SHA1 | 4a1eeb702543f0819ef7c64b9f3bfd53be292106 |
| SHA256 | 2960d61c10694d76f29beca0eb96c06608cf4bbf479811449a39197e8580842e |
| SHA512 | 9883b894e65a426227ea9808b69e2259f206df76bd9bb9e7c0ebd7521acbdad0a92c4a531f739c93b1e53001eca8a1a42e122baa1e1885b11d4ba34aae24961a |
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\ls-archive.sqlite
| MD5 | d277f533f1d77e26d09bb66764bbeea6 |
| SHA1 | 082920ebe7dfb870cf94a99fc601fd5ae8b456ee |
| SHA256 | 3c957f8d69ccfe73b66c28d378bf301bb1bcb0ceb5c59ac0dafeb5787b24f3c3 |
| SHA512 | 510c78685b20a68160d9041d5a55a022a281fc0fd5777f978dc422d132961bf52ac23a0a95ca47b15715641ecb7a39b359da8d00d305c8543d553c00db54747d |
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | cbb1daad9fc48ab13e35fcd3621a5999 |
| SHA1 | 0eec8ece735465aea259f8223762f93fb13a97a0 |
| SHA256 | 8a03ae38ee38cf04dd9a5e2c5563bfd930886cae2170ed4200829288e5c155da |
| SHA512 | 818629d68123ae629bd5a1c7e768ed79707360457be1b7c50f7c59447bf9ee398fe78c925f037649d6b1ca529a9cf3bf8077b6f525f3e88142c56bc7e5451e8b |
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\.metadata-v2
| MD5 | 2c740091198dcf20b9c600791e2bcc3c |
| SHA1 | dd6f376ba9139ddec20ece64da0760054133db96 |
| SHA256 | e39504c71ba91c438c682a8c83c7ecfc5410b853d7788a4c561a8c6e90bdbe59 |
| SHA512 | a677a432a4af6b5ad0131d224d2e4c999c2340a54ba770f9f39429fd28ad05a921fcf65a1b714af5deae2419abcf8ab38472e15f0f8758ccf7b7769a40bafffc |
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\sessionCheckpoints.json
| MD5 | 48fcad918c62db97e9af1dba1d131473 |
| SHA1 | d89381594d3241b0e645033f67572a5d8c166764 |
| SHA256 | dd8349e2789db1125b477971c5d445b6afb2f6ea3b57de65080631040900fe8c |
| SHA512 | 2278d074aab519859188b047c77fe7b4db718e0af237b63e06a1b095d7a1eb4e07d6ea59cab5d7b1325aae0047fadea36eae12a80bfefe112aab85fc18aa1ca3 |
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\search.json.mozlz4
| MD5 | b6d7fc9b6ebc5f46500acc52bf6c9808 |
| SHA1 | 4fd8111c436d89b83890e98b4cb7d0343e568340 |
| SHA256 | 2bd35c40d02dfca6c685a001287d89c1ec743b8d4d87a0a568c1cbd0b5ba4974 |
| SHA512 | 7e7111112af9448be4da527ae1d76ed93ec1e236dd00db63ff30d93d1f29cd699193e1e2635b110dda3ec36502c25065ef7d1613537451916ea301eb0f3e084b |
C:\Users\Admin\AppData\Local\Temp\_MEI39762\unicodedata.pyd
| MD5 | 74f0f14027b885ef241534fa196562c4 |
| SHA1 | ce3b7da95afcc5d5a1ba98b3559838fd5c590ad4 |
| SHA256 | 0699d54b62a6af51ba3066d2234cdd0993888e96e508f6601bbc072c5ed850c5 |
| SHA512 | 44e53181dbf565f374ffe66f8963d2e48733325df23fd0d4e3d4ecc23a7dcbebc5553a8aba83e918a59263c43a29d2873f252249e43d20525def232fdff0ac18 |
C:\Users\Admin\AppData\Local\Temp\_MEI39762\geckodriver.exe
| MD5 | 0c5db0eb17c8d3d150f83fe1f6f1cdac |
| SHA1 | c4ec34bd1ddfa10b7f9573bd8b78e2156df072a9 |
| SHA256 | 12fc60109b5babb7220ae9b1ba044c03362c14571ddbc0cdbf862b9cf099b716 |
| SHA512 | 5a7312adc507ac1c59ae543d06a943f01214b7e417e9f992beea3a3b782480c8806e42afa96e8eb66ce394a2b6b47052260ed0b509d08e7db0a64f493e85aee7 |
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs.js
| MD5 | 8565a303ddc83b03f8662b034597de18 |
| SHA1 | ce6453779eb52055599ddba097a95ab82512ae5b |
| SHA256 | b6ffe8a2973d7050fd5ffcf7ee1c995eef8d8dc5d58cb0a05a6ca0953bd4c6bd |
| SHA512 | 2b667252645b7f1202582beb353fbb2320f81b1f2e42a8327792309709434092a953727b222a5d81bac1482a547a498ca5c9d3d2c772858746cf29d18c684566 |
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\xulstore.json
| MD5 | 8d689c06cb844185099c0398a280537e |
| SHA1 | 57073c7526ec37e94bb9db44fedc6d50276f7a6b |
| SHA256 | 96729e9b38f216605ff10715f96f364be32f02e2de23ede7e74b78244605124d |
| SHA512 | 3c7df326c695143915df1068cb2c0f58e93e4881b2c4d94b33948b80e954fbd4cf944ae53b4d15002b79fcdb8e88f8e9cf4c89ca50f56b7cfd8a13ea7dd6fff8 |
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\places.sqlite
| MD5 | a476120b2211f8725f3764352a6f7d28 |
| SHA1 | 5c166fed2eb792fb4a59ae42abfd6f6cd1a07e7d |
| SHA256 | 248d9a84421bf8408d6e127666b662f2dca9188d4d7487cf7f018f54c903cee6 |
| SHA512 | fa8801bcea830ceba340c28d9a3be61711b1ee312368364d51c56aa8df19931e237373674e41b523cb1a4446476cec62c1595582923ce64706c1e5198aea69da |
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\handlers.json
| MD5 | e7a65c5ead519a7b802f991353c26d3d |
| SHA1 | 34cc3c1cf9bd4912dba5fa422010934e46419fa3 |
| SHA256 | 0e5ce92485da953757f615bad034a43032b220da18f8165dd85347851b56b2d2 |
| SHA512 | 2a6034449ba6f5da8a77870ae665064047cea2460aeb4c8c0b62b308a403fdd30648150209aecc31ab1e50b6d9d94a1f51d3d7d50bbf35ec1b742bff2dbe788d |
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\favicons.sqlite
| MD5 | a25f4695bbc2cc3bb10bfc72fe8c7c91 |
| SHA1 | 746ab4d71282026d95f6ff41dbec04eb801f0ff3 |
| SHA256 | a813d451fefd83c27db756cb1482a8877ef260059ac06eceb462c07f16afcbca |
| SHA512 | 914a179074abbb31753501a96d0be7271af768c91dfdfa25f57d97ea65241fa5fa2fb64c3b07e069e2e745a99775cc45a8695a6581950246ad741166344602a0 |
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions.json
| MD5 | e2e8f9cf938f81b1185086b12c5c9d90 |
| SHA1 | b67c857a7002b3262f09ffc9fa8524c58a01e5b9 |
| SHA256 | a053bba02f38179197090a9a9849aab872af5b09dc61b2f69efb0d8ea2d0f5e2 |
| SHA512 | 3bab571f5c43ff72ce1dd654b584d053cba937a3d3cc4d07cbf57ac7acc821b199b90fab66abc62dbe32e75297143c810c995d87df076e75a583e321d081d87f |
C:\Users\Admin\AppData\Local\Temp\tmp04w7zkny\webdriver-py-profilecopy\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
| MD5 | a3fb2788945937b22e92eeeb30fb4f15 |
| SHA1 | 8cade36d4d5067cd9a094ab2e4b3c786e3c160aa |
| SHA256 | 05b98840b05ef2acbac333543e4b7c3d40fee2ce5fb4e29260b05e2ff6fe24cd |
| SHA512 | 4897aefe3a0efffaa3d92842b42fe223f0b9882031a65bea683f4554d1fec92b8a66ea15c67e9b95c7fc12991cde3245010ccfb91768ba233711ced3412c13bc |
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
| MD5 | 99e05b86c897bbc2a33698d443d918c7 |
| SHA1 | 54b10038ed0559b7e8b9f3d115702e7ddf1662e5 |
| SHA256 | 1fe298050cf93ccc745b1bef4dc34436f49f35429d5c418b3900d5a1f0d7ec01 |
| SHA512 | fa4052a39d0cb28ffe750d2ec42dacec6c0837d72cf9715d74a20083fd2086f61acbbca53b453ba591f357cde536c2688d31b94f6b739a4596b03e30c310b47c |
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extension-preferences.json
| MD5 | d2e8aceaa00ad916618bea2eee81aedf |
| SHA1 | 28b26f0db0b4b2504a418983089795761c56e4a1 |
| SHA256 | fc52b830f384921b69b457fed04dfb4239fb08e9fe7d8ac07c4c269bd9f6f622 |
| SHA512 | b6cb1f872dfc024d28524976aca3ad8840943ca0fc212326e8b6ee6fe0a57d5120a6c1da824ab70d7f9ee8dd674bdd32ace038db4d893b893830bf3267c6e59d |
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\datareporting\glean\db\data.safe.bin
| MD5 | b1c8aa9861b461806c9e738511edd6ae |
| SHA1 | fe13c1bbc7e323845cbe6a1bb89259cbd05595f8 |
| SHA256 | 7cea48e7add3340b36f47ba4ea2ded8d6cb0423ffc2a64b44d7e86e0507d6b70 |
| SHA512 | 841a0f8c98dd04dc9a4be2f05c34ecd511388c76d08ca0f415bfb6056166d9a521b8bc2c46b74697f3ecdac5141d1fe6af76dd0689350caca14e9f849ee75a8b |
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\cookies.sqlite
| MD5 | 5caa766855d5613a999f71b7812d6451 |
| SHA1 | ad0d9a52a0d5cc7f11858301dbe47377ed99ee37 |
| SHA256 | 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27 |
| SHA512 | 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba |
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\content-prefs.sqlite
| MD5 | 2ec530a71bdac21f299f9ddb823be222 |
| SHA1 | 5425aaf19c0832cda06be506e88f2435f432d287 |
| SHA256 | ccad2cafe84d27b3be67a87f0e32b7670e451c7ceefce6f2aa38f658976334b3 |
| SHA512 | 94eec8b0f59c68331d9187dd4dd4aa2b2c31d844e72bf707cd9e0c7c72c64982a3babcacf3d09a996422281ac5479ee304b41a577e54a74308d7a31a7d7091d4 |
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\containers.json
| MD5 | 26dd091069531a62061de8ca1c56d46b |
| SHA1 | 6c9daa73f096174f28f86c9bb245cb8a540f5c2d |
| SHA256 | 2cde4e7f9f1c6ab6fcf729370237845c72314a6c6d942fab1989f37e6c610a9a |
| SHA512 | 180d42c642f5d1126efbf89af33f1b4d1aa936aa530834b508eabcf3ec845aad91daa871ee6517e1181910f5720edbc3788d6a4b2455f1255d7b52b95de2d66d |
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\compatibility.ini
| MD5 | e50a617598b0f635e6f9ae4a9d445b78 |
| SHA1 | a372ec393dd6271bd00cf02f894152887765da8b |
| SHA256 | c9053fe76caf2607aa3043fa8b60070956198590dd8aab868145e0644cee30f5 |
| SHA512 | e851c226c38d4a6dfe43074d455fd75483d6c9b4d9521280a64f5b1913a055084d7764f13a8d0a12142a716a4031cc2ca4916c131d41c18a4d7a95128cb03bc0 |
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\addonStartup.json.lz4
| MD5 | 85de06e3d4c6f39404776f3c7162c59b |
| SHA1 | 3e4b8ecebaa9c903d220ee23d367be8e8ba27619 |
| SHA256 | 33d83687f45f4dbe12db0a0ce697cbce2c228d71ed474ad10a839ff7ce95012a |
| SHA512 | 6cd4cac7bd74ac01de30d242b2bc75e7dc2e23c0871250ae8176cc947553dbfc702a2392380acdad6bec355aea6dfa95708af54c560330c36c05bb0f34169963 |
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\webappsstore.sqlite
| MD5 | 41c22c9f81a84b1b0e5ee7ec2ff7c545 |
| SHA1 | d12424cba9e4e9124bf3f15e556c562b95c9b6a3 |
| SHA256 | 4ffdc78433817da79ad2e84b26a2ffaf62d8c1baf80421751d752c3d8723328f |
| SHA512 | 8b690c55ae0b25aeede62a09dea1ef6b7daa9880ca63c6d4ce192160daded05fe0dc44b115216ce10523e2ec45991873c249f159fe8608712818f5ead327897b |
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\times.json
| MD5 | 797325af481a14ae243f10d5f24b4a0d |
| SHA1 | 718b6ed3d9d839b8fe0a0e097b9ac5f5770ed5a1 |
| SHA256 | 1d70eaebce1c81e3241ae47deb92aab50f90dd8baa4c7cb5e9f7eb6b1e66abb1 |
| SHA512 | ac9aa2b028bdffe24831ba50894fb48eb70b100f6973875987e24f075a3e9196f96699667eb3a5d2e4f86041d510447c75fe6e55562813451712878a3411c3b1 |
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage.sqlite
| MD5 | 7f2754df6a4a580b15910f449892766d |
| SHA1 | 9dcaad98563ed89781f53941cbc43db5454de7f5 |
| SHA256 | d3765d63c380e5a79296d566b7869c08b1f4e079787176f29cf2ddcd76330654 |
| SHA512 | 25f0205a8c4aed02e9e1f9ecafffb36cb3bb795ef9f06cc12ede9e8b0459ae5b86573b3b4980b92073a59204eaf314cba34c03b99e90ab98f804fe378fe02839 |
C:\Users\Admin\AppData\Local\Temp\_MEI39762\select.pyd
| MD5 | e21cff76db11c1066fd96af86332b640 |
| SHA1 | e78ef7075c479b1d218132d89bf4bec13d54c06a |
| SHA256 | fcc2e09a2355a5546922874fb4cac92ee00a33c0ed6adbc440d128d1e9f4ec28 |
| SHA512 | e86dba2326ca5ea3f5ef3af2abd3c23d5b29b6211acc865b6be5a51d5c8850b7cda8c069e6f631ac62f2047224c4b675bbe6ac97c7ba781de5b8016ebaffd46f |
C:\Users\Admin\AppData\Roaming\tor\cached-microdesc-consensus
| MD5 | 4c17d8aab9d46a4167d874cad4e3a7e3 |
| SHA1 | 243133d6f00280d4a85c5700c178e5801020a193 |
| SHA256 | 6cf46d9fa63bb1c4d252204aae09e4f5f5ea0ffe634a1cf7b30272d8a1f334f9 |
| SHA512 | 2880b24cd4cf54e494bf939e59f2b4180e68f7372a6a55e3c378652df4c1f5d45a443b07c6ea47a7363c939e94c0d57a2eb16462acbd92d232e4a7a218ac4f6a |
C:\Users\Admin\AppData\Local\Temp\_MEI39762\_socket.pyd
| MD5 | 4827652de133c83fa1cae839b361856c |
| SHA1 | 182f9a04bdc42766cfd5fb352f2cb22e5c26665e |
| SHA256 | 87832a3b89e2ada8f704a8f066013660d591d9ce01ce901cc57a3b973f0858ba |
| SHA512 | 8d66d68613fdba0820257550de3c39b308b1dce659dca953d10a95ff2cf89c31afe512d30ed44422b31117058dc9fa15279e5ac84694da89b47f99b0ad7e338a |
C:\Users\Admin\AppData\Local\Temp\_MEI39762\libcrypto-1_1.dll
| MD5 | 22f805d81bb63c361749aa058a2c2f3c |
| SHA1 | 721c3f519b4c8235d13805cf78433955b5762a94 |
| SHA256 | 43740842e5fb5053106300fd1abc1eec7f8dc967331169ca7f866ebfda0f7cb3 |
| SHA512 | 731727624516f2cd9d61ed7df0af1cd99b93a5047ad83e39a8aee7e9804f88482f1d486d0adb5b75c2cf05612dd566ddb7b8a4a4b49bd395cb298c7ed17de61e |
C:\Users\Admin\AppData\Local\Temp\_MEI39762\_hashlib.pyd
| MD5 | 5e5af52f42eaf007e3ac73fd2211f048 |
| SHA1 | 1a981e66ab5b03f4a74a6bac6227cd45df78010b |
| SHA256 | a30cf1a40e0b09610e34be187f1396ac5a44dcfb27bc7ff9b450d1318b694c1b |
| SHA512 | bc37625005c3dad1129b158a2f1e91628d5c973961e0efd61513bb6c7b97d77922809afca8039d08c11903734450bc098c6e7b63655ff1e9881323e5cfd739fd |
C:\Users\Admin\AppData\Local\Temp\_MEI39762\top-1m.csv
| MD5 | e332a31381c6ca9db2b50f1ce430d38d |
| SHA1 | f89de1dc4757367477344ec569983fa8004de7fc |
| SHA256 | 499a94f6ff83bcd4389e3e590c146a19a51a10dd4c12f077e7510aa209a5bc0e |
| SHA512 | d7f14f04fc25fe85a3981eefca46a6bfeed806447a9c443347572b9a7dd5e8ab038c77e07f4413190b5e4ad0286d7d83860bc51ed516a29f962df80973005ca9 |
C:\Users\Admin\AppData\Local\Temp\_MEI39762\pyexpat.pyd
| MD5 | 2ae23047648257afa90d0ca96811979f |
| SHA1 | 0833cf7ccae477faa4656c74d593d0f59844cadd |
| SHA256 | 5caf51f12406bdb980db1361fab79c51be8cac0a2a0071a083adf4d84f423e95 |
| SHA512 | 13052eb183bb7eb8bb2740ff39f63805b69e920f2e21b482657a9995aa002579a88296b81ec415942511d2ed146689d1868b446f7e698e72da22f5c182706030 |
C:\Users\Admin\AppData\Local\Temp\_MEI39762\nss3.dll
| MD5 | aaaa596833fa9b0658528255a7d456b0 |
| SHA1 | 083738ca5b627fbc777c8015b4b5c5b297139926 |
| SHA256 | db0c12517358daeaf02663ec235b02e265736f4f1c875469e065d869c05bebfc |
| SHA512 | e1b9fbfc9d9a3bebac38777dd29c28d3725ae918bff02ca44d62c8a190fc235c59e66115bf6fc41ce888cf4145e0445c398b0fc159bdd2b78484357ca8cfa2ed |
C:\Users\Admin\AppData\Local\Temp\_MEI39762\mozglue.dll
| MD5 | 3e4d1ec1d2a6e85593459601b5a0a828 |
| SHA1 | 92ee422285282dcb170cbc7808299d14d8d27963 |
| SHA256 | eefcf97ee8a298c85c9d4d44bb8747c0cca1ef5922e25000814148fd0fbfb2f5 |
| SHA512 | 4fe70fdbf8c902497537fbcda6e96373c636521aba2db52e3047abad37a9b857ab1668f203bcdf2815bbe0c485ec751dd6031043f459fd4af968c5d495e44ba4 |
C:\Users\Admin\AppData\Local\Temp\_MEI39762\mozavutil.dll
| MD5 | 4ecbb73d44518fc2b601a1ac9a38dcad |
| SHA1 | f7c96e85d5b32af8efb784e75164ec4f0c6f4f10 |
| SHA256 | 7f629ecfd36353139e9b067dc5ba84b411ed74132aef01b4430ccb016af46a52 |
| SHA512 | 12946996b2bdd87dd08cf046b37ff21dc23ab336c92d2b42cfa2000743c79524205004623b67505294080f60f9b5433005457f8a385e0461cef2cded6aa3d610 |
C:\Users\Admin\AppData\Local\Temp\_MEI39762\libcrypto-1_1.dll
| MD5 | 78f7f01391d3b2e4449b299512a2506d |
| SHA1 | a282b3b8b05d886a3a936550c4ef81c519f875ba |
| SHA256 | 657dcbfe240b176f6306055c4631ed9c1567b08fdbef44bf739ac2d3a3afa392 |
| SHA512 | 12ed0f3a92248fa3621eaa7d9c103c11fe1efb13465a6fbb5579e6774ecdd8dff9852e16c5463fb7e5d2d439307291481620a104e772738e23a44281b49e1ddb |
C:\Users\Admin\AppData\Local\Temp\_MEI39762\lgpllibs.dll
| MD5 | 726abf1280adf3129481b94b2bc644c4 |
| SHA1 | 404f69e71296f2d199535e8a6d9fb56707fcbc5f |
| SHA256 | 8969747ecb7dfd4a6dcb9150017e14ebbf90ce558f6fb469f6b558d039e9259a |
| SHA512 | 160b57aa1a28ff35210cf958fd7821aa2cc1cf6fca1ea38d768fa90111826b096518363b00b6818d21743aefd6bbbfa358fbe2fe3afa95edacb330a747c6e5f3 |
C:\Users\Admin\AppData\Local\Temp\_MEI39762\geckodriver.exe
| MD5 | cc3d9fd2d0d1fe7415f80f1b8338bb83 |
| SHA1 | 4a2ce0dcfe92fa580b235d025fbb87902548f78e |
| SHA256 | 65f327d15e6634a75457968c1351533a5fc92a906487611a3a78d380c54b99b3 |
| SHA512 | da17ce903cd4c09ebe53345940ca41d34089958b225537e727301273ab5845419d36a86d0574567b73b5dc7031c1bcfbd86106651db8f10ac413065dd27607d2 |
C:\Users\Admin\AppData\Local\Temp\_MEI39762\_lzma.pyd
| MD5 | cf9fd17b1706f3044a8f74f6d398d5f1 |
| SHA1 | c5cd0debbde042445b9722a676ff36a0ac3959ad |
| SHA256 | 9209ccc60115727b192bf7771551040ca6fdd50f9bf8c3d2eacbfd424e8245e4 |
| SHA512 | 5fe922c00c6f7fd3cd9bc56fc51de1f44adffbdb0afc0583f1bb08008be628b9ac16f8560b0c3ba16138e1cdcaf1c525ef24241bed804804cdeb5961aed6385a |
C:\Users\Admin\AppData\Local\Temp\_MEI39762\_bz2.pyd
| MD5 | a49c5f406456b79254eb65d015b81088 |
| SHA1 | cfc2a2a89c63df52947af3610e4d9b8999399c91 |
| SHA256 | ce4ef8ed1e72c1d3a6082d500a17a009eb6e8ed15022bf3b68a22291858feced |
| SHA512 | bbafeff8c101c7425dc9b8789117fe4c5e516d217181d3574d9d81b8fec4b0bd34f1e1fe6e406ae95584dc671f788cd7b05c8d700baf59fbf21de9c902edf7ae |
C:\Users\Admin\AppData\Local\Temp\_MEI39762\Tor Browser\Browser\firefox.exe
| MD5 | 65aa9b0f57d72e4d70e9226322221adc |
| SHA1 | 85fec174d0977afd8c0100c9d9b53c958e1949bf |
| SHA256 | 51b63860fd996d6d5b1753ba6bb7f3a4303f13187fbfecc96ba2b6bae52a7410 |
| SHA512 | f84416a5e9293b8b82993e9424b13d5bb8542d1a379d04f498b60f0b5805626b7c97bcc6f86f6cfd33031b0d65d0ad23ce6d836995b5a481ed29f62ef89b2c85 |
C:\Users\Admin\AppData\Local\Temp\_MEI39762\libffi-7.dll
| MD5 | eef7981412be8ea459064d3090f4b3aa |
| SHA1 | c60da4830ce27afc234b3c3014c583f7f0a5a925 |
| SHA256 | f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081 |
| SHA512 | dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016 |
C:\Users\Admin\AppData\Local\Temp\_MEI39762\base_library.zip
| MD5 | 196fc7563beec5caf7c72cfefe27a4c0 |
| SHA1 | c3d9ecb19ed275d5e72dd2a2b8e63ae4b1339614 |
| SHA256 | ca9d50db79635bc360319cbb7ef3054ebb5824298e72663f38a1389575e839a4 |
| SHA512 | f0d6d9eae8fa63bc1922a8092236ab832c5d640d2775f985b13cd661796ee68b0c690146e84e2d54f55b374b38345d7f4c295d403ea6ade60b268d9a56cd139e |
C:\Users\Admin\AppData\Local\Temp\_MEI39762\VCRUNTIME140.dll
| MD5 | 4a365ffdbde27954e768358f4a4ce82e |
| SHA1 | a1b31102eee1d2a4ed1290da2038b7b9f6a104a3 |
| SHA256 | 6a0850419432735a98e56857d5cfce97e9d58a947a9863ca6afadd1c7bcab27c |
| SHA512 | 54e4b6287c4d5a165509047262873085f50953af63ca0dcb7649c22aba5b439ab117a7e0d6e7f0a3e51a23e28a255ffd1ca1ddce4b2ea7f87bca1c9b0dbe2722 |
C:\Users\Admin\AppData\Local\Temp\_MEI39762\python38.dll
| MD5 | c40c36a527b224a242b22a301df7bf0c |
| SHA1 | 41099f8b597e5ba6f4e7b8cdac655fa432a5ee28 |
| SHA256 | 68cc16d68ad3cc8632942005625dbf23aa90b9a00c18ebe83981f66c8a34830e |
| SHA512 | 97008b6af13408d061341a881a1285b2c810dedc30948d0785e19d25526320ef9304170572c637d66d9c7470a9dd007f1a8417305d9e63fe0ca8c3ca5b537e50 |
C:\Users\Admin\AppData\Local\Temp\_MEI39762\python38.dll
| MD5 | a2d1ef944a3b2ece9251bdd4528d71be |
| SHA1 | 5d422a39b769cddf186e36eba348a5382bb81ab2 |
| SHA256 | 59e24582777846f7b5eb952b08a2346801ae20674f0d18a65c0d415095b8e543 |
| SHA512 | abcfad3bb39d143bd56d350d83a4c9ded669504ab89e5d860862e04801e419cc96d8169d1df320a69a97f13ea6f919a34c68098c3d563cb9eccc6f7c9a978828 |
memory/4240-491-0x00007FFB13BB0000-0x00007FFB13BB1000-memory.dmp
memory/4240-490-0x00007FFB141D0000-0x00007FFB141D1000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileB8xwIH\extensions.json
| MD5 | de511d8ed1db1fde37ff4db427d7b3d9 |
| SHA1 | 96843cb1d44c6fc52efb8b40036e57d39a06841f |
| SHA256 | ee9bdb92581143ebe0a7268f54535fe59c51c3eeb804380cbc39815176b0bc75 |
| SHA512 | b2e8d69a23c925bdcce61ffe351011423a3f256210fc7093da30cfbb0317fec573e6dc1d73d64deebfef3260563309bced685267e6bced4ba5acc7f0bb4b2400 |
memory/2884-550-0x0000020569890000-0x00000205698A0000-memory.dmp
C:\Users\Admin\AppData\Roaming\tor\cached-microdescs.new
| MD5 | efc449b2e5179a180a0bac62868cb05d |
| SHA1 | fec8a649440fd5a4ba487a7bb82fef93111c5acb |
| SHA256 | 9fc0d6a0e1956c57fc869b12d7cc64bc32e7010ff135a1cdf2f322579ff9b4b4 |
| SHA512 | 7f4545767eca2be5c513f709833290e1bf21dca7e4aa4b3317fb967cd6153e88afd520c568f5376cab16868fe333a90298be2b9c7d161edb1a7c02aa6e1c959d |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileB8xwIH\prefs-1.js
| MD5 | af681293c1fa8fbbc4b5de8e18ed7143 |
| SHA1 | 04ffe67fdfcc43dbfd10d0ee5a7f857d42e7c71e |
| SHA256 | d92e4746c727cb100775994b9c29f31015ccf17c4698eb9a637908ed74456d7f |
| SHA512 | ad3616b11bc050420d0d8500c46137e0b7a7f246122ece363d95a9fd1ba188b11f272784397d432b6f03e9dc81da9e24b49d2c4821e9784d8a72747bccd85326 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileB8xwIH\prefs-1.js
| MD5 | 91bafa52c59a115b305642973366757e |
| SHA1 | 360bb67e8f98b2464be2d53319a375ddd2477890 |
| SHA256 | c706d2279911b7d270ccd1985bd6bd407ab6acbc803e4d46ce5592b011c47c5c |
| SHA512 | f5423ee90990928b3e94a6753da9b10e16f07797f68ce81a173b2a774561196ce605f906084fdf01d2c085a67474dae2f2a3a0b0ce6b3c8668aca38a485cc26e |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileVoCbcX\sessionCheckpoints.json
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileVoCbcX\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
memory/4728-861-0x0000021D6FDC0000-0x0000021D6FDD0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileVoCbcX\extension-preferences.json
| MD5 | b4298c9a240d6b7b63346daf94013802 |
| SHA1 | 9ce98168437854b51b198c16186c05129f0c273b |
| SHA256 | e120cdbe8994b9c61e74492f0fad161abb5b4e18f64d4b786a8c245ae5a384d5 |
| SHA512 | 545becc42b35be10b4c24fdc38ef6b664d167e4288111f31478f476c2c06794efb802ac0fa2b782cddea1283d295a56053e96520b033258bd596ff6fbb4f1b4c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileVoCbcX\startupCache\webext.sc.lz4
| MD5 | a7b81afd848d8f7b2d0e9e4a30b50f5e |
| SHA1 | 72762d5d1798538b6a74183f812942ebe5a38206 |
| SHA256 | c3a6f2b0942b88eea06f49bf363e1fd3684c710b6b4928fdbcae613f10d2ac87 |
| SHA512 | cd03022f90a91621c023896f7cc47edb22e5546e7e1237c52416821a9e83166bd299c496208d59091ba4b0b7440b8157509310ba746b60976c8b42eafc87ce69 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileVoCbcX\sessionCheckpoints.json
| MD5 | 99601438ae1349b653fcd00278943f90 |
| SHA1 | 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9 |
| SHA256 | 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a |
| SHA512 | ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileVoCbcX\prefs-1.js
| MD5 | f61b4b64d887f971c568d8efc5026e3e |
| SHA1 | 01ec7c56d32e1ce446b9cfa90266e3ba104d3d1b |
| SHA256 | 10729ba51bbcdd76231a75e669270779042b3841807d2a4b6309bb0a69a0a1d5 |
| SHA512 | a11c5f197c445c29c98b98cf32d6ffa1e5cdfcf5d6665e7df9390bf89501c940e99f3dfd6372cc115224480ae43eade00d6376f94f96df075b4db1c5296d112a |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileVoCbcX\sessionCheckpoints.json
| MD5 | 65690c43c42921410ec8043e34f09079 |
| SHA1 | 362add4dbd0c978ae222a354a4e8d35563da14b4 |
| SHA256 | 7343d5a46e2fca762305a4f85c45484a49c1607ede8e8c4bd12bedd2327edb8d |
| SHA512 | c0208d51cf1586e75f22764b82c48ecbb42c1ff54aa412a85af13d686e0119b4e49e98450d25c70e3792d3b9c2cda0c5ab0c6931ebaf548693bb970a35ae62b9 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileVoCbcX\xulstore.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileVoCbcX\sessionCheckpoints.json
| MD5 | 2d87ba02e79c11351c1d478b06ca9b29 |
| SHA1 | 4b0fb1927ca869256e9e2e2d480c3feb8e67e6f1 |
| SHA256 | 16b7be97c92e0b75b9f8a3c22e90177941c7e6e3fbb97c8d46432554429f3524 |
| SHA512 | be7e128c140a88348c3676afc49a143227c013056007406c66a3cae16aae170543ca8a0749136702411f502f2c933891d7dcdde0db81c5733415c818f1668185 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileWRo0dS\user.js
| MD5 | 736db8c9b955f72129a6644a9c797093 |
| SHA1 | 59f1c80c407e27ffe85407a82f7b7250c5ee3753 |
| SHA256 | 668694ca0485bfb77e7049bad327ba3f83534f31c1d50744f227c996eab4097f |
| SHA512 | 9916d339304272357ff56976bfcb9fd2d607ccbaa33dc40b88618c9ae31833923d3f2e8288cfc1f0090da90803b5e07404c41182155db2d2345df6f63020f217 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileWRo0dS\datareporting\glean\db\data.safe.tmp
| MD5 | 63b1bb87284efe954e1c3ae390e7ee44 |
| SHA1 | 75b297779e1e2a8009276dd8df4507eb57e4e179 |
| SHA256 | b017ee25a7f5c09eb4bf359ca721d67e6e9d9f95f8ce6f741d47f33bde6ef73a |
| SHA512 | f7768cbd7dd80408bd270e5a0dc47df588850203546bbc405adb0b096d00d45010d0fb64d8a6c050c83d81bd313094036f3d3af2916f1328f3899d76fad04895 |
memory/1004-1148-0x000001EE0F270000-0x000001EE0F280000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileWRo0dS\startupCache\scriptCache-child-new.bin
| MD5 | 2724d7dd31542eea53805994d9290cd8 |
| SHA1 | 7b5d8536b060269d79848eaa6e2362333bc0f8ec |
| SHA256 | 72f0d983fa1c2017f7402b19caf50305d7bd8001ed4e7797bc3dc0528f3081a1 |
| SHA512 | 6ea98f95ca46f2b83081b546bf6238de11a829853105233bb29cf9ceeb69ace8c69ae90e94c9b5143f91f05713cfbf82f63265733f6233ecf5acb867758c1ee0 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileWRo0dS\prefs-1.js
| MD5 | cfdb4258a980898d5f173ff93c75f0c3 |
| SHA1 | d0158ae0104f3fa064e369b8915367a6dae34bbc |
| SHA256 | 446813d31228025122b6ba45f7a8003172cefdffa96f642d8dcb78e4b29257ea |
| SHA512 | 74dd6e738c61b4fbb38ad55a0feb01a4e423d4c870c553ff0b1e5a315c3da4b5fdd753ba7933f641be0e9a6496244e34c66f9b0a93f133582e48b4090fee0a0f |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileWRo0dS\broadcast-listeners.json
| MD5 | 97c3738563a9448365a735f5f29ed3d5 |
| SHA1 | 15a81433236ca6e6ecc4e1c8d0fdb8523b265c57 |
| SHA256 | 63221253f5c30efa214c2cd2adcf51a9c9f9a2c05f119b00a51c9579825c2c24 |
| SHA512 | ed98f42d5d02ab53a9e50f80b312bed4b5d05d053bec582cf9d619ef91251e86cf4f4d1123c645500fc1dc4673b49a8b7badd3f3a39f565ac643ca4fd0157ae6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileWRo0dS\prefs-1.js
| MD5 | 0a1899915286f3886089bb70e5e12ff9 |
| SHA1 | 76b91ce9a411318185630647a54633349c3114b1 |
| SHA256 | 57795de3af0df1acdc9928de3ce53ab69d43866f451170fa97b79125c53fec03 |
| SHA512 | 531169f4398c4df00800f42a361149a733c847e2802440752d360d7a5a2472f08b04386d7c6d35db78f47ea15d294226c9ce33e4f4d0b376455fb5f6236882ca |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileWRo0dS\sessionCheckpoints.json.tmp
| MD5 | 29ce37dc02c78bbe2e5284d350fae004 |
| SHA1 | bab97d5908ea6592aef6b46cee1ded6f34693fa2 |
| SHA256 | 1bfee61e2f346959c53aa41add4b02d2b05c86c9f19ffefe1018f4a964bf4693 |
| SHA512 | 53a9eb746e193c088210d8eaa6218d988f3a67ee4cb21844d682ff0178db040932404f5ce2f3cf8b4576313ba0ec33c04ca288c3412bfa5df7dd8230cc2068bb |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileA8nPoZ\prefs-1.js
| MD5 | 8ce5e2846bd1a88db2843db0b0d8e7e2 |
| SHA1 | c8484044f804292973862d57129e15275adb9a86 |
| SHA256 | f5913b4b49181105fe049caa70826fed31c65f42ba977e4adfa02912c866d7d1 |
| SHA512 | 1899a6a12d33fe2a2b7cafe2a8f6e874059a5952bdbf0ee5e254bf92a0d72f07c8ebe7bb4e0006026c136284f652114b8f334c55023175bcde4f1c411ce61da7 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileA8nPoZ\datareporting\glean\db\data.safe.tmp
| MD5 | 7fba44cb533472c1e260d1f28892d86b |
| SHA1 | 727dce051fc511e000053952d568f77b538107bb |
| SHA256 | 14fb5cda1708000576f35c39c15f80a0c653afaf42ed137a3d31678f94b6e8bf |
| SHA512 | 1330b0f39614a3af2a6f5e1ea558b3f5451a7af20b6f7a704784b139a0ec17a20c8d7b903424cb8020a003319a3d75794e9fe8bc0aeb39e81721b9b2fdb9e031 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileA8nPoZ\prefs.js
| MD5 | 9dc7cf583ba425cb8d4afba662951e19 |
| SHA1 | 5a626892b7105b58adb7bdedb5c0d1ebefd380a7 |
| SHA256 | 5369015d5b7dda52f7a7a0c9a1b99f9597def93d9b366ad95591beeccd22b6c1 |
| SHA512 | f865773e4084b4fb10827f3f8d3d028d5b1557f111d3d348c6c5afe88254c3988770cb3994cd8dfc78f3c5e5099d9acdcba350130bd015041eeb3cee8a88afdc |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileA8nPoZ\prefs-1.js
| MD5 | 7dc75e455c40d9ef0785ddf1d7ffbc69 |
| SHA1 | a2d3d653754e24b3522e64a1af7be0d775a45469 |
| SHA256 | deadd1c8cde92ce3c27806cc0eebe7e4dcee427bd32b5466b53009779650712d |
| SHA512 | 843ba1bb0455ea66d7a21e7bff6804c620b7661b8c42997c04d8c98f212fac5a982fbfe5286da5b43889ed9f9f1cb3a3f6d7106a9f2f8e1e3492bd68ad7ba5a5 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileA8nPoZ\prefs-1.js
| MD5 | cd2e38bab356964c14d4d9ef74c2ec2c |
| SHA1 | 50c0c0d4b94290e5c5073c8225bf61cfec482b65 |
| SHA256 | a17e41d857d10bd36ed7d5490b0e54ce5dc28a754f8a971864e8b423b0300df1 |
| SHA512 | 430e37ae9b36d81fda7b633d917ead424fb6dcfdf003fd24598d91b58c5aff5f331fe0dd0c7f8d0ec3f08883992f273418ded6f7b273e098f0840cd7dd479194 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilewTrhlw\compatibility.ini
| MD5 | d3de9f8da5a3fafb0f445732cdffbe74 |
| SHA1 | dc554c6a1ac196c3ed8239ea9a427cc378ae9be6 |
| SHA256 | fa7d5f73cf475acbbb74c9988a0fb7159a76f8ea4ae1755eb459ee25938d79d7 |
| SHA512 | b5e894f1b9c619464888772d0e827f2e1135e7e108cca82fd96cd3ef12717309869fc234483f56f9c097f1df81a36f85812ea76dfeb81924960383f3ae4ba6d2 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilewTrhlw\WebDriverBiDiServer.json
| MD5 | bc7d70b01fdc0d55c0f2d98fe42308a8 |
| SHA1 | eb7dc28e762606917296f8861bb7ed6e96804dbc |
| SHA256 | 78275725aa70c2b068abd6ee0cc302c5c4bd9fd66cf3bb5d83c4c8596832416e |
| SHA512 | 3e51a65191e476c88714e15c31f53e10015a9bcb5f55cd66b42ab9506f80cecf4c3e77be2ec3ba030d6e81cd4ec41dfee1c368ea356df2c45e5e0c8341b4c1e1 |