Analysis Overview
SHA256
88093c75834d60df3b4b6f4df642bb28dc749f4bd562f587fa8f9e30e97d3c5c
Threat Level: Likely malicious
The file heavy.exe was found to be: Likely malicious.
Malicious Activity Summary
Renames multiple (56) files with added filename extension
Renames multiple (57) files with added filename extension
Checks computer location settings
Loads dropped DLL
Executes dropped EXE
Checks whether UAC is enabled
Unsigned PE
Detects Pyinstaller
Enumerates physical storage devices
Suspicious use of SetWindowsHookEx
Checks processor information in registry
Suspicious use of AdjustPrivilegeToken
Suspicious use of WriteProcessMemory
Modifies registry class
Suspicious use of FindShellTrayWindow
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-05-09 01:57
Signatures
Detects Pyinstaller
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral4
Detonation Overview
Submitted
2024-05-09 01:55
Reported
2024-05-09 02:08
Platform
win10v2004-20240426-en
Max time kernel
257s
Max time network
311s
Command Line
Signatures
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "ver"
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\TorBrowser\Tor\tor.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Users\Admin\AppData\Local\Temp\_MEI32522\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI32522\geckodriver.exe --port 60113 --websocket-port 60114
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 60114 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilenZSbGN
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 60114 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilenZSbGN
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe" -contentproc --channel="3496.0.430066963\1402067035" -parentBuildID 20240416150000 -prefsHandle 1588 -prefMapHandle 1580 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\browser" - {6794e91b-7caa-4313-934d-de8fb6e9aa10} 3496 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe" -contentproc --channel="3496.1.1416523835\304335460" -childID 1 -isForBrowser -prefsHandle 2632 -prefMapHandle 2304 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\browser" - {b4093675-75c0-4fe1-8367-580648af53be} 3496 tab
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe" -contentproc --channel="3496.2.546185668\1859147107" -childID 2 -isForBrowser -prefsHandle 3008 -prefMapHandle 3004 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\browser" - {f51a0c57-a0d1-4508-a16d-4354e7bf8a5e} 3496 tab
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe" -contentproc --channel="3496.3.153048024\469174971" -childID 3 -isForBrowser -prefsHandle 3100 -prefMapHandle 3408 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\browser" - {f1e2cce6-5cef-43e6-9c2a-ab57f90c1cef} 3496 tab
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe" -contentproc --channel="3496.4.205698580\1488099876" -childID 4 -isForBrowser -prefsHandle 3700 -prefMapHandle 3696 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\browser" - {9b8675a2-01aa-42a0-9f42-9cbbc17de836} 3496 tab
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe" -contentproc --channel="3496.5.955550915\1378750318" -childID 5 -isForBrowser -prefsHandle 3904 -prefMapHandle 3908 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\browser" - {de2b130a-8e1e-43df-8d66-69ce80ce903d} 3496 tab
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe" -contentproc --channel="3496.6.2005573985\1134478871" -childID 6 -isForBrowser -prefsHandle 3956 -prefMapHandle 3964 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\browser" - {7c3bc60b-e289-476e-a1d9-2c954835816d} 3496 tab
C:\Users\Admin\AppData\Local\Temp\_MEI32522\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI32522\geckodriver.exe --port 60113 --websocket-port 60114
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 60114 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilepxW8pV
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 60114 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilepxW8pV
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe" -contentproc --channel="4244.0.1463987470\1367089912" -parentBuildID 20240416150000 -prefsHandle 1684 -prefMapHandle 1676 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\browser" - {44627d2b-ecf5-48ad-bc52-a158d6ffe4ce} 4244 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe" -contentproc --channel="4244.1.1391790917\448280601" -childID 1 -isForBrowser -prefsHandle 2660 -prefMapHandle 2656 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1328 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\browser" - {aac29367-1283-4b2c-ab55-d4a9c7baec2f} 4244 tab
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe" -contentproc --channel="4244.2.589849712\1924001405" -childID 2 -isForBrowser -prefsHandle 3176 -prefMapHandle 3172 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1328 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\browser" - {8c85633b-b8f0-438c-8ea1-52cdbae79d6b} 4244 tab
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe" -contentproc --channel="4244.3.1950682241\120912996" -childID 3 -isForBrowser -prefsHandle 3288 -prefMapHandle 3292 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1328 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\browser" - {4548b411-8a44-46b8-842c-ee4c3eaaa8e2} 4244 tab
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe" -contentproc --channel="4244.4.363373416\1992357424" -childID 4 -isForBrowser -prefsHandle 3716 -prefMapHandle 3712 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1328 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\browser" - {c0679026-7cac-4072-90c7-f99b82ce4f97} 4244 tab
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe" -contentproc --channel="4244.5.1342519406\1710427832" -childID 5 -isForBrowser -prefsHandle 3708 -prefMapHandle 3996 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1328 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\browser" - {9f405a01-ae68-4d99-981b-09ee41b5a93e} 4244 tab
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe" -contentproc --channel="4244.6.952710827\1248920802" -childID 6 -isForBrowser -prefsHandle 4124 -prefMapHandle 4128 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1328 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\browser" - {8b9954ce-968c-41d6-a804-c0f9220fa790} 4244 tab
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe" -contentproc --channel="4244.7.1637070303\610523850" -childID 7 -isForBrowser -prefsHandle 4552 -prefMapHandle 4496 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1328 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\browser" - {d7926e7e-dd66-4213-bc89-228074f98a87} 4244 tab
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe" -contentproc --channel="4244.8.890997972\258049137" -childID 8 -isForBrowser -prefsHandle 8740 -prefMapHandle 8772 -prefsLen 25367 -prefMapSize 245849 -jsInitHandle 1328 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\browser" - {0144bffe-8147-43a6-ba83-cb16be3b3e3e} 4244 tab
C:\Users\Admin\AppData\Local\Temp\_MEI32522\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI32522\geckodriver.exe --port 60113 --websocket-port 60114
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 60114 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileHoTvMq
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 60114 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileHoTvMq
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe" -contentproc --channel="5472.0.567982704\534693773" -parentBuildID 20240416150000 -prefsHandle 1684 -prefMapHandle 1676 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\browser" - {26025d99-3e5f-42b1-94a5-5e6351c1d9a6} 5472 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe" -contentproc --channel="5472.1.799139506\1655987595" -childID 1 -isForBrowser -prefsHandle 2676 -prefMapHandle 2672 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1272 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\browser" - {c4bcb8ef-1759-466d-a292-ded766568fe3} 5472 tab
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe" -contentproc --channel="5472.2.1842956884\753935574" -childID 2 -isForBrowser -prefsHandle 3220 -prefMapHandle 3216 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1272 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\browser" - {751a5561-d1d2-44dc-8ba7-b343523512af} 5472 tab
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe" -contentproc --channel="5472.3.409764184\59284544" -childID 3 -isForBrowser -prefsHandle 3460 -prefMapHandle 3464 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1272 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\browser" - {8e8ef39b-1bb4-4a07-b986-82f6f4b556bf} 5472 tab
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe" -contentproc --channel="5472.4.1823522818\2014655058" -childID 4 -isForBrowser -prefsHandle 3296 -prefMapHandle 3284 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1272 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\browser" - {46f86955-6a85-4aa6-973e-15ffeff20054} 5472 tab
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe" -contentproc --channel="5472.5.736449038\2127106196" -childID 5 -isForBrowser -prefsHandle 3888 -prefMapHandle 3892 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1272 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\browser" - {bd4b3243-48b6-4b64-8cc4-707e7d42d930} 5472 tab
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe" -contentproc --channel="5472.6.588950718\1483069802" -childID 6 -isForBrowser -prefsHandle 4052 -prefMapHandle 4056 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1272 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\browser" - {5a3d93a0-20d3-4bca-b563-d0528b086315} 5472 tab
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe" -contentproc --channel="5472.7.1336597392\639270069" -childID 7 -isForBrowser -prefsHandle 2616 -prefMapHandle 4488 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1272 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\browser" - {291a4631-66db-466d-bfc7-ce1276d46b59} 5472 tab
C:\Users\Admin\AppData\Local\Temp\_MEI32522\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI32522\geckodriver.exe --port 60113 --websocket-port 60114
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 60114 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilevHxDTc
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 60114 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilevHxDTc
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2808.0.98620897\1422142626" -parentBuildID 20240416150000 -prefsHandle 1660 -prefMapHandle 1652 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\browser" - {af7180f0-cb99-4722-bf9f-bf0ed39028e4} 2808 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2808.1.998901484\1175772740" -childID 1 -isForBrowser -prefsHandle 2652 -prefMapHandle 2648 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1316 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\browser" - {4bc6cded-7e2c-4f40-a75b-a618a806de9e} 2808 tab
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2808.2.656815004\1192529" -childID 2 -isForBrowser -prefsHandle 3172 -prefMapHandle 3168 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1316 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\browser" - {105e271f-285c-4965-85e8-70963cb5c527} 2808 tab
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2808.3.431201948\1422949311" -childID 3 -isForBrowser -prefsHandle 3192 -prefMapHandle 3196 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1316 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\browser" - {f30e5ff6-cf64-48f1-93ec-96405405f1b6} 2808 tab
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2808.4.793915943\262085853" -childID 4 -isForBrowser -prefsHandle 3712 -prefMapHandle 3716 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1316 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\browser" - {05472bfb-fdf9-49b8-b455-7813ed22c55e} 2808 tab
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2808.5.188916090\808556127" -childID 5 -isForBrowser -prefsHandle 3484 -prefMapHandle 3488 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1316 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\browser" - {43d5f248-ec85-4523-9416-00089596c746} 2808 tab
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2808.6.91482590\1629141064" -childID 6 -isForBrowser -prefsHandle 4132 -prefMapHandle 4136 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1316 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\browser" - {d7125b8b-95c4-429e-8687-f7d7c6427e33} 2808 tab
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2808.7.543128871\250681274" -childID 7 -isForBrowser -prefsHandle 4444 -prefMapHandle 4536 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1316 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\browser" - {6bda9b2f-bee1-4bc7-bca5-009e75a81cd5} 2808 tab
C:\Users\Admin\AppData\Local\Temp\_MEI32522\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI32522\geckodriver.exe --port 60113 --websocket-port 60114
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 60114 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilePAAQuR
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 60114 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilePAAQuR
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe" -contentproc --channel="5548.0.928479471\1317827484" -parentBuildID 20240416150000 -prefsHandle 1684 -prefMapHandle 1676 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\browser" - {cc431393-d96d-4c05-b6e7-22c198b39e09} 5548 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe" -contentproc --channel="5548.1.1149118361\1331369437" -childID 1 -isForBrowser -prefsHandle 2684 -prefMapHandle 2680 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1320 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\browser" - {1f2114a6-2c2b-4adb-856f-dac9db4a35dd} 5548 tab
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe" -contentproc --channel="5548.2.1594832286\1665662480" -childID 2 -isForBrowser -prefsHandle 3164 -prefMapHandle 3160 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1320 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\browser" - {4efa1930-2eba-4c7a-8cef-61aef0986aea} 5548 tab
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe" -contentproc --channel="5548.3.29336120\2104583430" -childID 3 -isForBrowser -prefsHandle 3600 -prefMapHandle 3604 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1320 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\browser" - {f28d5791-38f3-4606-aa8b-86f81c9e4f86} 5548 tab
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe" -contentproc --channel="5548.4.1235099064\1174388269" -childID 4 -isForBrowser -prefsHandle 3824 -prefMapHandle 3820 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1320 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\browser" - {b2dd3bea-4beb-43da-bdec-a15047a0a48e} 5548 tab
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe" -contentproc --channel="5548.5.387459222\2143455867" -childID 5 -isForBrowser -prefsHandle 3972 -prefMapHandle 3976 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1320 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\browser" - {f4660d82-b5c5-41f8-ad58-ce093ec39b9e} 5548 tab
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe" -contentproc --channel="5548.6.1372366037\731962144" -childID 6 -isForBrowser -prefsHandle 4028 -prefMapHandle 4036 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1320 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\browser" - {ceb5018d-995a-4ce5-afbb-29f389bfd38c} 5548 tab
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe" -contentproc --channel="5548.7.1005261012\850378613" -childID 7 -isForBrowser -prefsHandle 3744 -prefMapHandle 4544 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1320 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\browser" - {ce94a4dc-477f-4100-8371-dd661671fd89} 5548 tab
C:\Users\Admin\AppData\Local\Temp\_MEI32522\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI32522\geckodriver.exe --port 60113 --websocket-port 60114
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 60114 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileH0ZVWR
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 60114 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileH0ZVWR
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe" -contentproc --channel="3608.0.202611027\1032966208" -parentBuildID 20240416150000 -prefsHandle 1684 -prefMapHandle 1676 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\browser" - {9b77b273-25b0-4b62-8e9c-fb5be07e964b} 3608 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe" -contentproc --channel="3608.1.1786923522\126858410" -childID 1 -isForBrowser -prefsHandle 2552 -prefMapHandle 2568 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\browser" - {aab9ba84-b314-46f5-94f1-0c729c3e8c13} 3608 tab
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe" -contentproc --channel="3608.2.1088472491\511502280" -childID 2 -isForBrowser -prefsHandle 3200 -prefMapHandle 3196 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\browser" - {ec52ad4d-173e-435d-ab87-2a5b015099cf} 3608 tab
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe" -contentproc --channel="3608.3.1793403989\1062838640" -childID 3 -isForBrowser -prefsHandle 3372 -prefMapHandle 3492 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\browser" - {ae629209-9eac-474d-8284-ead4187d4293} 3608 tab
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe" -contentproc --channel="3608.4.460761309\588681212" -childID 4 -isForBrowser -prefsHandle 3488 -prefMapHandle 3556 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\browser" - {099305e1-bc87-4f58-b816-174b34cc0243} 3608 tab
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe" -contentproc --channel="3608.5.50278596\1196925911" -childID 5 -isForBrowser -prefsHandle 4020 -prefMapHandle 4016 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\browser" - {a5bf703c-cb8e-4afa-bf8b-06b25157c749} 3608 tab
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe" -contentproc --channel="3608.6.1960592029\167826596" -childID 6 -isForBrowser -prefsHandle 4172 -prefMapHandle 4176 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\browser" - {1b6bb81f-72bb-4d01-a952-0eaa0ee3e924} 3608 tab
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 104.219.191.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| BE | 2.17.196.177:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 64.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 177.196.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 205.47.74.20.in-addr.arpa | udp |
| BE | 2.17.196.177:443 | www.bing.com | tcp |
| US | 147.135.65.134:443 | tcp | |
| US | 8.8.8.8:53 | 134.65.135.147.in-addr.arpa | udp |
| DE | 38.242.234.161:443 | tcp | |
| FI | 65.108.129.218:9993 | tcp | |
| US | 8.8.8.8:53 | 161.234.242.38.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 218.129.108.65.in-addr.arpa | udp |
| N/A | 127.0.0.1:60216 | tcp | |
| N/A | 127.0.0.1:60218 | tcp | |
| N/A | 127.0.0.1:60113 | tcp | |
| N/A | 127.0.0.1:60113 | tcp | |
| N/A | 127.0.0.1:60318 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:60321 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | udp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| US | 8.8.8.8:53 | 86.23.85.13.in-addr.arpa | udp |
| N/A | 127.0.0.1:9151 | tcp | |
| US | 8.8.8.8:53 | 18.31.95.13.in-addr.arpa | udp |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| US | 8.8.8.8:53 | 79.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 48.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| N/A | 127.0.0.1:60113 | tcp | |
| US | 8.8.8.8:53 | udp | |
| N/A | 127.0.0.1:60113 | tcp | |
| N/A | 127.0.0.1:60113 | tcp | |
| N/A | 127.0.0.1:61069 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:61077 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:60113 | tcp | |
| N/A | 127.0.0.1:60113 | tcp | |
| N/A | 127.0.0.1:60113 | tcp | |
| N/A | 127.0.0.1:61495 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:61503 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:60113 | tcp | |
| N/A | 127.0.0.1:60113 | tcp | |
| N/A | 127.0.0.1:60113 | tcp | |
| N/A | 127.0.0.1:61876 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:61884 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:60113 | tcp | |
| N/A | 127.0.0.1:60113 | tcp | |
| N/A | 127.0.0.1:60113 | tcp | |
| N/A | 127.0.0.1:62251 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:62259 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\_MEI32522\python38.dll
| MD5 | 26ba25d468a778d37f1a24f4514d9814 |
| SHA1 | b64fe169690557656ede3ae50d3c5a197fea6013 |
| SHA256 | 2f3e368f5bcc1dda5e951682008a509751e6395f7328fd0f02c4e1a11f67c128 |
| SHA512 | 80471bfeeab279ce4adfb9ee1962597fb8e1886b861e31bdff1e3aa0df06d93afeb3a3398e9519bab7152d4bd7d88fa9b328a2d7eb50a91eb60fead268912080 |
C:\Users\Admin\AppData\Local\Temp\_MEI32522\VCRUNTIME140.dll
| MD5 | 4a365ffdbde27954e768358f4a4ce82e |
| SHA1 | a1b31102eee1d2a4ed1290da2038b7b9f6a104a3 |
| SHA256 | 6a0850419432735a98e56857d5cfce97e9d58a947a9863ca6afadd1c7bcab27c |
| SHA512 | 54e4b6287c4d5a165509047262873085f50953af63ca0dcb7649c22aba5b439ab117a7e0d6e7f0a3e51a23e28a255ffd1ca1ddce4b2ea7f87bca1c9b0dbe2722 |
C:\Users\Admin\AppData\Local\Temp\_MEI32522\base_library.zip
| MD5 | 09f7062e078379845347034c2a63943e |
| SHA1 | 9683dd8ef7d72101674850f3db0e05c14039d5fd |
| SHA256 | 7c1c73de4909d11efb20028f4745a9c8494fb4ee8dcf2f049907115def3d2629 |
| SHA512 | a169825e9b0bb995a115134cf1f7b76a96b651acd472dc4ce8473900d8852fc93b9f87a26d2c64f7bb3dd76d5feb01eeb4af4945e0c0b95d5c9c97938fa85b34 |
C:\Users\Admin\AppData\Local\Temp\_MEI32522\_ctypes.pyd
| MD5 | 291a0a9b63bae00a4222a6df71a22023 |
| SHA1 | 7a6a2aad634ec30e8edb2d2d8d0895c708d84551 |
| SHA256 | 820e840759eed12e19f3c485fd819b065b49d9dc704ae3599a63077416d63324 |
| SHA512 | d43ef6fc2595936b17b0a689a00be04968f11d7c28945af4c3a74589bd05f415bf4cb3b4e22ac496490daff533755999a69d5962ccffd12e09c16130ed57fd09 |
C:\Users\Admin\AppData\Local\Temp\_MEI32522\libffi-7.dll
| MD5 | eef7981412be8ea459064d3090f4b3aa |
| SHA1 | c60da4830ce27afc234b3c3014c583f7f0a5a925 |
| SHA256 | f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081 |
| SHA512 | dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016 |
C:\Users\Admin\AppData\Local\Temp\_MEI32522\_bz2.pyd
| MD5 | a49c5f406456b79254eb65d015b81088 |
| SHA1 | cfc2a2a89c63df52947af3610e4d9b8999399c91 |
| SHA256 | ce4ef8ed1e72c1d3a6082d500a17a009eb6e8ed15022bf3b68a22291858feced |
| SHA512 | bbafeff8c101c7425dc9b8789117fe4c5e516d217181d3574d9d81b8fec4b0bd34f1e1fe6e406ae95584dc671f788cd7b05c8d700baf59fbf21de9c902edf7ae |
C:\Users\Admin\AppData\Local\Temp\_MEI32522\_ssl.pyd
| MD5 | d4dfd8c2894670e9f8d6302c09997300 |
| SHA1 | c3a6cc8d8079a06a4cac8950e0baba2b43fb1f8e |
| SHA256 | 0a721fc230eca278a69a2006e13dfa00e698274281378d4df35227e1f68ea3e0 |
| SHA512 | 1422bf45d233e2e3f77dce30ba0123625f2a511f73dfdf42ee093b1755963d9abc371935111c28f0d2c02308c5e82867de2546d871c35e657da32a7182026048 |
C:\Users\Admin\AppData\Local\Temp\_MEI32522\_socket.pyd
| MD5 | 4827652de133c83fa1cae839b361856c |
| SHA1 | 182f9a04bdc42766cfd5fb352f2cb22e5c26665e |
| SHA256 | 87832a3b89e2ada8f704a8f066013660d591d9ce01ce901cc57a3b973f0858ba |
| SHA512 | 8d66d68613fdba0820257550de3c39b308b1dce659dca953d10a95ff2cf89c31afe512d30ed44422b31117058dc9fa15279e5ac84694da89b47f99b0ad7e338a |
C:\Users\Admin\AppData\Local\Temp\_MEI32522\_queue.pyd
| MD5 | dd146e2fa08302496b15118bf47703cf |
| SHA1 | d06813e2fcb30cbb00bb3893f30c2661686cf4b7 |
| SHA256 | 67e4e888559ea2c62ff267b58d7a7e95c2ec361703b5aa232aa8b2a1f96a2051 |
| SHA512 | 5b93a782c9562370fc5b3f289ca422b4d1a1c532e81bd6c95a0063f2e3889ecf828003e42b674439fc7cd0fa72f64ad607bab6910abe9d959a4fb9fb08df263c |
C:\Users\Admin\AppData\Local\Temp\_MEI32522\_hashlib.pyd
| MD5 | 5e5af52f42eaf007e3ac73fd2211f048 |
| SHA1 | 1a981e66ab5b03f4a74a6bac6227cd45df78010b |
| SHA256 | a30cf1a40e0b09610e34be187f1396ac5a44dcfb27bc7ff9b450d1318b694c1b |
| SHA512 | bc37625005c3dad1129b158a2f1e91628d5c973961e0efd61513bb6c7b97d77922809afca8039d08c11903734450bc098c6e7b63655ff1e9881323e5cfd739fd |
C:\Users\Admin\AppData\Local\Temp\_MEI32522\unicodedata.pyd
| MD5 | 601aee84e12b87ca66826dfc7ca57231 |
| SHA1 | 3a7812433ca7d443d4494446a9ced24b6774ceca |
| SHA256 | d8091e62c74e1b2b648086f778c3c41ce01f09661a75ea207d3fea2cf26a8762 |
| SHA512 | 7c2d64623c6cfd66d6729f59909c90aa944e810ff6514c58b2b3142ee90e8660b7ddf7fa187389dd333e47efe8b19e935dd4e9119c15375b69b4880d043877d7 |
C:\Users\Admin\AppData\Local\Temp\_MEI32522\top-1m.csv
| MD5 | ba0857be5e9736dde1f5cc44edd5d21b |
| SHA1 | b130759907909cc97bfe0d9a1fd65b8942c931aa |
| SHA256 | 7800cdef850c31931b2b520a42f858c4feb5ca86d6b3789e6173a02e909595ca |
| SHA512 | 08446902bc588e323b8fc551502ff869be6c2bb64f788d1bebfcc30a04c3e589b0616e84fc55de3d81d7b19b26e690024a442e6a27096808bc613bcecf3f6db4 |
C:\Users\Admin\AppData\Local\Temp\_MEI32522\select.pyd
| MD5 | e21cff76db11c1066fd96af86332b640 |
| SHA1 | e78ef7075c479b1d218132d89bf4bec13d54c06a |
| SHA256 | fcc2e09a2355a5546922874fb4cac92ee00a33c0ed6adbc440d128d1e9f4ec28 |
| SHA512 | e86dba2326ca5ea3f5ef3af2abd3c23d5b29b6211acc865b6be5a51d5c8850b7cda8c069e6f631ac62f2047224c4b675bbe6ac97c7ba781de5b8016ebaffd46f |
C:\Users\Admin\AppData\Local\Temp\_MEI32522\pyexpat.pyd
| MD5 | 2ae23047648257afa90d0ca96811979f |
| SHA1 | 0833cf7ccae477faa4656c74d593d0f59844cadd |
| SHA256 | 5caf51f12406bdb980db1361fab79c51be8cac0a2a0071a083adf4d84f423e95 |
| SHA512 | 13052eb183bb7eb8bb2740ff39f63805b69e920f2e21b482657a9995aa002579a88296b81ec415942511d2ed146689d1868b446f7e698e72da22f5c182706030 |
C:\Users\Admin\AppData\Local\Temp\_MEI32522\nss3.dll
| MD5 | 71747091d34cc634b9ad3c360b45b0a9 |
| SHA1 | 111cf483836f6a392f64bc9398a327be1c43dfc8 |
| SHA256 | 6e69c7c93a9d06c34c5f5429813d3763fe7ae4fb09c1dc5b0f0290b2dd8befcf |
| SHA512 | b911fd3b201a84c7663135c2dbf72e2368d68557181f5e1a32be271b0e73181f34990575fba44002fc92bae7d90caf530b7ec9212d3d022b4526906f0c2eb35a |
C:\Users\Admin\AppData\Local\Temp\_MEI32522\libcrypto-1_1.dll
| MD5 | 89511df61678befa2f62f5025c8c8448 |
| SHA1 | df3961f833b4964f70fcf1c002d9fd7309f53ef8 |
| SHA256 | 296426e7ce11bc3d1cfa9f2aeb42f60c974da4af3b3efbeb0ba40e92e5299fdf |
| SHA512 | 9af069ea13551a4672fdd4635d3242e017837b76ab2815788148dd4c44b4cf3a650d43ac79cd2122e1e51e01fb5164e71ff81a829395bdb8e50bb50a33f0a668 |
C:\Users\Admin\AppData\Local\Temp\_MEI32522\mozglue.dll
| MD5 | 3e4d1ec1d2a6e85593459601b5a0a828 |
| SHA1 | 92ee422285282dcb170cbc7808299d14d8d27963 |
| SHA256 | eefcf97ee8a298c85c9d4d44bb8747c0cca1ef5922e25000814148fd0fbfb2f5 |
| SHA512 | 4fe70fdbf8c902497537fbcda6e96373c636521aba2db52e3047abad37a9b857ab1668f203bcdf2815bbe0c485ec751dd6031043f459fd4af968c5d495e44ba4 |
C:\Users\Admin\AppData\Local\Temp\_MEI32522\libssl-1_1.dll
| MD5 | 50bcfb04328fec1a22c31c0e39286470 |
| SHA1 | 3a1b78faf34125c7b8d684419fa715c367db3daa |
| SHA256 | fddd0da02dcd41786e9aa04ba17ba391ce39dae6b1f54cfa1e2bb55bc753fce9 |
| SHA512 | 370e6dfd318d905b79baf1808efbf6da58590f00006513bdaaed0c313f6fa6c36f634ea3b05f916cee59f4db25a23dd9e6f64caf3c04a200e78c193027f57685 |
C:\Users\Admin\AppData\Local\Temp\_MEI32522\mozavutil.dll
| MD5 | 4ecbb73d44518fc2b601a1ac9a38dcad |
| SHA1 | f7c96e85d5b32af8efb784e75164ec4f0c6f4f10 |
| SHA256 | 7f629ecfd36353139e9b067dc5ba84b411ed74132aef01b4430ccb016af46a52 |
| SHA512 | 12946996b2bdd87dd08cf046b37ff21dc23ab336c92d2b42cfa2000743c79524205004623b67505294080f60f9b5433005457f8a385e0461cef2cded6aa3d610 |
C:\Users\Admin\AppData\Local\Temp\_MEI32522\lgpllibs.dll
| MD5 | 726abf1280adf3129481b94b2bc644c4 |
| SHA1 | 404f69e71296f2d199535e8a6d9fb56707fcbc5f |
| SHA256 | 8969747ecb7dfd4a6dcb9150017e14ebbf90ce558f6fb469f6b558d039e9259a |
| SHA512 | 160b57aa1a28ff35210cf958fd7821aa2cc1cf6fca1ea38d768fa90111826b096518363b00b6818d21743aefd6bbbfa358fbe2fe3afa95edacb330a747c6e5f3 |
C:\Users\Admin\AppData\Local\Temp\_MEI32522\geckodriver.exe
| MD5 | f60c542253cbe94f762e15c7b064b55d |
| SHA1 | 7a32f034217266db6d799893edc976e891a82944 |
| SHA256 | 989c9e22c08924ecb0ce8901889dcb4dc8db33b0b4c8c88ffea38fe89f04c6aa |
| SHA512 | 1a91ba760e9893521e417a4b6ab4a25c1a1d8aadf89ad98a60eb114f65a88f9d2616f3cc102c08b95a0e91d0cb7245ecc2b4fdbbbc17465c57844e6db2b2e8ca |
C:\Users\Admin\AppData\Local\Temp\_MEI32522\_lzma.pyd
| MD5 | cf9fd17b1706f3044a8f74f6d398d5f1 |
| SHA1 | c5cd0debbde042445b9722a676ff36a0ac3959ad |
| SHA256 | 9209ccc60115727b192bf7771551040ca6fdd50f9bf8c3d2eacbfd424e8245e4 |
| SHA512 | 5fe922c00c6f7fd3cd9bc56fc51de1f44adffbdb0afc0583f1bb08008be628b9ac16f8560b0c3ba16138e1cdcaf1c525ef24241bed804804cdeb5961aed6385a |
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\containers.json
| MD5 | 26dd091069531a62061de8ca1c56d46b |
| SHA1 | 6c9daa73f096174f28f86c9bb245cb8a540f5c2d |
| SHA256 | 2cde4e7f9f1c6ab6fcf729370237845c72314a6c6d942fab1989f37e6c610a9a |
| SHA512 | 180d42c642f5d1126efbf89af33f1b4d1aa936aa530834b508eabcf3ec845aad91daa871ee6517e1181910f5720edbc3788d6a4b2455f1255d7b52b95de2d66d |
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\favicons.sqlite
| MD5 | 0351b833a5c095852e821535974441c8 |
| SHA1 | bcbf5c294852c2d80af7862d19791b994aea7706 |
| SHA256 | dd13400afe7ebe5d0be37c951ff961be293b63588cc3635a62fa5f071ab69eef |
| SHA512 | 3eaefe9e400fadf0b947036e15b4dc5c7b42fbbcb716426ba478073eff1e7d7bddf3f72c44dfb5fafe6712d7ea9f2c52c172607d719f238a22e432afdb618b97 |
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\xulstore.json
| MD5 | 8d689c06cb844185099c0398a280537e |
| SHA1 | 57073c7526ec37e94bb9db44fedc6d50276f7a6b |
| SHA256 | 96729e9b38f216605ff10715f96f364be32f02e2de23ede7e74b78244605124d |
| SHA512 | 3c7df326c695143915df1068cb2c0f58e93e4881b2c4d94b33948b80e954fbd4cf944ae53b4d15002b79fcdb8e88f8e9cf4c89ca50f56b7cfd8a13ea7dd6fff8 |
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\webappsstore.sqlite
| MD5 | 41c22c9f81a84b1b0e5ee7ec2ff7c545 |
| SHA1 | d12424cba9e4e9124bf3f15e556c562b95c9b6a3 |
| SHA256 | 4ffdc78433817da79ad2e84b26a2ffaf62d8c1baf80421751d752c3d8723328f |
| SHA512 | 8b690c55ae0b25aeede62a09dea1ef6b7daa9880ca63c6d4ce192160daded05fe0dc44b115216ce10523e2ec45991873c249f159fe8608712818f5ead327897b |
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | 47539d0337e97e22a728afc2638d461f |
| SHA1 | d97b37079543b33b9b605c787945f809aed66fd6 |
| SHA256 | 262e52c5bbaa9bcd2dfcb4cf7da83a1efa95ebd0299f82031ad31a6ab19405a5 |
| SHA512 | 3810ebe80173d41785a42459fc5c4a8a31e56294f2c03fe99416925a34d242b88023565057201c9b6dcbdb97c8396d8305a723c0e31bb5b560b031b299672d4a |
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\times.json
| MD5 | 797325af481a14ae243f10d5f24b4a0d |
| SHA1 | 718b6ed3d9d839b8fe0a0e097b9ac5f5770ed5a1 |
| SHA256 | 1d70eaebce1c81e3241ae47deb92aab50f90dd8baa4c7cb5e9f7eb6b1e66abb1 |
| SHA512 | ac9aa2b028bdffe24831ba50894fb48eb70b100f6973875987e24f075a3e9196f96699667eb3a5d2e4f86041d510447c75fe6e55562813451712878a3411c3b1 |
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage.sqlite
| MD5 | 7f2754df6a4a580b15910f449892766d |
| SHA1 | 9dcaad98563ed89781f53941cbc43db5454de7f5 |
| SHA256 | d3765d63c380e5a79296d566b7869c08b1f4e079787176f29cf2ddcd76330654 |
| SHA512 | 25f0205a8c4aed02e9e1f9ecafffb36cb3bb795ef9f06cc12ede9e8b0459ae5b86573b3b4980b92073a59204eaf314cba34c03b99e90ab98f804fe378fe02839 |
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | ecb1dedf5ef99417494e424ca42eb67f |
| SHA1 | e2a293cbba50c6624e75cdaffe472967f3961023 |
| SHA256 | cccd56daa3559a54db61113fbdb5b6c96649cdd65b5cf14bd442c3f2e3b738be |
| SHA512 | 5ea0645775933d5bd2f913d58e344253a58578c920af95bd0fb81ff4f13a4998a919f0856ffdc97541abf9fc3797558b0f2467bc73214b63c7ce568ba87e550b |
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\.metadata-v2
| MD5 | 7abc816e004d9ed0f292770cfa8876cb |
| SHA1 | 4a1eeb702543f0819ef7c64b9f3bfd53be292106 |
| SHA256 | 2960d61c10694d76f29beca0eb96c06608cf4bbf479811449a39197e8580842e |
| SHA512 | 9883b894e65a426227ea9808b69e2259f206df76bd9bb9e7c0ebd7521acbdad0a92c4a531f739c93b1e53001eca8a1a42e122baa1e1885b11d4ba34aae24961a |
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\ls-archive.sqlite
| MD5 | d277f533f1d77e26d09bb66764bbeea6 |
| SHA1 | 082920ebe7dfb870cf94a99fc601fd5ae8b456ee |
| SHA256 | 3c957f8d69ccfe73b66c28d378bf301bb1bcb0ceb5c59ac0dafeb5787b24f3c3 |
| SHA512 | 510c78685b20a68160d9041d5a55a022a281fc0fd5777f978dc422d132961bf52ac23a0a95ca47b15715641ecb7a39b359da8d00d305c8543d553c00db54747d |
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | cbb1daad9fc48ab13e35fcd3621a5999 |
| SHA1 | 0eec8ece735465aea259f8223762f93fb13a97a0 |
| SHA256 | 8a03ae38ee38cf04dd9a5e2c5563bfd930886cae2170ed4200829288e5c155da |
| SHA512 | 818629d68123ae629bd5a1c7e768ed79707360457be1b7c50f7c59447bf9ee398fe78c925f037649d6b1ca529a9cf3bf8077b6f525f3e88142c56bc7e5451e8b |
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\.metadata-v2
| MD5 | 2c740091198dcf20b9c600791e2bcc3c |
| SHA1 | dd6f376ba9139ddec20ece64da0760054133db96 |
| SHA256 | e39504c71ba91c438c682a8c83c7ecfc5410b853d7788a4c561a8c6e90bdbe59 |
| SHA512 | a677a432a4af6b5ad0131d224d2e4c999c2340a54ba770f9f39429fd28ad05a921fcf65a1b714af5deae2419abcf8ab38472e15f0f8758ccf7b7769a40bafffc |
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\sessionCheckpoints.json
| MD5 | 48fcad918c62db97e9af1dba1d131473 |
| SHA1 | d89381594d3241b0e645033f67572a5d8c166764 |
| SHA256 | dd8349e2789db1125b477971c5d445b6afb2f6ea3b57de65080631040900fe8c |
| SHA512 | 2278d074aab519859188b047c77fe7b4db718e0af237b63e06a1b095d7a1eb4e07d6ea59cab5d7b1325aae0047fadea36eae12a80bfefe112aab85fc18aa1ca3 |
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\search.json.mozlz4
| MD5 | b6d7fc9b6ebc5f46500acc52bf6c9808 |
| SHA1 | 4fd8111c436d89b83890e98b4cb7d0343e568340 |
| SHA256 | 2bd35c40d02dfca6c685a001287d89c1ec743b8d4d87a0a568c1cbd0b5ba4974 |
| SHA512 | 7e7111112af9448be4da527ae1d76ed93ec1e236dd00db63ff30d93d1f29cd699193e1e2635b110dda3ec36502c25065ef7d1613537451916ea301eb0f3e084b |
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs.js
| MD5 | 8565a303ddc83b03f8662b034597de18 |
| SHA1 | ce6453779eb52055599ddba097a95ab82512ae5b |
| SHA256 | b6ffe8a2973d7050fd5ffcf7ee1c995eef8d8dc5d58cb0a05a6ca0953bd4c6bd |
| SHA512 | 2b667252645b7f1202582beb353fbb2320f81b1f2e42a8327792309709434092a953727b222a5d81bac1482a547a498ca5c9d3d2c772858746cf29d18c684566 |
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\places.sqlite
| MD5 | 2eeb46e1c58ff1cce4ac2d4d725b2cc6 |
| SHA1 | 89aa36e77e51da31fbbfd682a2acc91f6016d275 |
| SHA256 | e99e5ee165f2a0d5d39c5cc5a1d994c0534cf7caf8779f314f0e92b2d59d2b6a |
| SHA512 | 23d5e39c25375ef4a83713f44615078878253411cd6ca6c4a149de915cd491b328046ddd189a113585361faad6a47ebd6ead31f062681ab25b0f2832a988265e |
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\handlers.json
| MD5 | e7a65c5ead519a7b802f991353c26d3d |
| SHA1 | 34cc3c1cf9bd4912dba5fa422010934e46419fa3 |
| SHA256 | 0e5ce92485da953757f615bad034a43032b220da18f8165dd85347851b56b2d2 |
| SHA512 | 2a6034449ba6f5da8a77870ae665064047cea2460aeb4c8c0b62b308a403fdd30648150209aecc31ab1e50b6d9d94a1f51d3d7d50bbf35ec1b742bff2dbe788d |
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions.json
| MD5 | e2e8f9cf938f81b1185086b12c5c9d90 |
| SHA1 | b67c857a7002b3262f09ffc9fa8524c58a01e5b9 |
| SHA256 | a053bba02f38179197090a9a9849aab872af5b09dc61b2f69efb0d8ea2d0f5e2 |
| SHA512 | 3bab571f5c43ff72ce1dd654b584d053cba937a3d3cc4d07cbf57ac7acc821b199b90fab66abc62dbe32e75297143c810c995d87df076e75a583e321d081d87f |
C:\Users\Admin\AppData\Local\Temp\tmpsbu1t097\webdriver-py-profilecopy\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
| MD5 | a3fb2788945937b22e92eeeb30fb4f15 |
| SHA1 | 8cade36d4d5067cd9a094ab2e4b3c786e3c160aa |
| SHA256 | 05b98840b05ef2acbac333543e4b7c3d40fee2ce5fb4e29260b05e2ff6fe24cd |
| SHA512 | 4897aefe3a0efffaa3d92842b42fe223f0b9882031a65bea683f4554d1fec92b8a66ea15c67e9b95c7fc12991cde3245010ccfb91768ba233711ced3412c13bc |
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extension-preferences.json
| MD5 | d2e8aceaa00ad916618bea2eee81aedf |
| SHA1 | 28b26f0db0b4b2504a418983089795761c56e4a1 |
| SHA256 | fc52b830f384921b69b457fed04dfb4239fb08e9fe7d8ac07c4c269bd9f6f622 |
| SHA512 | b6cb1f872dfc024d28524976aca3ad8840943ca0fc212326e8b6ee6fe0a57d5120a6c1da824ab70d7f9ee8dd674bdd32ace038db4d893b893830bf3267c6e59d |
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\datareporting\glean\db\data.safe.bin
| MD5 | b1c8aa9861b461806c9e738511edd6ae |
| SHA1 | fe13c1bbc7e323845cbe6a1bb89259cbd05595f8 |
| SHA256 | 7cea48e7add3340b36f47ba4ea2ded8d6cb0423ffc2a64b44d7e86e0507d6b70 |
| SHA512 | 841a0f8c98dd04dc9a4be2f05c34ecd511388c76d08ca0f415bfb6056166d9a521b8bc2c46b74697f3ecdac5141d1fe6af76dd0689350caca14e9f849ee75a8b |
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\cookies.sqlite
| MD5 | 5caa766855d5613a999f71b7812d6451 |
| SHA1 | ad0d9a52a0d5cc7f11858301dbe47377ed99ee37 |
| SHA256 | 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27 |
| SHA512 | 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba |
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\content-prefs.sqlite
| MD5 | 2ec530a71bdac21f299f9ddb823be222 |
| SHA1 | 5425aaf19c0832cda06be506e88f2435f432d287 |
| SHA256 | ccad2cafe84d27b3be67a87f0e32b7670e451c7ceefce6f2aa38f658976334b3 |
| SHA512 | 94eec8b0f59c68331d9187dd4dd4aa2b2c31d844e72bf707cd9e0c7c72c64982a3babcacf3d09a996422281ac5479ee304b41a577e54a74308d7a31a7d7091d4 |
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\addonStartup.json.lz4
| MD5 | 85de06e3d4c6f39404776f3c7162c59b |
| SHA1 | 3e4b8ecebaa9c903d220ee23d367be8e8ba27619 |
| SHA256 | 33d83687f45f4dbe12db0a0ce697cbce2c228d71ed474ad10a839ff7ce95012a |
| SHA512 | 6cd4cac7bd74ac01de30d242b2bc75e7dc2e23c0871250ae8176cc947553dbfc702a2392380acdad6bec355aea6dfa95708af54c560330c36c05bb0f34169963 |
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\compatibility.ini
| MD5 | e50a617598b0f635e6f9ae4a9d445b78 |
| SHA1 | a372ec393dd6271bd00cf02f894152887765da8b |
| SHA256 | c9053fe76caf2607aa3043fa8b60070956198590dd8aab868145e0644cee30f5 |
| SHA512 | e851c226c38d4a6dfe43074d455fd75483d6c9b4d9521280a64f5b1913a055084d7764f13a8d0a12142a716a4031cc2ca4916c131d41c18a4d7a95128cb03bc0 |
C:\Users\Admin\AppData\Roaming\tor\cached-microdesc-consensus.tmp
| MD5 | 80e882ce8268212cf4db9fbe44f95336 |
| SHA1 | 85abc152168a20d8db2c6501aa43a97ea72efc8c |
| SHA256 | 32c7fa19bdf922f35368bbda1fd91b30fae89f7e8615c8224901e4e3454ee937 |
| SHA512 | eb6fc2086c0c5b1e2207c675e49713961246559ade42f65f5e1d51e6139e503eacceaa57542664f7161dc320df0403d90bc85e499aa2d0f09c4a3d4236920cd5 |
C:\Users\Admin\AppData\Local\Temp\_MEI32522\Tor Browser\Browser\firefox.exe
| MD5 | 65aa9b0f57d72e4d70e9226322221adc |
| SHA1 | 85fec174d0977afd8c0100c9d9b53c958e1949bf |
| SHA256 | 51b63860fd996d6d5b1753ba6bb7f3a4303f13187fbfecc96ba2b6bae52a7410 |
| SHA512 | f84416a5e9293b8b82993e9424b13d5bb8542d1a379d04f498b60f0b5805626b7c97bcc6f86f6cfd33031b0d65d0ad23ce6d836995b5a481ed29f62ef89b2c85 |
memory/1016-470-0x00007FFF6EEE0000-0x00007FFF6EEE1000-memory.dmp
memory/1016-469-0x00007FFF6F270000-0x00007FFF6F271000-memory.dmp
memory/4740-612-0x000001C8B0500000-0x000001C8B056B000-memory.dmp
memory/4740-611-0x000001C8B0040000-0x000001C8B00ED000-memory.dmp
C:\Users\Admin\AppData\Roaming\tor\cached-microdescs.new
| MD5 | e03fa312986f8c49d9d3e2d6bf243f6d |
| SHA1 | e9c5d1948dada2fa32d47f3d4e11a87ea48cc23c |
| SHA256 | eab5f0064aa87137f86e8ad8a1932c42d116f082c8cb8a81dd6b2431b0a5d21f |
| SHA512 | 1fe5f9b2f187bffe08859a10870140a4ab7c6d9f58b8a29277439968102d9522a7f9f94942e0e9cb90f951a5a31cf698bf114e2cbd2985f6cdc9054936eaa019 |
memory/5856-943-0x0000017311A40000-0x0000017311AED000-memory.dmp
memory/1016-942-0x0000016909DA0000-0x0000016909E0B000-memory.dmp
memory/5856-944-0x0000017311D20000-0x0000017311D8B000-memory.dmp
memory/1016-941-0x0000016909C80000-0x0000016909D2D000-memory.dmp
memory/5388-950-0x00000159815B0000-0x000001598161B000-memory.dmp
memory/5388-949-0x0000015981500000-0x00000159815AD000-memory.dmp
memory/5324-948-0x0000029F5B870000-0x0000029F5B8DB000-memory.dmp
memory/5324-947-0x0000029F5B7A0000-0x0000029F5B84D000-memory.dmp
memory/5228-946-0x000001F840700000-0x000001F84076B000-memory.dmp
memory/5228-945-0x000001F8401B0000-0x000001F84025D000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilepxW8pV\extensions.json
| MD5 | c841bfe3586bb63dac36b1cb2c3940da |
| SHA1 | 96e128d9d2c9ba1aab0bcfa8bad2dccd4f98a0dd |
| SHA256 | d927923908a3ca63aec7cb1787b132325fc1463d1ce35a3fafc3c6e6866b82dd |
| SHA512 | 4569cb7efeef185d170c59c5f35127071e411c2d2466ccfa0087362db8ce124ebdfce333404d47bf1e463f3fa22f979d513663ce0d6208f3e00776d65715a9e3 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilepxW8pV\prefs-1.js
| MD5 | 390415b595ed5613ea0512fe959d0e14 |
| SHA1 | a3c134cde4b2f017b9b4097df9a4dcb741314240 |
| SHA256 | 2fb4defe73094b8da4b7e77832b1dd238793d8cdc6b6f9e6d5b115a777723a4e |
| SHA512 | c5e61a75a14023d959abedacb565dfe5b11bc32e3ba7ec37dab1496f6f8dd801bd29e017bf2f94cae0736bd8349bfdff0c7a3a4f7fb8ac13fde2f768f349e5d0 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilepxW8pV\prefs-1.js
| MD5 | 3681a16149c4d3bc7864428dd2ee3164 |
| SHA1 | ad7820de3c5c1b39ab22a5448f848d474d4eb519 |
| SHA256 | 18a5bf019bd1c17860978a9e84ef49c3220daed3743a90ed26cf915d9f9a9602 |
| SHA512 | 28c4700748adbad83771059f4a03934078d66941c00bd4d7da654e3154bccb0d5a39417ea237079fe1a20b5d3f7173cb3d859180a6d84158dac0c584fe74cc59 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileHoTvMq\user.js
| MD5 | edb4ad9c40e9359cf24e290a57e1c3c0 |
| SHA1 | a49f82c500469b21750726ca1810423ffb2752fe |
| SHA256 | 9dc19ffd1eb68e5ecf732add43c18dfed0d37433ca54d2dcdfb477dea3e8ca7a |
| SHA512 | 4b08e5f465b0bd466819e4c93a64a0de5649aaa3179984410e3fdaf3cd25d04c52c9915301ac58d761e2f89a0a51501de67457feb65545d2f0eb4200ece62b54 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileHoTvMq\sessionCheckpoints.json
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileHoTvMq\prefs-1.js
| MD5 | 9f5be4097a5620dfe365fa31024dccac |
| SHA1 | bad305d062469bd71a494368d8015e8c31743c15 |
| SHA256 | 4cc2400e919d73009e3c014f3ad2b3449d786a6cd8c0024d27194cf02a67e777 |
| SHA512 | 33dc18c39a2814ac81ea61d9298bd85b58cd7922142be2cd8439830e1d6461a6685c049208c6bd436207f4586a421d40b273349ed012997cf216d0f81abf55df |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileHoTvMq\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileHoTvMq\extension-preferences.json
| MD5 | b4298c9a240d6b7b63346daf94013802 |
| SHA1 | 9ce98168437854b51b198c16186c05129f0c273b |
| SHA256 | e120cdbe8994b9c61e74492f0fad161abb5b4e18f64d4b786a8c245ae5a384d5 |
| SHA512 | 545becc42b35be10b4c24fdc38ef6b664d167e4288111f31478f476c2c06794efb802ac0fa2b782cddea1283d295a56053e96520b033258bd596ff6fbb4f1b4c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileHoTvMq\startupCache\webext.sc.lz4
| MD5 | 3439306c2a75b5fb0af1e885a0d5c423 |
| SHA1 | 1b73c54fe4c8f0e61d84199ee9650f79177acdc5 |
| SHA256 | 215c3243f7b9cee3e21b47ac3f80120b2825dda40a6206ccca8ae3360d4e2d89 |
| SHA512 | dca37979ec4c7b12966d8c5e6c3c88aec920e96efc88cc537c61184d7fa2a487ddcdb2c1f7d31e291b6f8484e0fc3f6c113e39dfcea3965c3f0fa4b8d4d8e1ed |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileHoTvMq\prefs-1.js
| MD5 | 7d9803ff54dea8fa0c1592953e5850a5 |
| SHA1 | d8bf5bb80991790d0e1bfe83b25863b104b6908d |
| SHA256 | 5b172121d6f33de508b54b6a2b08b7eb861136a748c6a9daac8b61e2418c63a7 |
| SHA512 | c0fd61d76fe3c256115caf89815f36b7785842bf4ca8c3ee2e3d248ac4e0bec37cd550531ae45a9caace4f34dc955519ea8bfb5fd8cbf6d40d38dd67129d11d7 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileHoTvMq\broadcast-listeners.json
| MD5 | 97c3738563a9448365a735f5f29ed3d5 |
| SHA1 | 15a81433236ca6e6ecc4e1c8d0fdb8523b265c57 |
| SHA256 | 63221253f5c30efa214c2cd2adcf51a9c9f9a2c05f119b00a51c9579825c2c24 |
| SHA512 | ed98f42d5d02ab53a9e50f80b312bed4b5d05d053bec582cf9d619ef91251e86cf4f4d1123c645500fc1dc4673b49a8b7badd3f3a39f565ac643ca4fd0157ae6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileHoTvMq\prefs-1.js
| MD5 | b46819576280f3c9996702f9d24eef3a |
| SHA1 | a8954d24de745fe226e020d11d3c7c9353a57b6e |
| SHA256 | d2fcf433341dab4a10eff3f9a59410657fb77274b1562111a9464c82d6c5e40e |
| SHA512 | dfdec9116a4c845ce222c97aa52767291f0c50512fbc87dc9eb818f3e390e352e27533749dea9c12e276f8059fa4394badf0c29de290f4ee6d99b491cceef67a |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileHoTvMq\sessionCheckpoints.json
| MD5 | 99601438ae1349b653fcd00278943f90 |
| SHA1 | 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9 |
| SHA256 | 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a |
| SHA512 | ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileHoTvMq\sessionCheckpoints.json
| MD5 | 65690c43c42921410ec8043e34f09079 |
| SHA1 | 362add4dbd0c978ae222a354a4e8d35563da14b4 |
| SHA256 | 7343d5a46e2fca762305a4f85c45484a49c1607ede8e8c4bd12bedd2327edb8d |
| SHA512 | c0208d51cf1586e75f22764b82c48ecbb42c1ff54aa412a85af13d686e0119b4e49e98450d25c70e3792d3b9c2cda0c5ab0c6931ebaf548693bb970a35ae62b9 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileHoTvMq\sessionCheckpoints.json.tmp
| MD5 | 29ce37dc02c78bbe2e5284d350fae004 |
| SHA1 | bab97d5908ea6592aef6b46cee1ded6f34693fa2 |
| SHA256 | 1bfee61e2f346959c53aa41add4b02d2b05c86c9f19ffefe1018f4a964bf4693 |
| SHA512 | 53a9eb746e193c088210d8eaa6218d988f3a67ee4cb21844d682ff0178db040932404f5ce2f3cf8b4576313ba0ec33c04ca288c3412bfa5df7dd8230cc2068bb |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileHoTvMq\sessionCheckpoints.json
| MD5 | 2d87ba02e79c11351c1d478b06ca9b29 |
| SHA1 | 4b0fb1927ca869256e9e2e2d480c3feb8e67e6f1 |
| SHA256 | 16b7be97c92e0b75b9f8a3c22e90177941c7e6e3fbb97c8d46432554429f3524 |
| SHA512 | be7e128c140a88348c3676afc49a143227c013056007406c66a3cae16aae170543ca8a0749136702411f502f2c933891d7dcdde0db81c5733415c818f1668185 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileHoTvMq\xulstore.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilevHxDTc\prefs.js
| MD5 | 1b3e7b1d47d6509641b5194a5db2c40a |
| SHA1 | 7c8aa14fa20d1da774c07566ad1067bb5d9bc453 |
| SHA256 | 1ea3299ab1b74caddf1df6a902b321d8c3487fc3acbfae67a74d244451cde950 |
| SHA512 | d946a813ea797856ea807e7fb361d2f08219b67c1686948f8c654d9eb792ba35ec26f41608b1f79d51b48477ca2d3e1708f955ae299f552f70cd4022e5cc3492 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilevHxDTc\startupCache\scriptCache-child-new.bin
| MD5 | 2724d7dd31542eea53805994d9290cd8 |
| SHA1 | 7b5d8536b060269d79848eaa6e2362333bc0f8ec |
| SHA256 | 72f0d983fa1c2017f7402b19caf50305d7bd8001ed4e7797bc3dc0528f3081a1 |
| SHA512 | 6ea98f95ca46f2b83081b546bf6238de11a829853105233bb29cf9ceeb69ace8c69ae90e94c9b5143f91f05713cfbf82f63265733f6233ecf5acb867758c1ee0 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilevHxDTc\prefs.js
| MD5 | 22f47e0c042597175164e207c8d173fc |
| SHA1 | e547131c4cf7d1cab0024d0e039d736fb09f4cdd |
| SHA256 | c967db1e6cebfb42fc773a200f44e1a74a1e0b2f8a3d8820089d9bbac0dd8f3c |
| SHA512 | d453c8528c9638bab7ed117876cec3654cd0754dd4eac2bc6363303323c79fb9fdf14fa2c920e76cb8179403240c0fd5ab8b5f15a6becfc799aef8d4a7f22ec6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilevHxDTc\prefs-1.js
| MD5 | 613f5708c9340f1835ad83067221487a |
| SHA1 | 31e376a2604e23d29321e8240a31cb2dec5c375b |
| SHA256 | e74a43a76f4d11f9c9ba282f1737d9910054a0eb6d9d510bcc87f6812937e5ed |
| SHA512 | f4941badc2394a4a2843f1ac93665279864454457117bdc2e6f2e87884a410dbd5a558664edcba2fd209edbea59636d5e3f026f12fea5b78d3311c990c350878 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilevHxDTc\datareporting\glean\db\data.safe.tmp
| MD5 | 63b1bb87284efe954e1c3ae390e7ee44 |
| SHA1 | 75b297779e1e2a8009276dd8df4507eb57e4e179 |
| SHA256 | b017ee25a7f5c09eb4bf359ca721d67e6e9d9f95f8ce6f741d47f33bde6ef73a |
| SHA512 | f7768cbd7dd80408bd270e5a0dc47df588850203546bbc405adb0b096d00d45010d0fb64d8a6c050c83d81bd313094036f3d3af2916f1328f3899d76fad04895 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilePAAQuR\datareporting\glean\db\data.safe.tmp
| MD5 | c58234a092f9d899f0a623e28a4ab9db |
| SHA1 | 7398261b70453661c8b84df12e2bde7cbc07474b |
| SHA256 | eaec709a98b57cd9c054a205f9bfa76c7424db2845c077822804f31e16ac134c |
| SHA512 | ae2724fc45a8d9d26e43d86bcc7e20f398d8ab4e251e89550087ace1311c4d2571392f2f0bed78da211fcb28766779c1853b80742faa69f722b2c44c283569fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilePAAQuR\prefs-1.js
| MD5 | 2c0c3d5cac114d575854fc43da33d290 |
| SHA1 | 43395babc32ffa0d66d5c177b08fc4534afb0164 |
| SHA256 | 85e70e381eeef6962782a791085da14f432a8b6eb4191f3891326fe852bd1449 |
| SHA512 | 861f9c6b3398d8bc26be6571e6fba89b701eb9515fb810f87a55ffabc9105d8fc81f72172f473655a218e2cc737d02bf019a89d30f64c9b7f045b75870fbff5e |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilePAAQuR\prefs-1.js
| MD5 | fd00f03a8915409eb1d473282b087a62 |
| SHA1 | d796d7e5a6e11664bf3f960b177265d068f7f622 |
| SHA256 | f3af9917a16732c6ea70b42c78b2caa33c7bbe5f97f5f8908a5d41e107b4a73e |
| SHA512 | 534f5d2b50e7cc028cb8ca49eae0e464f0ae1b429075edab7a02be5772086f7276df95b7799b657ddecc92b6450c02ddab81fd12ab42d2744aab890eae643b7d |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileH0ZVWR\compatibility.ini
| MD5 | c4b46ba644632496963db461815ee574 |
| SHA1 | dffa3adefe8ed8610d43448e8e6c74aa13dd4570 |
| SHA256 | e2d4de3b2ee06a85a9d6a55dd91358446187a162585e541e524a98a68f998f6c |
| SHA512 | caac5f6ae23ce204c4ed925add341c72f33a6eebfe8e81ee4dc7e9de90c708fae8ffd2c62ff7d45c24b481ae28a5d0f26e1fd727edb49ca552f1c101b0c48765 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileH0ZVWR\WebDriverBiDiServer.json
| MD5 | 6f1eadc7c0cbc16a204f04b7feddf6c9 |
| SHA1 | 6e67457aed17b540176b21dec2bfbe9c4fa971c4 |
| SHA256 | 56d7eb390e28095445616c226538287e9ac43dec2c4f4fea42b340d239c3ec39 |
| SHA512 | 9e9b847bcb7d7376d172e0c5fb95a16b19ccf9278749b54706fd9ac430426cf09efe09e7a862da2ecd820cd56154f47a9e59300a5f95180413a51ea25e33dca8 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileH0ZVWR\datareporting\glean\db\data.safe.tmp
| MD5 | 7d3d11283370585b060d50a12715851a |
| SHA1 | 3a05d9b7daa2d377d95e7a5f3e8e7a8f705938e3 |
| SHA256 | 86bff840e1bec67b7c91f97f4d37e3a638c5fdc7b56aae210b01745f292347b9 |
| SHA512 | a185a956e7105ad5a903d5d0e780df9421cf7b84ef1f83f7e9f3ab81bf683b440f23e55df4bbd52d60e89af467b5fc949bf1faa7810c523b98c7c2361fde010e |
Analysis: behavioral5
Detonation Overview
Submitted
2024-05-09 01:55
Reported
2024-05-09 02:08
Platform
win11-20240426-en
Max time kernel
299s
Max time network
309s
Command Line
Signatures
Executes dropped EXE
Loads dropped DLL
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-1230210488-3096403634-4129516247-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1230210488-3096403634-4129516247-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1230210488-3096403634-4129516247-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1230210488-3096403634-4129516247-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1230210488-3096403634-4129516247-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "ver"
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\TorBrowser\Tor\tor.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Users\Admin\AppData\Local\Temp\_MEI30122\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI30122\geckodriver.exe --port 50020 --websocket-port 50021
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50021 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilejlBrGG
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50021 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilejlBrGG
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe" -contentproc --channel="2448.0.674426228\320704307" -parentBuildID 20240416150000 -prefsHandle 1720 -prefMapHandle 1712 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\browser" - {fb9da539-adfb-4785-a211-af98baa4db44} 2448 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe" -contentproc --channel="2448.1.1842783517\2087128989" -childID 1 -isForBrowser -prefsHandle 3016 -prefMapHandle 3012 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1360 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\browser" - {bf578630-6d72-45c6-928b-77afd08225a3} 2448 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe" -contentproc --channel="2448.2.2007892969\1175155919" -childID 2 -isForBrowser -prefsHandle 2608 -prefMapHandle 2580 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1360 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\browser" - {99d02cf3-faa8-4a53-a206-ca1ed7821ac8} 2448 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe" -contentproc --channel="2448.3.1759054828\1705468922" -childID 3 -isForBrowser -prefsHandle 3156 -prefMapHandle 3172 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1360 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\browser" - {72fe318e-d143-4ce4-982a-0d0c1b64ddcd} 2448 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe" -contentproc --channel="2448.4.1075364414\1903305130" -childID 4 -isForBrowser -prefsHandle 3136 -prefMapHandle 3644 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1360 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\browser" - {362cdced-15cc-4c94-9195-5cb51a9db051} 2448 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe" -contentproc --channel="2448.5.1159408562\201791154" -childID 5 -isForBrowser -prefsHandle 3820 -prefMapHandle 3824 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1360 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\browser" - {1a8dbca2-81da-4a25-ac3d-8c0ac1788004} 2448 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe" -contentproc --channel="2448.6.847560712\709979315" -childID 6 -isForBrowser -prefsHandle 3988 -prefMapHandle 3992 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1360 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\browser" - {594b18ee-2a0b-48d9-b1d8-61e249596b59} 2448 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe" -contentproc --channel="2448.7.1813732952\734290950" -childID 7 -isForBrowser -prefsHandle 4328 -prefMapHandle 4324 -prefsLen 25491 -prefMapSize 245849 -jsInitHandle 1360 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\browser" - {5d498ec2-edf5-4553-ac98-b784a76137ec} 2448 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30122\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI30122\geckodriver.exe --port 50020 --websocket-port 50021
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50021 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileqYD0cI
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50021 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileqYD0cI
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe" -contentproc --channel="4552.0.260909221\950704759" -parentBuildID 20240416150000 -prefsHandle 1700 -prefMapHandle 1692 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\browser" - {e3bac24a-48b0-46ef-92a5-0bf2ea39f1c1} 4552 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe" -contentproc --channel="4552.1.726710008\287003152" -childID 1 -isForBrowser -prefsHandle 2600 -prefMapHandle 2956 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1344 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\browser" - {59387876-e2d7-4683-9fe0-f47763a84c05} 4552 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe" -contentproc --channel="4552.2.589446725\381988807" -childID 2 -isForBrowser -prefsHandle 3196 -prefMapHandle 3192 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1344 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\browser" - {84c7c33f-7b2b-4b0a-a84e-db78e22ef5df} 4552 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe" -contentproc --channel="4552.3.1095165860\1249342715" -childID 3 -isForBrowser -prefsHandle 3256 -prefMapHandle 3252 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1344 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\browser" - {926a4050-ae90-4013-b162-388c04642a21} 4552 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe" -contentproc --channel="4552.4.731671736\1566459747" -childID 4 -isForBrowser -prefsHandle 4040 -prefMapHandle 4036 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1344 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\browser" - {9e0ac15b-d93c-452a-82b7-4e4b9421b3eb} 4552 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe" -contentproc --channel="4552.5.1339122106\1469807233" -childID 5 -isForBrowser -prefsHandle 3272 -prefMapHandle 3260 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1344 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\browser" - {c86d7bc2-c283-4957-ae75-daa507fa3ce6} 4552 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe" -contentproc --channel="4552.6.1912999306\109172003" -childID 6 -isForBrowser -prefsHandle 3496 -prefMapHandle 3500 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1344 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\browser" - {d44089cd-810b-41c1-8535-b8b9a261757e} 4552 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30122\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI30122\geckodriver.exe --port 50020 --websocket-port 50021
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50021 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilexyyu7C
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50021 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilexyyu7C
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe" -contentproc --channel="3368.0.577941645\1845361401" -parentBuildID 20240416150000 -prefsHandle 1708 -prefMapHandle 1700 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\browser" - {5966afeb-0679-4a84-954e-ee5041e58a76} 3368 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe" -contentproc --channel="3368.1.1206627880\1869629435" -childID 1 -isForBrowser -prefsHandle 2592 -prefMapHandle 2580 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1288 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\browser" - {c107138c-10ed-4cdf-bba8-dc8bebf614ac} 3368 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe" -contentproc --channel="3368.2.1741777587\1733411547" -childID 2 -isForBrowser -prefsHandle 3076 -prefMapHandle 3068 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1288 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\browser" - {b4d3a0aa-1864-4954-985c-62d0f12da0f9} 3368 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe" -contentproc --channel="3368.3.1982368292\1999384183" -childID 3 -isForBrowser -prefsHandle 3092 -prefMapHandle 3108 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1288 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\browser" - {ef2ee756-f224-4da3-9586-f94ace28354e} 3368 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe" -contentproc --channel="3368.4.624467393\800036918" -childID 4 -isForBrowser -prefsHandle 3440 -prefMapHandle 3676 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1288 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\browser" - {1615cbdd-b9d4-4675-a6ca-b9e8b588b7d3} 3368 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe" -contentproc --channel="3368.5.620915089\78622370" -childID 5 -isForBrowser -prefsHandle 3908 -prefMapHandle 3768 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1288 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\browser" - {de024bee-0688-4dec-910c-49825deae78b} 3368 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe" -contentproc --channel="3368.6.1656423687\814004751" -childID 6 -isForBrowser -prefsHandle 3960 -prefMapHandle 3964 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1288 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\browser" - {b5f4073d-5762-4913-8574-3069002c7bb9} 3368 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe" -contentproc --channel="3368.7.331770148\1823549463" -childID 7 -isForBrowser -prefsHandle 4472 -prefMapHandle 4452 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1288 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\browser" - {6614c3ff-5372-4bf4-9b46-8fd349b9cc4d} 3368 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe" -contentproc --channel="3368.8.948956778\547518290" -childID 8 -isForBrowser -prefsHandle 8468 -prefMapHandle 8472 -prefsLen 25367 -prefMapSize 245849 -jsInitHandle 1288 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\browser" - {f5c3ea29-c650-4187-996c-25b329012778} 3368 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe" -contentproc --channel="3368.9.1479261728\2060204088" -childID 9 -isForBrowser -prefsHandle 7836 -prefMapHandle 7844 -prefsLen 25491 -prefMapSize 245849 -jsInitHandle 1288 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\browser" - {4a4ea27d-a636-428c-9f08-05d105021c7a} 3368 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30122\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI30122\geckodriver.exe --port 50020 --websocket-port 50021
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50021 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilec2Swo9
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50021 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilec2Swo9
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe" -contentproc --channel="4892.0.572800065\1086927013" -parentBuildID 20240416150000 -prefsHandle 1708 -prefMapHandle 1700 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\browser" - {c7c9c008-8651-4c2d-923f-ccf52dd2725d} 4892 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe" -contentproc --channel="4892.1.1931068291\648820325" -childID 1 -isForBrowser -prefsHandle 2520 -prefMapHandle 2468 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1292 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\browser" - {f8bd456e-13c4-4c93-b2f1-42d5fcaff32a} 4892 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe" -contentproc --channel="4892.2.1876179538\1226507348" -childID 2 -isForBrowser -prefsHandle 3088 -prefMapHandle 3084 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1292 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\browser" - {7ac29aa8-f6c4-4232-b2b9-88783489e574} 4892 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe" -contentproc --channel="4892.3.1473974965\1780064327" -childID 3 -isForBrowser -prefsHandle 3600 -prefMapHandle 3768 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1292 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\browser" - {b9b17708-0092-4d16-83a0-cd2a60b5648d} 4892 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe" -contentproc --channel="4892.4.1492528165\632083711" -childID 4 -isForBrowser -prefsHandle 4020 -prefMapHandle 4016 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1292 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\browser" - {ae5b07cb-fbe5-48a8-b4e2-743e60676807} 4892 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe" -contentproc --channel="4892.5.586926427\1723798589" -childID 5 -isForBrowser -prefsHandle 4044 -prefMapHandle 4040 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1292 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\browser" - {2fc53eed-d4d6-4186-bf14-d51091bd2288} 4892 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe" -contentproc --channel="4892.6.1498209597\92279360" -childID 6 -isForBrowser -prefsHandle 3876 -prefMapHandle 3880 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1292 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\browser" - {dacf3bb6-9e37-489b-928e-25841c36fcc3} 4892 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe" -contentproc --channel="4892.7.1784094485\2030932072" -childID 7 -isForBrowser -prefsHandle 4572 -prefMapHandle 4568 -prefsLen 25287 -prefMapSize 245849 -jsInitHandle 1292 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\browser" - {85394601-9f52-4991-85f6-0d5ce2d4ab1e} 4892 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe" -contentproc --channel="4892.8.681701369\663881714" -childID 8 -isForBrowser -prefsHandle 4604 -prefMapHandle 2836 -prefsLen 25287 -prefMapSize 245849 -jsInitHandle 1292 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\browser" - {45d5350b-d67f-48a1-ab0d-36c12cc587ca} 4892 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30122\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI30122\geckodriver.exe --port 50020 --websocket-port 50021
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50021 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileFYRVKD
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50021 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileFYRVKD
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe" -contentproc --channel="5100.0.1257941158\174486738" -parentBuildID 20240416150000 -prefsHandle 1716 -prefMapHandle 1636 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\browser" - {a9e0e862-3346-4f1d-89bd-6e428ff71a44} 5100 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe" -contentproc --channel="5100.1.340781505\1970316216" -childID 1 -isForBrowser -prefsHandle 2676 -prefMapHandle 2856 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1312 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\browser" - {eb38c6a0-667d-4384-aa36-138c34fba9f1} 5100 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe" -contentproc --channel="5100.2.590402245\1728816468" -childID 2 -isForBrowser -prefsHandle 2712 -prefMapHandle 2612 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1312 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\browser" - {8abf4858-9146-4c45-b552-8b37b0876c3d} 5100 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe" -contentproc --channel="5100.3.1028685655\1904957123" -childID 3 -isForBrowser -prefsHandle 3520 -prefMapHandle 3308 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1312 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\browser" - {c10df1b1-9bf9-441f-834f-7e1e758be042} 5100 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe" -contentproc --channel="5100.4.599151227\563529389" -childID 4 -isForBrowser -prefsHandle 3232 -prefMapHandle 3060 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1312 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\browser" - {0b2d93e0-4920-483b-a321-c373658ba19d} 5100 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe" -contentproc --channel="5100.5.1033047342\803032027" -childID 5 -isForBrowser -prefsHandle 3976 -prefMapHandle 3972 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1312 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\browser" - {3f22ece0-2f9d-45c3-8aac-f78a0af831d7} 5100 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe" -contentproc --channel="5100.6.1706011956\234249401" -childID 6 -isForBrowser -prefsHandle 3884 -prefMapHandle 3876 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1312 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\browser" - {e06f7a36-06ae-4623-b881-51638537449f} 5100 tab
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe" -contentproc --channel="5100.7.342835894\1040830517" -childID 7 -isForBrowser -prefsHandle 4520 -prefMapHandle 4524 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1312 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\browser" - {6111c7c3-b5f6-4b2d-9eeb-03d7c1ff5671} 5100 tab
Network
| Country | Destination | Domain | Proto |
| DE | 185.220.101.206:443 | tcp | |
| US | 8.8.8.8:53 | 206.101.220.185.in-addr.arpa | udp |
| US | 205.185.125.239:443 | tcp | |
| FR | 51.210.181.252:4443 | tcp | |
| US | 8.8.8.8:53 | 239.125.185.205.in-addr.arpa | udp |
| N/A | 127.0.0.1:50076 | tcp | |
| N/A | 127.0.0.1:50112 | tcp | |
| N/A | 127.0.0.1:50020 | tcp | |
| N/A | 127.0.0.1:50020 | tcp | |
| N/A | 127.0.0.1:50218 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50226 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:50020 | tcp | |
| N/A | 127.0.0.1:50020 | tcp | |
| N/A | 127.0.0.1:50020 | tcp | |
| N/A | 127.0.0.1:50655 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50663 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50020 | tcp | |
| N/A | 127.0.0.1:50020 | tcp | |
| N/A | 127.0.0.1:50020 | tcp | |
| N/A | 127.0.0.1:51031 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51039 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50020 | tcp | |
| N/A | 127.0.0.1:50020 | tcp | |
| N/A | 127.0.0.1:50020 | tcp | |
| N/A | 127.0.0.1:51447 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51455 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:50020 | tcp | |
| N/A | 127.0.0.1:50020 | tcp | |
| N/A | 127.0.0.1:50020 | tcp | |
| N/A | 127.0.0.1:51800 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51808 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\_MEI30122\python38.dll
| MD5 | 26ba25d468a778d37f1a24f4514d9814 |
| SHA1 | b64fe169690557656ede3ae50d3c5a197fea6013 |
| SHA256 | 2f3e368f5bcc1dda5e951682008a509751e6395f7328fd0f02c4e1a11f67c128 |
| SHA512 | 80471bfeeab279ce4adfb9ee1962597fb8e1886b861e31bdff1e3aa0df06d93afeb3a3398e9519bab7152d4bd7d88fa9b328a2d7eb50a91eb60fead268912080 |
C:\Users\Admin\AppData\Local\Temp\_MEI30122\VCRUNTIME140.dll
| MD5 | 4a365ffdbde27954e768358f4a4ce82e |
| SHA1 | a1b31102eee1d2a4ed1290da2038b7b9f6a104a3 |
| SHA256 | 6a0850419432735a98e56857d5cfce97e9d58a947a9863ca6afadd1c7bcab27c |
| SHA512 | 54e4b6287c4d5a165509047262873085f50953af63ca0dcb7649c22aba5b439ab117a7e0d6e7f0a3e51a23e28a255ffd1ca1ddce4b2ea7f87bca1c9b0dbe2722 |
C:\Users\Admin\AppData\Local\Temp\_MEI30122\base_library.zip
| MD5 | 09f7062e078379845347034c2a63943e |
| SHA1 | 9683dd8ef7d72101674850f3db0e05c14039d5fd |
| SHA256 | 7c1c73de4909d11efb20028f4745a9c8494fb4ee8dcf2f049907115def3d2629 |
| SHA512 | a169825e9b0bb995a115134cf1f7b76a96b651acd472dc4ce8473900d8852fc93b9f87a26d2c64f7bb3dd76d5feb01eeb4af4945e0c0b95d5c9c97938fa85b34 |
C:\Users\Admin\AppData\Local\Temp\_MEI30122\_ctypes.pyd
| MD5 | 291a0a9b63bae00a4222a6df71a22023 |
| SHA1 | 7a6a2aad634ec30e8edb2d2d8d0895c708d84551 |
| SHA256 | 820e840759eed12e19f3c485fd819b065b49d9dc704ae3599a63077416d63324 |
| SHA512 | d43ef6fc2595936b17b0a689a00be04968f11d7c28945af4c3a74589bd05f415bf4cb3b4e22ac496490daff533755999a69d5962ccffd12e09c16130ed57fd09 |
C:\Users\Admin\AppData\Local\Temp\_MEI30122\libffi-7.dll
| MD5 | eef7981412be8ea459064d3090f4b3aa |
| SHA1 | c60da4830ce27afc234b3c3014c583f7f0a5a925 |
| SHA256 | f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081 |
| SHA512 | dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016 |
C:\Users\Admin\AppData\Local\Temp\_MEI30122\_lzma.pyd
| MD5 | cf9fd17b1706f3044a8f74f6d398d5f1 |
| SHA1 | c5cd0debbde042445b9722a676ff36a0ac3959ad |
| SHA256 | 9209ccc60115727b192bf7771551040ca6fdd50f9bf8c3d2eacbfd424e8245e4 |
| SHA512 | 5fe922c00c6f7fd3cd9bc56fc51de1f44adffbdb0afc0583f1bb08008be628b9ac16f8560b0c3ba16138e1cdcaf1c525ef24241bed804804cdeb5961aed6385a |
C:\Users\Admin\AppData\Local\Temp\_MEI30122\_bz2.pyd
| MD5 | a49c5f406456b79254eb65d015b81088 |
| SHA1 | cfc2a2a89c63df52947af3610e4d9b8999399c91 |
| SHA256 | ce4ef8ed1e72c1d3a6082d500a17a009eb6e8ed15022bf3b68a22291858feced |
| SHA512 | bbafeff8c101c7425dc9b8789117fe4c5e516d217181d3574d9d81b8fec4b0bd34f1e1fe6e406ae95584dc671f788cd7b05c8d700baf59fbf21de9c902edf7ae |
C:\Users\Admin\AppData\Local\Temp\_MEI30122\_queue.pyd
| MD5 | dd146e2fa08302496b15118bf47703cf |
| SHA1 | d06813e2fcb30cbb00bb3893f30c2661686cf4b7 |
| SHA256 | 67e4e888559ea2c62ff267b58d7a7e95c2ec361703b5aa232aa8b2a1f96a2051 |
| SHA512 | 5b93a782c9562370fc5b3f289ca422b4d1a1c532e81bd6c95a0063f2e3889ecf828003e42b674439fc7cd0fa72f64ad607bab6910abe9d959a4fb9fb08df263c |
C:\Users\Admin\AppData\Local\Temp\_MEI30122\_ssl.pyd
| MD5 | d4dfd8c2894670e9f8d6302c09997300 |
| SHA1 | c3a6cc8d8079a06a4cac8950e0baba2b43fb1f8e |
| SHA256 | 0a721fc230eca278a69a2006e13dfa00e698274281378d4df35227e1f68ea3e0 |
| SHA512 | 1422bf45d233e2e3f77dce30ba0123625f2a511f73dfdf42ee093b1755963d9abc371935111c28f0d2c02308c5e82867de2546d871c35e657da32a7182026048 |
C:\Users\Admin\AppData\Local\Temp\_MEI30122\_socket.pyd
| MD5 | 4827652de133c83fa1cae839b361856c |
| SHA1 | 182f9a04bdc42766cfd5fb352f2cb22e5c26665e |
| SHA256 | 87832a3b89e2ada8f704a8f066013660d591d9ce01ce901cc57a3b973f0858ba |
| SHA512 | 8d66d68613fdba0820257550de3c39b308b1dce659dca953d10a95ff2cf89c31afe512d30ed44422b31117058dc9fa15279e5ac84694da89b47f99b0ad7e338a |
C:\Users\Admin\AppData\Local\Temp\_MEI30122\libcrypto-1_1.dll
| MD5 | 89511df61678befa2f62f5025c8c8448 |
| SHA1 | df3961f833b4964f70fcf1c002d9fd7309f53ef8 |
| SHA256 | 296426e7ce11bc3d1cfa9f2aeb42f60c974da4af3b3efbeb0ba40e92e5299fdf |
| SHA512 | 9af069ea13551a4672fdd4635d3242e017837b76ab2815788148dd4c44b4cf3a650d43ac79cd2122e1e51e01fb5164e71ff81a829395bdb8e50bb50a33f0a668 |
C:\Users\Admin\AppData\Local\Temp\_MEI30122\libssl-1_1.dll
| MD5 | 50bcfb04328fec1a22c31c0e39286470 |
| SHA1 | 3a1b78faf34125c7b8d684419fa715c367db3daa |
| SHA256 | fddd0da02dcd41786e9aa04ba17ba391ce39dae6b1f54cfa1e2bb55bc753fce9 |
| SHA512 | 370e6dfd318d905b79baf1808efbf6da58590f00006513bdaaed0c313f6fa6c36f634ea3b05f916cee59f4db25a23dd9e6f64caf3c04a200e78c193027f57685 |
C:\Users\Admin\AppData\Local\Temp\_MEI30122\select.pyd
| MD5 | e21cff76db11c1066fd96af86332b640 |
| SHA1 | e78ef7075c479b1d218132d89bf4bec13d54c06a |
| SHA256 | fcc2e09a2355a5546922874fb4cac92ee00a33c0ed6adbc440d128d1e9f4ec28 |
| SHA512 | e86dba2326ca5ea3f5ef3af2abd3c23d5b29b6211acc865b6be5a51d5c8850b7cda8c069e6f631ac62f2047224c4b675bbe6ac97c7ba781de5b8016ebaffd46f |
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | 47539d0337e97e22a728afc2638d461f |
| SHA1 | d97b37079543b33b9b605c787945f809aed66fd6 |
| SHA256 | 262e52c5bbaa9bcd2dfcb4cf7da83a1efa95ebd0299f82031ad31a6ab19405a5 |
| SHA512 | 3810ebe80173d41785a42459fc5c4a8a31e56294f2c03fe99416925a34d242b88023565057201c9b6dcbdb97c8396d8305a723c0e31bb5b560b031b299672d4a |
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
| MD5 | a3fb2788945937b22e92eeeb30fb4f15 |
| SHA1 | 8cade36d4d5067cd9a094ab2e4b3c786e3c160aa |
| SHA256 | 05b98840b05ef2acbac333543e4b7c3d40fee2ce5fb4e29260b05e2ff6fe24cd |
| SHA512 | 4897aefe3a0efffaa3d92842b42fe223f0b9882031a65bea683f4554d1fec92b8a66ea15c67e9b95c7fc12991cde3245010ccfb91768ba233711ced3412c13bc |
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs.js
| MD5 | 8565a303ddc83b03f8662b034597de18 |
| SHA1 | ce6453779eb52055599ddba097a95ab82512ae5b |
| SHA256 | b6ffe8a2973d7050fd5ffcf7ee1c995eef8d8dc5d58cb0a05a6ca0953bd4c6bd |
| SHA512 | 2b667252645b7f1202582beb353fbb2320f81b1f2e42a8327792309709434092a953727b222a5d81bac1482a547a498ca5c9d3d2c772858746cf29d18c684566 |
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\places.sqlite
| MD5 | 2eeb46e1c58ff1cce4ac2d4d725b2cc6 |
| SHA1 | 89aa36e77e51da31fbbfd682a2acc91f6016d275 |
| SHA256 | e99e5ee165f2a0d5d39c5cc5a1d994c0534cf7caf8779f314f0e92b2d59d2b6a |
| SHA512 | 23d5e39c25375ef4a83713f44615078878253411cd6ca6c4a149de915cd491b328046ddd189a113585361faad6a47ebd6ead31f062681ab25b0f2832a988265e |
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | ecb1dedf5ef99417494e424ca42eb67f |
| SHA1 | e2a293cbba50c6624e75cdaffe472967f3961023 |
| SHA256 | cccd56daa3559a54db61113fbdb5b6c96649cdd65b5cf14bd442c3f2e3b738be |
| SHA512 | 5ea0645775933d5bd2f913d58e344253a58578c920af95bd0fb81ff4f13a4998a919f0856ffdc97541abf9fc3797558b0f2467bc73214b63c7ce568ba87e550b |
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\xulstore.json
| MD5 | 8d689c06cb844185099c0398a280537e |
| SHA1 | 57073c7526ec37e94bb9db44fedc6d50276f7a6b |
| SHA256 | 96729e9b38f216605ff10715f96f364be32f02e2de23ede7e74b78244605124d |
| SHA512 | 3c7df326c695143915df1068cb2c0f58e93e4881b2c4d94b33948b80e954fbd4cf944ae53b4d15002b79fcdb8e88f8e9cf4c89ca50f56b7cfd8a13ea7dd6fff8 |
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\webappsstore.sqlite
| MD5 | 41c22c9f81a84b1b0e5ee7ec2ff7c545 |
| SHA1 | d12424cba9e4e9124bf3f15e556c562b95c9b6a3 |
| SHA256 | 4ffdc78433817da79ad2e84b26a2ffaf62d8c1baf80421751d752c3d8723328f |
| SHA512 | 8b690c55ae0b25aeede62a09dea1ef6b7daa9880ca63c6d4ce192160daded05fe0dc44b115216ce10523e2ec45991873c249f159fe8608712818f5ead327897b |
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\times.json
| MD5 | 797325af481a14ae243f10d5f24b4a0d |
| SHA1 | 718b6ed3d9d839b8fe0a0e097b9ac5f5770ed5a1 |
| SHA256 | 1d70eaebce1c81e3241ae47deb92aab50f90dd8baa4c7cb5e9f7eb6b1e66abb1 |
| SHA512 | ac9aa2b028bdffe24831ba50894fb48eb70b100f6973875987e24f075a3e9196f96699667eb3a5d2e4f86041d510447c75fe6e55562813451712878a3411c3b1 |
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage.sqlite
| MD5 | 7f2754df6a4a580b15910f449892766d |
| SHA1 | 9dcaad98563ed89781f53941cbc43db5454de7f5 |
| SHA256 | d3765d63c380e5a79296d566b7869c08b1f4e079787176f29cf2ddcd76330654 |
| SHA512 | 25f0205a8c4aed02e9e1f9ecafffb36cb3bb795ef9f06cc12ede9e8b0459ae5b86573b3b4980b92073a59204eaf314cba34c03b99e90ab98f804fe378fe02839 |
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\.metadata-v2
| MD5 | 7abc816e004d9ed0f292770cfa8876cb |
| SHA1 | 4a1eeb702543f0819ef7c64b9f3bfd53be292106 |
| SHA256 | 2960d61c10694d76f29beca0eb96c06608cf4bbf479811449a39197e8580842e |
| SHA512 | 9883b894e65a426227ea9808b69e2259f206df76bd9bb9e7c0ebd7521acbdad0a92c4a531f739c93b1e53001eca8a1a42e122baa1e1885b11d4ba34aae24961a |
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\ls-archive.sqlite
| MD5 | d277f533f1d77e26d09bb66764bbeea6 |
| SHA1 | 082920ebe7dfb870cf94a99fc601fd5ae8b456ee |
| SHA256 | 3c957f8d69ccfe73b66c28d378bf301bb1bcb0ceb5c59ac0dafeb5787b24f3c3 |
| SHA512 | 510c78685b20a68160d9041d5a55a022a281fc0fd5777f978dc422d132961bf52ac23a0a95ca47b15715641ecb7a39b359da8d00d305c8543d553c00db54747d |
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | cbb1daad9fc48ab13e35fcd3621a5999 |
| SHA1 | 0eec8ece735465aea259f8223762f93fb13a97a0 |
| SHA256 | 8a03ae38ee38cf04dd9a5e2c5563bfd930886cae2170ed4200829288e5c155da |
| SHA512 | 818629d68123ae629bd5a1c7e768ed79707360457be1b7c50f7c59447bf9ee398fe78c925f037649d6b1ca529a9cf3bf8077b6f525f3e88142c56bc7e5451e8b |
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\.metadata-v2
| MD5 | 2c740091198dcf20b9c600791e2bcc3c |
| SHA1 | dd6f376ba9139ddec20ece64da0760054133db96 |
| SHA256 | e39504c71ba91c438c682a8c83c7ecfc5410b853d7788a4c561a8c6e90bdbe59 |
| SHA512 | a677a432a4af6b5ad0131d224d2e4c999c2340a54ba770f9f39429fd28ad05a921fcf65a1b714af5deae2419abcf8ab38472e15f0f8758ccf7b7769a40bafffc |
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\sessionCheckpoints.json
| MD5 | 48fcad918c62db97e9af1dba1d131473 |
| SHA1 | d89381594d3241b0e645033f67572a5d8c166764 |
| SHA256 | dd8349e2789db1125b477971c5d445b6afb2f6ea3b57de65080631040900fe8c |
| SHA512 | 2278d074aab519859188b047c77fe7b4db718e0af237b63e06a1b095d7a1eb4e07d6ea59cab5d7b1325aae0047fadea36eae12a80bfefe112aab85fc18aa1ca3 |
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\search.json.mozlz4
| MD5 | b6d7fc9b6ebc5f46500acc52bf6c9808 |
| SHA1 | 4fd8111c436d89b83890e98b4cb7d0343e568340 |
| SHA256 | 2bd35c40d02dfca6c685a001287d89c1ec743b8d4d87a0a568c1cbd0b5ba4974 |
| SHA512 | 7e7111112af9448be4da527ae1d76ed93ec1e236dd00db63ff30d93d1f29cd699193e1e2635b110dda3ec36502c25065ef7d1613537451916ea301eb0f3e084b |
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\handlers.json
| MD5 | e7a65c5ead519a7b802f991353c26d3d |
| SHA1 | 34cc3c1cf9bd4912dba5fa422010934e46419fa3 |
| SHA256 | 0e5ce92485da953757f615bad034a43032b220da18f8165dd85347851b56b2d2 |
| SHA512 | 2a6034449ba6f5da8a77870ae665064047cea2460aeb4c8c0b62b308a403fdd30648150209aecc31ab1e50b6d9d94a1f51d3d7d50bbf35ec1b742bff2dbe788d |
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\favicons.sqlite
| MD5 | 0351b833a5c095852e821535974441c8 |
| SHA1 | bcbf5c294852c2d80af7862d19791b994aea7706 |
| SHA256 | dd13400afe7ebe5d0be37c951ff961be293b63588cc3635a62fa5f071ab69eef |
| SHA512 | 3eaefe9e400fadf0b947036e15b4dc5c7b42fbbcb716426ba478073eff1e7d7bddf3f72c44dfb5fafe6712d7ea9f2c52c172607d719f238a22e432afdb618b97 |
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions.json
| MD5 | e2e8f9cf938f81b1185086b12c5c9d90 |
| SHA1 | b67c857a7002b3262f09ffc9fa8524c58a01e5b9 |
| SHA256 | a053bba02f38179197090a9a9849aab872af5b09dc61b2f69efb0d8ea2d0f5e2 |
| SHA512 | 3bab571f5c43ff72ce1dd654b584d053cba937a3d3cc4d07cbf57ac7acc821b199b90fab66abc62dbe32e75297143c810c995d87df076e75a583e321d081d87f |
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extension-preferences.json
| MD5 | d2e8aceaa00ad916618bea2eee81aedf |
| SHA1 | 28b26f0db0b4b2504a418983089795761c56e4a1 |
| SHA256 | fc52b830f384921b69b457fed04dfb4239fb08e9fe7d8ac07c4c269bd9f6f622 |
| SHA512 | b6cb1f872dfc024d28524976aca3ad8840943ca0fc212326e8b6ee6fe0a57d5120a6c1da824ab70d7f9ee8dd674bdd32ace038db4d893b893830bf3267c6e59d |
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\datareporting\glean\db\data.safe.bin
| MD5 | b1c8aa9861b461806c9e738511edd6ae |
| SHA1 | fe13c1bbc7e323845cbe6a1bb89259cbd05595f8 |
| SHA256 | 7cea48e7add3340b36f47ba4ea2ded8d6cb0423ffc2a64b44d7e86e0507d6b70 |
| SHA512 | 841a0f8c98dd04dc9a4be2f05c34ecd511388c76d08ca0f415bfb6056166d9a521b8bc2c46b74697f3ecdac5141d1fe6af76dd0689350caca14e9f849ee75a8b |
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\cookies.sqlite
| MD5 | 5caa766855d5613a999f71b7812d6451 |
| SHA1 | ad0d9a52a0d5cc7f11858301dbe47377ed99ee37 |
| SHA256 | 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27 |
| SHA512 | 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba |
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\content-prefs.sqlite
| MD5 | 2ec530a71bdac21f299f9ddb823be222 |
| SHA1 | 5425aaf19c0832cda06be506e88f2435f432d287 |
| SHA256 | ccad2cafe84d27b3be67a87f0e32b7670e451c7ceefce6f2aa38f658976334b3 |
| SHA512 | 94eec8b0f59c68331d9187dd4dd4aa2b2c31d844e72bf707cd9e0c7c72c64982a3babcacf3d09a996422281ac5479ee304b41a577e54a74308d7a31a7d7091d4 |
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\containers.json
| MD5 | 26dd091069531a62061de8ca1c56d46b |
| SHA1 | 6c9daa73f096174f28f86c9bb245cb8a540f5c2d |
| SHA256 | 2cde4e7f9f1c6ab6fcf729370237845c72314a6c6d942fab1989f37e6c610a9a |
| SHA512 | 180d42c642f5d1126efbf89af33f1b4d1aa936aa530834b508eabcf3ec845aad91daa871ee6517e1181910f5720edbc3788d6a4b2455f1255d7b52b95de2d66d |
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\compatibility.ini
| MD5 | e50a617598b0f635e6f9ae4a9d445b78 |
| SHA1 | a372ec393dd6271bd00cf02f894152887765da8b |
| SHA256 | c9053fe76caf2607aa3043fa8b60070956198590dd8aab868145e0644cee30f5 |
| SHA512 | e851c226c38d4a6dfe43074d455fd75483d6c9b4d9521280a64f5b1913a055084d7764f13a8d0a12142a716a4031cc2ca4916c131d41c18a4d7a95128cb03bc0 |
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\addonStartup.json.lz4
| MD5 | 85de06e3d4c6f39404776f3c7162c59b |
| SHA1 | 3e4b8ecebaa9c903d220ee23d367be8e8ba27619 |
| SHA256 | 33d83687f45f4dbe12db0a0ce697cbce2c228d71ed474ad10a839ff7ce95012a |
| SHA512 | 6cd4cac7bd74ac01de30d242b2bc75e7dc2e23c0871250ae8176cc947553dbfc702a2392380acdad6bec355aea6dfa95708af54c560330c36c05bb0f34169963 |
C:\Users\Admin\AppData\Local\Temp\_MEI30122\_hashlib.pyd
| MD5 | 5e5af52f42eaf007e3ac73fd2211f048 |
| SHA1 | 1a981e66ab5b03f4a74a6bac6227cd45df78010b |
| SHA256 | a30cf1a40e0b09610e34be187f1396ac5a44dcfb27bc7ff9b450d1318b694c1b |
| SHA512 | bc37625005c3dad1129b158a2f1e91628d5c973961e0efd61513bb6c7b97d77922809afca8039d08c11903734450bc098c6e7b63655ff1e9881323e5cfd739fd |
C:\Users\Admin\AppData\Local\Temp\_MEI30122\unicodedata.pyd
| MD5 | 601aee84e12b87ca66826dfc7ca57231 |
| SHA1 | 3a7812433ca7d443d4494446a9ced24b6774ceca |
| SHA256 | d8091e62c74e1b2b648086f778c3c41ce01f09661a75ea207d3fea2cf26a8762 |
| SHA512 | 7c2d64623c6cfd66d6729f59909c90aa944e810ff6514c58b2b3142ee90e8660b7ddf7fa187389dd333e47efe8b19e935dd4e9119c15375b69b4880d043877d7 |
C:\Users\Admin\AppData\Local\Temp\_MEI30122\top-1m.csv
| MD5 | ba0857be5e9736dde1f5cc44edd5d21b |
| SHA1 | b130759907909cc97bfe0d9a1fd65b8942c931aa |
| SHA256 | 7800cdef850c31931b2b520a42f858c4feb5ca86d6b3789e6173a02e909595ca |
| SHA512 | 08446902bc588e323b8fc551502ff869be6c2bb64f788d1bebfcc30a04c3e589b0616e84fc55de3d81d7b19b26e690024a442e6a27096808bc613bcecf3f6db4 |
C:\Users\Admin\AppData\Local\Temp\_MEI30122\pyexpat.pyd
| MD5 | 2ae23047648257afa90d0ca96811979f |
| SHA1 | 0833cf7ccae477faa4656c74d593d0f59844cadd |
| SHA256 | 5caf51f12406bdb980db1361fab79c51be8cac0a2a0071a083adf4d84f423e95 |
| SHA512 | 13052eb183bb7eb8bb2740ff39f63805b69e920f2e21b482657a9995aa002579a88296b81ec415942511d2ed146689d1868b446f7e698e72da22f5c182706030 |
C:\Users\Admin\AppData\Local\Temp\_MEI30122\nss3.dll
| MD5 | 71747091d34cc634b9ad3c360b45b0a9 |
| SHA1 | 111cf483836f6a392f64bc9398a327be1c43dfc8 |
| SHA256 | 6e69c7c93a9d06c34c5f5429813d3763fe7ae4fb09c1dc5b0f0290b2dd8befcf |
| SHA512 | b911fd3b201a84c7663135c2dbf72e2368d68557181f5e1a32be271b0e73181f34990575fba44002fc92bae7d90caf530b7ec9212d3d022b4526906f0c2eb35a |
C:\Users\Admin\AppData\Local\Temp\_MEI30122\mozglue.dll
| MD5 | 3e4d1ec1d2a6e85593459601b5a0a828 |
| SHA1 | 92ee422285282dcb170cbc7808299d14d8d27963 |
| SHA256 | eefcf97ee8a298c85c9d4d44bb8747c0cca1ef5922e25000814148fd0fbfb2f5 |
| SHA512 | 4fe70fdbf8c902497537fbcda6e96373c636521aba2db52e3047abad37a9b857ab1668f203bcdf2815bbe0c485ec751dd6031043f459fd4af968c5d495e44ba4 |
C:\Users\Admin\AppData\Local\Temp\_MEI30122\mozavutil.dll
| MD5 | 4ecbb73d44518fc2b601a1ac9a38dcad |
| SHA1 | f7c96e85d5b32af8efb784e75164ec4f0c6f4f10 |
| SHA256 | 7f629ecfd36353139e9b067dc5ba84b411ed74132aef01b4430ccb016af46a52 |
| SHA512 | 12946996b2bdd87dd08cf046b37ff21dc23ab336c92d2b42cfa2000743c79524205004623b67505294080f60f9b5433005457f8a385e0461cef2cded6aa3d610 |
C:\Users\Admin\AppData\Local\Temp\_MEI30122\lgpllibs.dll
| MD5 | 726abf1280adf3129481b94b2bc644c4 |
| SHA1 | 404f69e71296f2d199535e8a6d9fb56707fcbc5f |
| SHA256 | 8969747ecb7dfd4a6dcb9150017e14ebbf90ce558f6fb469f6b558d039e9259a |
| SHA512 | 160b57aa1a28ff35210cf958fd7821aa2cc1cf6fca1ea38d768fa90111826b096518363b00b6818d21743aefd6bbbfa358fbe2fe3afa95edacb330a747c6e5f3 |
C:\Users\Admin\AppData\Local\Temp\_MEI30122\geckodriver.exe
| MD5 | f60c542253cbe94f762e15c7b064b55d |
| SHA1 | 7a32f034217266db6d799893edc976e891a82944 |
| SHA256 | 989c9e22c08924ecb0ce8901889dcb4dc8db33b0b4c8c88ffea38fe89f04c6aa |
| SHA512 | 1a91ba760e9893521e417a4b6ab4a25c1a1d8aadf89ad98a60eb114f65a88f9d2616f3cc102c08b95a0e91d0cb7245ecc2b4fdbbbc17465c57844e6db2b2e8ca |
C:\Users\Admin\AppData\Local\Temp\_MEI30122\Tor Browser\Browser\firefox.exe
| MD5 | 65aa9b0f57d72e4d70e9226322221adc |
| SHA1 | 85fec174d0977afd8c0100c9d9b53c958e1949bf |
| SHA256 | 51b63860fd996d6d5b1753ba6bb7f3a4303f13187fbfecc96ba2b6bae52a7410 |
| SHA512 | f84416a5e9293b8b82993e9424b13d5bb8542d1a379d04f498b60f0b5805626b7c97bcc6f86f6cfd33031b0d65d0ad23ce6d836995b5a481ed29f62ef89b2c85 |
memory/3356-483-0x00007FFC601E0000-0x00007FFC601E1000-memory.dmp
memory/3356-482-0x00007FFC60920000-0x00007FFC60921000-memory.dmp
memory/4820-511-0x00000284B1520000-0x00000284B1551000-memory.dmp
memory/2448-527-0x00000228215C0000-0x00000228215D0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilejlBrGG\extensions.json
| MD5 | aa20b17cb274e5d52a24db88ed7a3916 |
| SHA1 | 11f2b6b15718fff16fd203096fe9ecceebe47d3c |
| SHA256 | f2f476a37d159a84c6a366c94bf01ab5f930be998940d91686bd9efe280b8726 |
| SHA512 | a366b7afb16b591a8e810b642e734ff94e0bd5ad02bbce6d3558617b69fd0baad0ac8fb2e7022662bceda56a3ace665d9f9526b350b6702efd78504aa6abfeb7 |
C:\Users\Admin\AppData\Roaming\tor\cached-microdesc-consensus
| MD5 | 80e882ce8268212cf4db9fbe44f95336 |
| SHA1 | 85abc152168a20d8db2c6501aa43a97ea72efc8c |
| SHA256 | 32c7fa19bdf922f35368bbda1fd91b30fae89f7e8615c8224901e4e3454ee937 |
| SHA512 | eb6fc2086c0c5b1e2207c675e49713961246559ade42f65f5e1d51e6139e503eacceaa57542664f7161dc320df0403d90bc85e499aa2d0f09c4a3d4236920cd5 |
memory/3356-594-0x000001CE11760000-0x000001CE11791000-memory.dmp
memory/4232-595-0x0000020DDD1B0000-0x0000020DDD1E1000-memory.dmp
memory/4680-596-0x000001E32E2E0000-0x000001E32E311000-memory.dmp
memory/1940-597-0x0000026A356C0000-0x0000026A356F1000-memory.dmp
memory/4772-598-0x0000023D55C90000-0x0000023D55CC1000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilejlBrGG\prefs-1.js
| MD5 | eb517d596ea038c3b135b8909894a2c1 |
| SHA1 | 76a548135252138e516ef1ae5bf94bfb6ee42d88 |
| SHA256 | c1bbb6845f983ef3086ff66fc4fa85f1617f7b721f93c66b402aac28a39959cc |
| SHA512 | 2a774959f8a752fec2b65e4cdd9a83c1a168ad644b18b1e990652411ae71c051c2a5a94e3a13cdea62a24b17c72d2153f4f6b59fd9881964f7ef81c883ab7073 |
C:\Users\Admin\AppData\Roaming\tor\cached-microdescs.new
| MD5 | 97fc5a289ef431d3db0985b599be0344 |
| SHA1 | 2b81451a3d10eaec11bcb8d03d2973e123c59f0f |
| SHA256 | 64f71b3b3b76286a7c7198c2b16ce45396667d32994bc14c358a13b14f14f56e |
| SHA512 | d7c0852afff80f400bbc7cb9d91e7d9ce09b559ff4850da0cbbe2d4b2f49be8deb775226e92c69dbaa6559a38588eebd22512a1700a7299b91c364e0f361be75 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilejlBrGG\prefs-1.js
| MD5 | 4cd9de49758a080171b8406f35a49c45 |
| SHA1 | a8f8406e25594e82721c89606d9f00268d4b6754 |
| SHA256 | 4a479a73c0f4daad5630f49fef81a37e1ed251c8e57bf08809d5f90af8bdfafe |
| SHA512 | 4f6efae3d5b56b51da8ff7ce931dd2e4532f6abd1cb17538a86cd9e88a30bd481d91d497c1cf956a8a31c2e7440eb02f2f9536180b1c71e1b97e49327f50c6d8 |
memory/1912-688-0x00000278DFFF0000-0x00000278E0021000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileqYD0cI\sessionCheckpoints.json
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileqYD0cI\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileqYD0cI\extension-preferences.json
| MD5 | b4298c9a240d6b7b63346daf94013802 |
| SHA1 | 9ce98168437854b51b198c16186c05129f0c273b |
| SHA256 | e120cdbe8994b9c61e74492f0fad161abb5b4e18f64d4b786a8c245ae5a384d5 |
| SHA512 | 545becc42b35be10b4c24fdc38ef6b664d167e4288111f31478f476c2c06794efb802ac0fa2b782cddea1283d295a56053e96520b033258bd596ff6fbb4f1b4c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileqYD0cI\startupCache\webext.sc.lz4
| MD5 | e7b7db0d16456983cf62b6901151b83d |
| SHA1 | b6ac53b03455e643d59b303f1af45e03961c8aa8 |
| SHA256 | 646a23310e8069cb1d5b7f5254de8f0c2d1d53d93dcc0ebe78902dfc9c850a80 |
| SHA512 | 4bb0de0fca4b2e6cbf5a7c0c2081b51897c50c190e1b1c738e3ae5eaf66e42f1c35e044b0478bb64fb1491c8653bb20354c924293f7a1e812682c92b67c47945 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileqYD0cI\prefs-1.js
| MD5 | 62973d73541f2a914227ee794d113665 |
| SHA1 | a6dae1866b8ae90f6480d1d8d88332f0a06587b1 |
| SHA256 | 9c63dfd263d763acba9f1ad361d34ea71bb2b415d4b18d196140340d95130d3e |
| SHA512 | 4b570966e9949e3584ad391f5a5099a0cb5702eb5c0a7ed3043c6823b068e48e343f6a290703bcf2411a342dcd189214c2d1e28991ab939ddb09997c4d9fa92d |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileqYD0cI\broadcast-listeners.json
| MD5 | 97c3738563a9448365a735f5f29ed3d5 |
| SHA1 | 15a81433236ca6e6ecc4e1c8d0fdb8523b265c57 |
| SHA256 | 63221253f5c30efa214c2cd2adcf51a9c9f9a2c05f119b00a51c9579825c2c24 |
| SHA512 | ed98f42d5d02ab53a9e50f80b312bed4b5d05d053bec582cf9d619ef91251e86cf4f4d1123c645500fc1dc4673b49a8b7badd3f3a39f565ac643ca4fd0157ae6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileqYD0cI\prefs-1.js
| MD5 | adfe632c865b59a0b59bb7508513dde0 |
| SHA1 | e29fd8ef896e57e09555a9f2c5603757360b98ab |
| SHA256 | c04222beb97eb610b59ccf40b557592d1e98b73a657b0af44cc7b99feeec0062 |
| SHA512 | 3f9573f7115a443cb83ef90b9ce65f241c4db011b1b413490a27a8085a559194a15edc07b247f40baf7ba04013a69469f04f07e34b4e9aac60b4c350e6190c72 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileqYD0cI\sessionCheckpoints.json
| MD5 | 99601438ae1349b653fcd00278943f90 |
| SHA1 | 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9 |
| SHA256 | 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a |
| SHA512 | ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileqYD0cI\sessionCheckpoints.json.tmp
| MD5 | 65690c43c42921410ec8043e34f09079 |
| SHA1 | 362add4dbd0c978ae222a354a4e8d35563da14b4 |
| SHA256 | 7343d5a46e2fca762305a4f85c45484a49c1607ede8e8c4bd12bedd2327edb8d |
| SHA512 | c0208d51cf1586e75f22764b82c48ecbb42c1ff54aa412a85af13d686e0119b4e49e98450d25c70e3792d3b9c2cda0c5ab0c6931ebaf548693bb970a35ae62b9 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileqYD0cI\sessionCheckpoints.json
| MD5 | 2d87ba02e79c11351c1d478b06ca9b29 |
| SHA1 | 4b0fb1927ca869256e9e2e2d480c3feb8e67e6f1 |
| SHA256 | 16b7be97c92e0b75b9f8a3c22e90177941c7e6e3fbb97c8d46432554429f3524 |
| SHA512 | be7e128c140a88348c3676afc49a143227c013056007406c66a3cae16aae170543ca8a0749136702411f502f2c933891d7dcdde0db81c5733415c818f1668185 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileqYD0cI\xulstore.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilexyyu7C\user.js
| MD5 | c5b55904b2f8577c74ca3670c2157872 |
| SHA1 | a13e547816f97d69c0c9a19daf9a21cb1faf63dd |
| SHA256 | 6bbc6ade3bdfa4db4bc7e161270154b8003ef5189ccae51f78d5e2c45755fdfc |
| SHA512 | 8b2c3219cb2c331a16efb47a8227c2aea9a2915ce2c0774f079e1788049cbc597fe8f95cae495b7e946953177cd776026fa0b6d3419c6213c92ceb233f286c05 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilexyyu7C\startupCache\scriptCache-child-new.bin
| MD5 | 2724d7dd31542eea53805994d9290cd8 |
| SHA1 | 7b5d8536b060269d79848eaa6e2362333bc0f8ec |
| SHA256 | 72f0d983fa1c2017f7402b19caf50305d7bd8001ed4e7797bc3dc0528f3081a1 |
| SHA512 | 6ea98f95ca46f2b83081b546bf6238de11a829853105233bb29cf9ceeb69ace8c69ae90e94c9b5143f91f05713cfbf82f63265733f6233ecf5acb867758c1ee0 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilexyyu7C\prefs-1.js
| MD5 | 72e305647593960ed67b4cab888c6266 |
| SHA1 | e88864adf82576371ebe2904498b66ad17feef18 |
| SHA256 | e3563a9b87d049c226cf31c673749a18b7c836c6146ce5788865f4428e85ee17 |
| SHA512 | 1682191ddf617492cf382adca7d58ffb4af930a563e3d310eea047621cfe9963256353f825720c2955cb5e162ca47619ecf48aaf6a40572105d0746c99c30707 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilexyyu7C\prefs-1.js
| MD5 | 9c28d441e7786c7cdbb9982219f7118d |
| SHA1 | 03bb17caa79195b189af039cfd38ec4f6f2a0021 |
| SHA256 | ca761848728f1b8059d932f1ac3ffcb2b79002a94d1336ded771f4c6151e7231 |
| SHA512 | d49df4fd843d9939b5f180a1b05686391c1c6176566801d286215c3b7e3f2e77a91469ce696bafefa816ac899f7233fdb7ff9798b014b03e9dc0368340ef52e3 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilexyyu7C\datareporting\glean\db\data.safe.tmp
| MD5 | 1c3c58f7838dde7f753614d170f110fc |
| SHA1 | c17e5a486cecaddd6ced7217d298306850a87f48 |
| SHA256 | 81c14432135b2a50dc505904e87781864ca561efef9e94baeca3704d04e6db3d |
| SHA512 | 9f6e9bcb0bba9e2ce3d7dabe03b061e3fda3f6d7b0249ecf4dbc145dc78844386d047ee2ac95656a025ef808cd0fc451204dc98a1981cf2729091761661a3b49 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilec2Swo9\prefs-1.js
| MD5 | c5f73f5a09c60acf05c508fb629530ef |
| SHA1 | 5cf1e809b6daeb3c5eaa64ed060f11231636a624 |
| SHA256 | 51ebe4fae1e21ed2f962f2d8b690abfe701f8779f1a96607fe779b5c236aa1f1 |
| SHA512 | 5e901a111713ab29675acb97a256c30a52f8a32651266e64a7da8db59782be9baad140bb3047bde279ed7a60c60591dc436f97a5b4f15415b6d34098e8e71129 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilec2Swo9\datareporting\glean\db\data.safe.tmp
| MD5 | c58234a092f9d899f0a623e28a4ab9db |
| SHA1 | 7398261b70453661c8b84df12e2bde7cbc07474b |
| SHA256 | eaec709a98b57cd9c054a205f9bfa76c7424db2845c077822804f31e16ac134c |
| SHA512 | ae2724fc45a8d9d26e43d86bcc7e20f398d8ab4e251e89550087ace1311c4d2571392f2f0bed78da211fcb28766779c1853b80742faa69f722b2c44c283569fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilec2Swo9\prefs-1.js
| MD5 | 1e4638eb353e3e51c51c41c50d5552ff |
| SHA1 | eba35b6c482a850e5b711f5056fc28307ead7c8b |
| SHA256 | b9e2c5d28fd5d312cde326f29da4f76f11191948a44958d6a571ae59bb9ad9e6 |
| SHA512 | 750733256668b005bff200ab88af168e2ab63a276dd0026ada8ed32648639fd67064a292e6df984649522cb031162df8822ad7f117cbc822535fb9f9199084ef |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilec2Swo9\datareporting\glean\db\data.safe.tmp
| MD5 | 63b1bb87284efe954e1c3ae390e7ee44 |
| SHA1 | 75b297779e1e2a8009276dd8df4507eb57e4e179 |
| SHA256 | b017ee25a7f5c09eb4bf359ca721d67e6e9d9f95f8ce6f741d47f33bde6ef73a |
| SHA512 | f7768cbd7dd80408bd270e5a0dc47df588850203546bbc405adb0b096d00d45010d0fb64d8a6c050c83d81bd313094036f3d3af2916f1328f3899d76fad04895 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileFYRVKD\compatibility.ini
| MD5 | 68554d606402ca45f39c9caf16d86e81 |
| SHA1 | 54c638f726f8780d3374d73c713ba9c785a8fe30 |
| SHA256 | 3efe97df9abd3137c143bb29a046c9a55e859194b13d4bff1610e0ae1e413d0a |
| SHA512 | 90242522a8979176fbd586791426c088fdb9e3ed7062b30cf97cdedf24346c139fe890918e20fcd91e4d0cda919052bbbafa284bf1b0fb3f8a62ecb7e008b1ca |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileFYRVKD\WebDriverBiDiServer.json
| MD5 | 7bba2bfb0fc31680a470dd67bab34123 |
| SHA1 | f2e27cb94acc00445bb363207fa09122f1649cf6 |
| SHA256 | 7e15088a1ba4716b59c9efa21aebb8b0d135465a29b78404125530164ba109aa |
| SHA512 | 8e38cad5221710d105ec4a9ab2634fbc87478b270bdae208afa8ca53ca6b66b50113c41d6568173274241b25791352642c12c3b8eb4abd59d1148313189705dd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileFYRVKD\prefs.js
| MD5 | 783c22592a4d84a65b02c39ab29dd6bf |
| SHA1 | bca0b8153ac699e88e15434092f6402d1c408004 |
| SHA256 | 2c945be4ed788b7b843b2f074dccf69a2a8cda2959dae152e1667b7d8dba27e4 |
| SHA512 | 54dbd29d68e72590e5b8684d001774c363258617486e1ebe2ef683f4df4ef4d6b3885578961933f7ff55bc6e097f0e70b04ee7671843180a3fd89ed4dfa8f910 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileFYRVKD\datareporting\glean\db\data.safe.tmp
| MD5 | 7d3d11283370585b060d50a12715851a |
| SHA1 | 3a05d9b7daa2d377d95e7a5f3e8e7a8f705938e3 |
| SHA256 | 86bff840e1bec67b7c91f97f4d37e3a638c5fdc7b56aae210b01745f292347b9 |
| SHA512 | a185a956e7105ad5a903d5d0e780df9421cf7b84ef1f83f7e9f3ab81bf683b440f23e55df4bbd52d60e89af467b5fc949bf1faa7810c523b98c7c2361fde010e |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileFYRVKD\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | 6645b2cd05ae3930f5a57157ba7a8825 |
| SHA1 | 786bde0d3a149fbed12227b15b53f76ac28347fc |
| SHA256 | aca84d120a48898d6ae552fe0a25d197e8845e1ee3c0f9845c538a3da380d0c8 |
| SHA512 | 16a5025083744f65a0938d79464bd9a5871025b35b27b42cca5599c9e57045978b79829f8b94878c8ceff2970d5b556eddaf15c1eb7470baabd1cc45c53bac32 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileFYRVKD\prefs.js
| MD5 | 514bfaff553b497ac8ea76432ad6d696 |
| SHA1 | 4562dafd68cf81d038db75986797e510e8dfffa1 |
| SHA256 | 7af19b67f635df93ff713d813c6ebc5ec76eec502c828f655938bc5d0f8193e2 |
| SHA512 | 4cbd23ee94a7904d6fdc8fb145c4e3345276bbb1258a5f2879e532eb085ff4ebffa8b7b8fe5910f6b39a1e90d39cf93769f2acb07ae4ec411235928cc9e2d338 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileFYRVKD\sessionCheckpoints.json.tmp
| MD5 | c543c589f3219b3a444ae60b83e2b08e |
| SHA1 | e259a2fced0248129e02dffb6e0f01c4b33783d8 |
| SHA256 | 65f9611478b292ef0f493dfe7c2443e2d4e32f7f1999ad4fb71bfd5949503d27 |
| SHA512 | ff2083db0cc99bfaf0f2e10dea6ba6812e1cf32021d826a222948dd8b207dc592cda88c6ecba499ab50e6bf9eba75b0d53110492445b7babeeaa2b12512b01a1 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileFYRVKD\storage-sync-v2.sqlite
| MD5 | bff4d6361e4126d963ab7dffdc7550ce |
| SHA1 | e2660c2f00b0aef4a81972c6a6093935d5aa40d5 |
| SHA256 | ad0828e5ff9d4188151772cd9af85827a431d122901486590c5734b62b4af2d2 |
| SHA512 | 8d967c085d343d50a76cf14e88ed2fb742a7195034ddbaacd57d2c47abf0218a5f6878528a8f37c8f3b61496f61b5e254d205003af87a3cf156ba12ea59f65bc |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileFYRVKD\content-prefs.sqlite
| MD5 | b15425d1f21f5708184e35493e63c8a1 |
| SHA1 | e944c1fdf56a3f6a5150b77980e89d48c7b57be2 |
| SHA256 | 7a9012d1846763fe9dcb059035972a023ec29f2b9c03f865f0a6f6df6ef2a6c0 |
| SHA512 | 6b54e30e0a060261bdac98ef818d1053fbabf0d6b8a17efc729942729ed6e6dddb29063b079ddb1dcd1b4edfc85a0311cf821b4b3291372c834a00733456423f |
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-09 01:55
Reported
2024-05-09 02:08
Platform
win10v2004-20240426-en
Max time kernel
301s
Max time network
310s
Command Line
Signatures
Renames multiple (56) files with added filename extension
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-1162180587-977231257-2194346871-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-1162180587-977231257-2194346871-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1162180587-977231257-2194346871-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1162180587-977231257-2194346871-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1162180587-977231257-2194346871-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1162180587-977231257-2194346871-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1162180587-977231257-2194346871-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1162180587-977231257-2194346871-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1162180587-977231257-2194346871-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "ver"
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\TorBrowser\Tor\tor.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Users\Admin\AppData\Local\Temp\_MEI35802\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI35802\geckodriver.exe --port 56601 --websocket-port 56602
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 56602 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile4ryQnn
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 56602 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile4ryQnn
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="2204.0.556967929\1728770342" -parentBuildID 20240416150000 -prefsHandle 1628 -prefMapHandle 1620 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {6ec8d888-7c41-45d9-9576-cbf99312a7b6} 2204 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="2204.1.1874184346\1548904403" -childID 1 -isForBrowser -prefsHandle 2604 -prefMapHandle 1252 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 904 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {fb98a4da-b968-41a2-8fa3-8f66e66ce11e} 2204 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="2204.2.1441542761\683095514" -childID 2 -isForBrowser -prefsHandle 3196 -prefMapHandle 3192 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 904 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {9c937442-bd88-41c3-a425-0f8b17f49226} 2204 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="2204.3.800494502\837776372" -childID 3 -isForBrowser -prefsHandle 3368 -prefMapHandle 3648 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 904 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {1156dfe7-8eac-4a83-ab14-e05faaa5fecb} 2204 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="2204.4.1451691983\1102434703" -childID 4 -isForBrowser -prefsHandle 3780 -prefMapHandle 3776 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 904 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {e37f7518-08c3-4cfc-9712-3a983bd97983} 2204 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="2204.5.58862249\536664340" -childID 5 -isForBrowser -prefsHandle 4012 -prefMapHandle 4008 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 904 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {085d9549-921a-4642-b7b8-697ab5310fd8} 2204 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="2204.6.1799257808\1435990236" -childID 6 -isForBrowser -prefsHandle 4212 -prefMapHandle 4208 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 904 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {af22c0d5-8fb3-4d12-a761-28d5839cefa1} 2204 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="2204.7.1151751599\814904518" -childID 7 -isForBrowser -prefsHandle 3768 -prefMapHandle 3944 -prefsLen 25491 -prefMapSize 245849 -jsInitHandle 904 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {d2ee7e9b-4771-4ec4-8d3f-8f0af158f933} 2204 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35802\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI35802\geckodriver.exe --port 56601 --websocket-port 56602
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 56602 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileaTvmec
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 56602 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileaTvmec
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="2076.0.501705895\804679821" -parentBuildID 20240416150000 -prefsHandle 1732 -prefMapHandle 1724 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {9adf2ea1-8589-4982-8a32-39b869840d77} 2076 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="2076.1.1472450395\1533614515" -childID 1 -isForBrowser -prefsHandle 3004 -prefMapHandle 3000 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1228 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {c92ab114-df5b-4ee8-b801-0c27b4ee3b52} 2076 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="2076.2.1693891341\857028292" -childID 2 -isForBrowser -prefsHandle 3256 -prefMapHandle 3252 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1228 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {21646e63-57eb-445b-9f75-cda2142b7be3} 2076 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="2076.3.2125828273\1880582035" -childID 3 -isForBrowser -prefsHandle 3456 -prefMapHandle 3452 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1228 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {390bdbc0-f76a-495b-9ccf-00d15159d1d5} 2076 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="2076.4.2076500555\1732876502" -childID 4 -isForBrowser -prefsHandle 3264 -prefMapHandle 3612 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1228 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {519ad4dd-fcea-4579-807b-e6422272b071} 2076 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="2076.5.1395794054\176054694" -childID 5 -isForBrowser -prefsHandle 3880 -prefMapHandle 3884 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1228 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {d90ccec4-1752-4158-8587-9cc044bf3f02} 2076 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="2076.6.591413514\78991029" -childID 6 -isForBrowser -prefsHandle 4064 -prefMapHandle 4068 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1228 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {820b87d6-6da4-4278-bdc2-609be5404c13} 2076 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="2076.7.2070601826\137569608" -childID 7 -isForBrowser -prefsHandle 4676 -prefMapHandle 4672 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1228 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {b47380ca-effb-4707-b3ab-3363b9fb8515} 2076 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35802\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI35802\geckodriver.exe --port 56601 --websocket-port 56602
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 56602 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileBJysOu
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 56602 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileBJysOu
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="2616.0.1801983007\1860993954" -parentBuildID 20240416150000 -prefsHandle 1676 -prefMapHandle 1668 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {82b5caa5-da5a-403b-b6ce-d91e4b162127} 2616 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="2616.1.842993289\2091444206" -childID 1 -isForBrowser -prefsHandle 2700 -prefMapHandle 2696 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {4806b44e-b06f-4b18-a2bb-8e111d5ed4c4} 2616 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="2616.2.1728977233\1238415041" -childID 2 -isForBrowser -prefsHandle 3188 -prefMapHandle 3184 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {6fbc882c-ca45-4589-b6b0-fc54277f0085} 2616 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="2616.3.1645172606\2147409777" -childID 3 -isForBrowser -prefsHandle 3540 -prefMapHandle 3544 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {a2295458-5bfe-4d66-94b0-53453f0bccd2} 2616 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="2616.4.1035038386\1485001" -childID 4 -isForBrowser -prefsHandle 3716 -prefMapHandle 3860 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {725ff9db-5ece-476e-a80d-3ed3945a453d} 2616 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="2616.5.60271775\1798353512" -childID 5 -isForBrowser -prefsHandle 3996 -prefMapHandle 4000 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {1ada0911-7e2b-418b-86ee-772e0f99302f} 2616 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="2616.6.373357042\1959915882" -childID 6 -isForBrowser -prefsHandle 4052 -prefMapHandle 4056 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {fd389005-b536-428b-a89b-c092cd205d80} 2616 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="2616.7.956741783\528582198" -childID 7 -isForBrowser -prefsHandle 4720 -prefMapHandle 4424 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {9876353f-a9c3-4833-8710-97045c4a26e3} 2616 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="2616.8.148722031\1989830837" -childID 8 -isForBrowser -prefsHandle 4800 -prefMapHandle 4796 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {19584226-e77e-410e-b10b-9215a665c420} 2616 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35802\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI35802\geckodriver.exe --port 56601 --websocket-port 56602
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 56602 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileou2kfU
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 56602 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileou2kfU
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="3664.0.1246811648\211185887" -parentBuildID 20240416150000 -prefsHandle 1676 -prefMapHandle 1668 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {4568c6d5-076f-43d5-9dca-374e5ee0b69f} 3664 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="3664.1.1042476695\1424792542" -childID 1 -isForBrowser -prefsHandle 2608 -prefMapHandle 1444 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1248 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {b65c4b8d-a714-48b0-afc5-c289d4ee9d6a} 3664 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="3664.2.473524081\223147793" -childID 2 -isForBrowser -prefsHandle 3352 -prefMapHandle 3348 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1248 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {3ff59986-ce53-4a74-89bd-760d216ca2ec} 3664 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="3664.3.1072150369\648091020" -childID 3 -isForBrowser -prefsHandle 3840 -prefMapHandle 3844 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1248 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {8123e3e2-c8bf-4677-896b-376f29afafad} 3664 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="3664.4.1847785255\1433140331" -childID 4 -isForBrowser -prefsHandle 3840 -prefMapHandle 3408 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1248 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {5f1bdf7e-a1bb-4d10-8de6-4ec1802f2932} 3664 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="3664.5.196329647\1218186251" -childID 5 -isForBrowser -prefsHandle 4112 -prefMapHandle 4116 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1248 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {35d4f84f-7b49-49bb-af51-790d811bdc1b} 3664 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="3664.6.843432045\1702740857" -childID 6 -isForBrowser -prefsHandle 4304 -prefMapHandle 4308 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1248 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {42db71bc-d634-48be-b237-3eb199a3469a} 3664 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="3664.7.1249943827\523584431" -childID 7 -isForBrowser -prefsHandle 4356 -prefMapHandle 4360 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1248 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {49798983-a10a-42a9-b9d1-f352f8b01650} 3664 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="3664.8.143091427\546607508" -childID 8 -isForBrowser -prefsHandle 5064 -prefMapHandle 5068 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1248 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {a3c9e953-f389-4639-b979-0a4f0c9c2655} 3664 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35802\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI35802\geckodriver.exe --port 56601 --websocket-port 56602
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 56602 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile6Pmsjc
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 56602 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile6Pmsjc
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="1432.0.1410218393\1457116860" -parentBuildID 20240416150000 -prefsHandle 1692 -prefMapHandle 1684 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {35a1e49a-0415-4fbe-a2e0-1643c04f80c3} 1432 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="1432.1.1351878275\1893413474" -childID 1 -isForBrowser -prefsHandle 2468 -prefMapHandle 2484 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {43d221e7-336d-4c31-b721-6d11127c89aa} 1432 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="1432.2.469265556\393941595" -childID 2 -isForBrowser -prefsHandle 3228 -prefMapHandle 3212 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {d5e6a6f9-b8de-4e0a-b8fa-df39b89e490f} 1432 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="1432.3.1500293290\1431034784" -childID 3 -isForBrowser -prefsHandle 3544 -prefMapHandle 3528 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {4cade253-53f8-43b9-9b39-04d8905fdee3} 1432 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="1432.4.1217835209\983786502" -childID 4 -isForBrowser -prefsHandle 3828 -prefMapHandle 3812 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {ffd000f5-7a3a-4745-9358-aaa6cf2cb9d9} 1432 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="1432.5.1452315754\1886050691" -childID 5 -isForBrowser -prefsHandle 3976 -prefMapHandle 3980 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {344f28bb-7b0e-4f65-913f-0a2bf74bad94} 1432 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="1432.6.1068071479\1434783693" -childID 6 -isForBrowser -prefsHandle 4172 -prefMapHandle 4176 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {afebb697-4e7d-4b90-b747-1ba66d52de41} 1432 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35802\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI35802\geckodriver.exe --port 56601 --websocket-port 56602
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 56602 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileINQjiN
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 56602 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileINQjiN
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="4208.0.1507934509\1955381416" -parentBuildID 20240416150000 -prefsHandle 1672 -prefMapHandle 1664 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {22b39164-1c5b-4713-b6f3-33ad332f8897} 4208 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="4208.1.305225525\1083647823" -childID 1 -isForBrowser -prefsHandle 2588 -prefMapHandle 2680 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {986bf9a1-f00a-4ccd-9746-7996bb5c4f7c} 4208 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="4208.2.489588017\521669192" -childID 2 -isForBrowser -prefsHandle 3164 -prefMapHandle 3160 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {2da0fb0d-fe89-44de-a2db-67467b5b75f2} 4208 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="4208.3.497135667\1047575132" -childID 3 -isForBrowser -prefsHandle 3320 -prefMapHandle 3276 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {a219f787-3010-4216-8d38-0c2c172b8258} 4208 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="4208.4.446963697\346557518" -childID 4 -isForBrowser -prefsHandle 3656 -prefMapHandle 3672 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {7686e3f6-5378-443f-a324-362ee2c77c5e} 4208 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="4208.5.1675254725\1469458216" -childID 5 -isForBrowser -prefsHandle 4032 -prefMapHandle 4028 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {ce6c0d76-81af-4280-864d-dce6b3121e42} 4208 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="4208.6.29501249\1642180155" -childID 6 -isForBrowser -prefsHandle 4144 -prefMapHandle 4148 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {048e1050-6ea0-40eb-9367-8c0f2010df50} 4208 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="4208.7.1392366196\1789165967" -childID 7 -isForBrowser -prefsHandle 4600 -prefMapHandle 4604 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {1142e30b-5f02-4848-a325-3e6dd980195c} 4208 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="4208.8.1255183294\1567749674" -childID 8 -isForBrowser -prefsHandle 4920 -prefMapHandle 4916 -prefsLen 25491 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {f123fcd0-8e37-45aa-911f-1fbe74c55254} 4208 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35802\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI35802\geckodriver.exe --port 56601 --websocket-port 56602
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 56602 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileVqQ279
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 56602 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileVqQ279
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="4956.0.685616321\272213058" -parentBuildID 20240416150000 -prefsHandle 1676 -prefMapHandle 1668 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {d17e43e8-eb4d-49a2-8c6b-f63a110523cf} 4956 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="4956.1.1698220594\599989641" -childID 1 -isForBrowser -prefsHandle 2684 -prefMapHandle 2708 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {55ded938-3399-49c5-a3d7-124ac0795275} 4956 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="4956.2.1526204724\661305577" -childID 2 -isForBrowser -prefsHandle 3224 -prefMapHandle 3220 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {09e39bbe-7dfe-4eda-a3c8-c2bcbcc464d4} 4956 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="4956.3.692545208\1165353982" -childID 3 -isForBrowser -prefsHandle 3808 -prefMapHandle 3812 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {0aee3e44-83ce-4521-9145-2f38e42d1c0b} 4956 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="4956.4.325012442\1262768379" -childID 4 -isForBrowser -prefsHandle 3988 -prefMapHandle 4008 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {98e46eb0-22f2-4b4c-bebb-079c05071272} 4956 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="4956.5.1946009588\452789927" -childID 5 -isForBrowser -prefsHandle 4184 -prefMapHandle 4188 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {fe843c07-6a59-490d-bb13-464e939bb60c} 4956 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="4956.6.163140885\1749548517" -childID 6 -isForBrowser -prefsHandle 4236 -prefMapHandle 4244 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {5e3ffea3-f3b7-4083-8f17-a17ab343f096} 4956 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="4956.7.688861447\1477347020" -childID 7 -isForBrowser -prefsHandle 4628 -prefMapHandle 4484 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {5f1387c0-b51b-4629-b46e-603ed4095c91} 4956 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35802\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI35802\geckodriver.exe --port 56601 --websocket-port 56602
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 56602 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileVuaAZ8
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 56602 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileVuaAZ8
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="1204.0.132329427\395663459" -parentBuildID 20240416150000 -prefsHandle 1676 -prefMapHandle 1668 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {bb41c077-74e1-48d9-b81f-8bd9fe7e620b} 1204 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="1204.1.947363628\1169209881" -childID 1 -isForBrowser -prefsHandle 2780 -prefMapHandle 2564 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1280 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {3bbcd937-1f0a-463f-8275-5574a70f645f} 1204 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="1204.2.408699651\382373571" -childID 2 -isForBrowser -prefsHandle 3164 -prefMapHandle 3160 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1280 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {c07f4d1e-0b00-427a-b266-dffacfff3ad9} 1204 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="1204.3.2053698932\10404685" -childID 3 -isForBrowser -prefsHandle 3524 -prefMapHandle 3540 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1280 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {24b9369e-47fd-4249-a3de-23a3233f451c} 1204 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="1204.4.547342231\648961161" -childID 4 -isForBrowser -prefsHandle 1524 -prefMapHandle 1520 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1280 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {7c06fe0b-d8f4-4209-aab8-aab2366d8898} 1204 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="1204.5.1446062797\1501168600" -childID 5 -isForBrowser -prefsHandle 3892 -prefMapHandle 3884 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1280 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {3fe7969b-1040-4e4f-b163-eed31ebca398} 1204 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="1204.6.1213360343\1372225234" -childID 6 -isForBrowser -prefsHandle 4276 -prefMapHandle 4272 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1280 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {651ed2cb-1a15-4555-96d8-d8226732c111} 1204 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe" -contentproc --channel="1204.7.2054878213\1596353311" -childID 7 -isForBrowser -prefsHandle 4648 -prefMapHandle 4644 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1280 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\browser" - {c1b00905-9ecc-4a0a-a5aa-20b16e613ad4} 1204 tab
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.219.191.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| MY | 61.4.102.51:9001 | tcp | |
| FR | 89.234.157.254:9001 | tcp | |
| US | 8.8.8.8:53 | 51.102.4.61.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 254.157.234.89.in-addr.arpa | udp |
| DE | 178.63.173.42:9005 | tcp | |
| CH | 85.195.244.251:28123 | tcp | |
| US | 8.8.8.8:53 | 251.244.195.85.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.173.63.178.in-addr.arpa | udp |
| GB | 51.11.168.232:443 | tcp | |
| US | 8.8.8.8:53 | udp | |
| N/A | 127.0.0.1:56704 | tcp | |
| N/A | 127.0.0.1:56706 | tcp | |
| N/A | 127.0.0.1:56601 | tcp | |
| N/A | 127.0.0.1:56601 | tcp | |
| N/A | 127.0.0.1:56800 | tcp | |
| US | 8.8.8.8:53 | 86.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 142.53.16.96.in-addr.arpa | udp |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:56810 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| US | 8.8.8.8:53 | udp | |
| GB | 51.11.168.232:443 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| GB | 51.11.168.232:443 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| US | 8.8.8.8:53 | 0.205.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.58.199.20.in-addr.arpa | udp |
| N/A | 127.0.0.1:56601 | tcp | |
| N/A | 127.0.0.1:56601 | tcp | |
| N/A | 127.0.0.1:56601 | tcp | |
| N/A | 127.0.0.1:57235 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:57243 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| US | 8.8.8.8:53 | 13.227.111.52.in-addr.arpa | udp |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| US | 8.8.8.8:53 | 79.190.18.2.in-addr.arpa | udp |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| BE | 2.17.196.137:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.196.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| BE | 2.17.196.137:443 | tcp | |
| US | 8.8.8.8:53 | udp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:56601 | tcp | |
| N/A | 127.0.0.1:56601 | tcp | |
| N/A | 127.0.0.1:56601 | tcp | |
| N/A | 127.0.0.1:57629 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:57637 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| US | 8.8.8.8:53 | 7.173.189.20.in-addr.arpa | udp |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:56601 | tcp | |
| N/A | 127.0.0.1:56601 | tcp | |
| N/A | 127.0.0.1:56601 | tcp | |
| N/A | 127.0.0.1:58029 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:58037 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:56601 | tcp | |
| N/A | 127.0.0.1:56601 | tcp | |
| N/A | 127.0.0.1:56601 | tcp | |
| N/A | 127.0.0.1:58402 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:58410 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:56601 | tcp | |
| N/A | 127.0.0.1:56601 | tcp | |
| N/A | 127.0.0.1:56601 | tcp | |
| N/A | 127.0.0.1:58690 | tcp | |
| N/A | 127.0.0.1:58698 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:56601 | tcp | |
| N/A | 127.0.0.1:56601 | tcp | |
| N/A | 127.0.0.1:56601 | tcp | |
| N/A | 127.0.0.1:59083 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:59091 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:56601 | tcp | |
| N/A | 127.0.0.1:56601 | tcp | |
| N/A | 127.0.0.1:56601 | tcp | |
| N/A | 127.0.0.1:59459 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:59467 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\_MEI35802\python38.dll
| MD5 | 26ba25d468a778d37f1a24f4514d9814 |
| SHA1 | b64fe169690557656ede3ae50d3c5a197fea6013 |
| SHA256 | 2f3e368f5bcc1dda5e951682008a509751e6395f7328fd0f02c4e1a11f67c128 |
| SHA512 | 80471bfeeab279ce4adfb9ee1962597fb8e1886b861e31bdff1e3aa0df06d93afeb3a3398e9519bab7152d4bd7d88fa9b328a2d7eb50a91eb60fead268912080 |
C:\Users\Admin\AppData\Local\Temp\_MEI35802\VCRUNTIME140.dll
| MD5 | 4a365ffdbde27954e768358f4a4ce82e |
| SHA1 | a1b31102eee1d2a4ed1290da2038b7b9f6a104a3 |
| SHA256 | 6a0850419432735a98e56857d5cfce97e9d58a947a9863ca6afadd1c7bcab27c |
| SHA512 | 54e4b6287c4d5a165509047262873085f50953af63ca0dcb7649c22aba5b439ab117a7e0d6e7f0a3e51a23e28a255ffd1ca1ddce4b2ea7f87bca1c9b0dbe2722 |
C:\Users\Admin\AppData\Local\Temp\_MEI35802\base_library.zip
| MD5 | 09f7062e078379845347034c2a63943e |
| SHA1 | 9683dd8ef7d72101674850f3db0e05c14039d5fd |
| SHA256 | 7c1c73de4909d11efb20028f4745a9c8494fb4ee8dcf2f049907115def3d2629 |
| SHA512 | a169825e9b0bb995a115134cf1f7b76a96b651acd472dc4ce8473900d8852fc93b9f87a26d2c64f7bb3dd76d5feb01eeb4af4945e0c0b95d5c9c97938fa85b34 |
C:\Users\Admin\AppData\Local\Temp\_MEI35802\libffi-7.dll
| MD5 | eef7981412be8ea459064d3090f4b3aa |
| SHA1 | c60da4830ce27afc234b3c3014c583f7f0a5a925 |
| SHA256 | f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081 |
| SHA512 | dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016 |
C:\Users\Admin\AppData\Local\Temp\_MEI35802\_ctypes.pyd
| MD5 | 291a0a9b63bae00a4222a6df71a22023 |
| SHA1 | 7a6a2aad634ec30e8edb2d2d8d0895c708d84551 |
| SHA256 | 820e840759eed12e19f3c485fd819b065b49d9dc704ae3599a63077416d63324 |
| SHA512 | d43ef6fc2595936b17b0a689a00be04968f11d7c28945af4c3a74589bd05f415bf4cb3b4e22ac496490daff533755999a69d5962ccffd12e09c16130ed57fd09 |
C:\Users\Admin\AppData\Local\Temp\_MEI35802\_bz2.pyd
| MD5 | a49c5f406456b79254eb65d015b81088 |
| SHA1 | cfc2a2a89c63df52947af3610e4d9b8999399c91 |
| SHA256 | ce4ef8ed1e72c1d3a6082d500a17a009eb6e8ed15022bf3b68a22291858feced |
| SHA512 | bbafeff8c101c7425dc9b8789117fe4c5e516d217181d3574d9d81b8fec4b0bd34f1e1fe6e406ae95584dc671f788cd7b05c8d700baf59fbf21de9c902edf7ae |
C:\Users\Admin\AppData\Local\Temp\_MEI35802\_hashlib.pyd
| MD5 | 5e5af52f42eaf007e3ac73fd2211f048 |
| SHA1 | 1a981e66ab5b03f4a74a6bac6227cd45df78010b |
| SHA256 | a30cf1a40e0b09610e34be187f1396ac5a44dcfb27bc7ff9b450d1318b694c1b |
| SHA512 | bc37625005c3dad1129b158a2f1e91628d5c973961e0efd61513bb6c7b97d77922809afca8039d08c11903734450bc098c6e7b63655ff1e9881323e5cfd739fd |
C:\Users\Admin\AppData\Local\Temp\_MEI35802\libssl-1_1.dll
| MD5 | 50bcfb04328fec1a22c31c0e39286470 |
| SHA1 | 3a1b78faf34125c7b8d684419fa715c367db3daa |
| SHA256 | fddd0da02dcd41786e9aa04ba17ba391ce39dae6b1f54cfa1e2bb55bc753fce9 |
| SHA512 | 370e6dfd318d905b79baf1808efbf6da58590f00006513bdaaed0c313f6fa6c36f634ea3b05f916cee59f4db25a23dd9e6f64caf3c04a200e78c193027f57685 |
C:\Users\Admin\AppData\Local\Temp\_MEI35802\_ssl.pyd
| MD5 | d4dfd8c2894670e9f8d6302c09997300 |
| SHA1 | c3a6cc8d8079a06a4cac8950e0baba2b43fb1f8e |
| SHA256 | 0a721fc230eca278a69a2006e13dfa00e698274281378d4df35227e1f68ea3e0 |
| SHA512 | 1422bf45d233e2e3f77dce30ba0123625f2a511f73dfdf42ee093b1755963d9abc371935111c28f0d2c02308c5e82867de2546d871c35e657da32a7182026048 |
C:\Users\Admin\AppData\Local\Temp\_MEI35802\select.pyd
| MD5 | e21cff76db11c1066fd96af86332b640 |
| SHA1 | e78ef7075c479b1d218132d89bf4bec13d54c06a |
| SHA256 | fcc2e09a2355a5546922874fb4cac92ee00a33c0ed6adbc440d128d1e9f4ec28 |
| SHA512 | e86dba2326ca5ea3f5ef3af2abd3c23d5b29b6211acc865b6be5a51d5c8850b7cda8c069e6f631ac62f2047224c4b675bbe6ac97c7ba781de5b8016ebaffd46f |
C:\Users\Admin\AppData\Local\Temp\_MEI35802\_socket.pyd
| MD5 | 4827652de133c83fa1cae839b361856c |
| SHA1 | 182f9a04bdc42766cfd5fb352f2cb22e5c26665e |
| SHA256 | 87832a3b89e2ada8f704a8f066013660d591d9ce01ce901cc57a3b973f0858ba |
| SHA512 | 8d66d68613fdba0820257550de3c39b308b1dce659dca953d10a95ff2cf89c31afe512d30ed44422b31117058dc9fa15279e5ac84694da89b47f99b0ad7e338a |
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\content-prefs.sqlite
| MD5 | 2ec530a71bdac21f299f9ddb823be222 |
| SHA1 | 5425aaf19c0832cda06be506e88f2435f432d287 |
| SHA256 | ccad2cafe84d27b3be67a87f0e32b7670e451c7ceefce6f2aa38f658976334b3 |
| SHA512 | 94eec8b0f59c68331d9187dd4dd4aa2b2c31d844e72bf707cd9e0c7c72c64982a3babcacf3d09a996422281ac5479ee304b41a577e54a74308d7a31a7d7091d4 |
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\places.sqlite
| MD5 | 2eeb46e1c58ff1cce4ac2d4d725b2cc6 |
| SHA1 | 89aa36e77e51da31fbbfd682a2acc91f6016d275 |
| SHA256 | e99e5ee165f2a0d5d39c5cc5a1d994c0534cf7caf8779f314f0e92b2d59d2b6a |
| SHA512 | 23d5e39c25375ef4a83713f44615078878253411cd6ca6c4a149de915cd491b328046ddd189a113585361faad6a47ebd6ead31f062681ab25b0f2832a988265e |
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\webappsstore.sqlite
| MD5 | 41c22c9f81a84b1b0e5ee7ec2ff7c545 |
| SHA1 | d12424cba9e4e9124bf3f15e556c562b95c9b6a3 |
| SHA256 | 4ffdc78433817da79ad2e84b26a2ffaf62d8c1baf80421751d752c3d8723328f |
| SHA512 | 8b690c55ae0b25aeede62a09dea1ef6b7daa9880ca63c6d4ce192160daded05fe0dc44b115216ce10523e2ec45991873c249f159fe8608712818f5ead327897b |
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | dff7c11471a2f55c9dcdbffacbdd24e6 |
| SHA1 | a86bf99113b0118aaeca6ff79a53d2b1a68b85a8 |
| SHA256 | 88a08a38f16810abfce451d234a6e02bf61a808bce1a897b6dbc399d0e1a90f5 |
| SHA512 | f56698f649e4b688dcc2bd4b4f573bcf5ef4a5464290f82766e5bfe35c9f85ca2d619f6800b86356c31b9d4875d8e46909a07166593da8cca5f612069d836b48 |
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\xulstore.json
| MD5 | 8d689c06cb844185099c0398a280537e |
| SHA1 | 57073c7526ec37e94bb9db44fedc6d50276f7a6b |
| SHA256 | 96729e9b38f216605ff10715f96f364be32f02e2de23ede7e74b78244605124d |
| SHA512 | 3c7df326c695143915df1068cb2c0f58e93e4881b2c4d94b33948b80e954fbd4cf944ae53b4d15002b79fcdb8e88f8e9cf4c89ca50f56b7cfd8a13ea7dd6fff8 |
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\times.json
| MD5 | 797325af481a14ae243f10d5f24b4a0d |
| SHA1 | 718b6ed3d9d839b8fe0a0e097b9ac5f5770ed5a1 |
| SHA256 | 1d70eaebce1c81e3241ae47deb92aab50f90dd8baa4c7cb5e9f7eb6b1e66abb1 |
| SHA512 | ac9aa2b028bdffe24831ba50894fb48eb70b100f6973875987e24f075a3e9196f96699667eb3a5d2e4f86041d510447c75fe6e55562813451712878a3411c3b1 |
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage.sqlite
| MD5 | 7f2754df6a4a580b15910f449892766d |
| SHA1 | 9dcaad98563ed89781f53941cbc43db5454de7f5 |
| SHA256 | d3765d63c380e5a79296d566b7869c08b1f4e079787176f29cf2ddcd76330654 |
| SHA512 | 25f0205a8c4aed02e9e1f9ecafffb36cb3bb795ef9f06cc12ede9e8b0459ae5b86573b3b4980b92073a59204eaf314cba34c03b99e90ab98f804fe378fe02839 |
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | ecb1dedf5ef99417494e424ca42eb67f |
| SHA1 | e2a293cbba50c6624e75cdaffe472967f3961023 |
| SHA256 | cccd56daa3559a54db61113fbdb5b6c96649cdd65b5cf14bd442c3f2e3b738be |
| SHA512 | 5ea0645775933d5bd2f913d58e344253a58578c920af95bd0fb81ff4f13a4998a919f0856ffdc97541abf9fc3797558b0f2467bc73214b63c7ce568ba87e550b |
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\.metadata-v2
| MD5 | 7abc816e004d9ed0f292770cfa8876cb |
| SHA1 | 4a1eeb702543f0819ef7c64b9f3bfd53be292106 |
| SHA256 | 2960d61c10694d76f29beca0eb96c06608cf4bbf479811449a39197e8580842e |
| SHA512 | 9883b894e65a426227ea9808b69e2259f206df76bd9bb9e7c0ebd7521acbdad0a92c4a531f739c93b1e53001eca8a1a42e122baa1e1885b11d4ba34aae24961a |
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\ls-archive.sqlite
| MD5 | d277f533f1d77e26d09bb66764bbeea6 |
| SHA1 | 082920ebe7dfb870cf94a99fc601fd5ae8b456ee |
| SHA256 | 3c957f8d69ccfe73b66c28d378bf301bb1bcb0ceb5c59ac0dafeb5787b24f3c3 |
| SHA512 | 510c78685b20a68160d9041d5a55a022a281fc0fd5777f978dc422d132961bf52ac23a0a95ca47b15715641ecb7a39b359da8d00d305c8543d553c00db54747d |
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | cbb1daad9fc48ab13e35fcd3621a5999 |
| SHA1 | 0eec8ece735465aea259f8223762f93fb13a97a0 |
| SHA256 | 8a03ae38ee38cf04dd9a5e2c5563bfd930886cae2170ed4200829288e5c155da |
| SHA512 | 818629d68123ae629bd5a1c7e768ed79707360457be1b7c50f7c59447bf9ee398fe78c925f037649d6b1ca529a9cf3bf8077b6f525f3e88142c56bc7e5451e8b |
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\.metadata-v2
| MD5 | 2c740091198dcf20b9c600791e2bcc3c |
| SHA1 | dd6f376ba9139ddec20ece64da0760054133db96 |
| SHA256 | e39504c71ba91c438c682a8c83c7ecfc5410b853d7788a4c561a8c6e90bdbe59 |
| SHA512 | a677a432a4af6b5ad0131d224d2e4c999c2340a54ba770f9f39429fd28ad05a921fcf65a1b714af5deae2419abcf8ab38472e15f0f8758ccf7b7769a40bafffc |
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\sessionCheckpoints.json
| MD5 | 48fcad918c62db97e9af1dba1d131473 |
| SHA1 | d89381594d3241b0e645033f67572a5d8c166764 |
| SHA256 | dd8349e2789db1125b477971c5d445b6afb2f6ea3b57de65080631040900fe8c |
| SHA512 | 2278d074aab519859188b047c77fe7b4db718e0af237b63e06a1b095d7a1eb4e07d6ea59cab5d7b1325aae0047fadea36eae12a80bfefe112aab85fc18aa1ca3 |
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\search.json.mozlz4
| MD5 | b6d7fc9b6ebc5f46500acc52bf6c9808 |
| SHA1 | 4fd8111c436d89b83890e98b4cb7d0343e568340 |
| SHA256 | 2bd35c40d02dfca6c685a001287d89c1ec743b8d4d87a0a568c1cbd0b5ba4974 |
| SHA512 | 7e7111112af9448be4da527ae1d76ed93ec1e236dd00db63ff30d93d1f29cd699193e1e2635b110dda3ec36502c25065ef7d1613537451916ea301eb0f3e084b |
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs.js
| MD5 | 8565a303ddc83b03f8662b034597de18 |
| SHA1 | ce6453779eb52055599ddba097a95ab82512ae5b |
| SHA256 | b6ffe8a2973d7050fd5ffcf7ee1c995eef8d8dc5d58cb0a05a6ca0953bd4c6bd |
| SHA512 | 2b667252645b7f1202582beb353fbb2320f81b1f2e42a8327792309709434092a953727b222a5d81bac1482a547a498ca5c9d3d2c772858746cf29d18c684566 |
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\handlers.json
| MD5 | e7a65c5ead519a7b802f991353c26d3d |
| SHA1 | 34cc3c1cf9bd4912dba5fa422010934e46419fa3 |
| SHA256 | 0e5ce92485da953757f615bad034a43032b220da18f8165dd85347851b56b2d2 |
| SHA512 | 2a6034449ba6f5da8a77870ae665064047cea2460aeb4c8c0b62b308a403fdd30648150209aecc31ab1e50b6d9d94a1f51d3d7d50bbf35ec1b742bff2dbe788d |
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\favicons.sqlite
| MD5 | 0351b833a5c095852e821535974441c8 |
| SHA1 | bcbf5c294852c2d80af7862d19791b994aea7706 |
| SHA256 | dd13400afe7ebe5d0be37c951ff961be293b63588cc3635a62fa5f071ab69eef |
| SHA512 | 3eaefe9e400fadf0b947036e15b4dc5c7b42fbbcb716426ba478073eff1e7d7bddf3f72c44dfb5fafe6712d7ea9f2c52c172607d719f238a22e432afdb618b97 |
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions.json
| MD5 | e2e8f9cf938f81b1185086b12c5c9d90 |
| SHA1 | b67c857a7002b3262f09ffc9fa8524c58a01e5b9 |
| SHA256 | a053bba02f38179197090a9a9849aab872af5b09dc61b2f69efb0d8ea2d0f5e2 |
| SHA512 | 3bab571f5c43ff72ce1dd654b584d053cba937a3d3cc4d07cbf57ac7acc821b199b90fab66abc62dbe32e75297143c810c995d87df076e75a583e321d081d87f |
C:\Users\Admin\AppData\Local\Temp\tmp10q62k_1\webdriver-py-profilecopy\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
| MD5 | a3fb2788945937b22e92eeeb30fb4f15 |
| SHA1 | 8cade36d4d5067cd9a094ab2e4b3c786e3c160aa |
| SHA256 | 05b98840b05ef2acbac333543e4b7c3d40fee2ce5fb4e29260b05e2ff6fe24cd |
| SHA512 | 4897aefe3a0efffaa3d92842b42fe223f0b9882031a65bea683f4554d1fec92b8a66ea15c67e9b95c7fc12991cde3245010ccfb91768ba233711ced3412c13bc |
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extension-preferences.json
| MD5 | d2e8aceaa00ad916618bea2eee81aedf |
| SHA1 | 28b26f0db0b4b2504a418983089795761c56e4a1 |
| SHA256 | fc52b830f384921b69b457fed04dfb4239fb08e9fe7d8ac07c4c269bd9f6f622 |
| SHA512 | b6cb1f872dfc024d28524976aca3ad8840943ca0fc212326e8b6ee6fe0a57d5120a6c1da824ab70d7f9ee8dd674bdd32ace038db4d893b893830bf3267c6e59d |
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\datareporting\glean\db\data.safe.bin
| MD5 | b1c8aa9861b461806c9e738511edd6ae |
| SHA1 | fe13c1bbc7e323845cbe6a1bb89259cbd05595f8 |
| SHA256 | 7cea48e7add3340b36f47ba4ea2ded8d6cb0423ffc2a64b44d7e86e0507d6b70 |
| SHA512 | 841a0f8c98dd04dc9a4be2f05c34ecd511388c76d08ca0f415bfb6056166d9a521b8bc2c46b74697f3ecdac5141d1fe6af76dd0689350caca14e9f849ee75a8b |
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\cookies.sqlite
| MD5 | 5caa766855d5613a999f71b7812d6451 |
| SHA1 | ad0d9a52a0d5cc7f11858301dbe47377ed99ee37 |
| SHA256 | 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27 |
| SHA512 | 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba |
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\containers.json
| MD5 | 26dd091069531a62061de8ca1c56d46b |
| SHA1 | 6c9daa73f096174f28f86c9bb245cb8a540f5c2d |
| SHA256 | 2cde4e7f9f1c6ab6fcf729370237845c72314a6c6d942fab1989f37e6c610a9a |
| SHA512 | 180d42c642f5d1126efbf89af33f1b4d1aa936aa530834b508eabcf3ec845aad91daa871ee6517e1181910f5720edbc3788d6a4b2455f1255d7b52b95de2d66d |
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\compatibility.ini
| MD5 | e50a617598b0f635e6f9ae4a9d445b78 |
| SHA1 | a372ec393dd6271bd00cf02f894152887765da8b |
| SHA256 | c9053fe76caf2607aa3043fa8b60070956198590dd8aab868145e0644cee30f5 |
| SHA512 | e851c226c38d4a6dfe43074d455fd75483d6c9b4d9521280a64f5b1913a055084d7764f13a8d0a12142a716a4031cc2ca4916c131d41c18a4d7a95128cb03bc0 |
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\addonStartup.json.lz4
| MD5 | 85de06e3d4c6f39404776f3c7162c59b |
| SHA1 | 3e4b8ecebaa9c903d220ee23d367be8e8ba27619 |
| SHA256 | 33d83687f45f4dbe12db0a0ce697cbce2c228d71ed474ad10a839ff7ce95012a |
| SHA512 | 6cd4cac7bd74ac01de30d242b2bc75e7dc2e23c0871250ae8176cc947553dbfc702a2392380acdad6bec355aea6dfa95708af54c560330c36c05bb0f34169963 |
C:\Users\Admin\AppData\Local\Temp\_MEI35802\_queue.pyd
| MD5 | dd146e2fa08302496b15118bf47703cf |
| SHA1 | d06813e2fcb30cbb00bb3893f30c2661686cf4b7 |
| SHA256 | 67e4e888559ea2c62ff267b58d7a7e95c2ec361703b5aa232aa8b2a1f96a2051 |
| SHA512 | 5b93a782c9562370fc5b3f289ca422b4d1a1c532e81bd6c95a0063f2e3889ecf828003e42b674439fc7cd0fa72f64ad607bab6910abe9d959a4fb9fb08df263c |
C:\Users\Admin\AppData\Local\Temp\_MEI35802\libcrypto-1_1.dll
| MD5 | 22f805d81bb63c361749aa058a2c2f3c |
| SHA1 | 721c3f519b4c8235d13805cf78433955b5762a94 |
| SHA256 | 43740842e5fb5053106300fd1abc1eec7f8dc967331169ca7f866ebfda0f7cb3 |
| SHA512 | 731727624516f2cd9d61ed7df0af1cd99b93a5047ad83e39a8aee7e9804f88482f1d486d0adb5b75c2cf05612dd566ddb7b8a4a4b49bd395cb298c7ed17de61e |
C:\Users\Admin\AppData\Local\Temp\_MEI35802\unicodedata.pyd
| MD5 | 601aee84e12b87ca66826dfc7ca57231 |
| SHA1 | 3a7812433ca7d443d4494446a9ced24b6774ceca |
| SHA256 | d8091e62c74e1b2b648086f778c3c41ce01f09661a75ea207d3fea2cf26a8762 |
| SHA512 | 7c2d64623c6cfd66d6729f59909c90aa944e810ff6514c58b2b3142ee90e8660b7ddf7fa187389dd333e47efe8b19e935dd4e9119c15375b69b4880d043877d7 |
C:\Users\Admin\AppData\Local\Temp\_MEI35802\top-1m.csv
| MD5 | 11136fa0eb32dbafb2979b5c07816a51 |
| SHA1 | 783b6bba1043b11a3850ba5c922e39bb1409d094 |
| SHA256 | 98c29fb0f6ecdff973c17b62389b8892a69bda49e2dd0c0ca888ebf4ae1f322f |
| SHA512 | 3f20d5d0f977dc1661bdf98394674ac5c3b1d85873d6ddc1c2a430ae2d0d46d517473c9884e60474093dcac5436d8aab64d98c0e56532edc49b449822aecec49 |
C:\Users\Admin\AppData\Local\Temp\_MEI35802\pyexpat.pyd
| MD5 | 2ae23047648257afa90d0ca96811979f |
| SHA1 | 0833cf7ccae477faa4656c74d593d0f59844cadd |
| SHA256 | 5caf51f12406bdb980db1361fab79c51be8cac0a2a0071a083adf4d84f423e95 |
| SHA512 | 13052eb183bb7eb8bb2740ff39f63805b69e920f2e21b482657a9995aa002579a88296b81ec415942511d2ed146689d1868b446f7e698e72da22f5c182706030 |
C:\Users\Admin\AppData\Local\Temp\_MEI35802\nss3.dll
| MD5 | 71747091d34cc634b9ad3c360b45b0a9 |
| SHA1 | 111cf483836f6a392f64bc9398a327be1c43dfc8 |
| SHA256 | 6e69c7c93a9d06c34c5f5429813d3763fe7ae4fb09c1dc5b0f0290b2dd8befcf |
| SHA512 | b911fd3b201a84c7663135c2dbf72e2368d68557181f5e1a32be271b0e73181f34990575fba44002fc92bae7d90caf530b7ec9212d3d022b4526906f0c2eb35a |
C:\Users\Admin\AppData\Local\Temp\_MEI35802\mozglue.dll
| MD5 | 3e4d1ec1d2a6e85593459601b5a0a828 |
| SHA1 | 92ee422285282dcb170cbc7808299d14d8d27963 |
| SHA256 | eefcf97ee8a298c85c9d4d44bb8747c0cca1ef5922e25000814148fd0fbfb2f5 |
| SHA512 | 4fe70fdbf8c902497537fbcda6e96373c636521aba2db52e3047abad37a9b857ab1668f203bcdf2815bbe0c485ec751dd6031043f459fd4af968c5d495e44ba4 |
C:\Users\Admin\AppData\Local\Temp\_MEI35802\geckodriver.exe
| MD5 | 644e41a4c9066b625e72a8db737de2a7 |
| SHA1 | 197fde91c657018f144e448c4d8b15560a16cd8e |
| SHA256 | 1553d817bf4961cefce8d9ff21c78a84e7c058e398f1dc5eb79ba107cbe7b63e |
| SHA512 | ccc5acc068352adf39abfaa8e5eee140bd5fa54d75d9109d5e8962ed2771adfef6887cf7ea267ed58dbc4be0d0c661af7f6515c92dd1bd1813a3c2409e2946a1 |
C:\Users\Admin\AppData\Local\Temp\_MEI35802\mozavutil.dll
| MD5 | 4ecbb73d44518fc2b601a1ac9a38dcad |
| SHA1 | f7c96e85d5b32af8efb784e75164ec4f0c6f4f10 |
| SHA256 | 7f629ecfd36353139e9b067dc5ba84b411ed74132aef01b4430ccb016af46a52 |
| SHA512 | 12946996b2bdd87dd08cf046b37ff21dc23ab336c92d2b42cfa2000743c79524205004623b67505294080f60f9b5433005457f8a385e0461cef2cded6aa3d610 |
C:\Users\Admin\AppData\Local\Temp\_MEI35802\libcrypto-1_1.dll
| MD5 | 0cc0b6733ecdc66c8e91671fcf7611b0 |
| SHA1 | 3389ed728579c290be22c2b1f0e622fc00534726 |
| SHA256 | 4c2c0b4a920aa353b43c5bf065720e9da8a1e1d2a3f2da91072bdeb43df0b3c3 |
| SHA512 | 6d0b83b9607ec09a5dbd7bf783fc696454d98197baaa417c1435aaa9aeed996903a57076e7451d89b9909924639e0a1725a9354299999eaa8bca26171b17d795 |
C:\Users\Admin\AppData\Local\Temp\_MEI35802\lgpllibs.dll
| MD5 | 726abf1280adf3129481b94b2bc644c4 |
| SHA1 | 404f69e71296f2d199535e8a6d9fb56707fcbc5f |
| SHA256 | 8969747ecb7dfd4a6dcb9150017e14ebbf90ce558f6fb469f6b558d039e9259a |
| SHA512 | 160b57aa1a28ff35210cf958fd7821aa2cc1cf6fca1ea38d768fa90111826b096518363b00b6818d21743aefd6bbbfa358fbe2fe3afa95edacb330a747c6e5f3 |
C:\Users\Admin\AppData\Local\Temp\_MEI35802\_lzma.pyd
| MD5 | cf9fd17b1706f3044a8f74f6d398d5f1 |
| SHA1 | c5cd0debbde042445b9722a676ff36a0ac3959ad |
| SHA256 | 9209ccc60115727b192bf7771551040ca6fdd50f9bf8c3d2eacbfd424e8245e4 |
| SHA512 | 5fe922c00c6f7fd3cd9bc56fc51de1f44adffbdb0afc0583f1bb08008be628b9ac16f8560b0c3ba16138e1cdcaf1c525ef24241bed804804cdeb5961aed6385a |
C:\Users\Admin\AppData\Local\Temp\tmp10q62k_1\webdriver-py-profilecopy\places.sqlite
| MD5 | b5c12d055da1a860c64e12fa500bf3df |
| SHA1 | a609d35d60c8fb3b95e1c6d8d632ab4abcb56577 |
| SHA256 | 0d2bcf89b48e95fe3b4a9b58e6cd24c1731559bd15f43cb3adb7421f67f00ee6 |
| SHA512 | 0c0c75e4048c51af99ca26f7eae072ca4d432b09802cab168c467ce1801603594046e1a873502546d76e7b573a182b47a145ef885a3b12c86cebce751a84a303 |
C:\Users\Admin\AppData\Local\Temp\_MEI35802\Tor Browser\Browser\firefox.exe
| MD5 | 65aa9b0f57d72e4d70e9226322221adc |
| SHA1 | 85fec174d0977afd8c0100c9d9b53c958e1949bf |
| SHA256 | 51b63860fd996d6d5b1753ba6bb7f3a4303f13187fbfecc96ba2b6bae52a7410 |
| SHA512 | f84416a5e9293b8b82993e9424b13d5bb8542d1a379d04f498b60f0b5805626b7c97bcc6f86f6cfd33031b0d65d0ad23ce6d836995b5a481ed29f62ef89b2c85 |
memory/1428-488-0x00007FFAF8220000-0x00007FFAF8221000-memory.dmp
C:\Users\Admin\AppData\Roaming\tor\cached-microdesc-consensus.tmp
| MD5 | 80e882ce8268212cf4db9fbe44f95336 |
| SHA1 | 85abc152168a20d8db2c6501aa43a97ea72efc8c |
| SHA256 | 32c7fa19bdf922f35368bbda1fd91b30fae89f7e8615c8224901e4e3454ee937 |
| SHA512 | eb6fc2086c0c5b1e2207c675e49713961246559ade42f65f5e1d51e6139e503eacceaa57542664f7161dc320df0403d90bc85e499aa2d0f09c4a3d4236920cd5 |
memory/1428-487-0x00007FFAF8CC0000-0x00007FFAF8CC1000-memory.dmp
memory/960-518-0x000001DEA4C00000-0x000001DEA4CCD000-memory.dmp
memory/2204-540-0x0000025EA7CF0000-0x0000025EA7D00000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile4ryQnn\extensions.json
| MD5 | f8b3bae603fc7fd80413b497f9ae70e9 |
| SHA1 | 769405118c7f42b9a7acd8a192ef6a9a9db49ab0 |
| SHA256 | 86896a41896a63811fc72dafd9e945d3d5e90a54b832e9b7646e7163a29ca6f9 |
| SHA512 | 2d0d05333f48cc4ccbbb77e7e4ce76a4277a5c337ed31bc37086577d9e801e1ea0f07d55bd8f88197b9c347f3d62bb96b6e1e0e0a1d33add1056ab824e470a58 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile4ryQnn\prefs.js
| MD5 | 1070397609dec2e59200083af7e774be |
| SHA1 | 4e7e79d9783a8c461dc9305501f604fed3305687 |
| SHA256 | b007a851021bec7c366f1d33643438449d7d7a124a27193b2afdca1fa3f21bdf |
| SHA512 | 6972e72244820db8c7a4169c1986484f9d05b1830c7901aef66cb13b502654a6025c119a68b6a8b1ee3e5dab5ba49b87ef146256a21d6e087c3e505a77751cd7 |
C:\Users\Admin\AppData\Roaming\tor\cached-microdescs.new
| MD5 | dbc51c3a21e071186db7e983d3aec951 |
| SHA1 | c75796faa663a3e94b877c4333bd7bb4a25b1dff |
| SHA256 | 4f9612134eb2d2a19c08d0b5d25f5907c77d29d9759cb30e09294ae84b6ffb50 |
| SHA512 | 808a9f920d4d4157922e7524974a5291105ecd566d9fc4a64d44b5ef9b774a6c61ce146a14a402ac37574f46421103e4595f20d293beeea52de5f127c294ac7b |
memory/4920-613-0x0000019198370000-0x000001919843D000-memory.dmp
memory/1428-612-0x00000204A83A0000-0x00000204A846D000-memory.dmp
memory/2204-611-0x0000025E9D5E0000-0x0000025E9D750000-memory.dmp
memory/3376-619-0x0000016ACAE10000-0x0000016ACAEDD000-memory.dmp
memory/4996-618-0x00000254F6040000-0x00000254F610D000-memory.dmp
memory/4956-617-0x0000020329180000-0x000002032924D000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile4ryQnn\prefs.js
| MD5 | dd4814b166b167f6ff57150700afcff5 |
| SHA1 | bb212a3f6f57511a1c0eb14fa7a43cc7e54f9241 |
| SHA256 | aa58097398b7096f27a9b2f0b169c95d5fa59713251ece2a3180339ce0ae1106 |
| SHA512 | 47d57b033295be761f596c12d049e3cddad93ed49bddc6ea2e65e609ace3a77923e46b4d0ce78af7e13c79f910f6354e0430451b019a423783712d051e9a8d1f |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile4ryQnn\prefs-1.js
| MD5 | ed691cf8cd90114ccf68a9dac03d1971 |
| SHA1 | 46a0ceecebf5d68c7ba7dc65f676998744ee2b0d |
| SHA256 | 253f3b5b43515a75931627bc147a1e33c6f3be7f810d356a470fcdb495530bdb |
| SHA512 | 84bafe6369607c5d6ec81ee1fd5a217a71c2d4e66fa3ff837594a893b394f98dd51f09684b4cce75516f2a2c1ff6c2004a46eb18787695b19bb7c999824a9550 |
memory/1152-683-0x000001D0C4340000-0x000001D0C440D000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileaTvmec\sessionCheckpoints.json
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileaTvmec\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileaTvmec\extension-preferences.json
| MD5 | b4298c9a240d6b7b63346daf94013802 |
| SHA1 | 9ce98168437854b51b198c16186c05129f0c273b |
| SHA256 | e120cdbe8994b9c61e74492f0fad161abb5b4e18f64d4b786a8c245ae5a384d5 |
| SHA512 | 545becc42b35be10b4c24fdc38ef6b664d167e4288111f31478f476c2c06794efb802ac0fa2b782cddea1283d295a56053e96520b033258bd596ff6fbb4f1b4c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileaTvmec\startupCache\webext.sc.lz4
| MD5 | 9eb7f5dd8f38fc6f58ae4a77ecc6cd16 |
| SHA1 | eaa97ac2845c995bb023446f2f8dc80e5385c742 |
| SHA256 | d07eb07f3aed6fdf9cd5c2266364a29bb47f3fea67dcbbe2df847b4c28fcac05 |
| SHA512 | 7fd3949600cb92f92a3bcc8cb43f67c09f7bd97698195c71516fe9a15df18d1f49dee4ab35dfd9633be6555b32b314d1c70c89c620c1bbcabea39e5152c9f178 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileaTvmec\prefs.js
| MD5 | 6d0280cfc26782f86bd1e2e279161078 |
| SHA1 | 82c15ea5098003522c05e91dd034f3276fe018cb |
| SHA256 | f4a5d32b6e8b227a141e8637bc7ae09152b2a302575ff5eeca863ed710afadcb |
| SHA512 | 076fd2dd15e3701dc217879970c65eab07bf71cdba3f6f1c5c7e2f83cd309eef77fb1ca0a81ac44b65b3f11298ff1781bd310b320d8ac1106321f2645cea2bcc |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileaTvmec\broadcast-listeners.json
| MD5 | 97c3738563a9448365a735f5f29ed3d5 |
| SHA1 | 15a81433236ca6e6ecc4e1c8d0fdb8523b265c57 |
| SHA256 | 63221253f5c30efa214c2cd2adcf51a9c9f9a2c05f119b00a51c9579825c2c24 |
| SHA512 | ed98f42d5d02ab53a9e50f80b312bed4b5d05d053bec582cf9d619ef91251e86cf4f4d1123c645500fc1dc4673b49a8b7badd3f3a39f565ac643ca4fd0157ae6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileaTvmec\sessionCheckpoints.json
| MD5 | 99601438ae1349b653fcd00278943f90 |
| SHA1 | 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9 |
| SHA256 | 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a |
| SHA512 | ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileaTvmec\prefs-1.js
| MD5 | abe50a907489345395954d340fe2e0e2 |
| SHA1 | e643598bd8a761582ad202b6406e79712f98f588 |
| SHA256 | c89f5c0095d5f830f5281b1f42ea2bc265db5c3e9f050f07b07814fd180c840b |
| SHA512 | b4dc4e333a3998d70b7437c17c59dc001277a18a847c6ce9f93281c90fb8dd381ae34bfda87482d522ce09827aa09c24012af9cc284982b96d4a061d7c8d4af3 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileaTvmec\xulstore.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileaTvmec\sessionCheckpoints.json
| MD5 | 2d87ba02e79c11351c1d478b06ca9b29 |
| SHA1 | 4b0fb1927ca869256e9e2e2d480c3feb8e67e6f1 |
| SHA256 | 16b7be97c92e0b75b9f8a3c22e90177941c7e6e3fbb97c8d46432554429f3524 |
| SHA512 | be7e128c140a88348c3676afc49a143227c013056007406c66a3cae16aae170543ca8a0749136702411f502f2c933891d7dcdde0db81c5733415c818f1668185 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileaTvmec\sessionCheckpoints.json
| MD5 | 65690c43c42921410ec8043e34f09079 |
| SHA1 | 362add4dbd0c978ae222a354a4e8d35563da14b4 |
| SHA256 | 7343d5a46e2fca762305a4f85c45484a49c1607ede8e8c4bd12bedd2327edb8d |
| SHA512 | c0208d51cf1586e75f22764b82c48ecbb42c1ff54aa412a85af13d686e0119b4e49e98450d25c70e3792d3b9c2cda0c5ab0c6931ebaf548693bb970a35ae62b9 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileBJysOu\user.js
| MD5 | 736db8c9b955f72129a6644a9c797093 |
| SHA1 | 59f1c80c407e27ffe85407a82f7b7250c5ee3753 |
| SHA256 | 668694ca0485bfb77e7049bad327ba3f83534f31c1d50744f227c996eab4097f |
| SHA512 | 9916d339304272357ff56976bfcb9fd2d607ccbaa33dc40b88618c9ae31833923d3f2e8288cfc1f0090da90803b5e07404c41182155db2d2345df6f63020f217 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileBJysOu\datareporting\glean\db\data.safe.tmp
| MD5 | 7d3d11283370585b060d50a12715851a |
| SHA1 | 3a05d9b7daa2d377d95e7a5f3e8e7a8f705938e3 |
| SHA256 | 86bff840e1bec67b7c91f97f4d37e3a638c5fdc7b56aae210b01745f292347b9 |
| SHA512 | a185a956e7105ad5a903d5d0e780df9421cf7b84ef1f83f7e9f3ab81bf683b440f23e55df4bbd52d60e89af467b5fc949bf1faa7810c523b98c7c2361fde010e |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileBJysOu\startupCache\scriptCache-child-new.bin
| MD5 | 2724d7dd31542eea53805994d9290cd8 |
| SHA1 | 7b5d8536b060269d79848eaa6e2362333bc0f8ec |
| SHA256 | 72f0d983fa1c2017f7402b19caf50305d7bd8001ed4e7797bc3dc0528f3081a1 |
| SHA512 | 6ea98f95ca46f2b83081b546bf6238de11a829853105233bb29cf9ceeb69ace8c69ae90e94c9b5143f91f05713cfbf82f63265733f6233ecf5acb867758c1ee0 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileBJysOu\prefs-1.js
| MD5 | 1594324f5b25fed3c4d0f03284ea66ef |
| SHA1 | 536fa69bda3e1cf3426feb0db4a5bd314900e2a4 |
| SHA256 | 34d1a9abcaf4fc6c5a5e0b210d39983d625205ca83f32979441548255eeb9e0b |
| SHA512 | 16700407c0adc1a689a1d90197acadce6802d517c6614e07e743774d5cef3cce8cf5aff1e07253ca008624de918e1626fb2cba3ecaa48dfaed2a8cd819a7c43a |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileBJysOu\sessionCheckpoints.json.tmp
| MD5 | 29ce37dc02c78bbe2e5284d350fae004 |
| SHA1 | bab97d5908ea6592aef6b46cee1ded6f34693fa2 |
| SHA256 | 1bfee61e2f346959c53aa41add4b02d2b05c86c9f19ffefe1018f4a964bf4693 |
| SHA512 | 53a9eb746e193c088210d8eaa6218d988f3a67ee4cb21844d682ff0178db040932404f5ce2f3cf8b4576313ba0ec33c04ca288c3412bfa5df7dd8230cc2068bb |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileBJysOu\prefs-1.js
| MD5 | 85c34388ab646560f26abd17852a45d9 |
| SHA1 | 4b682166b83835175ea0caa90def7bc07bf8f973 |
| SHA256 | 6da38b21377c2e824814387049c97cbb73b6a75edf8d3be8c49e2c80007d0071 |
| SHA512 | ce3b2c6ed14c674d087a932878905ab2e731a17629140e28e51a384ea6bae16232de0c5d803b52dc4659fd38d9cb72c75ff3201e5baf0e53d237db94fa812408 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileou2kfU\prefs-1.js
| MD5 | f9ae72231641e1d642257d6ab235b334 |
| SHA1 | 7372aefbb5c681a23e42208e99c6b73eb25203bb |
| SHA256 | 41be7baabe4a4c2baf9635a91f7a12e0f79ce4186b3a2eb07c6e11cd97bbebb1 |
| SHA512 | 25dd7d3a04f550e123362fcff26546d469317e86f01d95a1b3ef2915b45600086a615a8942a4a1a39a3cf8d5e51c1af5cb2e123d739d78c1908563f313f4f589 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile6Pmsjc\compatibility.ini
| MD5 | 656d6466eec49a2d04ccd5448c816e80 |
| SHA1 | 5f282bc4e684c45be92747bb62f4477122d5255f |
| SHA256 | c0f58db3ecad5822c0b3e8d98a0f8d24f21944511f6aa6c398035a04d7291f26 |
| SHA512 | 3bbe530b6299516e7dec4f2c5d6efb5729c9d32d15e08f14cd9a8c6e7c5bbff7d1a4c85afb5f36db18c9da8bfd2ea1cb88c3c11dd9aadcdf331d35e92b28e93a |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile6Pmsjc\WebDriverBiDiServer.json
| MD5 | 175c01ed65cf60fac83080652f3e5600 |
| SHA1 | bc2f4647a3a0a7dc20c37767c1fc7555b1baad42 |
| SHA256 | 2d58c711741c3568563da19b4cb459786f1f161d33bd4bf1b6ad5a05f87026f9 |
| SHA512 | 3a5531484bb64f43cf75e76a870791918c270366342e1ba022f9f360d776078dcbf99deea3ca8eba8f424bb94205cf98c17540e0619b1797af7099125de1efab |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile6Pmsjc\prefs-1.js
| MD5 | 8fbc1e08273a85851ac75ecbfa275244 |
| SHA1 | 95f66978488f72f5038f0302c8dd2a49d1a8b108 |
| SHA256 | e5a0026075c9e75914e17edcb662ca1c47a43ef80df37dad741312592a45040e |
| SHA512 | f7ce532440a5ac870ab9bce8459375ee5b2d84f662b954a358018b7d49bdaeda2f44354cec84a3942bad87e2f550e9bd94b5ece121ec4d139c78001a525d43fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile6Pmsjc\content-prefs.sqlite
| MD5 | b15425d1f21f5708184e35493e63c8a1 |
| SHA1 | e944c1fdf56a3f6a5150b77980e89d48c7b57be2 |
| SHA256 | 7a9012d1846763fe9dcb059035972a023ec29f2b9c03f865f0a6f6df6ef2a6c0 |
| SHA512 | 6b54e30e0a060261bdac98ef818d1053fbabf0d6b8a17efc729942729ed6e6dddb29063b079ddb1dcd1b4edfc85a0311cf821b4b3291372c834a00733456423f |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile6Pmsjc\storage-sync-v2.sqlite
| MD5 | bff4d6361e4126d963ab7dffdc7550ce |
| SHA1 | e2660c2f00b0aef4a81972c6a6093935d5aa40d5 |
| SHA256 | ad0828e5ff9d4188151772cd9af85827a431d122901486590c5734b62b4af2d2 |
| SHA512 | 8d967c085d343d50a76cf14e88ed2fb742a7195034ddbaacd57d2c47abf0218a5f6878528a8f37c8f3b61496f61b5e254d205003af87a3cf156ba12ea59f65bc |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile6Pmsjc\prefs-1.js
| MD5 | 4b2eb7d80402b8790308cdc366256fc0 |
| SHA1 | 11839f153e8bae4832f4ff397fbae864f9ded1ce |
| SHA256 | 6544888be9f527cdbbee9a460f4c0388eefd6ed1bb5259f480ac8ef5f01c193c |
| SHA512 | d04239ebb156a226ab2f4c8c455531d343c9f347fd9cd9ed10ef789bbf3839d47e6a8ac4bf05b933792e27c06a9623907a9fbb7ffce4d8ed0c167b15cca5fa0e |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileINQjiN\datareporting\glean\db\data.safe.tmp
| MD5 | 1c3c58f7838dde7f753614d170f110fc |
| SHA1 | c17e5a486cecaddd6ced7217d298306850a87f48 |
| SHA256 | 81c14432135b2a50dc505904e87781864ca561efef9e94baeca3704d04e6db3d |
| SHA512 | 9f6e9bcb0bba9e2ce3d7dabe03b061e3fda3f6d7b0249ecf4dbc145dc78844386d047ee2ac95656a025ef808cd0fc451204dc98a1981cf2729091761661a3b49 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileINQjiN\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | 19ba5d0677f959887bab54d04c32c530 |
| SHA1 | f9b946cf6e309100fb3302b3099e82dbd11c2198 |
| SHA256 | 494fd56f3d8c4c92b9b9603f9d5cbbce3ffe8ed2bf52f42008e0f612c68f0f97 |
| SHA512 | 10dd763e27cc9a096932be4593e3d3cfed0e9ed27ab5f41f74276145540d45cbe9043700774a6e4da639c1cc14264fb2b264dba94acefbc976a702d097b0fb64 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileINQjiN\prefs-1.js
| MD5 | d4a25ef8ff6d112e2b9e421bc8f7be88 |
| SHA1 | 9119255ef5b66d5a5bdfe0cc3123086ac83b0037 |
| SHA256 | 2ca6593575950902a54fb8557a501ece9b76ef1013e298dc0e2ea837f64eb9c7 |
| SHA512 | b9dccd3b2570db596d155bb5488f20c6ca1757aa52868cfe23e3fb763d2678be3c987a2cab3a4a16493b3a7fdd68d1b7e48e3d28215a6789f105ccf4926174a3 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileINQjiN\prefs-1.js
| MD5 | d64ead4abcb773c1b373f4078e04074c |
| SHA1 | becbf561cead376f7bd5f7d071e47cf39844656d |
| SHA256 | 28043f002667b9d820761b015e75866fde1424ac45c0c91da6e47dc71257e5c7 |
| SHA512 | 8c92c326f5b879e2a7c53230ee1dd2431cc60f020f0ae3061bcb881bd829e142aa8212875a83e6f271cae5972dc7b76f17b87a92692023009a0a24d4a878b005 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileVqQ279\datareporting\glean\db\data.safe.tmp
| MD5 | c58234a092f9d899f0a623e28a4ab9db |
| SHA1 | 7398261b70453661c8b84df12e2bde7cbc07474b |
| SHA256 | eaec709a98b57cd9c054a205f9bfa76c7424db2845c077822804f31e16ac134c |
| SHA512 | ae2724fc45a8d9d26e43d86bcc7e20f398d8ab4e251e89550087ace1311c4d2571392f2f0bed78da211fcb28766779c1853b80742faa69f722b2c44c283569fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileVqQ279\prefs.js
| MD5 | 61fa4ad9df447a3584627d65c225fac7 |
| SHA1 | 7e6aef26bcca34af01fd213fc5304389a242796e |
| SHA256 | 6ec704c8be580783fff96bd3f9c578f532d26e6c2a9ea8a218a99958d0738ee7 |
| SHA512 | 685540fb751903993dcdcf1f474d77a398a112432395b30cbdf3affb1926d6626ca99fb579eb83a8fb3939eeef73a8931a88913da1d57a5d98c5c84bff598bf6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileVqQ279\prefs-1.js
| MD5 | fa0060d3072a19d401ee84fa5fc9b0d0 |
| SHA1 | 7af7b7f488dee48fe5b33f733b7db28a3ad6d037 |
| SHA256 | f3b09af1b397a1a4e37c4d9d6b767342afe5c7850c7f1871b20dce639b424ad8 |
| SHA512 | 99a6c295df978d0640d3d881cb330e062818499d8e1e93624bdf2f895c3ca718b44f6dbe1b3bfc5e2a57e377c2d9a914590b315db5689cc38ec62303a168f351 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-05-09 01:55
Reported
2024-05-09 02:09
Platform
win7-20240221-en
Max time kernel
300s
Max time network
324s
Command Line
Signatures
Executes dropped EXE
Loads dropped DLL
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "ver"
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\TorBrowser\Tor\tor.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Users\Admin\AppData\Local\Temp\_MEI13082\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI13082\geckodriver.exe --port 49479 --websocket-port 49480
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 49480 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilecirJlj
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 49480 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilecirJlj
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe" -contentproc --channel="1280.0.896686321\676959727" -parentBuildID 20240416150000 -prefsHandle 1212 -prefMapHandle 1204 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\browser" - {d4919233-3e34-4dd3-8abe-5cbda110970a} 1280 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe" -contentproc --channel="1280.1.1404887476\1019805088" -childID 1 -isForBrowser -prefsHandle 1928 -prefMapHandle 1752 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\browser" - {b6cc841c-12ca-4cf2-95db-9e633cf29da2} 1280 tab
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe" -contentproc --channel="1280.2.579160449\1111797903" -childID 2 -isForBrowser -prefsHandle 2336 -prefMapHandle 2332 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\browser" - {80574083-5311-4883-89ca-d301597114f1} 1280 tab
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe" -contentproc --channel="1280.3.893904942\1899179965" -childID 3 -isForBrowser -prefsHandle 2628 -prefMapHandle 2636 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\browser" - {83a0c934-7807-4f20-b970-76753dd2e468} 1280 tab
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe" -contentproc --channel="1280.4.660776940\929611533" -childID 4 -isForBrowser -prefsHandle 2760 -prefMapHandle 2756 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\browser" - {41e6d95d-9cf9-40f9-ae8b-0dc640b44d68} 1280 tab
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe" -contentproc --channel="1280.5.123669170\128724821" -childID 5 -isForBrowser -prefsHandle 2920 -prefMapHandle 2924 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\browser" - {5ee6665b-a984-4ef5-9952-987b86ac98a3} 1280 tab
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe" -contentproc --channel="1280.6.2134435710\552112573" -childID 6 -isForBrowser -prefsHandle 2356 -prefMapHandle 2908 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\browser" - {45aa4bb0-8097-4a34-9a75-7c0d0e6c6c80} 1280 tab
C:\Users\Admin\AppData\Local\Temp\_MEI13082\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI13082\geckodriver.exe --port 49479 --websocket-port 49480
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 49480 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilezbSGmD
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 49480 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilezbSGmD
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe" -contentproc --channel="1660.0.1480161062\1749730689" -parentBuildID 20240416150000 -prefsHandle 1204 -prefMapHandle 1196 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\browser" - {575ec1d8-f55f-459b-838b-05318938ca23} 1660 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe" -contentproc --channel="1660.1.86530352\1823134252" -childID 1 -isForBrowser -prefsHandle 1912 -prefMapHandle 1756 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 824 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\browser" - {311ab273-fb3e-46c6-948d-b364a2cd5372} 1660 tab
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe" -contentproc --channel="1660.2.670441539\1979066720" -childID 2 -isForBrowser -prefsHandle 2300 -prefMapHandle 2296 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 824 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\browser" - {80642eb1-9aaa-4dca-b866-154de063d186} 1660 tab
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe" -contentproc --channel="1660.3.68777977\191593207" -childID 3 -isForBrowser -prefsHandle 2672 -prefMapHandle 2464 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 824 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\browser" - {bd285f84-786a-4d28-b173-2cbce2f179e1} 1660 tab
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe" -contentproc --channel="1660.4.1890435269\2104046489" -childID 4 -isForBrowser -prefsHandle 2836 -prefMapHandle 2832 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 824 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\browser" - {d5ba09af-cdce-4ae7-9dee-7ad30010eddd} 1660 tab
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe" -contentproc --channel="1660.5.1515455792\1303179570" -childID 5 -isForBrowser -prefsHandle 2952 -prefMapHandle 2956 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 824 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\browser" - {8ee2c12c-d202-4cf6-8cc3-04b6b341ae44} 1660 tab
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe" -contentproc --channel="1660.6.1677646497\1232114138" -childID 6 -isForBrowser -prefsHandle 3104 -prefMapHandle 3108 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 824 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\browser" - {edb2603e-3ebc-4160-b521-ce161603f66e} 1660 tab
C:\Users\Admin\AppData\Local\Temp\_MEI13082\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI13082\geckodriver.exe --port 49479 --websocket-port 49480
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 49480 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilegVnIUU
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 49480 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilegVnIUU
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe" -contentproc --channel="2476.0.341512541\100652455" -parentBuildID 20240416150000 -prefsHandle 1232 -prefMapHandle 1224 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\browser" - {067be3ae-7b93-4d46-88dd-96886a1a7ddc} 2476 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe" -contentproc --channel="2476.1.739414753\1427628571" -childID 1 -isForBrowser -prefsHandle 2196 -prefMapHandle 1820 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 856 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\browser" - {c6629cfc-938f-4764-873a-ff0b0c736cc3} 2476 tab
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe" -contentproc --channel="2476.2.932827526\1944397147" -childID 2 -isForBrowser -prefsHandle 2276 -prefMapHandle 2272 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 856 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\browser" - {10f373a9-9e6d-4c59-9367-7524e98e1803} 2476 tab
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe" -contentproc --channel="2476.3.1544983955\935238018" -childID 3 -isForBrowser -prefsHandle 2360 -prefMapHandle 2672 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 856 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\browser" - {195a3309-2dd7-4990-bc79-a78922a585d5} 2476 tab
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe" -contentproc --channel="2476.4.1750675897\737329509" -childID 4 -isForBrowser -prefsHandle 2436 -prefMapHandle 2424 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 856 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\browser" - {69205afb-2c69-406a-87ea-fb8ec69b94ba} 2476 tab
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe" -contentproc --channel="2476.5.342965056\695745612" -childID 5 -isForBrowser -prefsHandle 2744 -prefMapHandle 2348 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 856 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\browser" - {9b61ecff-bebc-466e-8b29-4e37022ccd30} 2476 tab
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe" -contentproc --channel="2476.6.725608715\784811658" -childID 6 -isForBrowser -prefsHandle 3212 -prefMapHandle 3344 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 856 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\browser" - {41df75c9-88d6-420e-bd0b-7483a1d5acd9} 2476 tab
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe" -contentproc --channel="2476.7.1612495496\346347168" -childID 7 -isForBrowser -prefsHandle 3424 -prefMapHandle 3428 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 856 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\browser" - {eca978e7-80a1-42eb-9dcc-dd1a1649e5da} 2476 tab
C:\Users\Admin\AppData\Local\Temp\_MEI13082\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI13082\geckodriver.exe --port 49479 --websocket-port 49480
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 49480 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileXZhSw6
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 49480 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileXZhSw6
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe" -contentproc --channel="3032.0.903876862\980547776" -parentBuildID 20240416150000 -prefsHandle 1228 -prefMapHandle 1220 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\browser" - {4f5f6358-7f98-47cd-9cd5-e48ad69d27ec} 3032 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe" -contentproc --channel="3032.1.2083203571\1914279330" -childID 1 -isForBrowser -prefsHandle 1832 -prefMapHandle 2060 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 812 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\browser" - {0c1bb0b1-014e-4dc9-8e1e-aad1c0bfd5f9} 3032 tab
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe" -contentproc --channel="3032.2.1391149785\218695703" -childID 2 -isForBrowser -prefsHandle 2392 -prefMapHandle 2388 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 812 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\browser" - {1fbb4274-56e5-4f9f-b56c-d194febc433a} 3032 tab
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe" -contentproc --channel="3032.3.1721447398\52623504" -childID 3 -isForBrowser -prefsHandle 2312 -prefMapHandle 2480 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 812 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\browser" - {e694c3d0-1d4b-4b6a-8667-eddcfb5551a6} 3032 tab
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe" -contentproc --channel="3032.4.2056022433\32902258" -childID 4 -isForBrowser -prefsHandle 2808 -prefMapHandle 2804 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 812 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\browser" - {1add11a0-3379-48e4-b3f4-cab00bd12bd1} 3032 tab
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe" -contentproc --channel="3032.5.10603016\252449856" -childID 5 -isForBrowser -prefsHandle 2948 -prefMapHandle 2952 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 812 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\browser" - {a5aafbaa-62a5-45ba-9b92-3aa9036c5d76} 3032 tab
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe" -contentproc --channel="3032.6.2036509931\1962106944" -childID 6 -isForBrowser -prefsHandle 3120 -prefMapHandle 3124 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 812 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\browser" - {274667f4-1364-4413-bf8a-cb52e7116f7e} 3032 tab
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\firefox.exe" -contentproc --channel="3032.7.2059361101\1235085325" -childID 7 -isForBrowser -prefsHandle 3436 -prefMapHandle 2808 -prefsLen 25412 -prefMapSize 245849 -jsInitHandle 812 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\browser" - {c1a8b8b0-d1c5-498c-8b81-5ca8e5033d5a} 3032 tab
Network
| Country | Destination | Domain | Proto |
| NO | 185.243.218.202:9443 | tcp | |
| DK | 87.62.96.246:9032 | tcp | |
| DE | 45.136.31.178:9001 | tcp | |
| US | 15.204.227.208:9000 | tcp | |
| N/A | 127.0.0.1:49559 | tcp | |
| N/A | 127.0.0.1:49587 | tcp | |
| N/A | 127.0.0.1:49479 | tcp | |
| N/A | 127.0.0.1:49479 | tcp | |
| N/A | 127.0.0.1:49687 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:49722 | tcp | |
| N/A | 127.0.0.1:49722 | tcp | |
| N/A | 127.0.0.1:49722 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:49479 | tcp | |
| N/A | 127.0.0.1:49479 | tcp | |
| N/A | 127.0.0.1:49479 | tcp | |
| N/A | 127.0.0.1:50186 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50221 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:49479 | tcp | |
| N/A | 127.0.0.1:49479 | tcp | |
| N/A | 127.0.0.1:49479 | tcp | |
| N/A | 127.0.0.1:50685 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50720 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:49479 | tcp | |
| N/A | 127.0.0.1:49479 | tcp | |
| N/A | 127.0.0.1:49479 | tcp | |
| N/A | 127.0.0.1:51225 | tcp | |
| N/A | 127.0.0.1:51260 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\_MEI13082\python38.dll
| MD5 | 26ba25d468a778d37f1a24f4514d9814 |
| SHA1 | b64fe169690557656ede3ae50d3c5a197fea6013 |
| SHA256 | 2f3e368f5bcc1dda5e951682008a509751e6395f7328fd0f02c4e1a11f67c128 |
| SHA512 | 80471bfeeab279ce4adfb9ee1962597fb8e1886b861e31bdff1e3aa0df06d93afeb3a3398e9519bab7152d4bd7d88fa9b328a2d7eb50a91eb60fead268912080 |
\Users\Admin\AppData\Local\Temp\_MEI13082\VCRUNTIME140.dll
| MD5 | 4a365ffdbde27954e768358f4a4ce82e |
| SHA1 | a1b31102eee1d2a4ed1290da2038b7b9f6a104a3 |
| SHA256 | 6a0850419432735a98e56857d5cfce97e9d58a947a9863ca6afadd1c7bcab27c |
| SHA512 | 54e4b6287c4d5a165509047262873085f50953af63ca0dcb7649c22aba5b439ab117a7e0d6e7f0a3e51a23e28a255ffd1ca1ddce4b2ea7f87bca1c9b0dbe2722 |
C:\Users\Admin\AppData\Local\Temp\_MEI13082\base_library.zip
| MD5 | 09f7062e078379845347034c2a63943e |
| SHA1 | 9683dd8ef7d72101674850f3db0e05c14039d5fd |
| SHA256 | 7c1c73de4909d11efb20028f4745a9c8494fb4ee8dcf2f049907115def3d2629 |
| SHA512 | a169825e9b0bb995a115134cf1f7b76a96b651acd472dc4ce8473900d8852fc93b9f87a26d2c64f7bb3dd76d5feb01eeb4af4945e0c0b95d5c9c97938fa85b34 |
\Users\Admin\AppData\Local\Temp\_MEI13082\_ctypes.pyd
| MD5 | 291a0a9b63bae00a4222a6df71a22023 |
| SHA1 | 7a6a2aad634ec30e8edb2d2d8d0895c708d84551 |
| SHA256 | 820e840759eed12e19f3c485fd819b065b49d9dc704ae3599a63077416d63324 |
| SHA512 | d43ef6fc2595936b17b0a689a00be04968f11d7c28945af4c3a74589bd05f415bf4cb3b4e22ac496490daff533755999a69d5962ccffd12e09c16130ed57fd09 |
\Users\Admin\AppData\Local\Temp\_MEI13082\libffi-7.dll
| MD5 | eef7981412be8ea459064d3090f4b3aa |
| SHA1 | c60da4830ce27afc234b3c3014c583f7f0a5a925 |
| SHA256 | f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081 |
| SHA512 | dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016 |
\Users\Admin\AppData\Local\Temp\_MEI13082\_bz2.pyd
| MD5 | a49c5f406456b79254eb65d015b81088 |
| SHA1 | cfc2a2a89c63df52947af3610e4d9b8999399c91 |
| SHA256 | ce4ef8ed1e72c1d3a6082d500a17a009eb6e8ed15022bf3b68a22291858feced |
| SHA512 | bbafeff8c101c7425dc9b8789117fe4c5e516d217181d3574d9d81b8fec4b0bd34f1e1fe6e406ae95584dc671f788cd7b05c8d700baf59fbf21de9c902edf7ae |
C:\Users\Admin\AppData\Local\Temp\_MEI13082\_lzma.pyd
| MD5 | cf9fd17b1706f3044a8f74f6d398d5f1 |
| SHA1 | c5cd0debbde042445b9722a676ff36a0ac3959ad |
| SHA256 | 9209ccc60115727b192bf7771551040ca6fdd50f9bf8c3d2eacbfd424e8245e4 |
| SHA512 | 5fe922c00c6f7fd3cd9bc56fc51de1f44adffbdb0afc0583f1bb08008be628b9ac16f8560b0c3ba16138e1cdcaf1c525ef24241bed804804cdeb5961aed6385a |
C:\Users\Admin\AppData\Local\Temp\_MEI13082\geckodriver.exe
| MD5 | f60c542253cbe94f762e15c7b064b55d |
| SHA1 | 7a32f034217266db6d799893edc976e891a82944 |
| SHA256 | 989c9e22c08924ecb0ce8901889dcb4dc8db33b0b4c8c88ffea38fe89f04c6aa |
| SHA512 | 1a91ba760e9893521e417a4b6ab4a25c1a1d8aadf89ad98a60eb114f65a88f9d2616f3cc102c08b95a0e91d0cb7245ecc2b4fdbbbc17465c57844e6db2b2e8ca |
C:\Users\Admin\AppData\Local\Temp\_MEI13082\_queue.pyd
| MD5 | dd146e2fa08302496b15118bf47703cf |
| SHA1 | d06813e2fcb30cbb00bb3893f30c2661686cf4b7 |
| SHA256 | 67e4e888559ea2c62ff267b58d7a7e95c2ec361703b5aa232aa8b2a1f96a2051 |
| SHA512 | 5b93a782c9562370fc5b3f289ca422b4d1a1c532e81bd6c95a0063f2e3889ecf828003e42b674439fc7cd0fa72f64ad607bab6910abe9d959a4fb9fb08df263c |
C:\Users\Admin\AppData\Local\Temp\_MEI13082\_hashlib.pyd
| MD5 | 5e5af52f42eaf007e3ac73fd2211f048 |
| SHA1 | 1a981e66ab5b03f4a74a6bac6227cd45df78010b |
| SHA256 | a30cf1a40e0b09610e34be187f1396ac5a44dcfb27bc7ff9b450d1318b694c1b |
| SHA512 | bc37625005c3dad1129b158a2f1e91628d5c973961e0efd61513bb6c7b97d77922809afca8039d08c11903734450bc098c6e7b63655ff1e9881323e5cfd739fd |
C:\Users\Admin\AppData\Local\Temp\_MEI13082\unicodedata.pyd
| MD5 | 601aee84e12b87ca66826dfc7ca57231 |
| SHA1 | 3a7812433ca7d443d4494446a9ced24b6774ceca |
| SHA256 | d8091e62c74e1b2b648086f778c3c41ce01f09661a75ea207d3fea2cf26a8762 |
| SHA512 | 7c2d64623c6cfd66d6729f59909c90aa944e810ff6514c58b2b3142ee90e8660b7ddf7fa187389dd333e47efe8b19e935dd4e9119c15375b69b4880d043877d7 |
C:\Users\Admin\AppData\Local\Temp\_MEI13082\top-1m.csv
| MD5 | a29565710c081a7da5e38a4f4edd4e65 |
| SHA1 | 818c4f88ac3e53f2ea07c7b822f5f7c7d5e7103a |
| SHA256 | b9ebda977c49d54f46dbc40b08dd385dc79e4afca90796f35d538ef13ef95831 |
| SHA512 | eda629b4243b2143e9c4de587606e47f0c65ed258d3fada3d652b6339ca95476adab46a03744bbf09a9fb5456f087fc186546da464d36973622f376ae550ffd2 |
C:\Users\Admin\AppData\Local\Temp\_MEI13082\select.pyd
| MD5 | e21cff76db11c1066fd96af86332b640 |
| SHA1 | e78ef7075c479b1d218132d89bf4bec13d54c06a |
| SHA256 | fcc2e09a2355a5546922874fb4cac92ee00a33c0ed6adbc440d128d1e9f4ec28 |
| SHA512 | e86dba2326ca5ea3f5ef3af2abd3c23d5b29b6211acc865b6be5a51d5c8850b7cda8c069e6f631ac62f2047224c4b675bbe6ac97c7ba781de5b8016ebaffd46f |
C:\Users\Admin\AppData\Local\Temp\_MEI13082\_socket.pyd
| MD5 | 4827652de133c83fa1cae839b361856c |
| SHA1 | 182f9a04bdc42766cfd5fb352f2cb22e5c26665e |
| SHA256 | 87832a3b89e2ada8f704a8f066013660d591d9ce01ce901cc57a3b973f0858ba |
| SHA512 | 8d66d68613fdba0820257550de3c39b308b1dce659dca953d10a95ff2cf89c31afe512d30ed44422b31117058dc9fa15279e5ac84694da89b47f99b0ad7e338a |
C:\Users\Admin\AppData\Local\Temp\_MEI13082\_ssl.pyd
| MD5 | d4dfd8c2894670e9f8d6302c09997300 |
| SHA1 | c3a6cc8d8079a06a4cac8950e0baba2b43fb1f8e |
| SHA256 | 0a721fc230eca278a69a2006e13dfa00e698274281378d4df35227e1f68ea3e0 |
| SHA512 | 1422bf45d233e2e3f77dce30ba0123625f2a511f73dfdf42ee093b1755963d9abc371935111c28f0d2c02308c5e82867de2546d871c35e657da32a7182026048 |
C:\Users\Admin\AppData\Local\Temp\_MEI13082\pyexpat.pyd
| MD5 | 2ae23047648257afa90d0ca96811979f |
| SHA1 | 0833cf7ccae477faa4656c74d593d0f59844cadd |
| SHA256 | 5caf51f12406bdb980db1361fab79c51be8cac0a2a0071a083adf4d84f423e95 |
| SHA512 | 13052eb183bb7eb8bb2740ff39f63805b69e920f2e21b482657a9995aa002579a88296b81ec415942511d2ed146689d1868b446f7e698e72da22f5c182706030 |
C:\Users\Admin\AppData\Local\Temp\_MEI13082\nss3.dll
| MD5 | 71747091d34cc634b9ad3c360b45b0a9 |
| SHA1 | 111cf483836f6a392f64bc9398a327be1c43dfc8 |
| SHA256 | 6e69c7c93a9d06c34c5f5429813d3763fe7ae4fb09c1dc5b0f0290b2dd8befcf |
| SHA512 | b911fd3b201a84c7663135c2dbf72e2368d68557181f5e1a32be271b0e73181f34990575fba44002fc92bae7d90caf530b7ec9212d3d022b4526906f0c2eb35a |
C:\Users\Admin\AppData\Local\Temp\_MEI13082\mozglue.dll
| MD5 | 3e4d1ec1d2a6e85593459601b5a0a828 |
| SHA1 | 92ee422285282dcb170cbc7808299d14d8d27963 |
| SHA256 | eefcf97ee8a298c85c9d4d44bb8747c0cca1ef5922e25000814148fd0fbfb2f5 |
| SHA512 | 4fe70fdbf8c902497537fbcda6e96373c636521aba2db52e3047abad37a9b857ab1668f203bcdf2815bbe0c485ec751dd6031043f459fd4af968c5d495e44ba4 |
C:\Users\Admin\AppData\Local\Temp\_MEI13082\mozavutil.dll
| MD5 | 4ecbb73d44518fc2b601a1ac9a38dcad |
| SHA1 | f7c96e85d5b32af8efb784e75164ec4f0c6f4f10 |
| SHA256 | 7f629ecfd36353139e9b067dc5ba84b411ed74132aef01b4430ccb016af46a52 |
| SHA512 | 12946996b2bdd87dd08cf046b37ff21dc23ab336c92d2b42cfa2000743c79524205004623b67505294080f60f9b5433005457f8a385e0461cef2cded6aa3d610 |
C:\Users\Admin\AppData\Local\Temp\_MEI13082\libssl-1_1.dll
| MD5 | 50bcfb04328fec1a22c31c0e39286470 |
| SHA1 | 3a1b78faf34125c7b8d684419fa715c367db3daa |
| SHA256 | fddd0da02dcd41786e9aa04ba17ba391ce39dae6b1f54cfa1e2bb55bc753fce9 |
| SHA512 | 370e6dfd318d905b79baf1808efbf6da58590f00006513bdaaed0c313f6fa6c36f634ea3b05f916cee59f4db25a23dd9e6f64caf3c04a200e78c193027f57685 |
C:\Users\Admin\AppData\Local\Temp\_MEI13082\libcrypto-1_1.dll
| MD5 | 89511df61678befa2f62f5025c8c8448 |
| SHA1 | df3961f833b4964f70fcf1c002d9fd7309f53ef8 |
| SHA256 | 296426e7ce11bc3d1cfa9f2aeb42f60c974da4af3b3efbeb0ba40e92e5299fdf |
| SHA512 | 9af069ea13551a4672fdd4635d3242e017837b76ab2815788148dd4c44b4cf3a650d43ac79cd2122e1e51e01fb5164e71ff81a829395bdb8e50bb50a33f0a668 |
C:\Users\Admin\AppData\Local\Temp\_MEI13082\lgpllibs.dll
| MD5 | 726abf1280adf3129481b94b2bc644c4 |
| SHA1 | 404f69e71296f2d199535e8a6d9fb56707fcbc5f |
| SHA256 | 8969747ecb7dfd4a6dcb9150017e14ebbf90ce558f6fb469f6b558d039e9259a |
| SHA512 | 160b57aa1a28ff35210cf958fd7821aa2cc1cf6fca1ea38d768fa90111826b096518363b00b6818d21743aefd6bbbfa358fbe2fe3afa95edacb330a747c6e5f3 |
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | 549e54a44c7326c30548c998a1d16424 |
| SHA1 | d4375f9ead356aff85d60375b08db168195d5089 |
| SHA256 | fb2df7a858dbfacbedb5ce100bc71dff2b1e1991b2d574c1d3d46701ceea5433 |
| SHA512 | 7325a6d2ed8cf43c4665f2cda3f4f9578de7a87cf70178eff7e927bb8b58f0dceff4b4bf6029593ff64fab052718cf2da8228275580071de2d0fb77fcb4bb897 |
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\addonStartup.json.lz4
| MD5 | 85de06e3d4c6f39404776f3c7162c59b |
| SHA1 | 3e4b8ecebaa9c903d220ee23d367be8e8ba27619 |
| SHA256 | 33d83687f45f4dbe12db0a0ce697cbce2c228d71ed474ad10a839ff7ce95012a |
| SHA512 | 6cd4cac7bd74ac01de30d242b2bc75e7dc2e23c0871250ae8176cc947553dbfc702a2392380acdad6bec355aea6dfa95708af54c560330c36c05bb0f34169963 |
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\compatibility.ini
| MD5 | e50a617598b0f635e6f9ae4a9d445b78 |
| SHA1 | a372ec393dd6271bd00cf02f894152887765da8b |
| SHA256 | c9053fe76caf2607aa3043fa8b60070956198590dd8aab868145e0644cee30f5 |
| SHA512 | e851c226c38d4a6dfe43074d455fd75483d6c9b4d9521280a64f5b1913a055084d7764f13a8d0a12142a716a4031cc2ca4916c131d41c18a4d7a95128cb03bc0 |
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\containers.json
| MD5 | 26dd091069531a62061de8ca1c56d46b |
| SHA1 | 6c9daa73f096174f28f86c9bb245cb8a540f5c2d |
| SHA256 | 2cde4e7f9f1c6ab6fcf729370237845c72314a6c6d942fab1989f37e6c610a9a |
| SHA512 | 180d42c642f5d1126efbf89af33f1b4d1aa936aa530834b508eabcf3ec845aad91daa871ee6517e1181910f5720edbc3788d6a4b2455f1255d7b52b95de2d66d |
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\content-prefs.sqlite
| MD5 | 2ec530a71bdac21f299f9ddb823be222 |
| SHA1 | 5425aaf19c0832cda06be506e88f2435f432d287 |
| SHA256 | ccad2cafe84d27b3be67a87f0e32b7670e451c7ceefce6f2aa38f658976334b3 |
| SHA512 | 94eec8b0f59c68331d9187dd4dd4aa2b2c31d844e72bf707cd9e0c7c72c64982a3babcacf3d09a996422281ac5479ee304b41a577e54a74308d7a31a7d7091d4 |
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\cookies.sqlite
| MD5 | 5caa766855d5613a999f71b7812d6451 |
| SHA1 | ad0d9a52a0d5cc7f11858301dbe47377ed99ee37 |
| SHA256 | 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27 |
| SHA512 | 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba |
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | 902a5af709f09e8c3f4cc205652063c6 |
| SHA1 | 2eb56baf0ac8a5af7fc6ac3a661ceeb78abb062a |
| SHA256 | cb03fb6b983d1a5764d2928ef67ac364ba23cbc958ef4b1e5d659cbbc5947e07 |
| SHA512 | e33bee28343f3558f138357c2bf6dbb4296aafb369a63c8b96a31076f60b3fc1d47b439a2da478a716c9fb3d9321e8b9a2dd5ca1f6ae3753ee6af6c4696f4384 |
\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | 43cd52a62934138e219b1d5c8d360c34 |
| SHA1 | bc533b3429ba491fe8166efe70b1314df3655ba7 |
| SHA256 | 66320c08899ec406920e5046f4764e68413f01a917671fb262b627372323e805 |
| SHA512 | 5c630fa45a01ca26b9c6a8809010cfe5181e8f6c33c6d8a259c81b7d8c2bfe9e13769ab000e7b1b9eb0d502bc2a142c8f2da12414f818754e888ec76eedeadc9 |
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\favicons.sqlite
| MD5 | 0351b833a5c095852e821535974441c8 |
| SHA1 | bcbf5c294852c2d80af7862d19791b994aea7706 |
| SHA256 | dd13400afe7ebe5d0be37c951ff961be293b63588cc3635a62fa5f071ab69eef |
| SHA512 | 3eaefe9e400fadf0b947036e15b4dc5c7b42fbbcb716426ba478073eff1e7d7bddf3f72c44dfb5fafe6712d7ea9f2c52c172607d719f238a22e432afdb618b97 |
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\places.sqlite
| MD5 | 2eeb46e1c58ff1cce4ac2d4d725b2cc6 |
| SHA1 | 89aa36e77e51da31fbbfd682a2acc91f6016d275 |
| SHA256 | e99e5ee165f2a0d5d39c5cc5a1d994c0534cf7caf8779f314f0e92b2d59d2b6a |
| SHA512 | 23d5e39c25375ef4a83713f44615078878253411cd6ca6c4a149de915cd491b328046ddd189a113585361faad6a47ebd6ead31f062681ab25b0f2832a988265e |
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\handlers.json
| MD5 | e7a65c5ead519a7b802f991353c26d3d |
| SHA1 | 34cc3c1cf9bd4912dba5fa422010934e46419fa3 |
| SHA256 | 0e5ce92485da953757f615bad034a43032b220da18f8165dd85347851b56b2d2 |
| SHA512 | 2a6034449ba6f5da8a77870ae665064047cea2460aeb4c8c0b62b308a403fdd30648150209aecc31ab1e50b6d9d94a1f51d3d7d50bbf35ec1b742bff2dbe788d |
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\search.json.mozlz4
| MD5 | b6d7fc9b6ebc5f46500acc52bf6c9808 |
| SHA1 | 4fd8111c436d89b83890e98b4cb7d0343e568340 |
| SHA256 | 2bd35c40d02dfca6c685a001287d89c1ec743b8d4d87a0a568c1cbd0b5ba4974 |
| SHA512 | 7e7111112af9448be4da527ae1d76ed93ec1e236dd00db63ff30d93d1f29cd699193e1e2635b110dda3ec36502c25065ef7d1613537451916ea301eb0f3e084b |
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs.js
| MD5 | 8565a303ddc83b03f8662b034597de18 |
| SHA1 | ce6453779eb52055599ddba097a95ab82512ae5b |
| SHA256 | b6ffe8a2973d7050fd5ffcf7ee1c995eef8d8dc5d58cb0a05a6ca0953bd4c6bd |
| SHA512 | 2b667252645b7f1202582beb353fbb2320f81b1f2e42a8327792309709434092a953727b222a5d81bac1482a547a498ca5c9d3d2c772858746cf29d18c684566 |
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\sessionCheckpoints.json
| MD5 | 48fcad918c62db97e9af1dba1d131473 |
| SHA1 | d89381594d3241b0e645033f67572a5d8c166764 |
| SHA256 | dd8349e2789db1125b477971c5d445b6afb2f6ea3b57de65080631040900fe8c |
| SHA512 | 2278d074aab519859188b047c77fe7b4db718e0af237b63e06a1b095d7a1eb4e07d6ea59cab5d7b1325aae0047fadea36eae12a80bfefe112aab85fc18aa1ca3 |
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions.json
| MD5 | e2e8f9cf938f81b1185086b12c5c9d90 |
| SHA1 | b67c857a7002b3262f09ffc9fa8524c58a01e5b9 |
| SHA256 | a053bba02f38179197090a9a9849aab872af5b09dc61b2f69efb0d8ea2d0f5e2 |
| SHA512 | 3bab571f5c43ff72ce1dd654b584d053cba937a3d3cc4d07cbf57ac7acc821b199b90fab66abc62dbe32e75297143c810c995d87df076e75a583e321d081d87f |
C:\Users\Admin\AppData\Local\Temp\tmpnh486ohk\webdriver-py-profilecopy\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
| MD5 | a3fb2788945937b22e92eeeb30fb4f15 |
| SHA1 | 8cade36d4d5067cd9a094ab2e4b3c786e3c160aa |
| SHA256 | 05b98840b05ef2acbac333543e4b7c3d40fee2ce5fb4e29260b05e2ff6fe24cd |
| SHA512 | 4897aefe3a0efffaa3d92842b42fe223f0b9882031a65bea683f4554d1fec92b8a66ea15c67e9b95c7fc12991cde3245010ccfb91768ba233711ced3412c13bc |
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\.metadata-v2
| MD5 | 2c740091198dcf20b9c600791e2bcc3c |
| SHA1 | dd6f376ba9139ddec20ece64da0760054133db96 |
| SHA256 | e39504c71ba91c438c682a8c83c7ecfc5410b853d7788a4c561a8c6e90bdbe59 |
| SHA512 | a677a432a4af6b5ad0131d224d2e4c999c2340a54ba770f9f39429fd28ad05a921fcf65a1b714af5deae2419abcf8ab38472e15f0f8758ccf7b7769a40bafffc |
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extension-preferences.json
| MD5 | d2e8aceaa00ad916618bea2eee81aedf |
| SHA1 | 28b26f0db0b4b2504a418983089795761c56e4a1 |
| SHA256 | fc52b830f384921b69b457fed04dfb4239fb08e9fe7d8ac07c4c269bd9f6f622 |
| SHA512 | b6cb1f872dfc024d28524976aca3ad8840943ca0fc212326e8b6ee6fe0a57d5120a6c1da824ab70d7f9ee8dd674bdd32ace038db4d893b893830bf3267c6e59d |
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\datareporting\glean\db\data.safe.bin
| MD5 | b1c8aa9861b461806c9e738511edd6ae |
| SHA1 | fe13c1bbc7e323845cbe6a1bb89259cbd05595f8 |
| SHA256 | 7cea48e7add3340b36f47ba4ea2ded8d6cb0423ffc2a64b44d7e86e0507d6b70 |
| SHA512 | 841a0f8c98dd04dc9a4be2f05c34ecd511388c76d08ca0f415bfb6056166d9a521b8bc2c46b74697f3ecdac5141d1fe6af76dd0689350caca14e9f849ee75a8b |
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\times.json
| MD5 | 797325af481a14ae243f10d5f24b4a0d |
| SHA1 | 718b6ed3d9d839b8fe0a0e097b9ac5f5770ed5a1 |
| SHA256 | 1d70eaebce1c81e3241ae47deb92aab50f90dd8baa4c7cb5e9f7eb6b1e66abb1 |
| SHA512 | ac9aa2b028bdffe24831ba50894fb48eb70b100f6973875987e24f075a3e9196f96699667eb3a5d2e4f86041d510447c75fe6e55562813451712878a3411c3b1 |
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\xulstore.json
| MD5 | 8d689c06cb844185099c0398a280537e |
| SHA1 | 57073c7526ec37e94bb9db44fedc6d50276f7a6b |
| SHA256 | 96729e9b38f216605ff10715f96f364be32f02e2de23ede7e74b78244605124d |
| SHA512 | 3c7df326c695143915df1068cb2c0f58e93e4881b2c4d94b33948b80e954fbd4cf944ae53b4d15002b79fcdb8e88f8e9cf4c89ca50f56b7cfd8a13ea7dd6fff8 |
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\webappsstore.sqlite
| MD5 | 41c22c9f81a84b1b0e5ee7ec2ff7c545 |
| SHA1 | d12424cba9e4e9124bf3f15e556c562b95c9b6a3 |
| SHA256 | 4ffdc78433817da79ad2e84b26a2ffaf62d8c1baf80421751d752c3d8723328f |
| SHA512 | 8b690c55ae0b25aeede62a09dea1ef6b7daa9880ca63c6d4ce192160daded05fe0dc44b115216ce10523e2ec45991873c249f159fe8608712818f5ead327897b |
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage.sqlite
| MD5 | 7f2754df6a4a580b15910f449892766d |
| SHA1 | 9dcaad98563ed89781f53941cbc43db5454de7f5 |
| SHA256 | d3765d63c380e5a79296d566b7869c08b1f4e079787176f29cf2ddcd76330654 |
| SHA512 | 25f0205a8c4aed02e9e1f9ecafffb36cb3bb795ef9f06cc12ede9e8b0459ae5b86573b3b4980b92073a59204eaf314cba34c03b99e90ab98f804fe378fe02839 |
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | ecb1dedf5ef99417494e424ca42eb67f |
| SHA1 | e2a293cbba50c6624e75cdaffe472967f3961023 |
| SHA256 | cccd56daa3559a54db61113fbdb5b6c96649cdd65b5cf14bd442c3f2e3b738be |
| SHA512 | 5ea0645775933d5bd2f913d58e344253a58578c920af95bd0fb81ff4f13a4998a919f0856ffdc97541abf9fc3797558b0f2467bc73214b63c7ce568ba87e550b |
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\.metadata-v2
| MD5 | 7abc816e004d9ed0f292770cfa8876cb |
| SHA1 | 4a1eeb702543f0819ef7c64b9f3bfd53be292106 |
| SHA256 | 2960d61c10694d76f29beca0eb96c06608cf4bbf479811449a39197e8580842e |
| SHA512 | 9883b894e65a426227ea9808b69e2259f206df76bd9bb9e7c0ebd7521acbdad0a92c4a531f739c93b1e53001eca8a1a42e122baa1e1885b11d4ba34aae24961a |
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\ls-archive.sqlite
| MD5 | d277f533f1d77e26d09bb66764bbeea6 |
| SHA1 | 082920ebe7dfb870cf94a99fc601fd5ae8b456ee |
| SHA256 | 3c957f8d69ccfe73b66c28d378bf301bb1bcb0ceb5c59ac0dafeb5787b24f3c3 |
| SHA512 | 510c78685b20a68160d9041d5a55a022a281fc0fd5777f978dc422d132961bf52ac23a0a95ca47b15715641ecb7a39b359da8d00d305c8543d553c00db54747d |
C:\Users\Admin\AppData\Local\Temp\_MEI13082\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | cbb1daad9fc48ab13e35fcd3621a5999 |
| SHA1 | 0eec8ece735465aea259f8223762f93fb13a97a0 |
| SHA256 | 8a03ae38ee38cf04dd9a5e2c5563bfd930886cae2170ed4200829288e5c155da |
| SHA512 | 818629d68123ae629bd5a1c7e768ed79707360457be1b7c50f7c59447bf9ee398fe78c925f037649d6b1ca529a9cf3bf8077b6f525f3e88142c56bc7e5451e8b |
C:\Users\Admin\AppData\Roaming\tor\cached-microdesc-consensus
| MD5 | 80e882ce8268212cf4db9fbe44f95336 |
| SHA1 | 85abc152168a20d8db2c6501aa43a97ea72efc8c |
| SHA256 | 32c7fa19bdf922f35368bbda1fd91b30fae89f7e8615c8224901e4e3454ee937 |
| SHA512 | eb6fc2086c0c5b1e2207c675e49713961246559ade42f65f5e1d51e6139e503eacceaa57542664f7161dc320df0403d90bc85e499aa2d0f09c4a3d4236920cd5 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilecirJlj\prefs-1.js
| MD5 | 6338c163189b4e045356e12d106b146c |
| SHA1 | e638a32fbbf41d28ed40228b132f63da6dbecef9 |
| SHA256 | 54d90ea68ee82140f0f5f5075771f285216a4e001fa0efb31e6734da3236a0d0 |
| SHA512 | 28ded99aec8baa09829fc33acaeaf8d05f8faf732cce3ec2c6f326141f0056735eafa1aae046538f6f73ecae9cfd2a76f01727ba4324376eb3234fa455bb6be5 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilecirJlj\extensions.json
| MD5 | 92b2d80cf60aa2198fc5e6b020d1136b |
| SHA1 | 556245beb5ddcfe8206daea1b36518d9f51d3051 |
| SHA256 | 6c9a782792ae6a621bc986958125ae201f84d3c6f3e1478c638ea0e9c5c338b1 |
| SHA512 | 078c1d0a2fdecebb955a0b83928edfe75cda6041e8a6037cf63f63ea4f1660fec8541e5734a62596d1ff96c7e3e66ab56155c497ffd9d93f033fb85cdb145c1d |
memory/1280-707-0x000000000B190000-0x000000000B1A0000-memory.dmp
C:\Users\Admin\AppData\Roaming\tor\cached-microdescs.new
| MD5 | a75c94a8e40fb5c32250a9b4cb1847fe |
| SHA1 | ecf9d7bdaf1ddad7292478d5acd0e7aa07b5b78d |
| SHA256 | 74bdf0f9dd170f0e5a4a274fcb254410110c0485b60bccb52524d11179158045 |
| SHA512 | ecc2ef47271c0135c07548ec906d80dd4539abc9e1c68650ea42798f8ea43e48101a58ee14daecada23e25da9446abb1afa82f2085225d79067e0e6846a2464e |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilecirJlj\prefs-1.js
| MD5 | 6d3cc9c85b97139185f283025e56a35e |
| SHA1 | e68303875e51abc31b66ba57535f6467f2f920bb |
| SHA256 | 4284d12eedd02600fc8e186495733da53fd230c4ec8d4aefb5225bd1d7bedcb9 |
| SHA512 | cc6a65fdf9524b0c4af855d7e6305927c1fb86f2c372ba836aaff344a82120677c55319bb9507a9713be4667609acda2dec434725fb4f5513a0fce3d9e00953d |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilecirJlj\prefs-1.js
| MD5 | b4d4a58a618d52c1fcab83d6c7ef4992 |
| SHA1 | 704f92167fdff20e2aba3b0de82db0b7ec7f5c50 |
| SHA256 | 315a3ff24c1f39162f81c13ce3fb099f6b6b25129e72ec299124b75191f9884c |
| SHA512 | 2f9cfe0602b433b2f379147dd5d604defc0cc81b94e372204f3478c4b028b2aac74fed3378ac68a2c1c23d143921f23e4a3755a41a50f51702094fba8d4d87a6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilezbSGmD\sessionCheckpoints.json
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilezbSGmD\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilezbSGmD\extension-preferences.json
| MD5 | b4298c9a240d6b7b63346daf94013802 |
| SHA1 | 9ce98168437854b51b198c16186c05129f0c273b |
| SHA256 | e120cdbe8994b9c61e74492f0fad161abb5b4e18f64d4b786a8c245ae5a384d5 |
| SHA512 | 545becc42b35be10b4c24fdc38ef6b664d167e4288111f31478f476c2c06794efb802ac0fa2b782cddea1283d295a56053e96520b033258bd596ff6fbb4f1b4c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilezbSGmD\addonStartup.json.lz4
| MD5 | 423fdb78ae7828489e32df91b11d8cc6 |
| SHA1 | 73044b614ac46dd82e325317f966141939b7d35d |
| SHA256 | b288774e88826aa11b40d5867c962cbe891ceb12c74e87ae33a868debafe72b2 |
| SHA512 | e091e3cbf38be981b43ae73719624748640f3d88285ee79318a95374ec8d68395d596089cb00f3f679c829875d83f663d1b54138d08dc09c063b1ff880d40480 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilezbSGmD\prefs.js
| MD5 | 6fdc87243eee06651a82287ebffde991 |
| SHA1 | 5e5ce942727ce6c1892af8faa22a0ad826c25f4f |
| SHA256 | b45f121c3b206a3a8fa8ca8f83acb5e0721654e30d49cd8595a9947888e9208c |
| SHA512 | cf71fbb7eeafd4ceaedf5560a0dc7f99575f53c9c693ef9b6ca14f4e36142a72716dbbdda02c124fa5f342bd35ad612e6b9cd9dd7126ace6f14e6b1792c7c0f8 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilezbSGmD\startupCache\webext.sc.lz4
| MD5 | ce0cdb12f654b7b4eed8e3c757c02b8e |
| SHA1 | 4d333f515434469051cc5238d490ffc897083bd4 |
| SHA256 | e5eb1311c55b8ae2b01298e9cd6619c8cade59f6d0d7e9da4cf2aec2d4f4d049 |
| SHA512 | cb4fb794e4c2a0d47a40112283da6df11443d8f8d433346e8c85eb5f0b5db8bae2d39180ff5a97b9efba21f80802351d16b21b69fee6192da0ec5005335b1f6e |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilezbSGmD\prefs-1.js
| MD5 | b25126ac44c5c49f2f5cb4bf24f9906d |
| SHA1 | 4ea5256dba5d76cc9bbb9157fbffe67606444ed1 |
| SHA256 | 7b5590731d928e2b22cc6f6b10363d7a9a9dfef11791f58f8338bb149a92a58d |
| SHA512 | f60fb41c2d4b815cb4638390c903176e95bbdfefcbbf09c5d578bf55c55ce7de8a51a17f54bf757054ca08d2eaad17e27f349f2a9c729a8482e779cb64fea3a9 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilezbSGmD\broadcast-listeners.json
| MD5 | 97c3738563a9448365a735f5f29ed3d5 |
| SHA1 | 15a81433236ca6e6ecc4e1c8d0fdb8523b265c57 |
| SHA256 | 63221253f5c30efa214c2cd2adcf51a9c9f9a2c05f119b00a51c9579825c2c24 |
| SHA512 | ed98f42d5d02ab53a9e50f80b312bed4b5d05d053bec582cf9d619ef91251e86cf4f4d1123c645500fc1dc4673b49a8b7badd3f3a39f565ac643ca4fd0157ae6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilezbSGmD\prefs-1.js
| MD5 | ff65b56213b39be6c758882f03f2acee |
| SHA1 | 3670a499ed89d9e2200bb094f381c4ef02be1c26 |
| SHA256 | 42a28c05a0c8976711ada9703a9b83419c977b33ae1cdaefaa27610acc9ce2e7 |
| SHA512 | dbb2ccd6fb4ebdda7ce9daee409b264142113225803b421d5181365fa26c111c5a14fa2322df529c5b2dc58b03b60585af28147b4d36dad7134c2302813b10b7 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilezbSGmD\sessionCheckpoints.json
| MD5 | 99601438ae1349b653fcd00278943f90 |
| SHA1 | 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9 |
| SHA256 | 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a |
| SHA512 | ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilezbSGmD\sessionCheckpoints.json
| MD5 | 65690c43c42921410ec8043e34f09079 |
| SHA1 | 362add4dbd0c978ae222a354a4e8d35563da14b4 |
| SHA256 | 7343d5a46e2fca762305a4f85c45484a49c1607ede8e8c4bd12bedd2327edb8d |
| SHA512 | c0208d51cf1586e75f22764b82c48ecbb42c1ff54aa412a85af13d686e0119b4e49e98450d25c70e3792d3b9c2cda0c5ab0c6931ebaf548693bb970a35ae62b9 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilezbSGmD\sessionCheckpoints.json
| MD5 | 2d87ba02e79c11351c1d478b06ca9b29 |
| SHA1 | 4b0fb1927ca869256e9e2e2d480c3feb8e67e6f1 |
| SHA256 | 16b7be97c92e0b75b9f8a3c22e90177941c7e6e3fbb97c8d46432554429f3524 |
| SHA512 | be7e128c140a88348c3676afc49a143227c013056007406c66a3cae16aae170543ca8a0749136702411f502f2c933891d7dcdde0db81c5733415c818f1668185 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilezbSGmD\xulstore.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilegVnIUU\user.js
| MD5 | 736db8c9b955f72129a6644a9c797093 |
| SHA1 | 59f1c80c407e27ffe85407a82f7b7250c5ee3753 |
| SHA256 | 668694ca0485bfb77e7049bad327ba3f83534f31c1d50744f227c996eab4097f |
| SHA512 | 9916d339304272357ff56976bfcb9fd2d607ccbaa33dc40b88618c9ae31833923d3f2e8288cfc1f0090da90803b5e07404c41182155db2d2345df6f63020f217 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilegVnIUU\addonStartup.json.lz4
| MD5 | e43718d2b889f6e3881834565f5473bd |
| SHA1 | 6c400916678ffb7ce23ae8ff27965be07fa424fc |
| SHA256 | 87bc147ac2c2a5687bc03d364481ca2f6c0901630b77a145d404d610811db52a |
| SHA512 | 82ef54f6477d9e17004cd46134815a25cfb00a6e9df473658756582124df5e59a20763b97f4dc51c8d5d70b84c3a07a8adacd86b1d10061010d7d79c25fdda65 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilegVnIUU\startupCache\scriptCache-child-new.bin
| MD5 | 2724d7dd31542eea53805994d9290cd8 |
| SHA1 | 7b5d8536b060269d79848eaa6e2362333bc0f8ec |
| SHA256 | 72f0d983fa1c2017f7402b19caf50305d7bd8001ed4e7797bc3dc0528f3081a1 |
| SHA512 | 6ea98f95ca46f2b83081b546bf6238de11a829853105233bb29cf9ceeb69ace8c69ae90e94c9b5143f91f05713cfbf82f63265733f6233ecf5acb867758c1ee0 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilegVnIUU\prefs-1.js
| MD5 | e439aa9836ebca6a280d06a5fcfeb277 |
| SHA1 | 22ad66ed9371cacb0e4edd960e4acbc676e4d2da |
| SHA256 | 28ea7f7c15361aa0d7d04e70908914197409553c5cee18b66b588ebfb963376d |
| SHA512 | ac88eb0dad192ea7f3452964bf67dbf2fefaa3e0369fa5b75e57b1a838e6dcebd9b0a5b9d5d7cdc537aea03d41e8c37bff46dcedde73202e2049d48fcf3f61d7 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilegVnIUU\sessionCheckpoints.json.tmp
| MD5 | 29ce37dc02c78bbe2e5284d350fae004 |
| SHA1 | bab97d5908ea6592aef6b46cee1ded6f34693fa2 |
| SHA256 | 1bfee61e2f346959c53aa41add4b02d2b05c86c9f19ffefe1018f4a964bf4693 |
| SHA512 | 53a9eb746e193c088210d8eaa6218d988f3a67ee4cb21844d682ff0178db040932404f5ce2f3cf8b4576313ba0ec33c04ca288c3412bfa5df7dd8230cc2068bb |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilegVnIUU\prefs-1.js
| MD5 | c13d71cddf25be90db4d53ab36c0bba9 |
| SHA1 | e5c8207e7893358d196ca2acfd53627c15d0628c |
| SHA256 | 09f6f5ffc5625f3e43703cbe544b3bb4a780aa1be055b07b7bf0a68db1af5d46 |
| SHA512 | c5f5e00088dd3e858d00752d8b83cbeeab995efb54200d16f281f3be83834a62a0b9bfa3248580fcd5d64863e596aa217c9c5a9ddf9a12a59d8c87e4bc90c531 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileXZhSw6\datareporting\glean\db\data.safe.tmp
| MD5 | 7fba44cb533472c1e260d1f28892d86b |
| SHA1 | 727dce051fc511e000053952d568f77b538107bb |
| SHA256 | 14fb5cda1708000576f35c39c15f80a0c653afaf42ed137a3d31678f94b6e8bf |
| SHA512 | 1330b0f39614a3af2a6f5e1ea558b3f5451a7af20b6f7a704784b139a0ec17a20c8d7b903424cb8020a003319a3d75794e9fe8bc0aeb39e81721b9b2fdb9e031 |
memory/3032-2103-0x000000000ABB0000-0x000000000ABC0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileXZhSw6\prefs-1.js
| MD5 | e08028afb184827b0ca6e12b2a7b9f98 |
| SHA1 | 57bf4080cad940efd7728c4a223220c1d8eb92f2 |
| SHA256 | cb965b86ac14f8d85c2fd9f8e47b77361ebe9a8c54e021d201600078961b3dc2 |
| SHA512 | ddf966bc73d65cb9622a2a80e8e68752ae956651ceb4133478715804d435838ed34ca694c488a10b714ee85bb817559bdf62a7a8673367a11bc8c88d3100dffe |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileXZhSw6\prefs-1.js
| MD5 | 37ee146b31e9f450de492205b3be7215 |
| SHA1 | 7f2c81f0a080267a8a6bc12d4a870e861befb96f |
| SHA256 | 80318788bd1633c3972c8c1ddbf0238da5eb0ec18e53db544dd9d3d2f94d16f7 |
| SHA512 | 57b8534a2e260eaf555d4b2ed8847f31926e708527a9bdbe664c80e27a23319f346ab04e2db4b337643c764777a7ebbcdd8b87c34d514225143f75eae1013836 |
Analysis: behavioral3
Detonation Overview
Submitted
2024-05-09 01:55
Reported
2024-05-09 02:08
Platform
win10-20240404-en
Max time kernel
300s
Max time network
308s
Command Line
Signatures
Renames multiple (57) files with added filename extension
Executes dropped EXE
Loads dropped DLL
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "ver"
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\TorBrowser\Tor\tor.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Users\Admin\AppData\Local\Temp\_MEI27802\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI27802\geckodriver.exe --port 50050 --websocket-port 50051
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50051 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilesD59hq
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50051 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilesD59hq
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="380.0.92689328\34043858" -parentBuildID 20240416150000 -prefsHandle 1464 -prefMapHandle 1444 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {397d12dd-50e7-4bfc-80df-5e953dfa3da4} 380 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="380.1.1460270531\1114330042" -childID 1 -isForBrowser -prefsHandle 2216 -prefMapHandle 2076 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {9a54baee-855c-4193-af33-bc9c5dea1e78} 380 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="380.2.1993693957\2078574679" -childID 2 -isForBrowser -prefsHandle 2928 -prefMapHandle 2740 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {444ab954-eeb2-4e5f-b5cb-a93d364f8598} 380 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="380.3.1472818793\1732264560" -childID 3 -isForBrowser -prefsHandle 3340 -prefMapHandle 3224 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {be83ae4c-d68f-4a66-972c-3e4cfc1f7e68} 380 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="380.4.195155361\765130035" -childID 4 -isForBrowser -prefsHandle 3600 -prefMapHandle 3596 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {82f82852-9b07-429a-af37-fcd767bd09e0} 380 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="380.5.397905168\1653949143" -childID 5 -isForBrowser -prefsHandle 3752 -prefMapHandle 3756 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {4ae28c2e-615e-43f1-a9f2-49533aa028b0} 380 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="380.6.502463457\1350874123" -childID 6 -isForBrowser -prefsHandle 3932 -prefMapHandle 3936 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {7c14ff9a-bbcc-4d49-a63f-fb71803afb65} 380 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI27802\geckodriver.exe --port 50050 --websocket-port 50051
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50051 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileB1FqgV
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50051 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileB1FqgV
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="2316.0.163213237\1958448180" -parentBuildID 20240416150000 -prefsHandle 1500 -prefMapHandle 1488 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {dab57d98-a765-4b35-9fa0-3fd1729adf7f} 2316 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="2316.1.119995088\266819950" -childID 1 -isForBrowser -prefsHandle 2160 -prefMapHandle 2152 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1140 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {10a72505-03d2-4e87-bdb5-bfe674ffae9e} 2316 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="2316.2.2133508786\1200793053" -childID 2 -isForBrowser -prefsHandle 2936 -prefMapHandle 2932 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1140 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {abdfd149-8891-49fc-9fbd-27627dae5c6b} 2316 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="2316.3.336105084\1439981578" -childID 3 -isForBrowser -prefsHandle 3000 -prefMapHandle 2988 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1140 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {659ad51c-6a99-465a-9aac-d52bef211dcf} 2316 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="2316.4.1793413888\578024185" -childID 4 -isForBrowser -prefsHandle 3120 -prefMapHandle 2924 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1140 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {83a0bd86-a783-4459-a46a-d6d537a49b45} 2316 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="2316.5.1965172817\690070793" -childID 5 -isForBrowser -prefsHandle 3676 -prefMapHandle 3672 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1140 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {a58ebff8-a262-40b2-a6e4-5ee46d3d91f7} 2316 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="2316.6.301350109\898290409" -childID 6 -isForBrowser -prefsHandle 3660 -prefMapHandle 3664 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1140 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {3e139f7a-0daa-40ba-84bd-544724d7a863} 2316 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI27802\geckodriver.exe --port 50050 --websocket-port 50051
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50051 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileVIUtMK
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50051 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileVIUtMK
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="2556.0.688006039\381340273" -parentBuildID 20240416150000 -prefsHandle 1484 -prefMapHandle 1472 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {e47d109e-d6aa-4286-80a4-bac0a36a0687} 2556 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="2556.1.679058960\1286957993" -childID 1 -isForBrowser -prefsHandle 864 -prefMapHandle 2440 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1124 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {b3bafd35-3051-4647-93ab-8f5d2a145027} 2556 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="2556.2.1125469911\1705509948" -childID 2 -isForBrowser -prefsHandle 2972 -prefMapHandle 2976 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1124 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {73da1134-8f5a-4792-8ad5-35abc2839eab} 2556 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="2556.3.1134812959\1640216736" -childID 3 -isForBrowser -prefsHandle 3468 -prefMapHandle 3484 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1124 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {8c7f4505-fafb-42e6-a6b9-c6ec73e26c03} 2556 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="2556.4.1132485831\111693478" -childID 4 -isForBrowser -prefsHandle 1348 -prefMapHandle 3452 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1124 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {978ee07c-60c2-4497-b991-d328102490e3} 2556 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="2556.5.265642517\108026950" -childID 5 -isForBrowser -prefsHandle 3816 -prefMapHandle 3820 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1124 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {68fcd54d-90be-4612-84b7-ddc1b22a9123} 2556 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="2556.6.250991657\1574689436" -childID 6 -isForBrowser -prefsHandle 1348 -prefMapHandle 3656 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1124 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {d0c0102b-f6de-4864-bd66-560e6f01141d} 2556 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="2556.7.722024854\1522091150" -childID 7 -isForBrowser -prefsHandle 4368 -prefMapHandle 4372 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1124 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {87748674-54f6-4310-9029-3690a4a35d9b} 2556 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI27802\geckodriver.exe --port 50050 --websocket-port 50051
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50051 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile2gSe9Y
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50051 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile2gSe9Y
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="3124.0.1615992573\510967246" -parentBuildID 20240416150000 -prefsHandle 1496 -prefMapHandle 1484 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {6ec7a6a6-345a-4ef2-82f0-17af9cc4a008} 3124 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="3124.1.1682370296\2142377408" -childID 1 -isForBrowser -prefsHandle 2468 -prefMapHandle 2464 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1124 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {f07e5ee7-384a-40af-a179-a9b6a2ca2029} 3124 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="3124.2.1290240535\401958144" -childID 2 -isForBrowser -prefsHandle 2984 -prefMapHandle 2980 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1124 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {48bd9def-d860-4b84-b6e3-452fb5e268d6} 3124 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="3124.3.2105919241\2043829176" -childID 3 -isForBrowser -prefsHandle 3012 -prefMapHandle 3020 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1124 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {58abe64a-9484-432c-a5e0-332756c86009} 3124 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="3124.4.1119239565\38636908" -childID 4 -isForBrowser -prefsHandle 3404 -prefMapHandle 3420 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1124 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {56e4e58b-a6c7-4b4d-bbf9-3203724ca462} 3124 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="3124.5.738238447\868938350" -childID 5 -isForBrowser -prefsHandle 3780 -prefMapHandle 2320 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1124 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {1f8ee43b-a80d-423c-a505-f8e157f6db69} 3124 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="3124.6.878881906\214147416" -childID 6 -isForBrowser -prefsHandle 3952 -prefMapHandle 3956 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1124 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {1e6302ee-a477-4740-a18b-337120a560e8} 3124 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI27802\geckodriver.exe --port 50050 --websocket-port 50051
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50051 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZAP603
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50051 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZAP603
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="4340.0.63165313\1514529781" -parentBuildID 20240416150000 -prefsHandle 1464 -prefMapHandle 1448 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {6eb3919c-aede-4b5a-9c17-ce8aa7f44fa4} 4340 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="4340.1.1985730490\720753408" -childID 1 -isForBrowser -prefsHandle 2084 -prefMapHandle 2388 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {80160f03-0112-4a8e-9d88-49c3cf939d94} 4340 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="4340.2.667111825\821906570" -childID 2 -isForBrowser -prefsHandle 2928 -prefMapHandle 2924 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {d304ef9f-96d3-45fc-98d7-2a9012e98d0e} 4340 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="4340.3.925069786\1823666349" -childID 3 -isForBrowser -prefsHandle 3352 -prefMapHandle 3360 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {6fb5a750-8a50-4a2f-b255-417caeb9928b} 4340 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="4340.4.1808786527\500456901" -childID 4 -isForBrowser -prefsHandle 1348 -prefMapHandle 3108 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {7eb528e0-8676-4b0c-a442-21f5da86381f} 4340 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="4340.5.2081617164\1717682866" -childID 5 -isForBrowser -prefsHandle 3768 -prefMapHandle 3772 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {2105986d-dc2b-40dd-981d-8af7e5e4eeb3} 4340 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="4340.6.287101269\1013813905" -childID 6 -isForBrowser -prefsHandle 3828 -prefMapHandle 3832 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {21055f4c-c5f8-44f3-84dd-2297cc84f74a} 4340 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="4340.7.515699391\1437050746" -childID 7 -isForBrowser -prefsHandle 3164 -prefMapHandle 4228 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {9e6285f1-8c9e-48ac-8c74-48bf07e73970} 4340 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI27802\geckodriver.exe --port 50050 --websocket-port 50051
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50051 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilefhmDZh
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50051 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilefhmDZh
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="2904.0.1442250837\693550866" -parentBuildID 20240416150000 -prefsHandle 1476 -prefMapHandle 1452 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {b20e1751-0dc1-477c-bf95-8db35b35bc81} 2904 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="2904.1.1627838094\1882165524" -childID 1 -isForBrowser -prefsHandle 2736 -prefMapHandle 2732 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1124 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {7bd3cc69-532f-45af-9dfb-b43cb452375d} 2904 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="2904.2.1489488145\1571744043" -childID 2 -isForBrowser -prefsHandle 3424 -prefMapHandle 3420 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1124 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {d700a880-7921-473d-835a-b147da55a74c} 2904 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="2904.3.1020229136\650488687" -childID 3 -isForBrowser -prefsHandle 3388 -prefMapHandle 3392 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1124 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {f1e89c01-1582-44a2-9a3f-62716a02a125} 2904 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="2904.4.1929622151\532373201" -childID 4 -isForBrowser -prefsHandle 3664 -prefMapHandle 3660 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1124 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {4c474781-3fb2-4501-a954-68b7dea2799e} 2904 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="2904.5.1688230794\28432929" -childID 5 -isForBrowser -prefsHandle 3876 -prefMapHandle 3872 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1124 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {8c1bd45c-8eee-4dc1-bed3-17c0ef212c23} 2904 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="2904.6.1473755817\2044592017" -childID 6 -isForBrowser -prefsHandle 4020 -prefMapHandle 4024 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1124 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {e578e1b5-7e9d-43c0-9bd0-ef15cc51be4d} 2904 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="2904.7.229953565\186941484" -childID 7 -isForBrowser -prefsHandle 4380 -prefMapHandle 4384 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1124 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {d3424c98-5c63-48d8-bde4-35afdd604ebf} 2904 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI27802\geckodriver.exe --port 50050 --websocket-port 50051
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50051 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileFoHZtb
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50051 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileFoHZtb
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="3148.0.277768006\395822651" -parentBuildID 20240416150000 -prefsHandle 1476 -prefMapHandle 1464 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {72822f75-3012-4e97-83c9-698cef864197} 3148 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="3148.1.1508353090\810788644" -childID 1 -isForBrowser -prefsHandle 2596 -prefMapHandle 2512 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {d3571aa6-91d1-43c8-b2d2-551b3d22835b} 3148 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="3148.2.535244849\1279229095" -childID 2 -isForBrowser -prefsHandle 3300 -prefMapHandle 3296 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {67892eb4-b057-41c6-947e-92dabaad19b7} 3148 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="3148.3.1899868927\1380206079" -childID 3 -isForBrowser -prefsHandle 3316 -prefMapHandle 3432 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {49964438-1e7f-4379-b19e-e75a3b0a69fb} 3148 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="3148.4.522021851\1592930809" -childID 4 -isForBrowser -prefsHandle 3612 -prefMapHandle 3604 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {53fd5c9e-1ae6-4e34-b16e-6d48afa4993b} 3148 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="3148.5.1724292973\1779352871" -childID 5 -isForBrowser -prefsHandle 3784 -prefMapHandle 3788 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {ac51c928-e558-41a8-ba79-2bc63b22a3a1} 3148 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="3148.6.1252711273\1659909462" -childID 6 -isForBrowser -prefsHandle 4032 -prefMapHandle 4036 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {cca0ea5d-44ae-4bba-91bc-7624d091cc9f} 3148 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI27802\geckodriver.exe --port 50050 --websocket-port 50051
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50051 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileBRr8UW
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50051 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileBRr8UW
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="4040.0.1639284890\322849248" -parentBuildID 20240416150000 -prefsHandle 1488 -prefMapHandle 1464 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {91396905-91eb-495c-9525-b21a9384eac8} 4040 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="4040.1.224104882\1187247968" -childID 1 -isForBrowser -prefsHandle 2492 -prefMapHandle 2488 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1116 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {3f951ec9-8854-4085-9171-7f876c25103c} 4040 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="4040.2.1051877942\1379341164" -childID 2 -isForBrowser -prefsHandle 2940 -prefMapHandle 2936 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1116 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {af13ed2c-4bf2-49d9-b99d-d6fc991f9066} 4040 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="4040.3.1179856681\251779939" -childID 3 -isForBrowser -prefsHandle 2952 -prefMapHandle 3148 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1116 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {560f28bc-6c7b-4ef8-a1b4-3921226d030a} 4040 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="4040.4.778766041\13374456" -childID 4 -isForBrowser -prefsHandle 1348 -prefMapHandle 2352 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1116 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {bba71773-4fcb-4bd3-9df5-c171cb4d14cb} 4040 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="4040.5.1994683692\1809714963" -childID 5 -isForBrowser -prefsHandle 3748 -prefMapHandle 3752 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1116 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {2b17735c-44ec-4ab8-8091-2edb840eb72e} 4040 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="4040.6.636509886\1810014706" -childID 6 -isForBrowser -prefsHandle 4012 -prefMapHandle 4008 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1116 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {e03293b6-3fd9-416a-ab00-4e2a469dae21} 4040 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="4040.7.2076454035\906727253" -childID 7 -isForBrowser -prefsHandle 4332 -prefMapHandle 4220 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1116 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {79c38375-f5db-4f32-9ed7-3f3e76574ba6} 4040 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI27802\geckodriver.exe --port 50050 --websocket-port 50051
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50051 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileH1IAZ9
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50051 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileH1IAZ9
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="3256.0.499447489\1141251574" -parentBuildID 20240416150000 -prefsHandle 1496 -prefMapHandle 1488 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {6164e7cd-89fd-48ca-a787-1c619a262fbc} 3256 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="3256.1.646716401\541915408" -childID 1 -isForBrowser -prefsHandle 2256 -prefMapHandle 2620 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1136 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {6727ea3f-d915-4e9b-8afc-7e693e198e43} 3256 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="3256.2.450731153\1534245644" -childID 2 -isForBrowser -prefsHandle 2392 -prefMapHandle 2240 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1136 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {fb9832e9-2f66-441a-bb69-8ad8de1b1d79} 3256 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="3256.3.1269537546\1048496075" -childID 3 -isForBrowser -prefsHandle 3224 -prefMapHandle 3288 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1136 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {f6d663cb-866c-41d5-b021-e0c6bc9a6761} 3256 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="3256.4.1345195066\1430130179" -childID 4 -isForBrowser -prefsHandle 2964 -prefMapHandle 3544 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1136 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {434555b8-531b-46fd-b92b-0d9c82ee5c06} 3256 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="3256.5.2098993529\205604220" -childID 5 -isForBrowser -prefsHandle 3244 -prefMapHandle 3084 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1136 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {727e32ce-08af-49a4-b31f-bb2ff54bcb6a} 3256 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="3256.6.1554565125\524891607" -childID 6 -isForBrowser -prefsHandle 3852 -prefMapHandle 3856 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1136 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {a0f0b219-be93-40b5-b81c-6a69639b8c1a} 3256 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="3256.7.1982471983\202728757" -childID 7 -isForBrowser -prefsHandle 4344 -prefMapHandle 4348 -prefsLen 25412 -prefMapSize 245849 -jsInitHandle 1136 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {738ccc32-c161-4f78-975e-1bbd89af94e2} 3256 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI27802\geckodriver.exe --port 50050 --websocket-port 50051
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50051 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileeSZVnA
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50051 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileeSZVnA
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="1576.0.496327619\1905437004" -parentBuildID 20240416150000 -prefsHandle 1492 -prefMapHandle 1480 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {dc4386bc-56f9-4540-8837-646566b6ae74} 1576 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="1576.1.1503743593\1328506037" -childID 1 -isForBrowser -prefsHandle 2328 -prefMapHandle 2604 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1176 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {d16b42c4-03cb-4608-935f-780169db60e3} 1576 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="1576.2.590427152\1905467182" -childID 2 -isForBrowser -prefsHandle 2812 -prefMapHandle 2828 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1176 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {0b6ad7eb-1dff-4d25-b494-b6efa73b4414} 1576 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="1576.3.983156132\672002134" -childID 3 -isForBrowser -prefsHandle 3068 -prefMapHandle 3056 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1176 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {d87ba5f7-5277-4d3c-9ca8-cf6e2651e35e} 1576 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="1576.4.819039363\304893851" -childID 4 -isForBrowser -prefsHandle 3616 -prefMapHandle 3612 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1176 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {e4082819-121c-4876-aad9-293693e740b5} 1576 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="1576.5.1896572722\134535170" -childID 5 -isForBrowser -prefsHandle 1360 -prefMapHandle 1356 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1176 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {10fa13ea-a728-47ac-aa4d-3a9d7613ce2c} 1576 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe" -contentproc --channel="1576.6.43709962\2090604886" -childID 6 -isForBrowser -prefsHandle 3948 -prefMapHandle 3952 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1176 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\browser" - {35904650-0ae1-4957-913e-9a33a96d43bf} 1576 tab
Network
| Country | Destination | Domain | Proto |
| PL | 45.141.215.200:7430 | tcp | |
| CA | 192.160.102.165:9001 | tcp | |
| US | 172.245.23.98:8080 | tcp | |
| US | 8.8.8.8:53 | 98.23.245.172.in-addr.arpa | udp |
| ES | 81.44.81.34:34500 | tcp | |
| FR | 54.36.205.38:9002 | tcp | |
| US | 8.8.8.8:53 | 38.205.36.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.81.44.81.in-addr.arpa | udp |
| N/A | 127.0.0.1:50153 | tcp | |
| N/A | 127.0.0.1:50155 | tcp | |
| N/A | 127.0.0.1:50050 | tcp | |
| N/A | 127.0.0.1:50050 | tcp | |
| N/A | 127.0.0.1:50249 | tcp | |
| US | 52.111.227.14:443 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50257 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:50050 | tcp | |
| N/A | 127.0.0.1:50050 | tcp | |
| N/A | 127.0.0.1:50050 | tcp | |
| N/A | 127.0.0.1:50568 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50576 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:50050 | tcp | |
| N/A | 127.0.0.1:50050 | tcp | |
| N/A | 127.0.0.1:50050 | tcp | |
| N/A | 127.0.0.1:50835 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50843 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| US | 8.8.8.8:53 | 21.236.111.52.in-addr.arpa | udp |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50050 | tcp | |
| N/A | 127.0.0.1:50050 | tcp | |
| N/A | 127.0.0.1:50050 | tcp | |
| N/A | 127.0.0.1:51126 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51134 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50050 | tcp | |
| N/A | 127.0.0.1:50050 | tcp | |
| N/A | 127.0.0.1:50050 | tcp | |
| N/A | 127.0.0.1:51380 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51388 | tcp | |
| US | 8.8.8.8:53 | 131.72.42.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.18.2.in-addr.arpa | udp |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:50050 | tcp | |
| N/A | 127.0.0.1:50050 | tcp | |
| N/A | 127.0.0.1:50050 | tcp | |
| N/A | 127.0.0.1:51756 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51764 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:50050 | tcp | |
| N/A | 127.0.0.1:50050 | tcp | |
| N/A | 127.0.0.1:50050 | tcp | |
| N/A | 127.0.0.1:52074 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:52082 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| N/A | 127.0.0.1:50050 | tcp | |
| N/A | 127.0.0.1:50050 | tcp | |
| N/A | 127.0.0.1:50050 | tcp | |
| N/A | 127.0.0.1:52335 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:52343 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:50050 | tcp | |
| N/A | 127.0.0.1:50050 | tcp | |
| N/A | 127.0.0.1:50050 | tcp | |
| N/A | 127.0.0.1:52693 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:52701 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:50050 | tcp | |
| N/A | 127.0.0.1:50050 | tcp | |
| N/A | 127.0.0.1:50050 | tcp | |
| N/A | 127.0.0.1:53012 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:53020 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\_MEI27802\base_library.zip
| MD5 | 09f7062e078379845347034c2a63943e |
| SHA1 | 9683dd8ef7d72101674850f3db0e05c14039d5fd |
| SHA256 | 7c1c73de4909d11efb20028f4745a9c8494fb4ee8dcf2f049907115def3d2629 |
| SHA512 | a169825e9b0bb995a115134cf1f7b76a96b651acd472dc4ce8473900d8852fc93b9f87a26d2c64f7bb3dd76d5feb01eeb4af4945e0c0b95d5c9c97938fa85b34 |
\Users\Admin\AppData\Local\Temp\_MEI27802\VCRUNTIME140.dll
| MD5 | 4a365ffdbde27954e768358f4a4ce82e |
| SHA1 | a1b31102eee1d2a4ed1290da2038b7b9f6a104a3 |
| SHA256 | 6a0850419432735a98e56857d5cfce97e9d58a947a9863ca6afadd1c7bcab27c |
| SHA512 | 54e4b6287c4d5a165509047262873085f50953af63ca0dcb7649c22aba5b439ab117a7e0d6e7f0a3e51a23e28a255ffd1ca1ddce4b2ea7f87bca1c9b0dbe2722 |
\Users\Admin\AppData\Local\Temp\_MEI27802\python38.dll
| MD5 | 305f8ecac261934543c5215f16e6afdd |
| SHA1 | 3920f757f7d3d2c2cd97ce5adcecbcf218873984 |
| SHA256 | 0b75e5e7d45c7d19d5a280e5c3cd296e2601cf378c37174df257e915d4ee244d |
| SHA512 | 9e64641cd7440ee3b3e07ac6aa536a22f9b0bc3684c26ce48462d1f180f0afa692a7f4608174199d91f9dd5665ef49ffafdd1d12d6605f4a896089262d31ef56 |
C:\Users\Admin\AppData\Local\Temp\_MEI27802\_lzma.pyd
| MD5 | cf9fd17b1706f3044a8f74f6d398d5f1 |
| SHA1 | c5cd0debbde042445b9722a676ff36a0ac3959ad |
| SHA256 | 9209ccc60115727b192bf7771551040ca6fdd50f9bf8c3d2eacbfd424e8245e4 |
| SHA512 | 5fe922c00c6f7fd3cd9bc56fc51de1f44adffbdb0afc0583f1bb08008be628b9ac16f8560b0c3ba16138e1cdcaf1c525ef24241bed804804cdeb5961aed6385a |
C:\Users\Admin\AppData\Local\Temp\_MEI27802\_ssl.pyd
| MD5 | d4dfd8c2894670e9f8d6302c09997300 |
| SHA1 | c3a6cc8d8079a06a4cac8950e0baba2b43fb1f8e |
| SHA256 | 0a721fc230eca278a69a2006e13dfa00e698274281378d4df35227e1f68ea3e0 |
| SHA512 | 1422bf45d233e2e3f77dce30ba0123625f2a511f73dfdf42ee093b1755963d9abc371935111c28f0d2c02308c5e82867de2546d871c35e657da32a7182026048 |
\Users\Admin\AppData\Local\Temp\_MEI27802\_hashlib.pyd
| MD5 | 5e5af52f42eaf007e3ac73fd2211f048 |
| SHA1 | 1a981e66ab5b03f4a74a6bac6227cd45df78010b |
| SHA256 | a30cf1a40e0b09610e34be187f1396ac5a44dcfb27bc7ff9b450d1318b694c1b |
| SHA512 | bc37625005c3dad1129b158a2f1e91628d5c973961e0efd61513bb6c7b97d77922809afca8039d08c11903734450bc098c6e7b63655ff1e9881323e5cfd739fd |
\Users\Admin\AppData\Local\Temp\_MEI27802\libcrypto-1_1.dll
| MD5 | 89511df61678befa2f62f5025c8c8448 |
| SHA1 | df3961f833b4964f70fcf1c002d9fd7309f53ef8 |
| SHA256 | 296426e7ce11bc3d1cfa9f2aeb42f60c974da4af3b3efbeb0ba40e92e5299fdf |
| SHA512 | 9af069ea13551a4672fdd4635d3242e017837b76ab2815788148dd4c44b4cf3a650d43ac79cd2122e1e51e01fb5164e71ff81a829395bdb8e50bb50a33f0a668 |
C:\Users\Admin\AppData\Local\Temp\_MEI27802\_socket.pyd
| MD5 | 4827652de133c83fa1cae839b361856c |
| SHA1 | 182f9a04bdc42766cfd5fb352f2cb22e5c26665e |
| SHA256 | 87832a3b89e2ada8f704a8f066013660d591d9ce01ce901cc57a3b973f0858ba |
| SHA512 | 8d66d68613fdba0820257550de3c39b308b1dce659dca953d10a95ff2cf89c31afe512d30ed44422b31117058dc9fa15279e5ac84694da89b47f99b0ad7e338a |
\Users\Admin\AppData\Local\Temp\_MEI27802\_queue.pyd
| MD5 | dd146e2fa08302496b15118bf47703cf |
| SHA1 | d06813e2fcb30cbb00bb3893f30c2661686cf4b7 |
| SHA256 | 67e4e888559ea2c62ff267b58d7a7e95c2ec361703b5aa232aa8b2a1f96a2051 |
| SHA512 | 5b93a782c9562370fc5b3f289ca422b4d1a1c532e81bd6c95a0063f2e3889ecf828003e42b674439fc7cd0fa72f64ad607bab6910abe9d959a4fb9fb08df263c |
\Users\Admin\AppData\Local\Temp\_MEI27802\libssl-1_1.dll
| MD5 | 50bcfb04328fec1a22c31c0e39286470 |
| SHA1 | 3a1b78faf34125c7b8d684419fa715c367db3daa |
| SHA256 | fddd0da02dcd41786e9aa04ba17ba391ce39dae6b1f54cfa1e2bb55bc753fce9 |
| SHA512 | 370e6dfd318d905b79baf1808efbf6da58590f00006513bdaaed0c313f6fa6c36f634ea3b05f916cee59f4db25a23dd9e6f64caf3c04a200e78c193027f57685 |
\Users\Admin\AppData\Local\Temp\_MEI27802\select.pyd
| MD5 | e21cff76db11c1066fd96af86332b640 |
| SHA1 | e78ef7075c479b1d218132d89bf4bec13d54c06a |
| SHA256 | fcc2e09a2355a5546922874fb4cac92ee00a33c0ed6adbc440d128d1e9f4ec28 |
| SHA512 | e86dba2326ca5ea3f5ef3af2abd3c23d5b29b6211acc865b6be5a51d5c8850b7cda8c069e6f631ac62f2047224c4b675bbe6ac97c7ba781de5b8016ebaffd46f |
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\handlers.json
| MD5 | e7a65c5ead519a7b802f991353c26d3d |
| SHA1 | 34cc3c1cf9bd4912dba5fa422010934e46419fa3 |
| SHA256 | 0e5ce92485da953757f615bad034a43032b220da18f8165dd85347851b56b2d2 |
| SHA512 | 2a6034449ba6f5da8a77870ae665064047cea2460aeb4c8c0b62b308a403fdd30648150209aecc31ab1e50b6d9d94a1f51d3d7d50bbf35ec1b742bff2dbe788d |
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\places.sqlite
| MD5 | 2eeb46e1c58ff1cce4ac2d4d725b2cc6 |
| SHA1 | 89aa36e77e51da31fbbfd682a2acc91f6016d275 |
| SHA256 | e99e5ee165f2a0d5d39c5cc5a1d994c0534cf7caf8779f314f0e92b2d59d2b6a |
| SHA512 | 23d5e39c25375ef4a83713f44615078878253411cd6ca6c4a149de915cd491b328046ddd189a113585361faad6a47ebd6ead31f062681ab25b0f2832a988265e |
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\webappsstore.sqlite
| MD5 | 41c22c9f81a84b1b0e5ee7ec2ff7c545 |
| SHA1 | d12424cba9e4e9124bf3f15e556c562b95c9b6a3 |
| SHA256 | 4ffdc78433817da79ad2e84b26a2ffaf62d8c1baf80421751d752c3d8723328f |
| SHA512 | 8b690c55ae0b25aeede62a09dea1ef6b7daa9880ca63c6d4ce192160daded05fe0dc44b115216ce10523e2ec45991873c249f159fe8608712818f5ead327897b |
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage.sqlite
| MD5 | 7f2754df6a4a580b15910f449892766d |
| SHA1 | 9dcaad98563ed89781f53941cbc43db5454de7f5 |
| SHA256 | d3765d63c380e5a79296d566b7869c08b1f4e079787176f29cf2ddcd76330654 |
| SHA512 | 25f0205a8c4aed02e9e1f9ecafffb36cb3bb795ef9f06cc12ede9e8b0459ae5b86573b3b4980b92073a59204eaf314cba34c03b99e90ab98f804fe378fe02839 |
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | ecb1dedf5ef99417494e424ca42eb67f |
| SHA1 | e2a293cbba50c6624e75cdaffe472967f3961023 |
| SHA256 | cccd56daa3559a54db61113fbdb5b6c96649cdd65b5cf14bd442c3f2e3b738be |
| SHA512 | 5ea0645775933d5bd2f913d58e344253a58578c920af95bd0fb81ff4f13a4998a919f0856ffdc97541abf9fc3797558b0f2467bc73214b63c7ce568ba87e550b |
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | 47539d0337e97e22a728afc2638d461f |
| SHA1 | d97b37079543b33b9b605c787945f809aed66fd6 |
| SHA256 | 262e52c5bbaa9bcd2dfcb4cf7da83a1efa95ebd0299f82031ad31a6ab19405a5 |
| SHA512 | 3810ebe80173d41785a42459fc5c4a8a31e56294f2c03fe99416925a34d242b88023565057201c9b6dcbdb97c8396d8305a723c0e31bb5b560b031b299672d4a |
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | 7d6384160fc08e8462405b48c58d422d |
| SHA1 | d83b6062f5e178867731c73ca85ebce36e31c806 |
| SHA256 | 8877695be8bed60e85e844422198d7408abba4ee16d362a9c8f514b85e3365d7 |
| SHA512 | 168e240ecec07bd2c9b6bfe8afe228662e6d6c42b4f2bf2349fb9d8aebb5fc4fc624ffd0c5bf91ce51b2ccef3cff33133188997bf9aad97a633552c5eb9ecf10 |
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\xulstore.json
| MD5 | 8d689c06cb844185099c0398a280537e |
| SHA1 | 57073c7526ec37e94bb9db44fedc6d50276f7a6b |
| SHA256 | 96729e9b38f216605ff10715f96f364be32f02e2de23ede7e74b78244605124d |
| SHA512 | 3c7df326c695143915df1068cb2c0f58e93e4881b2c4d94b33948b80e954fbd4cf944ae53b4d15002b79fcdb8e88f8e9cf4c89ca50f56b7cfd8a13ea7dd6fff8 |
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\.metadata-v2
| MD5 | 7abc816e004d9ed0f292770cfa8876cb |
| SHA1 | 4a1eeb702543f0819ef7c64b9f3bfd53be292106 |
| SHA256 | 2960d61c10694d76f29beca0eb96c06608cf4bbf479811449a39197e8580842e |
| SHA512 | 9883b894e65a426227ea9808b69e2259f206df76bd9bb9e7c0ebd7521acbdad0a92c4a531f739c93b1e53001eca8a1a42e122baa1e1885b11d4ba34aae24961a |
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\ls-archive.sqlite
| MD5 | d277f533f1d77e26d09bb66764bbeea6 |
| SHA1 | 082920ebe7dfb870cf94a99fc601fd5ae8b456ee |
| SHA256 | 3c957f8d69ccfe73b66c28d378bf301bb1bcb0ceb5c59ac0dafeb5787b24f3c3 |
| SHA512 | 510c78685b20a68160d9041d5a55a022a281fc0fd5777f978dc422d132961bf52ac23a0a95ca47b15715641ecb7a39b359da8d00d305c8543d553c00db54747d |
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | cbb1daad9fc48ab13e35fcd3621a5999 |
| SHA1 | 0eec8ece735465aea259f8223762f93fb13a97a0 |
| SHA256 | 8a03ae38ee38cf04dd9a5e2c5563bfd930886cae2170ed4200829288e5c155da |
| SHA512 | 818629d68123ae629bd5a1c7e768ed79707360457be1b7c50f7c59447bf9ee398fe78c925f037649d6b1ca529a9cf3bf8077b6f525f3e88142c56bc7e5451e8b |
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\.metadata-v2
| MD5 | 2c740091198dcf20b9c600791e2bcc3c |
| SHA1 | dd6f376ba9139ddec20ece64da0760054133db96 |
| SHA256 | e39504c71ba91c438c682a8c83c7ecfc5410b853d7788a4c561a8c6e90bdbe59 |
| SHA512 | a677a432a4af6b5ad0131d224d2e4c999c2340a54ba770f9f39429fd28ad05a921fcf65a1b714af5deae2419abcf8ab38472e15f0f8758ccf7b7769a40bafffc |
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\sessionCheckpoints.json
| MD5 | 48fcad918c62db97e9af1dba1d131473 |
| SHA1 | d89381594d3241b0e645033f67572a5d8c166764 |
| SHA256 | dd8349e2789db1125b477971c5d445b6afb2f6ea3b57de65080631040900fe8c |
| SHA512 | 2278d074aab519859188b047c77fe7b4db718e0af237b63e06a1b095d7a1eb4e07d6ea59cab5d7b1325aae0047fadea36eae12a80bfefe112aab85fc18aa1ca3 |
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\search.json.mozlz4
| MD5 | b6d7fc9b6ebc5f46500acc52bf6c9808 |
| SHA1 | 4fd8111c436d89b83890e98b4cb7d0343e568340 |
| SHA256 | 2bd35c40d02dfca6c685a001287d89c1ec743b8d4d87a0a568c1cbd0b5ba4974 |
| SHA512 | 7e7111112af9448be4da527ae1d76ed93ec1e236dd00db63ff30d93d1f29cd699193e1e2635b110dda3ec36502c25065ef7d1613537451916ea301eb0f3e084b |
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs.js
| MD5 | 8565a303ddc83b03f8662b034597de18 |
| SHA1 | ce6453779eb52055599ddba097a95ab82512ae5b |
| SHA256 | b6ffe8a2973d7050fd5ffcf7ee1c995eef8d8dc5d58cb0a05a6ca0953bd4c6bd |
| SHA512 | 2b667252645b7f1202582beb353fbb2320f81b1f2e42a8327792309709434092a953727b222a5d81bac1482a547a498ca5c9d3d2c772858746cf29d18c684566 |
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\times.json
| MD5 | 797325af481a14ae243f10d5f24b4a0d |
| SHA1 | 718b6ed3d9d839b8fe0a0e097b9ac5f5770ed5a1 |
| SHA256 | 1d70eaebce1c81e3241ae47deb92aab50f90dd8baa4c7cb5e9f7eb6b1e66abb1 |
| SHA512 | ac9aa2b028bdffe24831ba50894fb48eb70b100f6973875987e24f075a3e9196f96699667eb3a5d2e4f86041d510447c75fe6e55562813451712878a3411c3b1 |
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions.json
| MD5 | e2e8f9cf938f81b1185086b12c5c9d90 |
| SHA1 | b67c857a7002b3262f09ffc9fa8524c58a01e5b9 |
| SHA256 | a053bba02f38179197090a9a9849aab872af5b09dc61b2f69efb0d8ea2d0f5e2 |
| SHA512 | 3bab571f5c43ff72ce1dd654b584d053cba937a3d3cc4d07cbf57ac7acc821b199b90fab66abc62dbe32e75297143c810c995d87df076e75a583e321d081d87f |
C:\Users\Admin\AppData\Local\Temp\tmpo05v4_ul\webdriver-py-profilecopy\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
| MD5 | a3fb2788945937b22e92eeeb30fb4f15 |
| SHA1 | 8cade36d4d5067cd9a094ab2e4b3c786e3c160aa |
| SHA256 | 05b98840b05ef2acbac333543e4b7c3d40fee2ce5fb4e29260b05e2ff6fe24cd |
| SHA512 | 4897aefe3a0efffaa3d92842b42fe223f0b9882031a65bea683f4554d1fec92b8a66ea15c67e9b95c7fc12991cde3245010ccfb91768ba233711ced3412c13bc |
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extension-preferences.json
| MD5 | d2e8aceaa00ad916618bea2eee81aedf |
| SHA1 | 28b26f0db0b4b2504a418983089795761c56e4a1 |
| SHA256 | fc52b830f384921b69b457fed04dfb4239fb08e9fe7d8ac07c4c269bd9f6f622 |
| SHA512 | b6cb1f872dfc024d28524976aca3ad8840943ca0fc212326e8b6ee6fe0a57d5120a6c1da824ab70d7f9ee8dd674bdd32ace038db4d893b893830bf3267c6e59d |
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\datareporting\glean\db\data.safe.bin
| MD5 | b1c8aa9861b461806c9e738511edd6ae |
| SHA1 | fe13c1bbc7e323845cbe6a1bb89259cbd05595f8 |
| SHA256 | 7cea48e7add3340b36f47ba4ea2ded8d6cb0423ffc2a64b44d7e86e0507d6b70 |
| SHA512 | 841a0f8c98dd04dc9a4be2f05c34ecd511388c76d08ca0f415bfb6056166d9a521b8bc2c46b74697f3ecdac5141d1fe6af76dd0689350caca14e9f849ee75a8b |
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\cookies.sqlite
| MD5 | 5caa766855d5613a999f71b7812d6451 |
| SHA1 | ad0d9a52a0d5cc7f11858301dbe47377ed99ee37 |
| SHA256 | 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27 |
| SHA512 | 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba |
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\content-prefs.sqlite
| MD5 | 2ec530a71bdac21f299f9ddb823be222 |
| SHA1 | 5425aaf19c0832cda06be506e88f2435f432d287 |
| SHA256 | ccad2cafe84d27b3be67a87f0e32b7670e451c7ceefce6f2aa38f658976334b3 |
| SHA512 | 94eec8b0f59c68331d9187dd4dd4aa2b2c31d844e72bf707cd9e0c7c72c64982a3babcacf3d09a996422281ac5479ee304b41a577e54a74308d7a31a7d7091d4 |
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\favicons.sqlite
| MD5 | 0351b833a5c095852e821535974441c8 |
| SHA1 | bcbf5c294852c2d80af7862d19791b994aea7706 |
| SHA256 | dd13400afe7ebe5d0be37c951ff961be293b63588cc3635a62fa5f071ab69eef |
| SHA512 | 3eaefe9e400fadf0b947036e15b4dc5c7b42fbbcb716426ba478073eff1e7d7bddf3f72c44dfb5fafe6712d7ea9f2c52c172607d719f238a22e432afdb618b97 |
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\containers.json
| MD5 | 26dd091069531a62061de8ca1c56d46b |
| SHA1 | 6c9daa73f096174f28f86c9bb245cb8a540f5c2d |
| SHA256 | 2cde4e7f9f1c6ab6fcf729370237845c72314a6c6d942fab1989f37e6c610a9a |
| SHA512 | 180d42c642f5d1126efbf89af33f1b4d1aa936aa530834b508eabcf3ec845aad91daa871ee6517e1181910f5720edbc3788d6a4b2455f1255d7b52b95de2d66d |
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\addonStartup.json.lz4
| MD5 | 85de06e3d4c6f39404776f3c7162c59b |
| SHA1 | 3e4b8ecebaa9c903d220ee23d367be8e8ba27619 |
| SHA256 | 33d83687f45f4dbe12db0a0ce697cbce2c228d71ed474ad10a839ff7ce95012a |
| SHA512 | 6cd4cac7bd74ac01de30d242b2bc75e7dc2e23c0871250ae8176cc947553dbfc702a2392380acdad6bec355aea6dfa95708af54c560330c36c05bb0f34169963 |
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\compatibility.ini
| MD5 | e50a617598b0f635e6f9ae4a9d445b78 |
| SHA1 | a372ec393dd6271bd00cf02f894152887765da8b |
| SHA256 | c9053fe76caf2607aa3043fa8b60070956198590dd8aab868145e0644cee30f5 |
| SHA512 | e851c226c38d4a6dfe43074d455fd75483d6c9b4d9521280a64f5b1913a055084d7764f13a8d0a12142a716a4031cc2ca4916c131d41c18a4d7a95128cb03bc0 |
C:\Users\Admin\AppData\Local\Temp\_MEI27802\unicodedata.pyd
| MD5 | 601aee84e12b87ca66826dfc7ca57231 |
| SHA1 | 3a7812433ca7d443d4494446a9ced24b6774ceca |
| SHA256 | d8091e62c74e1b2b648086f778c3c41ce01f09661a75ea207d3fea2cf26a8762 |
| SHA512 | 7c2d64623c6cfd66d6729f59909c90aa944e810ff6514c58b2b3142ee90e8660b7ddf7fa187389dd333e47efe8b19e935dd4e9119c15375b69b4880d043877d7 |
C:\Users\Admin\AppData\Local\Temp\_MEI27802\top-1m.csv
| MD5 | 11136fa0eb32dbafb2979b5c07816a51 |
| SHA1 | 783b6bba1043b11a3850ba5c922e39bb1409d094 |
| SHA256 | 98c29fb0f6ecdff973c17b62389b8892a69bda49e2dd0c0ca888ebf4ae1f322f |
| SHA512 | 3f20d5d0f977dc1661bdf98394674ac5c3b1d85873d6ddc1c2a430ae2d0d46d517473c9884e60474093dcac5436d8aab64d98c0e56532edc49b449822aecec49 |
C:\Users\Admin\AppData\Local\Temp\_MEI27802\pyexpat.pyd
| MD5 | 2ae23047648257afa90d0ca96811979f |
| SHA1 | 0833cf7ccae477faa4656c74d593d0f59844cadd |
| SHA256 | 5caf51f12406bdb980db1361fab79c51be8cac0a2a0071a083adf4d84f423e95 |
| SHA512 | 13052eb183bb7eb8bb2740ff39f63805b69e920f2e21b482657a9995aa002579a88296b81ec415942511d2ed146689d1868b446f7e698e72da22f5c182706030 |
C:\Users\Admin\AppData\Local\Temp\_MEI27802\nss3.dll
| MD5 | 71747091d34cc634b9ad3c360b45b0a9 |
| SHA1 | 111cf483836f6a392f64bc9398a327be1c43dfc8 |
| SHA256 | 6e69c7c93a9d06c34c5f5429813d3763fe7ae4fb09c1dc5b0f0290b2dd8befcf |
| SHA512 | b911fd3b201a84c7663135c2dbf72e2368d68557181f5e1a32be271b0e73181f34990575fba44002fc92bae7d90caf530b7ec9212d3d022b4526906f0c2eb35a |
C:\Users\Admin\AppData\Local\Temp\_MEI27802\mozglue.dll
| MD5 | 3e4d1ec1d2a6e85593459601b5a0a828 |
| SHA1 | 92ee422285282dcb170cbc7808299d14d8d27963 |
| SHA256 | eefcf97ee8a298c85c9d4d44bb8747c0cca1ef5922e25000814148fd0fbfb2f5 |
| SHA512 | 4fe70fdbf8c902497537fbcda6e96373c636521aba2db52e3047abad37a9b857ab1668f203bcdf2815bbe0c485ec751dd6031043f459fd4af968c5d495e44ba4 |
C:\Users\Admin\AppData\Local\Temp\_MEI27802\mozavutil.dll
| MD5 | 4ecbb73d44518fc2b601a1ac9a38dcad |
| SHA1 | f7c96e85d5b32af8efb784e75164ec4f0c6f4f10 |
| SHA256 | 7f629ecfd36353139e9b067dc5ba84b411ed74132aef01b4430ccb016af46a52 |
| SHA512 | 12946996b2bdd87dd08cf046b37ff21dc23ab336c92d2b42cfa2000743c79524205004623b67505294080f60f9b5433005457f8a385e0461cef2cded6aa3d610 |
C:\Users\Admin\AppData\Local\Temp\_MEI27802\libcrypto-1_1.dll
| MD5 | 78f7f01391d3b2e4449b299512a2506d |
| SHA1 | a282b3b8b05d886a3a936550c4ef81c519f875ba |
| SHA256 | 657dcbfe240b176f6306055c4631ed9c1567b08fdbef44bf739ac2d3a3afa392 |
| SHA512 | 12ed0f3a92248fa3621eaa7d9c103c11fe1efb13465a6fbb5579e6774ecdd8dff9852e16c5463fb7e5d2d439307291481620a104e772738e23a44281b49e1ddb |
C:\Users\Admin\AppData\Local\Temp\_MEI27802\lgpllibs.dll
| MD5 | 726abf1280adf3129481b94b2bc644c4 |
| SHA1 | 404f69e71296f2d199535e8a6d9fb56707fcbc5f |
| SHA256 | 8969747ecb7dfd4a6dcb9150017e14ebbf90ce558f6fb469f6b558d039e9259a |
| SHA512 | 160b57aa1a28ff35210cf958fd7821aa2cc1cf6fca1ea38d768fa90111826b096518363b00b6818d21743aefd6bbbfa358fbe2fe3afa95edacb330a747c6e5f3 |
C:\Users\Admin\AppData\Local\Temp\_MEI27802\geckodriver.exe
| MD5 | ecd8efd4cab1e6f7d84483c09c9ce6b7 |
| SHA1 | aafe438def0edbe9176f462d1e4e8c4a1883540c |
| SHA256 | 5032f5bb47f24f8e677397e347fdb4a501b0eda42f5d5aa2f5186edadf9838ec |
| SHA512 | eb40225be2070f88465d35b56d5fd2f94ef4a9ead2306ce5c81bb2fa31b1c252e7b8f57befad32130023c5893fd1cb499c387daeb9b760ce2d008691c5359ea9 |
\Users\Admin\AppData\Local\Temp\_MEI27802\_bz2.pyd
| MD5 | a49c5f406456b79254eb65d015b81088 |
| SHA1 | cfc2a2a89c63df52947af3610e4d9b8999399c91 |
| SHA256 | ce4ef8ed1e72c1d3a6082d500a17a009eb6e8ed15022bf3b68a22291858feced |
| SHA512 | bbafeff8c101c7425dc9b8789117fe4c5e516d217181d3574d9d81b8fec4b0bd34f1e1fe6e406ae95584dc671f788cd7b05c8d700baf59fbf21de9c902edf7ae |
C:\Users\Admin\AppData\Local\Temp\_MEI27802\geckodriver.exe
| MD5 | f60c542253cbe94f762e15c7b064b55d |
| SHA1 | 7a32f034217266db6d799893edc976e891a82944 |
| SHA256 | 989c9e22c08924ecb0ce8901889dcb4dc8db33b0b4c8c88ffea38fe89f04c6aa |
| SHA512 | 1a91ba760e9893521e417a4b6ab4a25c1a1d8aadf89ad98a60eb114f65a88f9d2616f3cc102c08b95a0e91d0cb7245ecc2b4fdbbbc17465c57844e6db2b2e8ca |
\Users\Admin\AppData\Local\Temp\_MEI27802\libffi-7.dll
| MD5 | eef7981412be8ea459064d3090f4b3aa |
| SHA1 | c60da4830ce27afc234b3c3014c583f7f0a5a925 |
| SHA256 | f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081 |
| SHA512 | dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016 |
\Users\Admin\AppData\Local\Temp\_MEI27802\_ctypes.pyd
| MD5 | 291a0a9b63bae00a4222a6df71a22023 |
| SHA1 | 7a6a2aad634ec30e8edb2d2d8d0895c708d84551 |
| SHA256 | 820e840759eed12e19f3c485fd819b065b49d9dc704ae3599a63077416d63324 |
| SHA512 | d43ef6fc2595936b17b0a689a00be04968f11d7c28945af4c3a74589bd05f415bf4cb3b4e22ac496490daff533755999a69d5962ccffd12e09c16130ed57fd09 |
C:\Users\Admin\AppData\Local\Temp\_MEI27802\python38.dll
| MD5 | 26ba25d468a778d37f1a24f4514d9814 |
| SHA1 | b64fe169690557656ede3ae50d3c5a197fea6013 |
| SHA256 | 2f3e368f5bcc1dda5e951682008a509751e6395f7328fd0f02c4e1a11f67c128 |
| SHA512 | 80471bfeeab279ce4adfb9ee1962597fb8e1886b861e31bdff1e3aa0df06d93afeb3a3398e9519bab7152d4bd7d88fa9b328a2d7eb50a91eb60fead268912080 |
C:\Users\Admin\AppData\Local\Temp\tmpo05v4_ul\webdriver-py-profilecopy\places.sqlite
| MD5 | 76751f2f03b393fca965628f50b0c8c3 |
| SHA1 | a172d5c43e37ca1e00234426cdf751ffaa0f494a |
| SHA256 | 5470d18e2c1a49035a23416e6d35e6eacd8f2f8492e40e93bbfbd673aea328db |
| SHA512 | 8f451ae2d118eacceb410ecc4779be90c911aff0bb0f0aae5827c1488deab0f77b236f61ac525fef4253c12730c3f2acb4ccf5df411e1c09a947e665ca554bd1 |
C:\Users\Admin\AppData\Local\Temp\_MEI27802\Tor Browser\Browser\firefox.exe
| MD5 | 65aa9b0f57d72e4d70e9226322221adc |
| SHA1 | 85fec174d0977afd8c0100c9d9b53c958e1949bf |
| SHA256 | 51b63860fd996d6d5b1753ba6bb7f3a4303f13187fbfecc96ba2b6bae52a7410 |
| SHA512 | f84416a5e9293b8b82993e9424b13d5bb8542d1a379d04f498b60f0b5805626b7c97bcc6f86f6cfd33031b0d65d0ad23ce6d836995b5a481ed29f62ef89b2c85 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilesD59hq\extensions.json
| MD5 | 764e8bee873e50f47e43e0f1dfdcbbef |
| SHA1 | 3f7e8779b975000868632f8727371bdee931237b |
| SHA256 | 2ce694e1d9824a610e4cfc5930cf01f29cbf0f31c08abb65ae13b4eccac8e55e |
| SHA512 | 925a7d08984b7c95300e1fe3100fc39ad156697976ec9b58a934ec414c5abccab4702fe9f44e2482e287b998b0d404f0f8c802d57e9c1a74d46aa386c6adff85 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilesD59hq\prefs.js
| MD5 | ee89124140311c0c85dcc78c6e6aae7b |
| SHA1 | 14d932ff0b83c1478661a70c476df0bd5d83c072 |
| SHA256 | 92f49e69d98dc7aadeec45f4a489f5d1586b2ddc3cafa3c9330dc4372e00c82a |
| SHA512 | 46dde31ed2a7948b93f2c46d3e9e88e8c0162da817ef3ce141c5060584ea4e140032250701f13faaccb518ac4fdcb1a2ec25b1d416788dcf90c28a4619f9bc78 |
C:\Users\Admin\AppData\Roaming\tor\cached-microdesc-consensus.tmp
| MD5 | 80e882ce8268212cf4db9fbe44f95336 |
| SHA1 | 85abc152168a20d8db2c6501aa43a97ea72efc8c |
| SHA256 | 32c7fa19bdf922f35368bbda1fd91b30fae89f7e8615c8224901e4e3454ee937 |
| SHA512 | eb6fc2086c0c5b1e2207c675e49713961246559ade42f65f5e1d51e6139e503eacceaa57542664f7161dc320df0403d90bc85e499aa2d0f09c4a3d4236920cd5 |
memory/380-583-0x0000021481750000-0x00000214818C0000-memory.dmp
C:\Users\Admin\AppData\Roaming\tor\cached-microdescs.new
| MD5 | e43c9a743c5d15a3ed24dfab81e4b483 |
| SHA1 | 1253013e97d32a936312d0b5a2423adaa9d21e1e |
| SHA256 | db49909dec3fb502d39d2e166be842baa4c1c0a82292aa97648190b57099dcd9 |
| SHA512 | ca834979d0598309b4ce9ba3fda5c20076787fa3c0c201cb00dc109ce57ffc69b6ef49ba558a08439f612fb41b0874733a96a8c11145e668effa8c4ed6368b23 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilesD59hq\prefs.js
| MD5 | 3e26b673a129bf8b0f2d31ee0cb6c844 |
| SHA1 | d107387eae06712d553cb55c72a4bdde5e40b8b7 |
| SHA256 | a1e89479676adb99f72bd0bc02031261685f97fc7636a1601603e7ba3b4fd683 |
| SHA512 | d22d35866bca8b3129af087e798d3e71145fa9201629bd1fbd085ab838416db0722faf8b920a1636960562c65e5eb1c958c0669f88ccd2cab4ca27b5ad8565fa |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilesD59hq\prefs-1.js
| MD5 | c173223d68fecdd50fe36b0f6f1f5363 |
| SHA1 | 85a1d67c94e5648151ad654de2adf01e949de79f |
| SHA256 | d8cbdab60cf5add5a790629401a80619a31c146898f40e2c9a8c43cefb4f87b5 |
| SHA512 | 20b7b016b5f48d1dff341ce2f2a7b866482f9a71689f76bbbda7d8b04e29fae60dc518423f7b7b501772c7bebeed3cf40be73fd31cd14479b8ad2d51b9786370 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilesD59hq\datareporting\glean\db\data.safe.tmp
| MD5 | 7fba44cb533472c1e260d1f28892d86b |
| SHA1 | 727dce051fc511e000053952d568f77b538107bb |
| SHA256 | 14fb5cda1708000576f35c39c15f80a0c653afaf42ed137a3d31678f94b6e8bf |
| SHA512 | 1330b0f39614a3af2a6f5e1ea558b3f5451a7af20b6f7a704784b139a0ec17a20c8d7b903424cb8020a003319a3d75794e9fe8bc0aeb39e81721b9b2fdb9e031 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileB1FqgV\sessionCheckpoints.json
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileB1FqgV\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
memory/2316-822-0x000001CC62C50000-0x000001CC62C60000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileB1FqgV\extension-preferences.json
| MD5 | b4298c9a240d6b7b63346daf94013802 |
| SHA1 | 9ce98168437854b51b198c16186c05129f0c273b |
| SHA256 | e120cdbe8994b9c61e74492f0fad161abb5b4e18f64d4b786a8c245ae5a384d5 |
| SHA512 | 545becc42b35be10b4c24fdc38ef6b664d167e4288111f31478f476c2c06794efb802ac0fa2b782cddea1283d295a56053e96520b033258bd596ff6fbb4f1b4c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileB1FqgV\sessionCheckpoints.json
| MD5 | 99601438ae1349b653fcd00278943f90 |
| SHA1 | 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9 |
| SHA256 | 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a |
| SHA512 | ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileB1FqgV\prefs-1.js
| MD5 | b3ab72c8c493d8380e978eccb1dcb634 |
| SHA1 | 72be475e3bacdcfc4866e7f858d01b74718ea83b |
| SHA256 | 95c4f91ccc380a703d6d20f083288654368aa94ffe624165870d700512b8ebdc |
| SHA512 | b22c7152af63825bfee3d8946695c0878e13aaf771379233e11b9b2f5bf6a2fb6f00712c6ff8d73660f64249009a967542a55ad9269bdce8f0016a9452f5767e |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileB1FqgV\sessionCheckpoints.json
| MD5 | 65690c43c42921410ec8043e34f09079 |
| SHA1 | 362add4dbd0c978ae222a354a4e8d35563da14b4 |
| SHA256 | 7343d5a46e2fca762305a4f85c45484a49c1607ede8e8c4bd12bedd2327edb8d |
| SHA512 | c0208d51cf1586e75f22764b82c48ecbb42c1ff54aa412a85af13d686e0119b4e49e98450d25c70e3792d3b9c2cda0c5ab0c6931ebaf548693bb970a35ae62b9 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileB1FqgV\sessionCheckpoints.json
| MD5 | 2d87ba02e79c11351c1d478b06ca9b29 |
| SHA1 | 4b0fb1927ca869256e9e2e2d480c3feb8e67e6f1 |
| SHA256 | 16b7be97c92e0b75b9f8a3c22e90177941c7e6e3fbb97c8d46432554429f3524 |
| SHA512 | be7e128c140a88348c3676afc49a143227c013056007406c66a3cae16aae170543ca8a0749136702411f502f2c933891d7dcdde0db81c5733415c818f1668185 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileB1FqgV\startupCache\webext.sc.lz4
| MD5 | ed5e6527016b079a91f8662fc8a6fe60 |
| SHA1 | 67f7781942c0463900b36a42a056ee4c9909a5cc |
| SHA256 | e4742176b8d702df7295921f272c7b38db82a6ba651560e029da63dc54f398e2 |
| SHA512 | 3526d897ec7d329b284b0b7f070d401b3212966e2d424698b6286db000e46cbd67d3875a8ea66e27c4858e49a20a80de0f24f4ef495a4d9dd7edb1bd8095567d |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileB1FqgV\prefs-1.js
| MD5 | ae9e21870675f40d2861fcbde33724af |
| SHA1 | 19c29d563266176989b911542ee7b29cb4dfecc4 |
| SHA256 | b4362f3be7cda774518d44ea39e28ca3b79884b326fb4c788419561275f4cc71 |
| SHA512 | 6843132fede00d8071e20250bedeb3bdbeb81ccdf2e4c6561e90c089175c0a50524a2fc60380a1168dc6c95ddc85032054d3af449ef020260a04ed88febb5ab5 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileB1FqgV\xulstore.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileVIUtMK\user.js
| MD5 | 7af0b964c01b73007b5a385fc85fdf72 |
| SHA1 | c98ac07188da59df58945e9eea0612775cdb90cc |
| SHA256 | a987a005f247700323bb83b01d17e2617f1e326b4301784d4588f1ab4926745e |
| SHA512 | a9d1f642476f80f45d80255d89d165727dc663c41fa73ae15d53ac0924c007a2d430b41eff6197c37c4d239d3d5331ff7f11f228ae32b914ad208e07fe70946c |
memory/2556-1068-0x0000019190DC0000-0x0000019190DD0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileVIUtMK\startupCache\scriptCache-child-new.bin
| MD5 | 2724d7dd31542eea53805994d9290cd8 |
| SHA1 | 7b5d8536b060269d79848eaa6e2362333bc0f8ec |
| SHA256 | 72f0d983fa1c2017f7402b19caf50305d7bd8001ed4e7797bc3dc0528f3081a1 |
| SHA512 | 6ea98f95ca46f2b83081b546bf6238de11a829853105233bb29cf9ceeb69ace8c69ae90e94c9b5143f91f05713cfbf82f63265733f6233ecf5acb867758c1ee0 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileVIUtMK\prefs-1.js
| MD5 | 65e11ac83acdd1335aa53c0bfd34c08a |
| SHA1 | ca977f6d3f98c83b728a5cf8fbb258dd17abf6d4 |
| SHA256 | b3b9c70f9e5bfe0efd082c28f4fb4299d0bdd484856c35b398e3ad8c1f886273 |
| SHA512 | 59b6c2f28d043e804b5b6d67e6cd39d6aef39d72279234e45da41967ab79bbdf4dc794c396d90e896958acfd58e7cae90e564221ed1e15b3945b9df4f21d42be |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileVIUtMK\broadcast-listeners.json
| MD5 | 97c3738563a9448365a735f5f29ed3d5 |
| SHA1 | 15a81433236ca6e6ecc4e1c8d0fdb8523b265c57 |
| SHA256 | 63221253f5c30efa214c2cd2adcf51a9c9f9a2c05f119b00a51c9579825c2c24 |
| SHA512 | ed98f42d5d02ab53a9e50f80b312bed4b5d05d053bec582cf9d619ef91251e86cf4f4d1123c645500fc1dc4673b49a8b7badd3f3a39f565ac643ca4fd0157ae6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileVIUtMK\prefs-1.js
| MD5 | cd81cd391cfb769e2b0b94583ae81b53 |
| SHA1 | 149e5176524d6fad1dd3857c411733992dec576a |
| SHA256 | 2e37ab8ac344b8f83015e032d837c0b95e248a5081f44e9ba52fb28f6eb6d8d1 |
| SHA512 | 7eb4afec5577de1b4a54f34652dfb437144a0f6436ee4e8d636e0df1a294ae339e15d06acaefc28157ff796ade0537e49eaf55512c538424ac7b59b951185b41 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileVIUtMK\sessionCheckpoints.json
| MD5 | 29ce37dc02c78bbe2e5284d350fae004 |
| SHA1 | bab97d5908ea6592aef6b46cee1ded6f34693fa2 |
| SHA256 | 1bfee61e2f346959c53aa41add4b02d2b05c86c9f19ffefe1018f4a964bf4693 |
| SHA512 | 53a9eb746e193c088210d8eaa6218d988f3a67ee4cb21844d682ff0178db040932404f5ce2f3cf8b4576313ba0ec33c04ca288c3412bfa5df7dd8230cc2068bb |
memory/3124-1265-0x00000236025E0000-0x00000236025F0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile2gSe9Y\datareporting\glean\db\data.safe.tmp
| MD5 | 1c3c58f7838dde7f753614d170f110fc |
| SHA1 | c17e5a486cecaddd6ced7217d298306850a87f48 |
| SHA256 | 81c14432135b2a50dc505904e87781864ca561efef9e94baeca3704d04e6db3d |
| SHA512 | 9f6e9bcb0bba9e2ce3d7dabe03b061e3fda3f6d7b0249ecf4dbc145dc78844386d047ee2ac95656a025ef808cd0fc451204dc98a1981cf2729091761661a3b49 |
memory/3124-1332-0x0000023609D80000-0x0000023609D90000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile2gSe9Y\prefs-1.js
| MD5 | 2f1eff25f92c13684bde3ce84314c8d3 |
| SHA1 | 4f820c6d6ad5f178c68b9a17adbc784518c0b2d7 |
| SHA256 | 687465b9d4c10e621fa94aa4bc714fd65d1c72ee475ba5b7749e80caff321325 |
| SHA512 | 19d0a250dfd2b0582a5cc8a2f07512c5e9759ea01bf6a998c896f6798a22467df23a2e77984962604fe10338cd64f99a66de50ad070a665e446fa8dd277490d3 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZAP603\compatibility.ini
| MD5 | 162614769d1455449cc0500638467d93 |
| SHA1 | d8e5e95272beb6d750ed648aa66ab15e3e32f81b |
| SHA256 | 40c4ed5e0fa9a5222bc1bedaf09a7ca23fa362edae8f0dc710f2f11ac5e29bfa |
| SHA512 | 0ac4b021a2b5b79b78904a9595a4eb2ae73bb8cdb76dfe72e0ad031e956db5b8519952ff312feab0b5e818f77f8a0dfb75e4b1eda0d2497bdeb2925d7bc4876a |
memory/4340-1498-0x000001D34DD50000-0x000001D34DD60000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZAP603\WebDriverBiDiServer.json
| MD5 | 79eb7c4e3606d1aafaa2a924960b375e |
| SHA1 | bb394424ed701a8615e47d987f3311be516a27eb |
| SHA256 | 564983d6a283a8d15c84ba43ad53ffb92072f8ac125c4efebb5df96bcbbd9535 |
| SHA512 | d1906bb2ed41510e5d731c458ef63cd81c3150cc506920d5f7f7fabd844a826086cb2faa5274130ef767abb4c5dbe7bbd74664ae10aae8c202df0596aa9a5889 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZAP603\prefs-1.js
| MD5 | 98903667667b425197d38c2ad6267c03 |
| SHA1 | 3276adc98f15f3a0bdd49d066865fdca434f5b0a |
| SHA256 | 520063659e5e41291d00b605a6ea1e75b73d6539f284e05d3da370fae35ae271 |
| SHA512 | f4e485984f635584ca3cbc2f92aae4799091c8b912eecd40e3207833582a284dc8b947aaadce9ed7f97df6296fac8f1bdb6ae17b74df4877e78d1266053b8c82 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZAP603\prefs-1.js
| MD5 | 4e5e0f5b95c0708754d8fdd09ad23fed |
| SHA1 | 891b6d41093c849f868de9cab1cee30db9f0d0e6 |
| SHA256 | 1d4d2629a18c8bb8912feb21cccf6fb5378da4ee0b3ac7afc78bce849264ba9e |
| SHA512 | 955d8b9cd5c2c3817cca3a9e22c0ff6353e3daaf394a27b7f08b79002343efde0e55ae4b6cbab827aac90e767883ed4f6b58c97c04bab7461e9dddbe93c78144 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZAP603\prefs.js
| MD5 | 83c15fdd138a32e27a58d006f86d3654 |
| SHA1 | 257bf4fd47ef30dae59ce106312096db9d6213c1 |
| SHA256 | 17cb7c524c2cbf0bc2de4781e8565e7bab76a37a335560b7b41bcbae0c44da4a |
| SHA512 | 31216714ba752cfc35fb6da38a859cf3346e89f48921606230497062333941f6daf531a19ef0a17c1310b6d7e740ebc9a0acd762d0774852563fe6a8d9c45c81 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZAP603\content-prefs.sqlite
| MD5 | b15425d1f21f5708184e35493e63c8a1 |
| SHA1 | e944c1fdf56a3f6a5150b77980e89d48c7b57be2 |
| SHA256 | 7a9012d1846763fe9dcb059035972a023ec29f2b9c03f865f0a6f6df6ef2a6c0 |
| SHA512 | 6b54e30e0a060261bdac98ef818d1053fbabf0d6b8a17efc729942729ed6e6dddb29063b079ddb1dcd1b4edfc85a0311cf821b4b3291372c834a00733456423f |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZAP603\storage-sync-v2.sqlite
| MD5 | bff4d6361e4126d963ab7dffdc7550ce |
| SHA1 | e2660c2f00b0aef4a81972c6a6093935d5aa40d5 |
| SHA256 | ad0828e5ff9d4188151772cd9af85827a431d122901486590c5734b62b4af2d2 |
| SHA512 | 8d967c085d343d50a76cf14e88ed2fb742a7195034ddbaacd57d2c47abf0218a5f6878528a8f37c8f3b61496f61b5e254d205003af87a3cf156ba12ea59f65bc |
memory/2904-1839-0x0000025E76100000-0x0000025E76110000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilefhmDZh\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | d64db9ad3a8fc5e5a1aa481a6143b64c |
| SHA1 | 0e84f184526f30344cc18f9f869dcdda403f60ac |
| SHA256 | 4c07dc45fb9101242c28820cc43503670e067b0c3c319623e38bf4dd01e67e21 |
| SHA512 | 285173d2ab362ecca089aae92b07504a657cbb628cdc5a9a7c11e0f8b4f3607529ab0a4a275606090cd37f6f25f0cc797e34b35257639bcd7da2d68627a4e5fb |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilefhmDZh\prefs-1.js
| MD5 | 1e70f8835bba0bb24ad37060a02fb790 |
| SHA1 | 6310d58af463d64545db8ddb090cfe68b5af480e |
| SHA256 | 3670bb5a4c820fb445ca657e655a9f47eea2b5c2a955beb05c798b2ea7092406 |
| SHA512 | 2f2697fd7c91193fca8167e54f19b0419f1dc9bc0704cd722474c1b10e0a7c595c763dbf29eeaee0ecff89d9047391fc83b558465b27b819e67454a1e2954203 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilefhmDZh\prefs-1.js
| MD5 | 8859e55a4d9f037fa4f83f29e214333f |
| SHA1 | 398ead0fc3bc90786c0dd371d7660f84f478594a |
| SHA256 | fdb9990203498ce864e3b0fa52e5b6e5268993b2548b8b3a2726d26c265220ed |
| SHA512 | 536febf643a7c470cdf85ac3be6900c0ced25eadd1f0c75b99c67da039af9f4abb9df8d1c5d50519f504d3b85fd53acc69a7ddf48f7fdec9cc1871f3ac0122ae |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilefhmDZh\datareporting\glean\db\data.safe.tmp
| MD5 | c58234a092f9d899f0a623e28a4ab9db |
| SHA1 | 7398261b70453661c8b84df12e2bde7cbc07474b |
| SHA256 | eaec709a98b57cd9c054a205f9bfa76c7424db2845c077822804f31e16ac134c |
| SHA512 | ae2724fc45a8d9d26e43d86bcc7e20f398d8ab4e251e89550087ace1311c4d2571392f2f0bed78da211fcb28766779c1853b80742faa69f722b2c44c283569fd |
memory/3148-2060-0x000002826BC90000-0x000002826BCA0000-memory.dmp
memory/3148-2096-0x000002826D910000-0x000002826D920000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileFoHZtb\prefs.js
| MD5 | ecce15427691d99116f5e1ad094726f9 |
| SHA1 | 035663a711a8c612c978cdf6aef7312fc5bbd2d0 |
| SHA256 | 983504c9ace1f753c4cc9f7a7b755f43fef4277443152e525bc8242e199f2982 |
| SHA512 | 7a035926d257f0525b4b7fb75b3a5a037b4d9d6d1cafb1c0f098bf5c59399274293c9c5c643a25813b4b562335210f06aaca586aaf2b664fe74f1f49d2362d60 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileFoHZtb\prefs.js
| MD5 | 8a66c649291d99bb3d413c7cecdb4aa3 |
| SHA1 | 4edca21006a4aec960ff9bb43e5cd296779f0616 |
| SHA256 | e3949ed1cdd114f32b9764adad112d421b2e7c03423b3d27a11d9d96d7589e38 |
| SHA512 | 735b2c2ef560fd7080d34974775f8579331a9ae65576b7b1f250727a6295a8122b08b7fe41b04af9c691e19725534e008e5a78fa3c5febe37b83b1665f49cd53 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileBRr8UW\prefs-1.js
| MD5 | 6c2c719519c14d21011c7b975e96dbd4 |
| SHA1 | 7269cbb22f775b436304c59d1b4d3e004fd054f6 |
| SHA256 | 2f8415a9ea7159116b26a606f2385b8744a2b471f658697c6c62b23b5778117b |
| SHA512 | 176c14e3b67e993c3bbe18ac229ba19995a6ecbaec62ad4fd2cee0c4e0a969d966a86dbeee2490f3dd7ef003489fb323b1fead364bfc3650fe9239dbe73970ec |
memory/4040-2345-0x000001F582590000-0x000001F5825A0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileBRr8UW\startupCache\scriptCache-new.bin
| MD5 | 0d5d9f976f2b8999d1f69a43d5729f9e |
| SHA1 | ecf2d12b273c6cfdd498f4674858c2500dddf215 |
| SHA256 | da05366754a599278da39a867c0fce40e2e312d95107a892ae9e19b365a09a9f |
| SHA512 | 209872150e0876abd3e926f71be715da5531eefc01d341e474c65251d928fa08659ddb7775aae08f476797d955ac218066dbb749ee4b7e988b1308225d8fa005 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileBRr8UW\prefs-1.js
| MD5 | fc7c8cef453b72761ae461631a6f6e77 |
| SHA1 | ca7756e8e5c60ade046e90ac4973526ca1073e78 |
| SHA256 | 95c24bb64534a6c65b477c29b5cdf1aad4b00c1e2fcf6d68da33f04e487aafdd |
| SHA512 | 6c76615fb29c0b8dc2c1ddeb841ebc7571f5a13cbfca3399d48ba9dc0cdd42e4a7db8acdfee7a38c73868b3c14b260c586352cd388052cd6172b17ff292ceb18 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileH1IAZ9\datareporting\glean\db\data.safe.tmp
| MD5 | 63b1bb87284efe954e1c3ae390e7ee44 |
| SHA1 | 75b297779e1e2a8009276dd8df4507eb57e4e179 |
| SHA256 | b017ee25a7f5c09eb4bf359ca721d67e6e9d9f95f8ce6f741d47f33bde6ef73a |
| SHA512 | f7768cbd7dd80408bd270e5a0dc47df588850203546bbc405adb0b096d00d45010d0fb64d8a6c050c83d81bd313094036f3d3af2916f1328f3899d76fad04895 |
memory/3256-2609-0x000002532CCA0000-0x000002532CCB0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileH1IAZ9\datareporting\glean\db\data.safe.tmp
| MD5 | 7d3d11283370585b060d50a12715851a |
| SHA1 | 3a05d9b7daa2d377d95e7a5f3e8e7a8f705938e3 |
| SHA256 | 86bff840e1bec67b7c91f97f4d37e3a638c5fdc7b56aae210b01745f292347b9 |
| SHA512 | a185a956e7105ad5a903d5d0e780df9421cf7b84ef1f83f7e9f3ab81bf683b440f23e55df4bbd52d60e89af467b5fc949bf1faa7810c523b98c7c2361fde010e |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileH1IAZ9\prefs-1.js
| MD5 | 54154e005f8dc66e32d64bb421823d6a |
| SHA1 | 03eb6eb240082c659a8744b47bd7f9c7df1f6ccf |
| SHA256 | 0ed1721ac3c8b89fb947691b935c6dbaf71a274f654960ca168c2e730d7642ea |
| SHA512 | 621af1aeb1411fff83ec32a0455a683f28dbb6c26c76d5648a3e0a6846343a711930ac20213a32ef76f396e5adddeaa19c17bd26f83eef0f185541f76fe7b5d8 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileH1IAZ9\prefs-1.js
| MD5 | ac91e9ee03a8c57c65c8132bb95513d1 |
| SHA1 | 3c2bcb002e7fb4a464178727dc773a0f2adab0ad |
| SHA256 | d780725317fe41ffad81dbde601f2bed56c8d141cc302ffbd96a8c0d9c0c0b1e |
| SHA512 | d437b30d147faed3d780a2184b1775484f0ada9dcfd086a6e2fe49556ac194c6263b374e2a680ecc31789e7e13dd8166bbd927cd571c620b3808ebd7caa076b0 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileH1IAZ9\prefs.js
| MD5 | 8a21b1f83b591856ca93459f67f8bd1e |
| SHA1 | be6cf731d8bb0142931c4037962f1a859e70c97c |
| SHA256 | 498c46d26e74c06ef789f6ef2eb0f1ec06b4a41ff0b760264476623cd0052f49 |
| SHA512 | 69a4832f3020b4787c6d8e55828d168c6d5de508e5516e752632f12796c63dd3985e4c915476096d055e01f0e730df04a7f08ad76b321d5159550bc06eec979c |