hxxp://xboxwindows[.]com/api/57832d00-4958-40a4-8088-22ac3f7563b6

Analysis

max time kernel
286s
max time network
265s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
23-05-2024 13:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://xboxwindows.com/api/57832d00-4958-40a4-8088-22ac3f7563b6

Score

1^/10

Malware Config

Signatures

Checks processor information in registry 2 TTPs 15 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

Processes:

firefox.exefirefox.exefirefox.exe

description	ioc	process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	firefox.exe

Modifies registry class 1 IoCs

Processes:

firefox.exe

description ioc process

Key created \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_Classes\Local Settings firefox.exe
NTFS ADS 1 IoCs

Processes:

firefox.exe

description ioc process

File created C:\Users\Admin\Downloads\57832d00-4958-40a4-8088-22ac3f7563b6:Zone.Identifier firefox.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_Classes\Local Settings	firefox.exe

description	ioc	process
File created	C:\Users\Admin\Downloads\57832d00-4958-40a4-8088-22ac3f7563b6:Zone.Identifier	firefox.exe

Suspicious use of AdjustPrivilegeToken 5 IoCs

Processes:

firefox.exefirefox.exe

description	pid	process
Token: SeDebugPrivilege	2200	firefox.exe
Token: SeDebugPrivilege	2200	firefox.exe
Token: SeDebugPrivilege	2200	firefox.exe
Token: SeDebugPrivilege	1792	firefox.exe
Token: SeDebugPrivilege	1792	firefox.exe

Suspicious use of FindShellTrayWindow 8 IoCs

Processes:

firefox.exefirefox.exe

pid process

2200 firefox.exe
2200 firefox.exe
2200 firefox.exe
2200 firefox.exe
1792 firefox.exe
1792 firefox.exe
1792 firefox.exe
1792 firefox.exe
Suspicious use of SendNotifyMessage 6 IoCs

Processes:

firefox.exefirefox.exe

pid process

2200 firefox.exe
2200 firefox.exe
2200 firefox.exe
1792 firefox.exe
1792 firefox.exe
1792 firefox.exe

pid	process
2200	firefox.exe
2200	firefox.exe
2200	firefox.exe
2200	firefox.exe
1792	firefox.exe
1792	firefox.exe
1792	firefox.exe
1792	firefox.exe

pid	process
2200	firefox.exe
2200	firefox.exe
2200	firefox.exe
1792	firefox.exe
1792	firefox.exe
1792	firefox.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

firefox.exefirefox.exe

description	pid	process	target process
PID 1652 wrote to memory of 2200	1652	firefox.exe	firefox.exe
PID 1652 wrote to memory of 2200	1652	firefox.exe	firefox.exe
PID 1652 wrote to memory of 2200	1652	firefox.exe	firefox.exe
PID 1652 wrote to memory of 2200	1652	firefox.exe	firefox.exe
PID 1652 wrote to memory of 2200	1652	firefox.exe	firefox.exe
PID 1652 wrote to memory of 2200	1652	firefox.exe	firefox.exe
PID 1652 wrote to memory of 2200	1652	firefox.exe	firefox.exe
PID 1652 wrote to memory of 2200	1652	firefox.exe	firefox.exe
PID 1652 wrote to memory of 2200	1652	firefox.exe	firefox.exe
PID 1652 wrote to memory of 2200	1652	firefox.exe	firefox.exe
PID 1652 wrote to memory of 2200	1652	firefox.exe	firefox.exe
PID 1652 wrote to memory of 2200	1652	firefox.exe	firefox.exe
PID 2200 wrote to memory of 2660	2200	firefox.exe	firefox.exe
PID 2200 wrote to memory of 2660	2200	firefox.exe	firefox.exe
PID 2200 wrote to memory of 2660	2200	firefox.exe	firefox.exe
PID 2200 wrote to memory of 2724	2200	firefox.exe	firefox.exe
PID 2200 wrote to memory of 2724	2200	firefox.exe	firefox.exe
PID 2200 wrote to memory of 2724	2200	firefox.exe	firefox.exe
PID 2200 wrote to memory of 2724	2200	firefox.exe	firefox.exe
PID 2200 wrote to memory of 2724	2200	firefox.exe	firefox.exe
PID 2200 wrote to memory of 2724	2200	firefox.exe	firefox.exe
PID 2200 wrote to memory of 2724	2200	firefox.exe	firefox.exe
PID 2200 wrote to memory of 2724	2200	firefox.exe	firefox.exe
PID 2200 wrote to memory of 2724	2200	firefox.exe	firefox.exe
PID 2200 wrote to memory of 2724	2200	firefox.exe	firefox.exe
PID 2200 wrote to memory of 2724	2200	firefox.exe	firefox.exe
PID 2200 wrote to memory of 2724	2200	firefox.exe	firefox.exe
PID 2200 wrote to memory of 2724	2200	firefox.exe	firefox.exe
PID 2200 wrote to memory of 2724	2200	firefox.exe	firefox.exe
PID 2200 wrote to memory of 2724	2200	firefox.exe	firefox.exe
PID 2200 wrote to memory of 2724	2200	firefox.exe	firefox.exe
PID 2200 wrote to memory of 2724	2200	firefox.exe	firefox.exe
PID 2200 wrote to memory of 2724	2200	firefox.exe	firefox.exe
PID 2200 wrote to memory of 2724	2200	firefox.exe	firefox.exe
PID 2200 wrote to memory of 2724	2200	firefox.exe	firefox.exe
PID 2200 wrote to memory of 2724	2200	firefox.exe	firefox.exe
PID 2200 wrote to memory of 2724	2200	firefox.exe	firefox.exe
PID 2200 wrote to memory of 2724	2200	firefox.exe	firefox.exe
PID 2200 wrote to memory of 2724	2200	firefox.exe	firefox.exe
PID 2200 wrote to memory of 2724	2200	firefox.exe	firefox.exe
PID 2200 wrote to memory of 2724	2200	firefox.exe	firefox.exe
PID 2200 wrote to memory of 2724	2200	firefox.exe	firefox.exe
PID 2200 wrote to memory of 2724	2200	firefox.exe	firefox.exe
PID 2200 wrote to memory of 2724	2200	firefox.exe	firefox.exe
PID 2200 wrote to memory of 2724	2200	firefox.exe	firefox.exe
PID 2200 wrote to memory of 2724	2200	firefox.exe	firefox.exe
PID 2200 wrote to memory of 2724	2200	firefox.exe	firefox.exe
PID 2200 wrote to memory of 2724	2200	firefox.exe	firefox.exe
PID 2200 wrote to memory of 2724	2200	firefox.exe	firefox.exe
PID 2200 wrote to memory of 2724	2200	firefox.exe	firefox.exe
PID 2200 wrote to memory of 2724	2200	firefox.exe	firefox.exe
PID 2200 wrote to memory of 2724	2200	firefox.exe	firefox.exe
PID 2200 wrote to memory of 2724	2200	firefox.exe	firefox.exe
PID 2200 wrote to memory of 2724	2200	firefox.exe	firefox.exe
PID 2200 wrote to memory of 2724	2200	firefox.exe	firefox.exe
PID 2200 wrote to memory of 2724	2200	firefox.exe	firefox.exe
PID 2200 wrote to memory of 2724	2200	firefox.exe	firefox.exe
PID 2200 wrote to memory of 2724	2200	firefox.exe	firefox.exe
PID 2200 wrote to memory of 2724	2200	firefox.exe	firefox.exe
PID 2200 wrote to memory of 2792	2200	firefox.exe	firefox.exe
PID 2200 wrote to memory of 2792	2200	firefox.exe	firefox.exe
PID 2200 wrote to memory of 2792	2200	firefox.exe	firefox.exe
PID 2200 wrote to memory of 2792	2200	firefox.exe	firefox.exe
PID 2200 wrote to memory of 2792	2200	firefox.exe	firefox.exe

Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
persistence

Query Registry
T1012

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "http://xboxwindows.com/api/57832d00-4958-40a4-8088-22ac3f7563b6"
1⤵
- Suspicious use of WriteProcessMemory
PID:1652

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url http://xboxwindows.com/api/57832d00-4958-40a4-8088-22ac3f7563b6
2⤵
- Checks processor information in registry
- Modifies registry class
- NTFS ADS
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2200

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2200.0.1641906384\918863054" -parentBuildID 20221007134813 -prefsHandle 1200 -prefMapHandle 1144 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b697b33b-5711-4ce1-a3e8-02812dea55c3} 2200 "\\.\pipe\gecko-crash-server-pipe.2200" 1384 117d6e58 gpu
3⤵
PID:2660

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2200.1.1562177562\511783978" -parentBuildID 20221007134813 -prefsHandle 1524 -prefMapHandle 1520 -prefsLen 21610 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {4e47160c-588e-4ec2-b71e-f2ff941a5b7a} 2200 "\\.\pipe\gecko-crash-server-pipe.2200" 1536 d6fd58 socket
3⤵
- Checks processor information in registry
PID:2724

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2200.2.479504317\890670773" -childID 1 -isForBrowser -prefsHandle 2124 -prefMapHandle 2120 -prefsLen 21648 -prefMapSize 233444 -jsInitHandle 884 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {9d6a767e-e6fe-435d-896a-2222ca1ba1bf} 2200 "\\.\pipe\gecko-crash-server-pipe.2200" 2136 170c5f58 tab
3⤵
PID:2792

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2200.3.1598164088\1948923301" -childID 2 -isForBrowser -prefsHandle 2880 -prefMapHandle 2876 -prefsLen 26111 -prefMapSize 233444 -jsInitHandle 884 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d0da7b6b-32e8-4ee4-aa55-64e3277976b3} 2200 "\\.\pipe\gecko-crash-server-pipe.2200" 2892 1cff9e58 tab
3⤵
PID:2788

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2200.4.2064511735\1612458887" -childID 3 -isForBrowser -prefsHandle 3716 -prefMapHandle 3712 -prefsLen 26345 -prefMapSize 233444 -jsInitHandle 884 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {3bd9b5ba-33f1-43f4-bad0-182fddb9a66c} 2200 "\\.\pipe\gecko-crash-server-pipe.2200" 3728 1a2fcf58 tab
3⤵
PID:656

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2200.5.1105167480\1308826989" -childID 4 -isForBrowser -prefsHandle 3836 -prefMapHandle 3840 -prefsLen 26345 -prefMapSize 233444 -jsInitHandle 884 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {4b885057-4255-4b3e-bb89-5d9594b3eb9d} 2200 "\\.\pipe\gecko-crash-server-pipe.2200" 3824 20616b58 tab
3⤵
PID:1144

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2200.6.613604676\1310777281" -childID 5 -isForBrowser -prefsHandle 3988 -prefMapHandle 3992 -prefsLen 26345 -prefMapSize 233444 -jsInitHandle 884 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {385e5eb6-7665-4655-b9ea-25840a45d4aa} 2200 "\\.\pipe\gecko-crash-server-pipe.2200" 2736 20617758 tab
3⤵
PID:1272

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
3⤵
PID:924

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
4⤵
- Checks processor information in registry
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:1792

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1792.0.773991882\61313816" -parentBuildID 20221007134813 -prefsHandle 1112 -prefMapHandle 1104 -prefsLen 17556 -prefMapSize 230321 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a04dbc3c-ff94-43d2-97e5-4bda65cd5255} 1792 "\\.\pipe\gecko-crash-server-pipe.1792" 1176 43ee958 gpu
5⤵
PID:2368

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1792.1.1605826573\318546294" -parentBuildID 20221007134813 -prefsHandle 1320 -prefMapHandle 1316 -prefsLen 17601 -prefMapSize 230321 -appDir "C:\Program Files\Mozilla Firefox\browser" - {49ad8052-b4b2-4602-83b2-f7367e1baf3b} 1792 "\\.\pipe\gecko-crash-server-pipe.1792" 1332 12468558 socket
5⤵
PID:2268

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1792.2.658864617\1354781915" -childID 1 -isForBrowser -prefsHandle 2300 -prefMapHandle 2696 -prefsLen 23700 -prefMapSize 230321 -jsInitHandle 848 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1a5a2c21-41ee-4e11-9e34-aa7591931584} 1792 "\\.\pipe\gecko-crash-server-pipe.1792" 1720 1befeb58 tab
5⤵
PID:2724

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1792.3.1223869939\148908720" -childID 2 -isForBrowser -prefsHandle 2800 -prefMapHandle 2336 -prefsLen 23807 -prefMapSize 230321 -jsInitHandle 848 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {7ab209f0-6050-4121-998f-5edbbeb529bd} 1792 "\\.\pipe\gecko-crash-server-pipe.1792" 704 1c993558 tab
5⤵
PID:2292

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1792.4.1586128327\1376516392" -childID 3 -isForBrowser -prefsHandle 2880 -prefMapHandle 2884 -prefsLen 24889 -prefMapSize 230321 -jsInitHandle 848 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {71af80aa-a1b9-461a-aea2-5d4b831b2296} 1792 "\\.\pipe\gecko-crash-server-pipe.1792" 2868 1894d758 tab
5⤵
PID:952

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1792.5.990608570\1748836986" -parentBuildID 20221007134813 -prefsHandle 2128 -prefMapHandle 3168 -prefsLen 30194 -prefMapSize 230321 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d5e41af8-8aaa-4d86-856d-1b1934a4c79b} 1792 "\\.\pipe\gecko-crash-server-pipe.1792" 1488 d2fc58 rdd
5⤵
PID:2344

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1792.6.120446169\1986531625" -childID 4 -isForBrowser -prefsHandle 2464 -prefMapHandle 2172 -prefsLen 31355 -prefMapSize 230321 -jsInitHandle 848 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b2868205-0919-491d-a970-8c1af37bc3a5} 1792 "\\.\pipe\gecko-crash-server-pipe.1792" 3780 16485158 tab
5⤵
PID:1820

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1792.7.53031746\805387932" -childID 5 -isForBrowser -prefsHandle 2116 -prefMapHandle 2316 -prefsLen 31528 -prefMapSize 230321 -jsInitHandle 848 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {3a01871f-b99b-4a09-9a75-2afeea1a3e28} 1792 "\\.\pipe\gecko-crash-server-pipe.1792" 1664 16586458 tab
5⤵
PID:1220

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1792.8.1575883351\2012541658" -childID 6 -isForBrowser -prefsHandle 3924 -prefMapHandle 3916 -prefsLen 31528 -prefMapSize 230321 -jsInitHandle 848 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b97c6089-e0cc-4fc6-a7e1-af4142baf588} 1792 "\\.\pipe\gecko-crash-server-pipe.1792" 3932 16588858 tab
5⤵
PID:608

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1792.9.367012585\1638250865" -childID 7 -isForBrowser -prefsHandle 4256 -prefMapHandle 4252 -prefsLen 31975 -prefMapSize 230321 -jsInitHandle 848 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {3eef003f-b854-4647-ad7a-dd232fc03270} 1792 "\\.\pipe\gecko-crash-server-pipe.1792" 4268 16735358 tab
5⤵
PID:1856

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\update-config.json
Filesize
102B

MD5
7d1d7e1db5d8d862de24415d9ec9aca4

SHA1
f4cdc5511c299005e775dc602e611b9c67a97c78

SHA256
ffad3b0fb11fc38ea243bf3f73e27a6034860709b39bf251ef3eca53d4c3afda

SHA512
1688c6725a3607c7b80dfcd6a8bea787f31c21e3368b31cb84635b727675f426b969899a378bd960bd3f27866023163b5460e7c681ae1fcb62f7829b03456477

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\0rowjuc9.default-release\cache2\entries\254256B27E0C48CF9B80B695F0B3B8CA84610495
Filesize
9KB

MD5
40ff3afd4155833daa554617819a4952

SHA1
078e9708b1455e180f30226411f952d6c9f8dfb0

SHA256
bb5494747fd031cdc92abb620012b4178196e7d67cac196928e8793106c34515

SHA512
b35cb572cbca9de659b890171acadc6f10b49b54507b0fdc7684063af840fc2f28953e09a065594258bb4c17772d55004d7e69d101de86d9cab202b29a0be2e5

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\0rowjuc9.default-release\cache2\entries\45EB3733A36FF8F844100FB694203E8817A1AC6C
Filesize
101B

MD5
ae645f4682507c2b2d91745ed525a5cc

SHA1
e4d503468ba9a07311b5820ce606aaea785c6920

SHA256
4a00a13daa904f0fe66090325e59980d8ea078356851f621b241e1e76cce1314

SHA512
1e3726221737f219615f51851caa05f78e603e56131b89c99b20383332b2a29c61b58a5a0c67438f182eeef5a06014cae20723f5fd839a000ab40b13c644ebb0

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\0rowjuc9.default-release\cache2\entries\4832D199584363B876D3E7D57CA02A9B0F4D91CD
Filesize
13KB

MD5
64a1c6c7bdc332f36b7753ae60776d79

SHA1
8eee942ac76c34e316c24533581ca2ce120b0e58

SHA256
e1f6ea1f9ced7a06546ab980fd188939fdf5260e2142a023d0c24089b96adaa4

SHA512
b9ce5f1f318d7cc8384226d076a43b56db9aeb0b5a60d9419d8bc421b103de980f7de3d04457b85caabdb6f89874b9fdfe178bc3d6baa2d1068ea82ecd4a1d7f

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\0rowjuc9.default-release\cache2\entries\6D89348819C8881868053197CA0754F36784BF5F
Filesize
11KB

MD5
8595bf9de81ad1f6c36d6696882348a4

SHA1
dc72552d248bda1dd0ab328422bcbfb5038b9a31

SHA256
1452de535771fcefe00af32c73e987da33cad33affbbb142464d209302118eb2

SHA512
1ad9f552cd657b8c15638a9f53d90b5a9db58481747b020a956bbb254e7b858e7ee40bcc154b122131eaf166459df06af003a549f7e2d61ebe295ae3c6d703ee

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\0rowjuc9.default-release\startupCache\scriptCache-child.bin
Filesize
489KB

MD5
c994779fd7700932655bf40a083077da

SHA1
3b4631093eacc39f228f529cf4220ee4ac95e32f

SHA256
56a3c8ab0fb9a192ab872167ed527a7d30c9621b074de175a3a81bc64cf3790f

SHA512
58638bd02889f20935e660e30276f549a63c77f9cad36d29198b3e228c5cc65b41996077f148da5669e331b312a4b0b9d4df9ea1e5efeeaa6f8a82094a2b6871

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\0rowjuc9.default-release\startupCache\scriptCache.bin
Filesize
7.8MB

MD5
9d391fd92bad989ade2d85494a3464e8

SHA1
2d53c9b93a8c3ba175743510a40588817697f795

SHA256
fbb3ddfb0294b6bef3d83f10cd35025c8550626ebbbefa513985186f961b1d37

SHA512
c16b44ad4d03f4c5e8672e4e6eb863b03aa9d9fd1247e749ac250952982c833e9b80ae3c6877bdf35963c30f0638623e631928eac8f8d3667a08b109a1167f6f

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\0rowjuc9.default-release\startupCache\urlCache.bin
Filesize
2KB

MD5
bcc0e56fafc80651e30a5dcc7774ae29

SHA1
e16c30a1a64c47909e17bb21e6cab45cb4d78ccd

SHA256
ddefe0c9bc3c82e6ef5c93a2f2b493abd1a8b0048493bbd406b212edac19c126

SHA512
66e6a21af0f57de8af45a0fb7f08d0674991668b01a467d485c3565c0cfc9e8553263773293ff8d6e8e0aa24aa20d47f31c8788b7ab3d0f438d29c1bee50f2e7

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\b1mytgij.default-release-1716470493666\activity-stream.discovery_stream.json.tmp
Filesize
24KB

MD5
b636ebc5e9335afe7b722028be818e87

SHA1
53320613e670fe1c6d1c6c3a27e63ca4b4e210f5

SHA256
2eb3680172dd0b8b12b81186b330d344ab35725337b50a143623e312b42eb9b7

SHA512
a8e03461b84cf8c79a7f2fa7a2a3592e958fc9b1eb2f4d0f78cf4e8dba01ae3d98bfc16022b045a0251942d484d90d2b6f59f2fef7b002a7a10a75e9def42307

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon
Filesize
442KB

MD5
85430baed3398695717b0263807cf97c

SHA1
fffbee923cea216f50fce5d54219a188a5100f41

SHA256
a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e

SHA512
06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1
Filesize
8.0MB

MD5
a01c5ecd6108350ae23d2cddf0e77c17

SHA1
c6ac28a2cd979f1f9a75d56271821d5ff665e2b6

SHA256
345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42

SHA512
b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
Filesize
7KB

MD5
c290f7105899e12dd05299e65f59da15

SHA1
2e2a8d46a15c62ce978139e32228876a346ad23a

SHA256
bd0b1d86c363e482844a15fd2950d8f2e0d10c1aae568b1bce4386fd2e1ee70f

SHA512
7293cbb04a93b9ef6b0d8d45d215c718681025b2dea02e179daeee64317dad31d5ba6a4b9ba0057641f5fa5efc3a8f06afcc79514ac6be72a5af7df6b6a1bf51

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\0rowjuc9.default-release\AlternateServices.txt
Filesize
163B

MD5
b095688cf52e9a66142e5f14cc8caf35

SHA1
c795325bbf4d89a2ef344bafc382bcab6f9e092e

SHA256
738d922eb01beb743cae817af3b3627dbc1595793978a27cf8c25b10ef5b6aea

SHA512
5d77da0f98cc9b01955177b58c18b41de513e3f7ae384ae40e408f3080d90611b530e5e78f0e5743d47fdbf5520089546b3857c2cc9d9c7c685ce23cd1f7a2ab

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\0rowjuc9.default-release\SiteSecurityServiceState.txt
Filesize
324B

MD5
918cfd6505fa86545917eba33b0df342

SHA1
5fe694598b17129540fb3ef59e4fe31dfedf886e

SHA256
51d42a6313c05c6fd5e5dcf7ba3fc60e376f62bc60cc44ab83d049e80067c836

SHA512
f751d321e23cf999d52e62c65b3efc32fb83f528f7dc163013c32ab0b8928fbf0f500297e03d4f72a97533abd5a3f111fbc69a49109c62257117475281173ef2

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\0rowjuc9.default-release\datareporting\glean\db\data.safe.bin
Filesize
8KB

MD5
5eb6e62af31c064390f867a63549317f

SHA1
0988150e248ae1019f3bb1896f4791d9933e4493

SHA256
02f76067488aa56b8d261a0e4d75c532c18c39c49bb6e04bbf5cb1465bd8535b

SHA512
cf283fd9ccf32c0517d167c1f022164f307b3bff9f4fdd39bf58e92cbfcca6d35a2858ca06b17b8846b043affc7fc6928cfa13e84e952886192e9fb1baae99cf

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\0rowjuc9.default-release\datareporting\glean\db\data.safe.bin
Filesize
2KB

MD5
eec9d7cc1fa5f76e281aff84e226aaa5

SHA1
2797efc56f98b62b3374ebf5dcce88d132764162

SHA256
54fcd7fcc628122fe60b52f6221ae530835e655c0acff6de997bacf7d6dc7652

SHA512
537439e544d85be1f9434f7b4a735c0b18480475108e135c31f210546fc82e194c16af962e19bede8f9cb737ac7e0d4fdec4a3a9ff355c1813d9eb5dc2550bdf

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\0rowjuc9.default-release\datareporting\glean\pending_pings\13710029-1735-4bec-9969-17403819cd5d
Filesize
745B

MD5
afb647b2754dfc02999d7e2e1e0e85e9

SHA1
1f6de911641abfe68c143a37148ca18a74ede0d4

SHA256
1ae3a34b73a25f68d068987ae42da1df94b49a3c8a63b59194e407b270cfadc0

SHA512
9ed849265f100179527b4b89eaad7b5fca8a9941555cec635aabf56504882a7fe377d094795ca623a7a0de27670af0f6c114063da077ce074d14a3978be71be2

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\0rowjuc9.default-release\datareporting\glean\pending_pings\cfcf2a5f-b900-4e84-9654-d0a4858f528c
Filesize
10KB

MD5
df99777a9f8399f3b0b4b86782813d9c

SHA1
4a530238fb0796eb2b7e6cf99fbe0b52d6cb5741

SHA256
fbf1750ea666ee6943449c4d055e6dc3ef8d12cb618c74fdf578ad4123776472

SHA512
6c5886aaa7e636328a1df8064964f56957d150d178d192826a4ee1387b695a387cf2e863d5a0c7721e3fcd226d6c274d0a0f23f4a4f7244411e04e8004df4d6b

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\0rowjuc9.default-release\places.sqlite
Filesize
5.0MB

MD5
b9a00622308bdb1db62a879cbbfd915c

SHA1
35f5ba69f913389c2adcc47a1b4dfce07d7e4909

SHA256
e1a476b6880885e36218b93d6fc7900329b4eec8d65bc549a875b92f9c00c45e

SHA512
00ba328070e2d27d87434ece8834fe10ecfeeef92cd9266b0abf62a54e5e1d1e2b5b19ce77538caa8499ec4f11510622522ce0631e7ed3dfd059da503235884f

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\0rowjuc9.default-release\prefs-1.js
Filesize
6KB

MD5
a4ef3541b3d5c6309ae778a9321efbda

SHA1
d5094bcf5dc70a11f2450aa7e9d8cbd56fd7632c

SHA256
ea40998c2fd21f7dcffd6342d3fe060f6d9c3d4f705d4ea7a963b3a091eb9d15

SHA512
197955081643f45e348792aab26ee8c6dd6ddaf48f79c2d41f11c566594500837f819f8349d843992283997d661707b2bcdccd0d1b41aa23d47b6d35117629fb

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\0rowjuc9.default-release\prefs.js
Filesize
6KB

MD5
376d7590761be454d176616a68246e0b

SHA1
2c37e60cf0716fe0c552f3dd732904467731682d

SHA256
0c23c4a39f125c234b5cb5600812e9cf1005894138416f90542724f79a09c54c

SHA512
73d8ae8cd033cad5bb348cd3f583774ad7dd2b32ed6e3128b53e37850388d892f75d999e0c252a8221875107ddaac18acd4b01921ce7a9eec87513fbd0bdf90d

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\0rowjuc9.default-release\protections.sqlite
Filesize
64KB

MD5
deeced8825e857ead7ba3784966be7be

SHA1
e72a09807d97d0aeb8baedd537f2489306e25490

SHA256
b9f022442a1506e592bf51284091a8a7fe17580b165d07e70c06fd6827343a54

SHA512
01d303232d6481af322137b44fef6c2a584f0643c48bab2836f9fe3193207015da7f7514fe338500ae4469651e3d9618293858ae507e722198a249257677099e

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\0rowjuc9.default-release\sessionstore.jsonlz4
Filesize
943B

MD5
17d1cf15b102bc27d55bcfaa0af85a9f

SHA1
48bc2b379426a3e52073b34c64e239d7b901e82f

SHA256
b01605e75de3a8e9f998ff405b61db1dfc1ceedfda372fda561f14f5c23ea79d

SHA512
c6ef9a9a4c4c39179a04356c425ffb2252d1b9db458edeaed8a79b14c0ca632e94d006001f7f443609fbbd084f7c2cb142c034a410fc286c6626aaa2735a8743

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\0rowjuc9.default-release\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite
Filesize
48KB

MD5
ba9c18ceecc139486e2e3ab5d6738c67

SHA1
247dad360c50f609dfe1160988639ca661a50c4e

SHA256
b43ff4d7deb8ec814700abad2d92489a1c12175cc8e982754e73b94d008b4e25

SHA512
649ba8bb66ec7412aa6bf80d9ae6ad8241d102c4334b8220a5c52d8de5d12f9e71feb2c9fb271c3fce4ffeb3658f4679126883bb799640e172ed59000808b604

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\0rowjuc9.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
Filesize
184KB

MD5
65a881191b54c0fac2da189f713e0f5c

SHA1
74fff2a03c4a936edaf3bce91c527c590a8ef7ee

SHA256
a2f8a8108edcf65b274ce69327c484e59dea35d059e3279b6b50b06071d879ef

SHA512
f384f0c72456b1175768d1631ecbace356288e5b3c5a582f10bea01ab60dfe00b6daad97dc9d096de9f99d3a8380032205ac5ca191e05195d2dd0a73a67d75f6

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\0rowjuc9.default-release\targeting.snapshot.json
Filesize
3KB

MD5
1a10c38b2c9c3149a1bb1ad1f00bdee0

SHA1
ece50b63833705462284891036239e45b0493877

SHA256
642c2649b1d13a784f9de0f32203c2d6e53424320a65a670a27641acce81120a

SHA512
04b1cf0b0985e968ee05afcb79716c1b7fd83f9226f1a0ac8a96472b2b0aaced7377944471e40405090ec70498a43c154503a0f3ddda7420d22ed6c78ca3162f

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\0rowjuc9.default-release\xulstore.json
Filesize
120B

MD5
05e1ddb4298be4c948c3ae839859c3e9

SHA1
ea9195602eeed8d06644026809e07b3ad29335e5

SHA256
1c2c5d5211674c3c8473e0589085499471399e53e9a85d7dd3b075fef6cbb6be

SHA512
3177b48cd0c877821419d7e5eb247a4c899bc37258994f22257ceaafefb316e6f5959faae02e380e432d7752f0218d45d56d6878c1e751d201d9fdb3ff98612e

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\b1mytgij.default-release-1716470493666\addonStartup.json.lz4
Filesize
5KB

MD5
4c97d4b88ebe5f1f7947370ca6495a03

SHA1
e4e2623d348a4e7f87f11db1baaf79395d11a6c0

SHA256
461cdc1258d6686b8e108b41b30716c07b21f1246bfd65a19fe612d9761a6c18

SHA512
b7e802f4fe7b7e67f458891f0d7b203ebf4ff166eb2fb9a80c8d8cba63960fb06e4906d9524345be10104459a3e8ea6fff3f617207a3ff09e2b1436e1900f71a

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\b1mytgij.default-release-1716470493666\bookmarkbackups\bookmarks-2024-05-23_11_JGLvmXDEq1qP6i79-t3V1w==.jsonlz4
Filesize
944B

MD5
7c927a55e7c41e2df325c633126a926d

SHA1
d8f6735382901d3859d33bd5a46d20412a6b764e

SHA256
c5ff6fb521712de73bfa401e03d5c95b2914e43c01c35fa20cae473deeb76da3

SHA512
5ade76050b6ac4993038c46ca5ac80b0ebaee29d5d1e4e0811b990429442413d50810a37f6e4c526779265aefc30561ea0b979ec0c3056fff9b2d86e9459a0fa

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\b1mytgij.default-release-1716470493666\broadcast-listeners.json
Filesize
204B

MD5
72c95709e1a3b27919e13d28bbe8e8a2

SHA1
00892decbee63d627057730bfc0c6a4f13099ee4

SHA256
9cf589357fceea2f37cd1a925e5d33fd517a44d22a16c357f7fb5d4d187034aa

SHA512
613ca9dd2d12afe31fb2c4a8d9337eeecfb58dabaeaaba11404b9a736a4073dfd9b473ba27c1183d3cc91d5a9233a83dce5a135a81f755d978cea9e198209182

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\b1mytgij.default-release-1716470493666\containers.json
Filesize
939B

MD5
94a3843fad8c45c48b0e07342df3dfdc

SHA1
d55b650208bda884d573afebd90830a3f4d7c201

SHA256
854ff2076f71097b030c302a1ea71d8e851d2920b9ff5fc8dc8f16c91ba95b72

SHA512
4d2a6b2a223ad81bb97195abb27685cf88453caf5769de154b373486d5245f02e0c0f664281d8e3bb33bfcdf1d6f7b3d9602303864d4e56481382adcb0b932db

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\b1mytgij.default-release-1716470493666\cookies.sqlite
Filesize
96KB

MD5
d367ddfda80fdcf578726bc3b0bc3e3c

SHA1
23fcd5e4e0e5e296bee7e5224a8404ecd92cf671

SHA256
0b8607fdf72f3e651a2a8b0ac7be171b4cb44909d76bb8d6c47393b8ea3d84a0

SHA512
40e9239e3f084b4b981431817ca282feb986cf49227911bf3d68845baf2ee626b564c8fabe6e13b97e6eb214da1c02ca09a62bcf5e837900160cf479c104bf77

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\b1mytgij.default-release-1716470493666\datareporting\glean\db\data.safe.bin
Filesize
2KB

MD5
7e831c8190b6b7123512a89c03cffb83

SHA1
39ce5a93edf1eae489b8b52da81a627393c9510d

SHA256
0fc22198a562c2f0fed47bff86a6a5f6bcead3897f52adaf3122151ce0922d83

SHA512
c3702fa084633075ebd37594a1c3f3378389aa0c4e5d9e94d095be4e8d2a5c5f47c9fda29b724fc3ae223576fb300dce455763e562687b5709696c6d9a8f31e5

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\b1mytgij.default-release-1716470493666\datareporting\glean\pending_pings\64d3a8f8-fdd0-4f55-b5a8-ceb131f5ffdd
Filesize
655B

MD5
10a45b717d292bada5aba11c6d932f73

SHA1
9b6876b752396e72628f9d148bfc0343b8d9fc06

SHA256
f9f0645db49a20cda6bc35da89cfe0a4014093c90c96dd61de243829138371be

SHA512
7d9df55c1a30608fbca26252734d9b28419ad370eb6c1b5bb9dca1688b26d2c863366d8c7570b595b6df225f67641b9d42e14e80531c1e7dccff76a080ba8dc7

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\b1mytgij.default-release-1716470493666\datareporting\glean\pending_pings\dfd6a8f4-eb9e-4ffd-8b97-3a25e3feff19
Filesize
586B

MD5
be3ec1ce8cb89d591c365ed28152732f

SHA1
56775876254d0593e3432410ff6227c7e4a6ad49

SHA256
1c90ca7bbdf2e359353347feaa4258aa86ac7522a03cd641d9187d6e4478a57a

SHA512
166f6f89254eba91f2890c01453f959bed861e455d9f05937fe75908dc39c3b055066d8f81478f5645f552217b1e35904d159c6a8ada85f4c444c30dd98354f0

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\b1mytgij.default-release-1716470493666\extension-preferences.json
Filesize
1KB

MD5
ae847cbf837f2442924326b0e1da512a

SHA1
c4b8800837aa542921d44de0f5188db78b153a69

SHA256
1d48a03b907ea8c2412ab0dea238abcd1c7ba686dc1cac155ec55a598f0533f3

SHA512
9f7437c3e3bdebdee427642c232ad23a83142ec1c8cd2a3288358a8afa496c4b9a4a98f29a7baa706e837eb84ffdc1a4794114aaa3b7ced3b77bb97486410673

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\b1mytgij.default-release-1716470493666\extension-preferences.json
Filesize
1KB

MD5
0bcf208899396bcb6e659783268d3b67

SHA1
89b0cfdd4f7bfc36e9263cff6432080429a3eb49

SHA256
0013ff84e9c5a777f6f161b7cb6bafcc3fe1ec554300e97be2361196af214c21

SHA512
f45d7288b84b08c977d55ef0de766aabab0223f027b1ee6cbd2e29f179d4e6555a479c13abde15a73b1335b37721a17c32135ff3f8ea04323d6e9a68e1c4ab24

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\b1mytgij.default-release-1716470493666\extensions.json.tmp
Filesize
36KB

MD5
6994d1ed58480ebf63c05480778f7345

SHA1
e4cdc28cce5da954d48ab6356d00fa883faabdac

SHA256
c81c4be1db0c869cfe69a77b111e7d6876cffc807a52667483161d263ad3d503

SHA512
2dc5e0c60fe9f4732ac6466e57fb68309102310d661b9a93047f417840d144407935d2fe96de8c5b41185ca677428d6f7d5981cfb000eb6bfca58101485f159a

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\b1mytgij.default-release-1716470493666\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll
Filesize
997KB

MD5
fe3355639648c417e8307c6d051e3e37

SHA1
f54602d4b4778da21bc97c7238fc66aa68c8ee34

SHA256
1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e

SHA512
8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\b1mytgij.default-release-1716470493666\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info
Filesize
116B

MD5
3d33cdc0b3d281e67dd52e14435dd04f

SHA1
4db88689282fd4f9e9e6ab95fcbb23df6e6485db

SHA256
f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b

SHA512
a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\b1mytgij.default-release-1716470493666\gmp-widevinecdm\4.10.2557.0\LICENSE.txt
Filesize
479B

MD5
49ddb419d96dceb9069018535fb2e2fc

SHA1
62aa6fea895a8b68d468a015f6e6ab400d7a7ca6

SHA256
2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539

SHA512
48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\b1mytgij.default-release-1716470493666\gmp-widevinecdm\4.10.2557.0\manifest.json
Filesize
372B

MD5
8be33af717bb1b67fbd61c3f4b807e9e

SHA1
7cf17656d174d951957ff36810e874a134dd49e0

SHA256
e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd

SHA512
6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\b1mytgij.default-release-1716470493666\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll
Filesize
11.8MB

MD5
33bf7b0439480effb9fb212efce87b13

SHA1
cee50f2745edc6dc291887b6075ca64d716f495a

SHA256
8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e

SHA512
d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\b1mytgij.default-release-1716470493666\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib
Filesize
1KB

MD5
688bed3676d2104e7f17ae1cd2c59404

SHA1
952b2cdf783ac72fcb98338723e9afd38d47ad8e

SHA256
33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237

SHA512
7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\b1mytgij.default-release-1716470493666\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig
Filesize
1KB

MD5
937326fead5fd401f6cca9118bd9ade9

SHA1
4526a57d4ae14ed29b37632c72aef3c408189d91

SHA256
68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81

SHA512
b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\b1mytgij.default-release-1716470493666\handlers.json
Filesize
410B

MD5
e7a65c5ead519a7b802f991353c26d3d

SHA1
34cc3c1cf9bd4912dba5fa422010934e46419fa3

SHA256
0e5ce92485da953757f615bad034a43032b220da18f8165dd85347851b56b2d2

SHA512
2a6034449ba6f5da8a77870ae665064047cea2460aeb4c8c0b62b308a403fdd30648150209aecc31ab1e50b6d9d94a1f51d3d7d50bbf35ec1b742bff2dbe788d

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\b1mytgij.default-release-1716470493666\key4.db
Filesize
288KB

MD5
72fe105bdcd6d351b389885e4fb2ead8

SHA1
8359bc6449faa804d7890363f86a548301b577fb

SHA256
eb2f9f66b1ef60b6f50883b715ff6548d5603f3a0001f613976b09deba870ab3

SHA512
26c408fdc322c1d9e806e87f4fd5129c11b01e9399478e9db31398be1556fd94c5dccf77320fb23f7fdac2baf4f9226328992b0f60ea86cfbc5735102341cc0a

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\b1mytgij.default-release-1716470493666\prefs-1.js
Filesize
7KB

MD5
53d21e8a020b4a88392e2c54636c6bcb

SHA1
940344e4eb4dcb3a0f91a8b702076c88ef338d84

SHA256
adc25d7575ac6135e6f8ba606ead9757a9017842874fbbf916dd68e6d350784e

SHA512
93362dd6f5ec34bda5b6b5fc7388d26cb211e12558e757735e29d7428aace250fb3c7fb759d6695449bf83dbb19d464f95bb7456002ff74ffaed119a2f368a5f

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\b1mytgij.default-release-1716470493666\prefs-1.js
Filesize
5KB

MD5
825be80e0c1f454805044b4d1102926d

SHA1
d632721719a3d54ab42da0c9bde66acc7c9e86de

SHA256
0cfc41afcc56e72bb28861dccf893af2cd66ce72d5a775fe45b4db16cfd98141

SHA512
97ee4a6deca9404c54a6542f4ce1cee52c4cc46ff7dab47f060c5faab337a1e34a37477f54481a8ada16a3aa2d0387ccf37f6261bb382a78ee60c023ac9794f6

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\b1mytgij.default-release-1716470493666\prefs-1.js
Filesize
7KB

MD5
972417f0cfb97b4533d313bc1a09c51f

SHA1
0f7d844a5d3a87912ce98c073aff6efdee518977

SHA256
fd81906cb7ac296a9487ab02094fcfaf540a0745405673eb59de306ec1331a9a

SHA512
820166bb1cc7de336db1d80cd1f6adf3c236c7986dc90351395fcaee1262171dfa62487ee7907865473d29890f813e4fb318e7ff54d6a8af142a6a8e6a3dbae9

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\b1mytgij.default-release-1716470493666\prefs.js
Filesize
2KB

MD5
1f9266ee61a8d01e87e602820a88ab2f

SHA1
bedaace9e7555bc6527afdafefc4f08acd3021e0

SHA256
5ec28be7e0ea15f84c4b468f65417375644c2c9a2c0b9bf155d4af0457d1d250

SHA512
0ad94663d819a2158d5cb4c6b52b328b938f4f1cee0df13c0c5d494eb53e07bb67887f1b9cd4d2fd2a763b5dac4a349ce6a554c475d70ac06cdcd3dd26228e5a

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\b1mytgij.default-release-1716470493666\search.json.mozlz4
Filesize
280B

MD5
41d220d4783f67d2b57beec20c135229

SHA1
6e97765e77920b6010fac2cb4abf1e3cea106541

SHA256
5d1881e74d76b95bad59439bb5c7676258a4ae6b6d853074e93b5247cf1715dc

SHA512
dc30ddc4c8cfe598de5e24bc88cebbe4256fbb21a0b1db6c2ec15311053e7d8be6a93a0bcfcfd8a02543f8b9cf9b15a5840154b272a2df71d59d7dfd80984ac0

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\b1mytgij.default-release-1716470493666\search.json.mozlz4
Filesize
299B

MD5
e4b66478ecde473b6d9c95d7a4350d37

SHA1
cf125f3ec9060bf59a3e4449b0fb151eaad01c5e

SHA256
4510c82fc9289533b0dbaf0a2a70a45589814c06be7e9adc395100ff18d5fc73

SHA512
0fef6926821a19f686d0291db9e7efb1a60cd6d13d94d4cc6fc3eeb06be3807d697debde0a5a264b430d449482bb26666b8273c7342e99d592e9b516027c086d

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\b1mytgij.default-release-1716470493666\sessionCheckpoints.json
Filesize
288B

MD5
948a7403e323297c6bb8a5c791b42866

SHA1
88a555717e8a4a33eccfb7d47a2a4aa31038f9c0

SHA256
2fca1f29b73dd5b4159fa1eb16e69276482f5224ba7d2219a547039129a51f0e

SHA512
17e2f65c33f47c8bb4beca31db2aff3d4bbb6c2d36924057f9f847e207bdcb85ffcbb32c80dd06862ffc9b7f0bd3f5e2e65b48bb1bc3363732751101d5596b1a

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\b1mytgij.default-release-1716470493666\sessionCheckpoints.json.tmp
Filesize
53B

MD5
ea8b62857dfdbd3d0be7d7e4a954ec9a

SHA1
b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a

SHA256
792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da

SHA512
076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\b1mytgij.default-release-1716470493666\sessionCheckpoints.json.tmp
Filesize
90B

MD5
c4ab2ee59ca41b6d6a6ea911f35bdc00

SHA1
5942cd6505fc8a9daba403b082067e1cdefdfbc4

SHA256
00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2

SHA512
71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\b1mytgij.default-release-1716470493666\sessionstore-backups\recovery.jsonlz4
Filesize
539B

MD5
dd285269e04c79e22ee40e91193e9cc5

SHA1
91a8ae8ea9f7015a8d01e1658705e3cc41a8924b

SHA256
2207eae1182c149f16d2c2b6da6465f1022fe5e3bc3feca15ff6e9645d5a5da3

SHA512
769c6febc52188e534cf94fc498a4e3ca25e8458ec2f1c2eb2e156aa9e61a1ee7cb6a6c51ca3684319ef5bbb496120019de2979863233c54612592a46b96716b

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\b1mytgij.default-release-1716470493666\sessionstore-backups\recovery.jsonlz4
Filesize
708B

MD5
08b924b67c792f1fd65df20723c40d31

SHA1
6a55699c5e0d67e1d939bf63d5a4194a157635a8

SHA256
980e1fe5c0af0f9372ea1392b3596f69fd2e68ec862048343935ee3547c28a44

SHA512
96ca8939f1565837b55ec15d71e4f4818bc94b90c71d8c785045047c90370ff146e75f644ef0984fbc2106cbab953e2aaa5b2fd734109a66494333f2167361d1

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\b1mytgij.default-release-1716470493666\sessionstore.jsonlz4
Filesize
250B

MD5
a53b8e7e4b8ef9e1ee7116ec98318330

SHA1
42c89592e91cc75fa448f9de8b34e2d0f1fab585

SHA256
b59bc3fd939b2eb8761d400cb469e68c43f4c078d41fb5779e54989df9b35351

SHA512
4b86e322fe73dd8b5fb81337e0137c6c7077d8670bd9ed91960130e92d5fb6316ecb3d1b2bc27172e89fe0d3240be2774014b9ed932c4b48d6feed18eb13e39f

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\b1mytgij.default-release-1716470493666\shield-preference-experiments.json
Filesize
18B

MD5
285cdefb3f582c224291f7a2530f3c4e

SHA1
f816c3e87aa007b6e6d31eb6a4618695a7d83439

SHA256
704d28223a4320a853df4a19d48c7015cf79d56a5317cc3475b6305fa43dcc05

SHA512
8f1decf1e4b5755fce8f165daae115f45d6890985c9c4bbb33a6f724cbfd26db75f6da06f9ef675de20fe755da9b7f55e5ee37124296a12a520a393da159bd58

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\b1mytgij.default-release-1716470493666\targeting.snapshot.json
Filesize
4KB

MD5
d6223e74bc484b98fe57af8e5958971e

SHA1
225519ef7e3fb52f730e4e8918a8fe94bce240b3

SHA256
465f0115bce408991109de6a55671ba754703abfd2e9ea173f36705246eeadf8

SHA512
d13cbeafd5f5a43f0b8aa568e55b55b01c9c5b129f325a2b03f805a776e4e1df0eeccdda09cd6871f9ba7179f2e0e03df998bd40443515301c21caa2bf88cb7b

Download Submit
C:\Users\Admin\Desktop\Old Firefox Data\0rowjuc9.default-release\storage\permanent\chrome\idb\2918063365piupsah.sqlite
Filesize
48KB

MD5
07d3c3b974dd5659c71c82530cd377b5

SHA1
139f3503d0e5e3f7cc62b8e3a9e2edf0c0ae731b

SHA256
4bc57aea11b7c345b587f975c3dffc636fa75a8cdef817b6f623b2b35f9b311b

SHA512
7660818707b1521f24fac9ecf2cf46209eb957a982bd11e04f59b11b2a06a5e51985f3325266774ff36583db3e386b2b72b4c292faef5ea1984ea9547af0b6af

Download Submit
\??\PIPE\samr
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit