2e67d5e7d96aec62a9dda4c0259167a44908af863c2b3af2a019723205abba9e

Resubmissions

23/05/2024, 14:31

240523-rvtyvsed2w 5

23/05/2024, 14:30

240523-rt4fxaec71 5

23/05/2024, 14:26

240523-rr4nwseb9x 5

Analysis

max time kernel
151s
max time network
165s
platform
windows11-21h2_x64
resource
win11-20240508-en
resource tags

arch:x64arch:x86image:win11-20240508-enlocale:en-usos:windows11-21h2-x64system
submitted
23/05/2024, 14:31

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

AutoClicker-3.0.exe
Size

844KB
MD5

7ecfc8cd7455dd9998f7dad88f2a8a9d
SHA1

1751d9389adb1e7187afa4938a3559e58739dce6
SHA256

2e67d5e7d96aec62a9dda4c0259167a44908af863c2b3af2a019723205abba9e
SHA512

cb05e82b17c0f7444d1259b661f0c1e6603d8a959da7475f35078a851d528c630366916c17a37db1a2490af66e5346309177c9e31921d09e7e795492868e678d
SSDEEP

12288:GaWzgMg7v3qnCiWErQohh0F49CJ8lnybQg9BFg9UmTRHlM:BaHMv6CGrjBnybQg+mmhG

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Checks processor information in registry 2 TTPs 6 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	firefox.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings	firefox.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
5088	AutoClicker-3.0.exe

Suspicious use of AdjustPrivilegeToken 5 IoCs

description	pid	Process
Token: SeDebugPrivilege	4552	firefox.exe
Token: SeDebugPrivilege	4552	firefox.exe
Token: SeDebugPrivilege	4552	firefox.exe
Token: SeDebugPrivilege	4552	firefox.exe
Token: SeDebugPrivilege	4552	firefox.exe

Suspicious use of FindShellTrayWindow 4 IoCs

pid	Process
4552	firefox.exe
4552	firefox.exe
4552	firefox.exe
4552	firefox.exe

Suspicious use of SendNotifyMessage 3 IoCs

pid	Process
4552	firefox.exe
4552	firefox.exe
4552	firefox.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
4552	firefox.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2196 wrote to memory of 4552	2196	firefox.exe	84
PID 2196 wrote to memory of 4552	2196	firefox.exe	84
PID 2196 wrote to memory of 4552	2196	firefox.exe	84
PID 2196 wrote to memory of 4552	2196	firefox.exe	84
PID 2196 wrote to memory of 4552	2196	firefox.exe	84
PID 2196 wrote to memory of 4552	2196	firefox.exe	84
PID 2196 wrote to memory of 4552	2196	firefox.exe	84
PID 2196 wrote to memory of 4552	2196	firefox.exe	84
PID 2196 wrote to memory of 4552	2196	firefox.exe	84
PID 2196 wrote to memory of 4552	2196	firefox.exe	84
PID 2196 wrote to memory of 4552	2196	firefox.exe	84
PID 4552 wrote to memory of 764	4552	firefox.exe	85
PID 4552 wrote to memory of 764	4552	firefox.exe	85
PID 4552 wrote to memory of 764	4552	firefox.exe	85
PID 4552 wrote to memory of 764	4552	firefox.exe	85
PID 4552 wrote to memory of 764	4552	firefox.exe	85
PID 4552 wrote to memory of 764	4552	firefox.exe	85
PID 4552 wrote to memory of 764	4552	firefox.exe	85
PID 4552 wrote to memory of 764	4552	firefox.exe	85
PID 4552 wrote to memory of 764	4552	firefox.exe	85
PID 4552 wrote to memory of 764	4552	firefox.exe	85
PID 4552 wrote to memory of 764	4552	firefox.exe	85
PID 4552 wrote to memory of 764	4552	firefox.exe	85
PID 4552 wrote to memory of 764	4552	firefox.exe	85
PID 4552 wrote to memory of 764	4552	firefox.exe	85
PID 4552 wrote to memory of 764	4552	firefox.exe	85
PID 4552 wrote to memory of 764	4552	firefox.exe	85
PID 4552 wrote to memory of 764	4552	firefox.exe	85
PID 4552 wrote to memory of 764	4552	firefox.exe	85
PID 4552 wrote to memory of 764	4552	firefox.exe	85
PID 4552 wrote to memory of 764	4552	firefox.exe	85
PID 4552 wrote to memory of 764	4552	firefox.exe	85
PID 4552 wrote to memory of 764	4552	firefox.exe	85
PID 4552 wrote to memory of 764	4552	firefox.exe	85
PID 4552 wrote to memory of 764	4552	firefox.exe	85
PID 4552 wrote to memory of 764	4552	firefox.exe	85
PID 4552 wrote to memory of 764	4552	firefox.exe	85
PID 4552 wrote to memory of 764	4552	firefox.exe	85
PID 4552 wrote to memory of 764	4552	firefox.exe	85
PID 4552 wrote to memory of 764	4552	firefox.exe	85
PID 4552 wrote to memory of 764	4552	firefox.exe	85
PID 4552 wrote to memory of 764	4552	firefox.exe	85
PID 4552 wrote to memory of 764	4552	firefox.exe	85
PID 4552 wrote to memory of 764	4552	firefox.exe	85
PID 4552 wrote to memory of 764	4552	firefox.exe	85
PID 4552 wrote to memory of 764	4552	firefox.exe	85
PID 4552 wrote to memory of 764	4552	firefox.exe	85
PID 4552 wrote to memory of 764	4552	firefox.exe	85
PID 4552 wrote to memory of 764	4552	firefox.exe	85
PID 4552 wrote to memory of 764	4552	firefox.exe	85
PID 4552 wrote to memory of 764	4552	firefox.exe	85
PID 4552 wrote to memory of 764	4552	firefox.exe	85
PID 4552 wrote to memory of 764	4552	firefox.exe	85
PID 4552 wrote to memory of 764	4552	firefox.exe	85
PID 4552 wrote to memory of 2012	4552	firefox.exe	86
PID 4552 wrote to memory of 2012	4552	firefox.exe	86
PID 4552 wrote to memory of 2012	4552	firefox.exe	86
PID 4552 wrote to memory of 2012	4552	firefox.exe	86
PID 4552 wrote to memory of 2012	4552	firefox.exe	86
PID 4552 wrote to memory of 2012	4552	firefox.exe	86
PID 4552 wrote to memory of 2012	4552	firefox.exe	86
PID 4552 wrote to memory of 2012	4552	firefox.exe	86
PID 4552 wrote to memory of 2012	4552	firefox.exe	86
PID 4552 wrote to memory of 2012	4552	firefox.exe	86

Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
persistence

Query Registry
T1012

C:\Users\Admin\AppData\Local\Temp\AutoClicker-3.0.exe
"C:\Users\Admin\AppData\Local\Temp\AutoClicker-3.0.exe"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
PID:5088

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2196
- C:\Program Files\Mozilla Firefox\firefox.exe
  "C:\Program Files\Mozilla Firefox\firefox.exe"
  2⤵
  - Checks processor information in registry
  - Modifies registry class
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SendNotifyMessage
  - Suspicious use of SetWindowsHookEx
  - Suspicious use of WriteProcessMemory
  PID:4552
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4552.0.305283440\199359697" -parentBuildID 20230214051806 -prefsHandle 1788 -prefMapHandle 1780 -prefsLen 22074 -prefMapSize 235121 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b41cc436-c10c-4751-a7af-abc0465cf5ba} 4552 "\\.\pipe\gecko-crash-server-pipe.4552" 1880 1467fd26858 gpu
    3⤵
    PID:764
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4552.1.317993452\1184389959" -parentBuildID 20230214051806 -prefsHandle 2392 -prefMapHandle 2388 -prefsLen 22110 -prefMapSize 235121 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {03d12a9d-96fc-4f23-84da-1da443d00870} 4552 "\\.\pipe\gecko-crash-server-pipe.4552" 2404 14603467658 socket
    3⤵
    PID:2012
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4552.2.177533062\143404316" -childID 1 -isForBrowser -prefsHandle 2960 -prefMapHandle 2956 -prefsLen 22213 -prefMapSize 235121 -jsInitHandle 1336 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {40ce6ab3-2e5f-4f5a-8038-79c27154ccc6} 4552 "\\.\pipe\gecko-crash-server-pipe.4552" 2972 1467f691f58 tab
    3⤵
    PID:2152
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4552.3.412423545\696822477" -childID 2 -isForBrowser -prefsHandle 3624 -prefMapHandle 3620 -prefsLen 27614 -prefMapSize 235121 -jsInitHandle 1336 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {38bb4f53-335d-4018-a44a-2369728d4000} 4552 "\\.\pipe\gecko-crash-server-pipe.4552" 3636 14608832858 tab
    3⤵
    PID:4392
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4552.4.654005275\466478094" -childID 3 -isForBrowser -prefsHandle 5208 -prefMapHandle 5160 -prefsLen 27695 -prefMapSize 235121 -jsInitHandle 1336 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {cf6f039a-8950-4a29-90bf-1b2c5274749a} 4552 "\\.\pipe\gecko-crash-server-pipe.4552" 4792 14609c1c358 tab
    3⤵
    PID:1520
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4552.5.233984830\1700863452" -childID 4 -isForBrowser -prefsHandle 5332 -prefMapHandle 5340 -prefsLen 27695 -prefMapSize 235121 -jsInitHandle 1336 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {4bde2228-950c-4082-b6af-aba496315a14} 4552 "\\.\pipe\gecko-crash-server-pipe.4552" 5324 1460b86ae58 tab
    3⤵
    PID:2000
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4552.6.1110066058\837733724" -childID 5 -isForBrowser -prefsHandle 5512 -prefMapHandle 5516 -prefsLen 27695 -prefMapSize 235121 -jsInitHandle 1336 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {07cab1c0-10f9-4eeb-a810-58fd9494b4e5} 4552 "\\.\pipe\gecko-crash-server-pipe.4552" 5500 1460b86bd58 tab
    3⤵
    PID:3624
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4552.7.336081482\1717190455" -childID 6 -isForBrowser -prefsHandle 2852 -prefMapHandle 2716 -prefsLen 27774 -prefMapSize 235121 -jsInitHandle 1336 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {06c851ef-c126-4e4a-86d2-9b4a3c5d7fe6} 4552 "\\.\pipe\gecko-crash-server-pipe.4552" 5776 1460a05a458 tab
    3⤵
    PID:4668
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4552.8.981046736\1992290786" -childID 7 -isForBrowser -prefsHandle 3812 -prefMapHandle 6008 -prefsLen 27774 -prefMapSize 235121 -jsInitHandle 1336 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {744d7282-f5a6-48cf-acb9-3f5b5716c19d} 4552 "\\.\pipe\gecko-crash-server-pipe.4552" 5776 14608774f58 tab
    3⤵
    PID:3132
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4552.9.1114785388\1963433413" -childID 8 -isForBrowser -prefsHandle 6200 -prefMapHandle 6204 -prefsLen 27774 -prefMapSize 235121 -jsInitHandle 1336 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3a0cf9b6-8205-49fc-92c8-1829dc048b2d} 4552 "\\.\pipe\gecko-crash-server-pipe.4552" 6188 14608775b58 tab
    3⤵
    PID:1108
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4552.10.1948270270\129394399" -childID 9 -isForBrowser -prefsHandle 6172 -prefMapHandle 4952 -prefsLen 28175 -prefMapSize 235121 -jsInitHandle 1336 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c939ecab-7bb3-4492-b3e9-59e061506821} 4552 "\\.\pipe\gecko-crash-server-pipe.4552" 6364 1460a0b4d58 tab
    3⤵
    PID:2760
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4552.11.1124579720\499504586" -childID 10 -isForBrowser -prefsHandle 6468 -prefMapHandle 6472 -prefsLen 28175 -prefMapSize 235121 -jsInitHandle 1336 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e587de5f-7c73-46b1-b2e6-014bd13aec1c} 4552 "\\.\pipe\gecko-crash-server-pipe.4552" 6488 14609237e58 tab
    3⤵
    PID:3612
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4552.12.2012481001\554775879" -childID 11 -isForBrowser -prefsHandle 10572 -prefMapHandle 10576 -prefsLen 28175 -prefMapSize 235121 -jsInitHandle 1336 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d9399884-9a1d-4a3c-ae20-7c80c54984b9} 4552 "\\.\pipe\gecko-crash-server-pipe.4552" 10564 1460a284258 tab
    3⤵
    PID:3056
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4552.13.200341440\975778531" -childID 12 -isForBrowser -prefsHandle 10424 -prefMapHandle 10420 -prefsLen 28175 -prefMapSize 235121 -jsInitHandle 1336 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {8d6f9b57-7705-4f59-861e-1599e0df3ae8} 4552 "\\.\pipe\gecko-crash-server-pipe.4552" 10432 1460cb4ce58 tab
    3⤵
    PID:1700

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\mg2c1myw.default-release\activity-stream.discovery_stream.json.tmp

Filesize
24KB

MD5
d9808806be57228aa2e442f95a860e67

SHA1
afa36226b5f89ea556e055d52e943b867883f9dd

SHA256
7a122c431092dbd4f4051b45fcfce296d8e76683037239532dcf2c4ef9739651

SHA512
7b02aedcdaf442e2bcb6967f278456316c20890411a88cf60e5896b9635749d5befd7608da3e6be24df72920da4aae6240cd965809faf4794e203c835908b04b

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\mg2c1myw.default-release\cache2\entries\F4EFE37A30D0F14C6AC03FF7949A51CBC2EBC649

Filesize
13KB

MD5
88644721f161d96cbcaed692ef24f54e

SHA1
4078d5dc62036a60b843ea64934594d8ebf999cb

SHA256
6fe574f1e87ed7908637fb08302d188eab238d6a5734a65caad7cfa1000893bb

SHA512
23d6071fe63dcf89ac758448bd770e20268acf286f4fdee618ec07b89b270844b227d9845aefa07686ee144899b463c1b950c708d3901f97fa870389277c70ef

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\mg2c1myw.default-release\cache2\entries\F8CBD54DDA10F4286A41EC6A537240712D6C2308

Filesize
9KB

MD5
36c27e4e29efc834b565e099d844bf37

SHA1
bb37cedde55a0e0a2081ab27351385b55b6190f7

SHA256
b93de894d908a4bd36615c6ff3bc517f32cdbf3bb78120adfd1b857dc786ba68

SHA512
9d824753dbe18d1c541e2c99563adb01296590f072c9778845690c41fc84005d142e4cb83a217d73a84b716378c30103c959f25d9a52a50800ca078cee3ac3de

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\mg2c1myw.default-release\thumbnails\613a94ecbcd9e8c62795c6cbb285504b.png

Filesize
61KB

MD5
4fe69541133b0a6dad33e4cd32b0491a

SHA1
e080efddd38491af7a4df60bd6e5ce432fa42614

SHA256
a88c21cb8bf411d2170cbb076e6ee63200296ec6dc84db7304df6ac1aa3077b7

SHA512
7cf74f8a1c81e5e17c30079feaf9a89eb994fd1411e7c2b14b985ef86cb8f7349331c5ecb52d79cae52eba6cdba8fa9e4078b9255e2cd0353ef5b76fe640d2c6

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon

Filesize
442KB

MD5
85430baed3398695717b0263807cf97c

SHA1
fffbee923cea216f50fce5d54219a188a5100f41

SHA256
a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e

SHA512
06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

Filesize
8.0MB

MD5
a01c5ecd6108350ae23d2cddf0e77c17

SHA1
c6ac28a2cd979f1f9a75d56271821d5ff665e2b6

SHA256
345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42

SHA512
b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mg2c1myw.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

Filesize
997KB

MD5
fe3355639648c417e8307c6d051e3e37

SHA1
f54602d4b4778da21bc97c7238fc66aa68c8ee34

SHA256
1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e

SHA512
8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mg2c1myw.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

Filesize
116B

MD5
3d33cdc0b3d281e67dd52e14435dd04f

SHA1
4db88689282fd4f9e9e6ab95fcbb23df6e6485db

SHA256
f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b

SHA512
a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mg2c1myw.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

Filesize
479B

MD5
49ddb419d96dceb9069018535fb2e2fc

SHA1
62aa6fea895a8b68d468a015f6e6ab400d7a7ca6

SHA256
2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539

SHA512
48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mg2c1myw.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

Filesize
372B

MD5
8be33af717bb1b67fbd61c3f4b807e9e

SHA1
7cf17656d174d951957ff36810e874a134dd49e0

SHA256
e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd

SHA512
6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mg2c1myw.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

Filesize
11.8MB

MD5
33bf7b0439480effb9fb212efce87b13

SHA1
cee50f2745edc6dc291887b6075ca64d716f495a

SHA256
8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e

SHA512
d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mg2c1myw.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

Filesize
1KB

MD5
688bed3676d2104e7f17ae1cd2c59404

SHA1
952b2cdf783ac72fcb98338723e9afd38d47ad8e

SHA256
33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237

SHA512
7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mg2c1myw.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

Filesize
1KB

MD5
937326fead5fd401f6cca9118bd9ade9

SHA1
4526a57d4ae14ed29b37632c72aef3c408189d91

SHA256
68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81

SHA512
b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mg2c1myw.default-release\prefs-1.js

Filesize
10KB

MD5
eb8f488bb0acfb4ea231b37f0413fc7d

SHA1
8c28d5fdc10e0fe1e94d4611810b27c2f8504ef2

SHA256
13f928925805b1b497e57bc2383deba97bd3ac7839eefaa3a6003f3a41a18b55

SHA512
323433ec4296d6f9db824c70a5d0f04104be21f282df5e0202297e76bc0a7e4dc0c46ecb1606c10695d155363e87a757d69591f94978faece9eebc36f9fd98f9

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mg2c1myw.default-release\prefs-1.js

Filesize
7KB

MD5
a56b87bf1faf5af878b8f859047d2a39

SHA1
d69bafe77d9046f7ed9a22d7765c682396162239

SHA256
831448915ac75bdb3114bbd1dbf59b1a17c4494866487e13020c7c2ddfff52ad

SHA512
5bd3b21d97c7d32a949e1505d6867a1fc57eed42e9b59f3397a278e4ac0512ebcba3fde254a7a0257e5ebceec6bb21315a8ff24d17106f1908da6333e588402e

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mg2c1myw.default-release\prefs-1.js

Filesize
7KB

MD5
c2b3907a3fb1f8d9aa41cf569f62105f

SHA1
4b77341d78b8844bd0336819bf08080ebc54b983

SHA256
3883437929abbc1a52ba217c07aee06b39d64ea1edc8323b2327cc975bb2881d

SHA512
b2b030d14d23834c93d4f7b79ba62f41c40a7e1be5985c6d00438c95c1ee8296c1bc49efb8f5592e64afec325b0d8357ee71eae2c32cd631e05ea411e1f7ae06

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mg2c1myw.default-release\prefs.js

Filesize
6KB

MD5
3f464fded100e5dfa09a4f03a8d882b5

SHA1
e1345eed4c7b1e41a3bce26581bbc9a0664ae527

SHA256
98943ad3c46883cc673b09752d830b0bfd442e3fbb504f16604d67c7b598b4a5

SHA512
5932d07e54c001909e5bd249a5fde067886d3f82ba60f1d1c90743e2b676061b1d6414078f210211df1d405610f0e958fc5d159e08bcd436b226db8ced284761

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mg2c1myw.default-release\prefs.js

Filesize
7KB

MD5
3150a01a660a41a7a418c248f976c18a

SHA1
cbf6876e7ac6dd4e22887aeabdb9792d1d3be0b3

SHA256
38e3143c6a59965a98a4145da981f309d002a697d5e92a1de217e3c74f141a73

SHA512
0392a76eecdae2d55471c837cd21cdefc43cd01d085952d07620000efa6560c064986836fd26de2a90683e504deeca9018d239cc8eb78547faa8f8e552d0ba6a

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mg2c1myw.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
2KB

MD5
da89f368b89e6ba58b24667dcaed9283

SHA1
34ffdff1f4a90436cdfdf228fe2e631b6feda34a

SHA256
b6f5f90a89054184df3d062c0437776eafcdbdb6407d6736f3f5552e57e41089

SHA512
c39ee9ba937c7ceda25bc71b12d6cf9b1568b308ad47b4b1976a3f70fb0d117b23c4c1a2940e3ad4fea7b13d312765b77099b081b50581ec180f8e1b4ac18938

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mg2c1myw.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
2KB

MD5
cd8884b5ab622916adaecd118451cf5c

SHA1
d66b0289ffff8864a89c39dc8d87bb306b4ec9e3

SHA256
a194a4e0644ad546af96aa287b6ad14f66464a744da7db4475300f049c14e0ac

SHA512
ace65d093c697f3d776fecd84a5324565dc416cab2f929eb7573481f421707ce7e66660f735222765e252f7001575f83fae83c04b3550d834b90f3ec69bd3168

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mg2c1myw.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
2KB

MD5
dfcb63bedc177279dec34cc7fc3947b1

SHA1
ee7318e5dcffea70406e645ccc523279218d7b08

SHA256
bca86ecc179e9c7aabea714a343488972caf37d3c735bf48f469273adafc1da5

SHA512
dfd505ebf5a92f32df60d418ebb0bb4d4827f3279e04ee815793141cc3edea6bdb9eb0b36a9d5ef688edf4a07be1d96a456d1749cb1dc4fef4c2871fcecea5b5

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mg2c1myw.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
1KB

MD5
6482fc5359b2301fa87ec6fe6c439849

SHA1
efc14c15d3678e0cb95b2cf3968e8915228ba18e

SHA256
d719e0045a0e98dc41eba7199cef485bf9de28282090373727d9eac6c8f2486f

SHA512
39ed1d1c945fe4e3abaf759418f9c6eea8a6840ab18c7daae3e11229a433d0a7ccc97b655c13d787d48fc0cd91fb5322b90a8fdeb520c8929211ac469468442b

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mg2c1myw.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
1KB

MD5
0fe2025ced0af6cce6813d607c05a116

SHA1
5b31f5a6df2a72e8e75bb7f8a4488a423eccd9c5

SHA256
62d9d5fcdbe274408eb04985fbeaaa909de84ef87d01e54e76c59f45d2ade339

SHA512
ffaa973f0265043cdf34d04420df7a55fc54ea30a6359e1f4457d384747f3deebf50ff5bf167bc1856fbeb6c6688c1a97e266f1cd18bef37ba96b1287a4a8009

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mg2c1myw.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
2KB

MD5
744e105a2093118f40213a3f97c14cc1

SHA1
a2f94432309d1080a4bb9b740fe3b8a9ea29da33

SHA256
be43e5143341fe7899beda307446680dd0e476a8ac50b46213fc62b3316c2423

SHA512
2a73baa2ca2a2bf37bac0e5605531c1d828d89ec490df7e271f3c90d101c3fc50b4ea84a01fc4897fb701ec73726a588d3f73f8eb0233b2368f879c6899ec95a

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mg2c1myw.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
1KB

MD5
4074b9b4212f78d8a3de1a1c170e831d

SHA1
b55a8c135f006ec177da9bc66b7245ad8991f58c

SHA256
aca2cf418d69684039e84e7fa9680b132ae6603c855d6c9b09cf913392dd2abd

SHA512
2f963a77c0e96a5835ac639092a0c062c5424d6c87f7d78db51988f7ac9a1a969c9277f8e74488b24ceb448404f7b8d5432708498aef0f1345bf740e1649981f

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mg2c1myw.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
2KB

MD5
c06d0201e7ece37330ffbdf5ae36c0f1

SHA1
0de9562103c3265459d4d54bb66d0379105661e0

SHA256
d6f5e2681f544b783e941854a778f545e33440896171ac2d3670de5978182c1f

SHA512
e0396c1a1e7fb76e164dc4d7737fd8fe5272256253621c5c36bc104d43f01619044372d4c2a23169511452711b1155609d024d5f44de6a28ec63056b83d8b001

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mg2c1myw.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
2KB

MD5
9e9e750047b626733018af401da8b039

SHA1
00a8dc54e0ff1cbd95dd4f37f1c12697777ee493

SHA256
73880ad11c8e1a1bdae2e121817bc442ff97bd021130bfd30f17438038fe332b

SHA512
88a170a04d105dce423096cd7bb10786e96115c9722759ec3446daf10b2da02023be94b07fa0006bcbd9b8cb0d0074d3850aa3f256d9fd07fcb0d8e39364e89d

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mg2c1myw.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

Filesize
600KB

MD5
654ed6a470c712d53db095a94c50345c

SHA1
f1104fbeec9d2747edfc0ca3f562b5b1b5dce76b

SHA256
d851b61444875041e1afdfcb29510c4530155472fd1db8a38111229a46a20ce7

SHA512
ac2ad2d500c5514f917e26a54b822bcc674cbf9c55430d25a607b47d1ce62ac8e4f08005d7d25685020e12e5794e4e000c1271a95354ee2789565ed3bba1efed

Download Submit