Malware Analysis Report

2025-04-14 00:32

Sample ID 240601-w12m4sbf73
Target http://bit.ly/SoundBridge
Tags
score
1/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
1/10

Threat Level: No (potentially) malicious behavior was detected

The file http://bit.ly/SoundBridge was found to be: No (potentially) malicious behavior was detected.

Malicious Activity Summary


Uses Task Scheduler COM API

Checks processor information in registry

Modifies registry class

Suspicious use of AdjustPrivilegeToken

Suspicious use of FindShellTrayWindow

Suspicious use of SendNotifyMessage

Suspicious use of SetWindowsHookEx

Suspicious use of WriteProcessMemory

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-01 18:24

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-01 18:24

Reported

2024-06-01 18:29

Platform

win10v2004-20240426-en

Max time kernel

325s

Max time network

326s

Command Line

"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "http://bit.ly/SoundBridge"

Signatures

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: 33 N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2500 wrote to memory of 2564 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2500 wrote to memory of 2564 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2500 wrote to memory of 2564 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2500 wrote to memory of 2564 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2500 wrote to memory of 2564 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2500 wrote to memory of 2564 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2500 wrote to memory of 2564 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2500 wrote to memory of 2564 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2500 wrote to memory of 2564 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2500 wrote to memory of 2564 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2500 wrote to memory of 2564 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2564 wrote to memory of 2956 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2564 wrote to memory of 2956 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2564 wrote to memory of 2956 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2564 wrote to memory of 2956 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2564 wrote to memory of 2956 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2564 wrote to memory of 2956 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2564 wrote to memory of 2956 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2564 wrote to memory of 2956 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2564 wrote to memory of 2956 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2564 wrote to memory of 2956 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2564 wrote to memory of 2956 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2564 wrote to memory of 2956 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2564 wrote to memory of 2956 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2564 wrote to memory of 2956 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2564 wrote to memory of 2956 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2564 wrote to memory of 2956 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2564 wrote to memory of 2956 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2564 wrote to memory of 2956 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2564 wrote to memory of 2956 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2564 wrote to memory of 2956 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2564 wrote to memory of 2956 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2564 wrote to memory of 2956 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2564 wrote to memory of 2956 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2564 wrote to memory of 2956 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2564 wrote to memory of 2956 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2564 wrote to memory of 2956 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2564 wrote to memory of 2956 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2564 wrote to memory of 2956 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2564 wrote to memory of 2956 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2564 wrote to memory of 2956 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2564 wrote to memory of 2956 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2564 wrote to memory of 2956 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2564 wrote to memory of 2956 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2564 wrote to memory of 2956 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2564 wrote to memory of 2956 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2564 wrote to memory of 2956 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2564 wrote to memory of 2956 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2564 wrote to memory of 2956 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2564 wrote to memory of 2956 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2564 wrote to memory of 2956 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2564 wrote to memory of 2956 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2564 wrote to memory of 2956 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2564 wrote to memory of 2956 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2564 wrote to memory of 4960 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2564 wrote to memory of 4960 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2564 wrote to memory of 4960 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2564 wrote to memory of 4960 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2564 wrote to memory of 4960 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2564 wrote to memory of 4960 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2564 wrote to memory of 4960 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2564 wrote to memory of 4960 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2564 wrote to memory of 4960 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2564 wrote to memory of 4960 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "http://bit.ly/SoundBridge"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url http://bit.ly/SoundBridge

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2564.0.146446422\475154790" -parentBuildID 20230214051806 -prefsHandle 1812 -prefMapHandle 1804 -prefsLen 22076 -prefMapSize 235121 -appDir "C:\Program Files\Mozilla Firefox\browser" - {7828fc61-b690-4185-9e24-2dc7ea76bf7c} 2564 "\\.\pipe\gecko-crash-server-pipe.2564" 1884 1bd59b24358 gpu

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2564.1.1475327716\813090713" -parentBuildID 20230214051806 -prefsHandle 2492 -prefMapHandle 2488 -prefsLen 22927 -prefMapSize 235121 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5ff943e6-7312-4e44-ae1e-39f0e92e5a5f} 2564 "\\.\pipe\gecko-crash-server-pipe.2564" 2528 1bd45888d58 socket

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2564.2.1567969196\1295134554" -childID 1 -isForBrowser -prefsHandle 2904 -prefMapHandle 2940 -prefsLen 22965 -prefMapSize 235121 -jsInitHandle 972 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {853a0b89-91fc-4336-b987-d1ecda0b3408} 2564 "\\.\pipe\gecko-crash-server-pipe.2564" 2928 1bd5ca41858 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2564.3.881897188\1504591800" -childID 2 -isForBrowser -prefsHandle 3648 -prefMapHandle 3644 -prefsLen 27616 -prefMapSize 235121 -jsInitHandle 972 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c8fff627-e481-4846-b2eb-7e505ab86da0} 2564 "\\.\pipe\gecko-crash-server-pipe.2564" 3660 1bd5e6af458 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2564.4.1794319652\1731208867" -childID 3 -isForBrowser -prefsHandle 5044 -prefMapHandle 5040 -prefsLen 27616 -prefMapSize 235121 -jsInitHandle 972 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5cdf607e-8039-4231-8c80-d5d7cb7e4bb4} 2564 "\\.\pipe\gecko-crash-server-pipe.2564" 5116 1bd60436a58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2564.5.934928962\939151693" -childID 4 -isForBrowser -prefsHandle 5260 -prefMapHandle 5264 -prefsLen 27616 -prefMapSize 235121 -jsInitHandle 972 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3d7aa556-8f53-40d5-bd91-cc891c12db89} 2564 "\\.\pipe\gecko-crash-server-pipe.2564" 5252 1bd60435b58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2564.6.1213715559\2115896709" -childID 5 -isForBrowser -prefsHandle 5436 -prefMapHandle 5440 -prefsLen 27616 -prefMapSize 235121 -jsInitHandle 972 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5cec053d-923b-480b-a1ae-559405ec4162} 2564 "\\.\pipe\gecko-crash-server-pipe.2564" 5140 1bd60436758 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2564.7.2099735475\1549580636" -childID 6 -isForBrowser -prefsHandle 5044 -prefMapHandle 5284 -prefsLen 27697 -prefMapSize 235121 -jsInitHandle 972 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {18b64fec-8c51-4254-886d-0b1a973cf989} 2564 "\\.\pipe\gecko-crash-server-pipe.2564" 5648 1bd60f8b058 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2564.8.383075842\1783516657" -parentBuildID 20230214051806 -prefsHandle 3244 -prefMapHandle 5688 -prefsLen 27697 -prefMapSize 235121 -appDir "C:\Program Files\Mozilla Firefox\browser" - {355ccbb2-b615-4354-8545-5523b44120c4} 2564 "\\.\pipe\gecko-crash-server-pipe.2564" 5044 1bd61635558 rdd

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2564.9.35576935\1395976469" -parentBuildID 20230214051806 -sandboxingKind 1 -prefsHandle 3248 -prefMapHandle 5300 -prefsLen 27697 -prefMapSize 235121 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5b12b75d-fa78-4fa6-95b7-170bcbfb0fb7} 2564 "\\.\pipe\gecko-crash-server-pipe.2564" 5828 1bd61637f58 utility

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2564.10.620268527\768048872" -parentBuildID 20230214051806 -sandboxingKind 0 -prefsHandle 6060 -prefMapHandle 6056 -prefsLen 27697 -prefMapSize 235121 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {84c4543b-198b-49a8-9b3e-2a2e39507af9} 2564 "\\.\pipe\gecko-crash-server-pipe.2564" 6068 1bd61637058 utility

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2564.11.525207128\354087922" -childID 7 -isForBrowser -prefsHandle 6264 -prefMapHandle 6224 -prefsLen 27697 -prefMapSize 235121 -jsInitHandle 972 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {18331b8e-2f74-4b6d-a07c-c4f093e9012c} 2564 "\\.\pipe\gecko-crash-server-pipe.2564" 6276 1bd61915b58 tab

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x51c 0x308

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2564.12.1817500035\1955140481" -childID 8 -isForBrowser -prefsHandle 6472 -prefMapHandle 3576 -prefsLen 28098 -prefMapSize 235121 -jsInitHandle 972 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d3fb429d-2fb3-439b-aa46-a6b2be705c0a} 2564 "\\.\pipe\gecko-crash-server-pipe.2564" 4840 1bd5fae8d58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2564.13.2066797761\572143791" -childID 9 -isForBrowser -prefsHandle 1716 -prefMapHandle 2216 -prefsLen 28177 -prefMapSize 235121 -jsInitHandle 972 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {8ee52cb1-a447-44c8-b2f9-e1645a07b98f} 2564 "\\.\pipe\gecko-crash-server-pipe.2564" 4180 1bd45840058 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2564.14.404374392\169861405" -childID 10 -isForBrowser -prefsHandle 7192 -prefMapHandle 7204 -prefsLen 28177 -prefMapSize 235121 -jsInitHandle 972 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {0b345571-2cd9-47fb-8c51-bc0084425663} 2564 "\\.\pipe\gecko-crash-server-pipe.2564" 7212 1bd60f8bc58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2564.15.901816410\1324872074" -childID 11 -isForBrowser -prefsHandle 3092 -prefMapHandle 3120 -prefsLen 28186 -prefMapSize 235121 -jsInitHandle 972 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d238f9d8-f8c9-45b2-beff-edbc1f4b0e40} 2564 "\\.\pipe\gecko-crash-server-pipe.2564" 7164 1bd63af6b58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2564.16.119146581\1509706775" -childID 12 -isForBrowser -prefsHandle 7600 -prefMapHandle 7596 -prefsLen 28186 -prefMapSize 235121 -jsInitHandle 972 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {1be86af1-8db2-4dbf-a256-e7368d25e92b} 2564 "\\.\pipe\gecko-crash-server-pipe.2564" 6664 1bd5f8d6e58 tab

Network

Country Destination Domain Proto
N/A 127.0.0.1:56923 tcp
US 8.8.8.8:53 bit.ly udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 spocs.getpocket.com udp
US 8.8.8.8:53 getpocket.cdn.mozilla.net udp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
US 34.117.188.166:443 spocs.getpocket.com tcp
US 34.120.5.221:443 getpocket.cdn.mozilla.net tcp
US 67.199.248.10:80 bit.ly tcp
US 67.199.248.10:80 bit.ly tcp
US 34.117.188.166:443 spocs.getpocket.com tcp
US 8.8.8.8:53 prod.ads.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.pocket.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 bit.ly udp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 8.8.8.8:53 prod.pocket.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.ads.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 bit.ly udp
US 8.8.8.8:53 shavar.services.mozilla.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 44.237.65.238:443 shavar.services.mozilla.com tcp
US 8.8.8.8:53 push.services.mozilla.com udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 34.117.188.166:443 contile.services.mozilla.com udp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
US 34.117.188.166:443 contile.services.mozilla.com udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 34.107.243.93:443 push.services.mozilla.com tcp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 soundbridge.io udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 104.26.6.238:443 soundbridge.io tcp
US 8.8.8.8:53 221.5.120.34.in-addr.arpa udp
US 8.8.8.8:53 104.219.191.52.in-addr.arpa udp
US 8.8.8.8:53 10.248.199.67.in-addr.arpa udp
US 8.8.8.8:53 238.65.237.44.in-addr.arpa udp
US 8.8.8.8:53 88.210.23.2.in-addr.arpa udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.107.243.93:443 autopush.prod.mozaws.net tcp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 soundbridge.io udp
US 8.8.8.8:53 soundbridge.io udp
US 104.26.6.238:443 soundbridge.io udp
US 8.8.8.8:53 www.soundbridge.io udp
US 34.107.243.93:443 autopush.prod.mozaws.net udp
US 104.26.6.238:443 www.soundbridge.io tcp
US 8.8.8.8:53 www.soundbridge.io udp
US 8.8.8.8:53 www.soundbridge.io udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 104.26.6.238:443 www.soundbridge.io udp
US 8.8.8.8:53 static.cloudflareinsights.com udp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
US 8.8.8.8:53 238.6.26.104.in-addr.arpa udp
US 104.16.79.73:443 static.cloudflareinsights.com tcp
US 8.8.8.8:53 static.cloudflareinsights.com udp
US 8.8.8.8:53 static.cloudflareinsights.com udp
US 8.8.8.8:53 202.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 14.160.190.20.in-addr.arpa udp
US 8.8.8.8:53 73.79.16.104.in-addr.arpa udp
US 8.8.8.8:53 conversations-widget.brevo.com udp
US 104.18.38.216:443 conversations-widget.brevo.com tcp
US 8.8.8.8:53 conversations-widget.brevo.com udp
US 8.8.8.8:53 conversations-widget.brevo.com udp
US 8.8.8.8:53 analytics.google.com udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 216.239.34.181:443 analytics.google.com tcp
US 8.8.8.8:53 analytics-alv.google.com udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 analytics-alv.google.com udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 d13sozod7hpim.cloudfront.net udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 104.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 216.38.18.104.in-addr.arpa udp
US 8.8.8.8:53 181.34.239.216.in-addr.arpa udp
GB 13.224.227.31:443 d13sozod7hpim.cloudfront.net tcp
GB 13.224.227.31:443 d13sozod7hpim.cloudfront.net tcp
US 8.8.8.8:53 d13sozod7hpim.cloudfront.net udp
US 216.239.34.181:443 analytics-alv.google.com udp
US 8.8.8.8:53 d13sozod7hpim.cloudfront.net udp
N/A 127.0.0.1:56929 tcp
BE 74.125.71.156:443 stats.g.doubleclick.net tcp
BE 74.125.71.156:443 stats.g.doubleclick.net udp
US 104.18.38.216:443 conversations-widget.brevo.com tcp
US 8.8.8.8:53 31.227.224.13.in-addr.arpa udp
US 8.8.8.8:53 156.71.125.74.in-addr.arpa udp
US 8.8.8.8:53 ucarecdn.com udp
GB 104.91.71.139:443 ucarecdn.com tcp
US 8.8.8.8:53 ucarecdn.com udp
GB 104.91.71.139:443 ucarecdn.com tcp
US 8.8.8.8:53 ucarecdn.com udp
US 8.8.8.8:53 139.71.91.104.in-addr.arpa udp
US 8.8.8.8:53 209.205.72.20.in-addr.arpa udp
US 8.8.8.8:53 157.123.68.40.in-addr.arpa udp
US 8.8.8.8:53 18.31.95.13.in-addr.arpa udp
US 8.8.8.8:53 83.210.23.2.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 196.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 195.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 99.201.58.216.in-addr.arpa udp
US 52.111.227.11:443 tcp
US 8.8.8.8:53 131.83.221.88.in-addr.arpa udp
US 8.8.8.8:53 23.236.111.52.in-addr.arpa udp
US 216.239.34.181:443 analytics-alv.google.com udp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 id.google.com udp
GB 142.250.200.3:443 id.google.com tcp
US 8.8.8.8:53 id.google.com udp
US 8.8.8.8:53 id.google.com udp
GB 142.250.200.3:443 id.google.com udp
US 8.8.8.8:53 3.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 encrypted-tbn0.gstatic.com udp
US 8.8.8.8:53 img.youtube.com udp
US 8.8.8.8:53 encrypted-tbn2.gstatic.com udp
GB 142.250.178.14:443 img.youtube.com tcp
US 8.8.8.8:53 encrypted-tbn0.gstatic.com udp
US 8.8.8.8:53 encrypted-tbn0.gstatic.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.46:443 img.youtube.com tcp
US 8.8.8.8:53 ytimg.l.google.com udp
GB 142.250.180.14:443 ytimg.l.google.com tcp
US 8.8.8.8:53 encrypted-tbn2.gstatic.com udp
GB 142.250.179.238:443 ytimg.l.google.com tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 ytimg.l.google.com udp
US 8.8.8.8:53 encrypted-tbn2.gstatic.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.46:443 ytimg.l.google.com tcp
GB 142.250.180.14:443 encrypted-tbn2.gstatic.com tcp
US 8.8.8.8:53 www.youtube.com udp
GB 142.250.178.14:443 www.youtube.com udp
US 8.8.8.8:53 youtube-ui.l.google.com udp
GB 142.250.187.238:443 youtube-ui.l.google.com tcp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 14.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 238.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 46.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 14.180.250.142.in-addr.arpa udp
GB 142.250.187.238:443 youtube-ui.l.google.com udp
GB 142.250.180.14:443 youtube-ui.l.google.com udp
GB 142.250.200.46:443 youtube-ui.l.google.com udp
GB 142.250.179.238:443 youtube-ui.l.google.com udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 static.doubleclick.net udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 216.58.212.226:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
GB 216.58.213.6:443 static.doubleclick.net tcp
US 8.8.8.8:53 static.doubleclick.net udp
GB 142.250.178.10:443 jnn-pa.googleapis.com tcp
GB 142.250.178.10:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 static.doubleclick.net udp
US 8.8.8.8:53 226.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 6.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 10.178.250.142.in-addr.arpa udp
GB 142.250.178.10:443 jnn-pa.googleapis.com udp
GB 216.58.212.226:443 googleads.g.doubleclick.net udp
GB 142.250.178.14:443 youtube-ui.l.google.com tcp
US 8.8.8.8:53 encrypted-tbn3.gstatic.com udp
GB 216.58.213.6:443 static.doubleclick.net udp
US 8.8.8.8:53 encrypted-tbn3.gstatic.com udp
GB 142.250.178.14:443 encrypted-tbn3.gstatic.com udp
GB 142.250.200.3:443 id.google.com udp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 34.117.188.166:443 contile.services.mozilla.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 88.65.42.20.in-addr.arpa udp

Files

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\qzr7kws6.default-release\activity-stream.discovery_stream.json.tmp

MD5 3c6b304202037aeec28d38f69fd2d1e1
SHA1 478093d6efaee67c1c17c87783d7307177c0885b
SHA256 ca498ce38184283d97cb3dc868711e7cc91ab8e85a558f33bfb9f1b983c56553
SHA512 2ac4eedad6b7fd8eed987a637f17239f8afdfd5c393777f281ec021b30b4417f601d6dd7fdc8a01ea513743a8a05ee3d1322247b1d533c4525feb92dc3e25b0b

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qzr7kws6.default-release\sessionstore-backups\recovery.jsonlz4

MD5 a7c06eab736635b4e65e57397a22e4c4
SHA1 acda077af9274006754ddff743b1b97b5bafc13c
SHA256 7abd39f5c04ccd03df1f48a0883b1bb059f20a1d089151c75bc085403260ce06
SHA512 3ab16973f9e4afbd1b6b2018f0fa51bfa0f392e9b5cc44e3c729df3f7f42beb718541bbeb80ff5f77d921aafb057965d583f869cb6dfb0c612157a1db46f9aa5

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qzr7kws6.default-release\prefs-1.js

MD5 d4c5a4a06e63876b1c750a0da488d262
SHA1 21a3dd659dc0e1ee8c3215b5864d55b88b44d302
SHA256 acef582acce18629b459fb3951b8217a74db2cad2aa92f517b747c2a28d9f1a3
SHA512 13b1d41e64886dca55e509f98967599fecb78321e1f05762b454268f48f94e369c58a4d16bd9f75b7f4da346b28b0dbd56126bee4f1e01ab81c5620e3bddea86

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qzr7kws6.default-release\sessionstore-backups\recovery.jsonlz4

MD5 910319a42720c0f91b6e89574e2916da
SHA1 b335e9c8bff570c00c4039a114cc8a85aaf1dbce
SHA256 e026fcf69a2da47df125206904dabf75805e02d756b0cccf739de756ba2b3427
SHA512 bdbe8836c4eadc2d2e4d453cabf5a4149711d9e505d86874b0a1ac681de9689988f0c685a428401a0152385ccb8507efa43ce7da9fb4cb81071a7d03e5bad324

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\qzr7kws6.default-release\cache2\entries\021C39BDD3BAB163B30C174121801693BEB31A55

MD5 0b06febf73cf875bfe5e8a928bbc26af
SHA1 634c0a89e2bcb8f4a05aa2625b201f810033efda
SHA256 9ac833181ca338f8eac49f229718eda5a42a46751f7a712d61eceee9bd563ea3
SHA512 661d74d75599a30e12c6cb72f85e56bd9966ab743d26cc63f0f7055a95bcaa46efc0f02d6d98cf720ca1f2673a0c45fda7858f3390e567f38784a57b896e7e28

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qzr7kws6.default-release\sessionstore-backups\recovery.jsonlz4

MD5 888b8d1553136205b9c16b06e0f12680
SHA1 01f693533c0bbf16a6f6b87aa62bbafe2a161df7
SHA256 c9a49f1fe8f4cc78cb9a0877e3f5dbf5c0a3e110c7af48b05ffb2ec790bdd025
SHA512 352b389517a31edea62f98977079b62cf283a19c02cb7296dff1d8118506c73675c86b4c12ba982bdebf1148eec6f89008eac533af4aef891208fd399cb581b3

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qzr7kws6.default-release\prefs-1.js

MD5 8b4aa8bac6265b54369a02d5123d9d18
SHA1 dd6d4589a76cb681ce7b0906064f3a04dad36a8b
SHA256 f427aafe143938ee882ad74fdfcf05173ede9b8640aeefa796fbc9db4ea5ded6
SHA512 7a2ee5eb5c3c5986717ecb162907b212fcbad7e51ada8702594477a6fad9ba93170c6211d6eff10581cabec86f7a2e547a1ebbb9bc79e4bce66d09ceac682743

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qzr7kws6.default-release\sessionstore-backups\recovery.jsonlz4

MD5 229881d20b1125e811409e05fe5c65d8
SHA1 e7caf706bf9c0e6ce8f8aab4c687e255f13dba48
SHA256 469134e4e41191e33c85a81037d5423d6c947acb0fb437fa25137daf8d32be3a
SHA512 c820331a10b0f16e0320e1c4042f57cd31bdde549f0f183d6f0b5e9d0433789659bf57da054a3eba812da306f503cd1102e5769fc5999147aa69fe1ec4ac939a

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qzr7kws6.default-release\sessionstore-backups\recovery.jsonlz4

MD5 8598662574e21b1b065701d72fcc4a7a
SHA1 2a5b237244a9e6022d40bef52e20f1586a9322a8
SHA256 7ab709b34db5489dd8fbab4c3025a47a8198bbd9bf725f363fa62a7c558e3ad6
SHA512 f451556eb50194369660886d08258f833b39336002523e224d2722cbb5726af20565f4e68501dc70f69cc500dc111155f92e47a770d68a264b861145930e2138

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qzr7kws6.default-release\sessionstore-backups\recovery.jsonlz4

MD5 f0277a15b6be87e423ca0cbef56ce4fd
SHA1 e95d9783e4dea865168d68d8bd619e77f8616edb
SHA256 a19ee75a37db9b3c9f0fbc6daca4fae4ff79b8e64fc768fea07b3b631630d09a
SHA512 dcb3611ffd891f8e1fc0a9634b2532c85b63b9f915281f681d3b17e79d957c332d7d998334c91e238783e4601750223c0e7a85a2a737799ecef00997db32bcbd

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qzr7kws6.default-release\sessionstore-backups\recovery.jsonlz4

MD5 a78f97a1b1433c9b98353d0093164a6c
SHA1 4c6b1806e76919629126d2d4e61e5f17ba350ca9
SHA256 665cc247e73d3e259c18c610f4aa7f1814447bcd82233de00c7533bc9f60d003
SHA512 9af107c33196642e3f7fc2cedb6a927754f1d96aee18e04d36b7c4fdfbc8eb9e12009cecc51109894964f013cdcf2536d477cf2f19b2ae3d500938f8735a7b52

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qzr7kws6.default-release\sessionstore-backups\recovery.jsonlz4

MD5 2ae263fd9dedcdebacd2c0187adb738d
SHA1 b145145fcaa9ced32b7be94d3813c8c1fdd023d5
SHA256 9d1128f691eb647d963a36245fcaa0b5943f95cfe80e619aac2661cf90dddaad
SHA512 ec4229d7ba0759d8bf8f20b6b2e24b160a68035255aaa5469b6e148920def8c3526d960ef1c148821294d78d9687fbb7490ec62ae8ca9fe8e4fb7f0ee3e4782b

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\qzr7kws6.default-release\cache2\doomed\25176

MD5 ef5e86e116ff7d3bdb74cd735612f2fc
SHA1 1c8ca0c4cb7490d2e2ea438e5dd5b12c6460506e
SHA256 db9a2a401208e9f41e7217f049eca004bf08c5dec3b7405aace7b407d593509e
SHA512 ad156e9ca8c31e6a806fc7fa3e967b96eb2914498238b98b6c81d712da824c835e38cbf88aa950b06c5102de6759314b4370696160b9393b128ace0942c8eb8c

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\qzr7kws6.default-release\cache2\doomed\6043

MD5 61f343a0b978c9bc8a42e12a61a49a69
SHA1 60101fd4a2c4d2db1f5417c411cab3f3627d22ba
SHA256 ce7d2168b296842209629910a3d6e179b1506eb19032540d9624523cd037e9bd
SHA512 3531061f9e8baa5158b65e89c5a0e7ab530ef70bf018c66dc8f10815a51b87ac28ead0dbdf329704b91d3aa0c199b3963d7dc85259a50c1862ea8983180ca810

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\qzr7kws6.default-release\cache2\doomed\22227

MD5 931bdaa78f40f73db1f65e96e2529bdf
SHA1 96390a79c0f8823df841d8bb5afcc71b209b7410
SHA256 aba769ffb6055505051750932bd3b5b43d699bc8f239613dac0a059d361867f8
SHA512 f82acc21064598b10787743a55039a85e14ce654597bfe4ea886c3d0a2f52aa4ec100e94183e6736c0a3ccc6f06d89e6b5b4735b9c4c0f366696419f85b73ac8

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\qzr7kws6.default-release\cache2\doomed\22137

MD5 bc05fc6ede4f11872e706acee34ce377
SHA1 28b4aea18bb73b293847bda2cc2efa4dbbc123c2
SHA256 89bd203ecdf5575bc988013d07928dd36e0b08b8b8aca2a5d6c19e8e7219390e
SHA512 d05c091f3a73fdccaca5f4eb3907f009aa8fa7a0022f093cc0542c1c414489b819ece25b86688b08b7870efb3f3826c880f50523177d1156da0887609b7a254d

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\qzr7kws6.default-release\cache2\doomed\25075

MD5 f3625cbb0901eb0ecf678cfe5461f600
SHA1 607fa168477afcf349991d95578846d7351b7b61
SHA256 709e1514beb217407c4d443baf2c554d6673647548d0b87629705cc6670048e7
SHA512 208713ff7317745faf0a3a222578c000ee58b5a7dbbfa9031838b3ed7613953f3a4699d679b6ef105f8a2db3e81da638c46acfbc293b14cbb295b4fd910f30fc

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\qzr7kws6.default-release\cache2\doomed\2251

MD5 b354b4073a1d2090f0f1d69cb2ef3155
SHA1 cfd90a1ca009e4c0e005de7a0bd9ae69f924626b
SHA256 61aa1a1921fd67d53a14304945bb2f1b9e5224bc7395c4746a78536e5974dde8
SHA512 8080c227b0ed57bcf148a901b532b8c4516974c328f90019d44d80755f44f779fcd68b9f8b11d53f520213ffa0ada47da2c50abdec99a8db4fad40f53820e61a

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\qzr7kws6.default-release\cache2\doomed\19600

MD5 b3b5a36a6e17bf999408619b3736e929
SHA1 a05df0166948112e670f300c4ddd7aef261c899b
SHA256 2a4910b5e69d5923dfdb36d63315560adb9d8b4ebf85f67003be6b7696490418
SHA512 1abbba17c8b2d7fcb9aa082390913627c3d31b8c04ebc57deca76fcd41743b757d827d15151217c0459373cc4895b592e11cf5649ab4a585902ec3c4732df5d9

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\qzr7kws6.default-release\cache2\doomed\24336

MD5 d7980e0a701eccd74b84071347f4db7a
SHA1 a93787d6988f857822dbc08167742abcd1f65a15
SHA256 a727a61d33bd0aa876242eab024a9df0c99a4b9e04ef083b1a660c26ff020545
SHA512 015ced5ebde34d70230bb6d6f5f9a0692af007ebf099735491c42a4439dc5f23a6018cb8bcb77a097868c6d11827ea49d5ce91201632e949f55388452257a4f4

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\qzr7kws6.default-release\cache2\doomed\19491

MD5 5b3f75b5ee9530872f0ca9643e11d81c
SHA1 bc3337da81fd8d8d17ddd1ee315b775a72271c4a
SHA256 15c3df80a844dc926b0f77d7c09a165a485dcf97d0ad4f7e86aa32ee62381d22
SHA512 b7a83c34c812c22b01ff0dbf06ba3a587e44368bb5b7f4ff76876eea7f40e3ab4ac73a7b4ac5353bb4979a001862051c50a17b2c9f8e498417ba27e86671819f

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\qzr7kws6.default-release\cache2\doomed\17132

MD5 5604346f84150a22382483f2d657ed91
SHA1 35fdcca5442dfd5b139db6efabaff37e5f4f9dfa
SHA256 33456a48535dfd2a848a7c5dbd4b5b54db600c3b1d40f20fc79b162e5195bb0e
SHA512 b4976fde5f78e73e014865a6d68098099ee10de280be697e9f57d5c9f0477327a4e2c08f7b8eebd25bc43008b306a865c5edca4b13ed130a1366e6ff73ebf084

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qzr7kws6.default-release\sessionstore-backups\recovery.jsonlz4

MD5 a75a0cb1cccf2849ff92050d75c542ee
SHA1 d4f4acb3f1abb8f06ed5770c5c7ed6bf85003843
SHA256 9e888380e02d452fd30906010ed0911e05cd0c1ee6f94fece50c306712526f92
SHA512 4efb139179911d7c72cf900071c2c0a913de90e5d8601d2b718e92ba3610c80120a5fd94c9b9372de8450a7d268a77463c6190ea12f775a669173cc19b985519

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qzr7kws6.default-release\storage\default\https+++www.youtube.com^partitionKey=%28https%2Cgoogle.com%29\idb\2232182701SeesravbiacteaWDosrgk.sqlite

MD5 b859122b11e9950f2e00df450f12874c
SHA1 3dbb0f4f06ceddb5109edf8d18b341d3761ff667
SHA256 29c5e94c3f0df35e5feddfcc29993de625e01557fc4931ec227c940d353b18df
SHA512 895e8149bd96e5cc79a755e0b51709f3493fd63ca28c9fa087128455dc8bfa19ba624063b1f2af65aafc9bcfe91572b3555ddc8c9a21be7d44bad58d78bc432e

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qzr7kws6.default-release\sessionstore-backups\recovery.jsonlz4

MD5 e4b09cc2bf14dc0274bf5f0e25944295
SHA1 1e9db79058abdfd144da908f4aa43bdda15774c7
SHA256 6516c1882f538dffc5df4ece7afa1e59cc0623a2503b4a38215aff204004231e
SHA512 19ebb4dd66adcd1c5f8b870f9c721eddd4e31ae1b48fde6f0df4d575b56c168413c1e474f6c1cf97ae4ec58204ff67801fdb58d7d259215a1372d516bb0e47a6

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\qzr7kws6.default-release\cache2\doomed\5000

MD5 0b6482e975afdbb7268e966f0360f56d
SHA1 6177e350445ab2dce36c81d383801dcc0bdfa50a
SHA256 4ef86f2cf5a47ddfcb1fef23f6034cf1eb0944af14a91e45b3d32e4fd73ec9ef
SHA512 0852717750260b918ac57e714d285a8e6c94cf545ca87ba9125ac7d8bb8cbf675c1620ebca8ef7cb011b191134434f3396ee09dfcafdeebc196d00a09c66cd65

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\qzr7kws6.default-release\cache2\doomed\1174

MD5 8ca4ac9fb40742a6aacebbe29194ffe5
SHA1 0f65f2244ff2669e121551cb9cc86d62393e11cc
SHA256 53c02f8c75adfd056ad86fe36fb53ca1df8157a4c5f61d23568fc8848aa6cec6
SHA512 cb9e946fa25d209ea763aeb78413e3ba2db0be48f15609904ea3184e47a2ce7015e182cf957563fcc09ab76b317c703ced53fb329d0d51d5e836554c051ac59f

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\qzr7kws6.default-release\cache2\doomed\14236

MD5 015414889073c524db403e61065665eb
SHA1 b27e19b3c434558a3452cf787d9b829bf5937b04
SHA256 18a54252a26901bfdaf2b032f8967f821592ee2b3935bb69e49aba71fdfb6f44
SHA512 0fdb165591e2bbf303f8b88bdc7525fd5173291f4acff0298adc9e51908745c5fb15513e595b967b456f2a36a141a304ee71f9405876f156016a3e5c0444d487

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\qzr7kws6.default-release\cache2\doomed\13787

MD5 bf7183bd3c60c49768cc0db7ae778702
SHA1 7982ade770a075ed5519aba4d4d5c454b3d21962
SHA256 d92596402c6599295e2fecd6efa5e37b3d12cb1ff125de0ffe0f411096a31ee7
SHA512 56426b383b697563ac2a426d58027538832ce878afdf77d2a717662de460c745c3c90fcbefcdbe435c48ef0d5d7faf85ad3cbee58547677cabd1bace025350bb

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\qzr7kws6.default-release\cache2\doomed\7144

MD5 1142d4f5b030b98ef79961a7cca3a2bc
SHA1 17e1eb0a050890d13f24bda876b8332c902ec5fe
SHA256 ec8eaf677d8d8c4f45db281c8a2e445e5eb31961c27ce3dbfb6301049ab9690a
SHA512 fa6576892097d432c033fc16428998711e069b24767c2a96419926408042a26beea0d9428ac8b3c99d31938250700659b60922aece017b4ddcfc209bec75cd3e

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\qzr7kws6.default-release\cache2\doomed\28579

MD5 f2ecd4c43086e7496800c13862fc70dc
SHA1 bf7b6d06602033944dc89ad1fa52b7c4f7333abc
SHA256 d3ad109d5c0dafc104bf4aba13bc9089329a7a4d58c215d935cc05967a35908e
SHA512 b75137b55dadc9ad166383d464f20cc81effefc6ffd10fdfb7c00d819cf75a35b4c6af0846a4293d7f9316fd1ca3afbdcd15572881631bd9b37c35f2c98b41bb

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\qzr7kws6.default-release\cache2\doomed\24528

MD5 ba63c380d42543ee6226b4d9251a3851
SHA1 563515220755ff2b8194a40cb8757208fdea9e20
SHA256 8676eae7a9bc95fd4cc27d1643d675f3e5e1f201c54660d22d95cbd744ca2473
SHA512 91f624ee6479cbb5444a0ba78fc34fd8d64902579c0036662c68ff51751b3bfd3b3254ac56f9588aa6d07fb49b3bf8e237a30a918e581ec52cd7140e0051e476

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\qzr7kws6.default-release\cache2\doomed\11465

MD5 f08af3a0ce757b85223eef4e02ffb4a8
SHA1 ea45b521421b17d23f795fbe680aebd3511664c6
SHA256 bd86d4f10286644879a2236ca41eacff28aac9a463ec661c4ebbd23fcd0239b1
SHA512 f5ba9caab1a224a50b36209946936ddb1b9bb1d0d4be8850d0b86c88eb78e39c6a638a9b6b56d928cf36c04ea49b060468a9dd4d846fc9e2d5071c03c2330cd9

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\qzr7kws6.default-release\cache2\doomed\17154

MD5 2426c281d49fd36b4dc4210139cf369a
SHA1 5b6509a38e13069051a12d57124da727befe278f
SHA256 edbbfd233479289bffbdad7d0215d137103580b2ed440c69658a2cb05ab16bad
SHA512 a31cf9a14f5b7043a53014b900b12a5f8e33ac1c1cfe2699ce69ff80483d6c12790067b01fe4030cc5d42a05be18fd89d7b39cf12c58c3b76fa113ba318efea9

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\qzr7kws6.default-release\cache2\doomed\11017

MD5 af6cdb19841444ca55ce2753a189b321
SHA1 a57177573da5fca3e12d4915b3fd17a5c6bc553b
SHA256 b29304b1ad1bc17984e53715fe00702e03ffb265f7c6a87b561113e225d712f4
SHA512 d8cd237b06854727cd57f7f7eb8f36ee31f81e465e9473d572932060602460de702d1c4f9828b393c7b8f929ae3bc94e6af0b166d7d4e10666118d643f6eb722

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qzr7kws6.default-release\datareporting\glean\db\data.safe.bin

MD5 1c3c58f7838dde7f753614d170f110fc
SHA1 c17e5a486cecaddd6ced7217d298306850a87f48
SHA256 81c14432135b2a50dc505904e87781864ca561efef9e94baeca3704d04e6db3d
SHA512 9f6e9bcb0bba9e2ce3d7dabe03b061e3fda3f6d7b0249ecf4dbc145dc78844386d047ee2ac95656a025ef808cd0fc451204dc98a1981cf2729091761661a3b49

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qzr7kws6.default-release\sessionstore-backups\recovery.jsonlz4

MD5 8a056bd0ab3200ecf4f42fe811c7a7f2
SHA1 1a7ef7857cff596526bc3c69fdb0dbd6526530d7
SHA256 a92d98ee53cb20406eeb77aa0bde084c23e89408a507a764a51cd8ddb2ae1e43
SHA512 0f5f8afbdb119e449608d8c99fb76427bdaa82aef129c26bf05d82ec2919d6fcc27e6d09f73a21da101a780eef64e186618eaa1da3b27df972979854848f882d

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qzr7kws6.default-release\sessionstore-backups\recovery.jsonlz4

MD5 c2365bee9205bf320a512a5c6c46e279
SHA1 44143c7a1d399260b69bf987fe854ee7b2f17365
SHA256 2baee131e82edf4f3a100735a199135e2791b0eaa05006c4fb7d03ff41c225f8
SHA512 a1597ea367c6f6a25c79c4bbb9a4e70ffb724fe4d10981eaa6153483fbf83a3015c0ddf09c862528377d707e291b25f64a5c4150bae60d9117dfb49efaeb0b29

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms

MD5 ca3960775e67cc2efb9477537bfea883
SHA1 7201493778775603749545b7f56552bf22249c29
SHA256 07f893f775d011acf9a2702546227ba21fac6b5909946ec57e72c2a620488f69
SHA512 0dae9a975ec429fe96742e6afcb48b6f17c2599b0ae48adb08ed69ab6cbd7d24befdb6879fbd5687ae06428c61b51205610824889ceac4611072cffd33dc1618

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms

MD5 4d05315154beca664990615f76766c2e
SHA1 5317ea037a0a9e1b0388f1affe89d50c490a45d7
SHA256 5145a2f5d51cc5f5ac38e0dbf20108fa3cb50e2e07a86fbd34a6ac17a120c244
SHA512 1ebb4777e7aa002428ac494574c7035122028848a45cfe7f03617e928111db1df07f825ff1c7d3c00540fc49e7bc522670daf8580644bc50849ba397073ee064

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qzr7kws6.default-release\sessionstore-backups\recovery.jsonlz4

MD5 65846d700b4c55135fad2e6335ac3ddf
SHA1 cdc7635a3a1fb1a391a4c01646d1925504760897
SHA256 c18fd0627a1ff943172284c6636cf1bd3c5e03c0517fedc74bb56bcaa012825f
SHA512 cbc17bb56f15809f99ec29b792dafa4ffb4944b832c3c407c01d5e8ec29080bc9d6a05ddf1108f833dc12ad93d144107f034d514ac3ed5f58f4f49c4d3fa349b

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\qzr7kws6.default-release\cache2\entries\2E72DF0140180A9469E5CB353300B5BAA73A8D1F

MD5 1fcde165f8a72ecdc200d83409c7b779
SHA1 26eedb61c82c18cbdcdfcd840c0ca891413640eb
SHA256 345cab4bf5a3b8627205a841bf0148516b3b44a36721e1a7c44c31811491fbb7
SHA512 6d260675171c4fcbfeb06a7baec20f001221ab1211b4cabd49ec7d31d4ba495b96401d8d1b5f752fc8019b23ce918b9f9d0faee4aceb04aff814d883a6c9b5c9

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qzr7kws6.default-release\sessionstore-backups\recovery.jsonlz4

MD5 2c9a835bc047bc9fd60efe17fb07a9e2
SHA1 4a65e97b8a33227f93fee767216f80b2b4c7b676
SHA256 9c653b2f106467eb633c67778f7ef720c7f3a842b2eb4f5e58e6feda542ed6b5
SHA512 1a3494a7d49d16c2c6a8e0c2bc1026d4034880fe376aad233dcd519aa8fb4c2409ae9504f346dfcb86291962a41c95427ed497d63214440971ed7974ede6336e

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\qzr7kws6.default-release\cache2\doomed\26491

MD5 27579d3591883769c7d019d8ad577776
SHA1 f52598627651d7e198041928d3338bf6254e6a3e
SHA256 051c332010071a1e6b80432afbc00e952c342e784fd2e92e137eb02d702e03e1
SHA512 3c555d4372b0ab7603208012c01893ba4959256c71ae1bd31500f56f37e9d5ffae8c4253bd68becd208090d22682f1409b8fbabff2cf400594f52609276c4a6e

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qzr7kws6.default-release\sessionstore-backups\recovery.jsonlz4

MD5 d1c39bc84bd7c184ee1b9c82bd8241df
SHA1 0c3379c9a412ab72bf6f205a42e5015488986331
SHA256 95e6ce85923c613fa00f3ca0bfb485a63a39174d6886d2b58c0db75ddfe131d7
SHA512 9c3db1eb87c5abe1ef97bdee4c18913a4475ad0850bdcb8244067f3afd63a6781789193f4c8ce48730b3a7b1d7beec1c9b21c4c7634d19ca701abb114c372a31