Analysis Overview
SHA256
7592ddc11fa1d71c84929ee644b536e7efa7d34f9de87d72be227c6afcda9ea6
Threat Level: Shows suspicious behavior
The file cd57e4c171d6e8f5ea8b8f824a6a7316 (1).zip was found to be: Shows suspicious behavior.
Malicious Activity Summary
Themida packer
Command and Scripting Interpreter: JavaScript
Unsigned PE
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Enumerates system info in registry
Modifies data under HKEY_USERS
Suspicious use of AdjustPrivilegeToken
Suspicious use of WriteProcessMemory
Suspicious behavior: EnumeratesProcesses
Suspicious use of SendNotifyMessage
Uses Task Scheduler COM API
Modifies registry class
Checks processor information in registry
Suspicious use of SetWindowsHookEx
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-11 16:10
Signatures
Themida packer
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Analysis: behavioral20
Detonation Overview
Submitted
2024-06-11 16:10
Reported
2024-06-11 16:40
Platform
win10-20240404-en
Max time kernel
315s
Max time network
1597s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Monaco\fileaccess\node_modules\finalhandler\index.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 10.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.205.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.83.221.88.in-addr.arpa | udp |
Files
Analysis: behavioral25
Detonation Overview
Submitted
2024-06-11 16:10
Reported
2024-06-11 16:42
Platform
win10-20240404-en
Max time kernel
315s
Max time network
1592s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Monaco\fileaccess\node_modules\function-bind\index.js
Network
| Country | Destination | Domain | Proto |
| US | 52.111.227.11:443 | tcp | |
| US | 8.8.8.8:53 | 21.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.73.42.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 114.83.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 129.83.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 159.113.53.23.in-addr.arpa | udp |
Files
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-11 16:10
Reported
2024-06-11 16:40
Platform
win10-20240404-en
Max time kernel
314s
Max time network
1609s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Monaco\fileaccess\node_modules\cookie-signature\index.js
Network
| Country | Destination | Domain | Proto |
| US | 52.111.227.14:443 | tcp | |
| US | 8.8.8.8:53 | 22.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 170.117.168.52.in-addr.arpa | udp |
Files
Analysis: behavioral19
Detonation Overview
Submitted
2024-06-11 16:10
Reported
2024-06-11 16:41
Platform
win10-20240404-en
Max time kernel
361s
Max time network
1612s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Monaco\fileaccess\node_modules\finalhandler\README.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 5.173.189.20.in-addr.arpa | udp |
Files
Analysis: behavioral6
Detonation Overview
Submitted
2024-06-11 16:10
Reported
2024-06-11 16:41
Platform
win10-20240404-en
Max time kernel
519s
Max time network
1598s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Monaco\fileaccess\node_modules\debug\karma.conf.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 13.179.89.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| NL | 52.142.223.178:80 | tcp | |
| US | 8.8.8.8:53 | 159.113.53.23.in-addr.arpa | udp |
Files
Analysis: behavioral3
Detonation Overview
Submitted
2024-06-11 16:10
Reported
2024-06-11 16:40
Platform
win10-20240404-en
Max time kernel
315s
Max time network
1608s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Monaco\fileaccess\node_modules\cookie\README.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 13.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.58.20.217.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.83.221.88.in-addr.arpa | udp |
Files
Analysis: behavioral4
Detonation Overview
Submitted
2024-06-11 16:10
Reported
2024-06-11 16:40
Platform
win10-20240404-en
Max time kernel
315s
Max time network
1597s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Monaco\fileaccess\node_modules\cookie\index.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.0.8.0.8.0.8.0.ip6.arpa | udp |
| US | 8.8.8.8:53 | 14.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.83.221.88.in-addr.arpa | udp |
Files
Analysis: behavioral15
Detonation Overview
Submitted
2024-06-11 16:10
Reported
2024-06-11 16:41
Platform
win10-20240404-en
Max time kernel
615s
Max time network
1589s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Monaco\fileaccess\node_modules\es-errors\index.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 11.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 114.83.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.58.20.217.in-addr.arpa | udp |
| NL | 52.142.223.178:80 | tcp | |
| US | 8.8.8.8:53 | 159.113.53.23.in-addr.arpa | udp |
Files
Analysis: behavioral18
Detonation Overview
Submitted
2024-06-11 16:10
Reported
2024-06-11 16:40
Platform
win10-20240404-en
Max time kernel
615s
Max time network
1587s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Monaco\fileaccess\node_modules\express\lib\utils.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 13.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.179.89.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.83.221.88.in-addr.arpa | udp |
| NL | 52.142.223.178:80 | tcp | |
| US | 8.8.8.8:53 | 159.113.53.23.in-addr.arpa | udp |
Files
Analysis: behavioral21
Detonation Overview
Submitted
2024-06-11 16:10
Reported
2024-06-11 16:40
Platform
win10-20240404-en
Max time kernel
494s
Max time network
1597s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Monaco\fileaccess\node_modules\forwarded\README.js
Network
| Country | Destination | Domain | Proto |
| US | 52.111.229.48:443 | tcp | |
| US | 8.8.8.8:53 | 13.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.73.42.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.58.20.217.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| NL | 52.142.223.178:80 | tcp | |
| US | 8.8.8.8:53 | 159.113.53.23.in-addr.arpa | udp |
Files
Analysis: behavioral27
Detonation Overview
Submitted
2024-06-11 16:10
Reported
2024-06-11 16:43
Platform
win10-20240404-en
Max time kernel
615s
Max time network
1576s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Monaco\fileaccess\node_modules\get-intrinsic\README.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 30.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 30.73.42.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.83.221.88.in-addr.arpa | udp |
| US | 138.91.171.81:80 | tcp | |
| US | 8.8.8.8:53 | 144.245.53.23.in-addr.arpa | udp |
Files
Analysis: behavioral30
Detonation Overview
Submitted
2024-06-11 16:10
Reported
2024-06-11 16:46
Platform
win10-20240404-en
Max time kernel
612s
Max time network
1590s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Monaco\fileaccess\node_modules\gopd\README.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 22.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 114.83.221.88.in-addr.arpa | udp |
| NL | 52.142.223.178:80 | tcp | |
| US | 8.8.8.8:53 | 159.113.53.23.in-addr.arpa | udp |
Files
Analysis: behavioral7
Detonation Overview
Submitted
2024-06-11 16:10
Reported
2024-06-11 16:40
Platform
win10-20240404-en
Max time kernel
315s
Max time network
1597s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Monaco\fileaccess\node_modules\debug\node.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 11.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.179.89.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.83.221.88.in-addr.arpa | udp |
Files
Analysis: behavioral11
Detonation Overview
Submitted
2024-06-11 16:10
Reported
2024-06-11 16:40
Platform
win10-20240404-en
Max time kernel
392s
Max time network
1593s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Monaco\fileaccess\node_modules\debug\src\inspector-log.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 159.113.53.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.117.168.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.56.20.217.in-addr.arpa | udp |
Files
Analysis: behavioral24
Detonation Overview
Submitted
2024-06-11 16:10
Reported
2024-06-11 16:42
Platform
win10-20240404-en
Max time kernel
315s
Max time network
1596s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Monaco\fileaccess\node_modules\function-bind\implementation.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 13.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 199.111.78.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
Files
Analysis: behavioral10
Detonation Overview
Submitted
2024-06-11 16:10
Reported
2024-06-11 16:41
Platform
win10-20240404-en
Max time kernel
312s
Max time network
1587s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Monaco\fileaccess\node_modules\debug\src\index.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 17.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
Files
Analysis: behavioral22
Detonation Overview
Submitted
2024-06-11 16:10
Reported
2024-06-11 16:40
Platform
win10-20240404-en
Max time kernel
314s
Max time network
1588s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Monaco\fileaccess\node_modules\fresh\README.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 164.189.21.2.in-addr.arpa | udp |
| US | 20.231.121.79:80 | tcp | |
| US | 8.8.8.8:53 | 11.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.173.189.20.in-addr.arpa | udp |
Files
Analysis: behavioral26
Detonation Overview
Submitted
2024-06-11 16:10
Reported
2024-06-11 16:43
Platform
win10-20240404-en
Max time kernel
375s
Max time network
1586s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Monaco\fileaccess\node_modules\function-bind\test\index.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 29.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.179.89.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 145.83.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 160.83.221.88.in-addr.arpa | udp |
Files
Analysis: behavioral31
Detonation Overview
Submitted
2024-06-11 16:10
Reported
2024-06-11 16:51
Platform
win10-20240404-en
Max time kernel
311s
Max time network
1592s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Monaco\fileaccess\node_modules\gopd\index.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 30.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.16.208.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 114.83.221.88.in-addr.arpa | udp |
Files
Analysis: behavioral9
Detonation Overview
Submitted
2024-06-11 16:10
Reported
2024-06-11 16:41
Platform
win10-20240404-en
Max time kernel
520s
Max time network
1609s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Monaco\fileaccess\node_modules\debug\src\debug.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 13.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.83.221.88.in-addr.arpa | udp |
| US | 138.91.171.81:80 | tcp | |
| US | 8.8.8.8:53 | 159.113.53.23.in-addr.arpa | udp |
Files
Analysis: behavioral23
Detonation Overview
Submitted
2024-06-11 16:10
Reported
2024-06-11 16:40
Platform
win10-20240404-en
Max time kernel
315s
Max time network
1606s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Monaco\fileaccess\node_modules\fresh\index.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 22.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 114.83.221.88.in-addr.arpa | udp |
Files
Analysis: behavioral17
Detonation Overview
Submitted
2024-06-11 16:10
Reported
2024-06-11 16:41
Platform
win10-20240404-en
Max time kernel
516s
Max time network
1597s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Monaco\fileaccess\node_modules\express\lib\router\layer.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 31.73.42.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| NL | 52.142.223.178:80 | tcp | |
| US | 8.8.8.8:53 | 159.113.53.23.in-addr.arpa | udp |
Files
Analysis: behavioral14
Detonation Overview
Submitted
2024-06-11 16:10
Reported
2024-06-11 16:40
Platform
win10-20240404-en
Max time kernel
315s
Max time network
1588s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Monaco\fileaccess\node_modules\es-errors\eval.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.0.8.0.8.0.8.0.ip6.arpa | udp |
| US | 8.8.8.8:53 | 22.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.143.109.104.in-addr.arpa | udp |
Files
Analysis: behavioral13
Detonation Overview
Submitted
2024-06-11 16:10
Reported
2024-06-11 16:40
Platform
win10-20240404-en
Max time kernel
315s
Max time network
1597s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Monaco\fileaccess\node_modules\es-define-property\index.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 22.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.83.221.88.in-addr.arpa | udp |
Files
Analysis: behavioral16
Detonation Overview
Submitted
2024-06-11 16:10
Reported
2024-06-11 16:40
Platform
win10-20240404-en
Max time kernel
314s
Max time network
1588s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Monaco\fileaccess\node_modules\express\lib\response.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 13.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 145.83.221.88.in-addr.arpa | udp |
Files
Analysis: behavioral28
Detonation Overview
Submitted
2024-06-11 16:10
Reported
2024-06-11 16:43
Platform
win10-20240404-en
Max time kernel
614s
Max time network
1608s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Monaco\fileaccess\node_modules\get-intrinsic\index.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 114.83.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| NL | 52.142.223.178:80 | tcp | |
| US | 8.8.8.8:53 | 159.185.200.23.in-addr.arpa | udp |
Files
Analysis: behavioral5
Detonation Overview
Submitted
2024-06-11 16:10
Reported
2024-06-11 16:41
Platform
win10-20240404-en
Max time kernel
614s
Max time network
1584s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Monaco\fileaccess\node_modules\debug\README.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 30.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 105.83.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.58.20.217.in-addr.arpa | udp |
| NL | 52.142.223.178:80 | tcp | |
| US | 8.8.8.8:53 | 159.113.53.23.in-addr.arpa | udp |
Files
Analysis: behavioral8
Detonation Overview
Submitted
2024-06-11 16:10
Reported
2024-06-11 16:40
Platform
win10-20240404-en
Max time kernel
615s
Max time network
1587s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Monaco\fileaccess\node_modules\debug\src\browser.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 30.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.58.20.217.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.178.89.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 138.91.171.81:80 | tcp | |
| US | 8.8.8.8:53 | 159.113.53.23.in-addr.arpa | udp |
Files
Analysis: behavioral29
Detonation Overview
Submitted
2024-06-11 16:10
Reported
2024-06-11 16:45
Platform
win10-20240404-en
Max time kernel
314s
Max time network
1575s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Monaco\fileaccess\node_modules\get-intrinsic\test\GetIntrinsic.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 13.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.246.116.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 129.83.221.88.in-addr.arpa | udp |
Files
Analysis: behavioral32
Detonation Overview
Submitted
2024-06-11 16:10
Reported
2024-06-11 16:52
Platform
win10-20240404-en
Max time kernel
315s
Max time network
1596s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Monaco\fileaccess\node_modules\gopd\test\index.js
Network
| Country | Destination | Domain | Proto |
| US | 20.231.121.79:80 | tcp | |
| US | 8.8.8.8:53 | 29.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 129.83.221.88.in-addr.arpa | udp |
Files
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-11 16:10
Reported
2024-06-11 16:13
Platform
win10-20240404-en
Max time kernel
155s
Max time network
164s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133625958900688822" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Monaco\fileaccess\node_modules\cookie-signature\Readme.js
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4524.0.236406121\2002370401" -parentBuildID 20221007134813 -prefsHandle 1688 -prefMapHandle 1680 -prefsLen 20747 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f498cad7-a1af-4425-b02f-469b4875dee2} 4524 "\\.\pipe\gecko-crash-server-pipe.4524" 1764 203910f2858 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4524.1.473683420\659185227" -parentBuildID 20221007134813 -prefsHandle 2092 -prefMapHandle 2088 -prefsLen 20828 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {73a06817-98a1-41b6-b79e-5c39b4986a91} 4524 "\\.\pipe\gecko-crash-server-pipe.4524" 2104 20390c3f558 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4524.2.1676705127\533937876" -childID 1 -isForBrowser -prefsHandle 2752 -prefMapHandle 2876 -prefsLen 20931 -prefMapSize 233444 -jsInitHandle 1360 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f62a385b-a9c6-4ebc-827f-dc72323c9849} 4524 "\\.\pipe\gecko-crash-server-pipe.4524" 2852 2039105fc58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4524.3.1691752130\1701594332" -childID 2 -isForBrowser -prefsHandle 3412 -prefMapHandle 3408 -prefsLen 26109 -prefMapSize 233444 -jsInitHandle 1360 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {05d15e1c-83db-411e-ba36-0b325b18fd08} 4524 "\\.\pipe\gecko-crash-server-pipe.4524" 3040 203959e2758 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4524.4.871750985\1024436402" -childID 3 -isForBrowser -prefsHandle 4372 -prefMapHandle 4368 -prefsLen 26168 -prefMapSize 233444 -jsInitHandle 1360 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {18016522-a3fc-4cd1-818f-4965afc8cffb} 4524 "\\.\pipe\gecko-crash-server-pipe.4524" 4380 20396ebee58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4524.5.789138903\952546391" -childID 4 -isForBrowser -prefsHandle 4820 -prefMapHandle 4252 -prefsLen 26249 -prefMapSize 233444 -jsInitHandle 1360 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {7d8385b8-2723-4483-b6c8-ad5c81cf28f2} 4524 "\\.\pipe\gecko-crash-server-pipe.4524" 4816 2039755f758 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4524.6.1354073028\2109813763" -childID 5 -isForBrowser -prefsHandle 5084 -prefMapHandle 5088 -prefsLen 26249 -prefMapSize 233444 -jsInitHandle 1360 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f68709c6-e4d1-48b5-92e3-e8e74494becd} 4524 "\\.\pipe\gecko-crash-server-pipe.4524" 5072 20397a21b58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4524.7.1514558905\992730528" -childID 6 -isForBrowser -prefsHandle 5264 -prefMapHandle 5268 -prefsLen 26249 -prefMapSize 233444 -jsInitHandle 1360 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1b34ee96-c34e-4b75-b0d2-44cab88673e2} 4524 "\\.\pipe\gecko-crash-server-pipe.4524" 5256 20397a24558 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4524.8.564423217\1132474225" -childID 7 -isForBrowser -prefsHandle 1568 -prefMapHandle 5288 -prefsLen 26328 -prefMapSize 233444 -jsInitHandle 1360 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {775f6fb5-8d7f-456a-8df5-afb84ef20875} 4524 "\\.\pipe\gecko-crash-server-pipe.4524" 4736 20398b9f158 tab
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7fff9dbf9758,0x7fff9dbf9768,0x7fff9dbf9778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1604 --field-trial-handle=1848,i,4194181109051045781,4116013580477010792,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1784 --field-trial-handle=1848,i,4194181109051045781,4116013580477010792,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2068 --field-trial-handle=1848,i,4194181109051045781,4116013580477010792,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2828 --field-trial-handle=1848,i,4194181109051045781,4116013580477010792,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2852 --field-trial-handle=1848,i,4194181109051045781,4116013580477010792,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4436 --field-trial-handle=1848,i,4194181109051045781,4116013580477010792,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4568 --field-trial-handle=1848,i,4194181109051045781,4116013580477010792,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4440 --field-trial-handle=1848,i,4194181109051045781,4116013580477010792,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4684 --field-trial-handle=1848,i,4194181109051045781,4116013580477010792,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4808 --field-trial-handle=1848,i,4194181109051045781,4116013580477010792,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4832 --field-trial-handle=1848,i,4194181109051045781,4116013580477010792,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe" --reenable-autoupdates --system-level
C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x254,0x258,0x25c,0x230,0x260,0x7ff613bf7688,0x7ff613bf7698,0x7ff613bf76a8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4572 --field-trial-handle=1848,i,4194181109051045781,4116013580477010792,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4776 --field-trial-handle=1848,i,4194181109051045781,4116013580477010792,131072 /prefetch:8
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4976.0.157199174\897393447" -parentBuildID 20221007134813 -prefsHandle 1732 -prefMapHandle 1724 -prefsLen 20871 -prefMapSize 233543 -appDir "C:\Program Files\Mozilla Firefox\browser" - {3a8e1c12-3097-4103-8eb8-84c0d85c3d95} 4976 "\\.\pipe\gecko-crash-server-pipe.4976" 1812 1bb546df758 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4976.1.283230432\2138558704" -parentBuildID 20221007134813 -prefsHandle 2156 -prefMapHandle 2152 -prefsLen 20952 -prefMapSize 233543 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {377885f3-b192-4ca2-b690-471858121c04} 4976 "\\.\pipe\gecko-crash-server-pipe.4976" 2168 1bb545fbf58 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4976.2.798575164\512733222" -childID 1 -isForBrowser -prefsHandle 2692 -prefMapHandle 2624 -prefsLen 21055 -prefMapSize 233543 -jsInitHandle 1308 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1d60817d-d5a8-4237-8c13-f41965ef9610} 4976 "\\.\pipe\gecko-crash-server-pipe.4976" 2876 1bb5882df58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4976.3.1683169747\1155452537" -childID 2 -isForBrowser -prefsHandle 3332 -prefMapHandle 3328 -prefsLen 26233 -prefMapSize 233543 -jsInitHandle 1308 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d06b7df8-a5a1-4e38-a541-cf638fdb8aea} 4976 "\\.\pipe\gecko-crash-server-pipe.4976" 3304 1bb49561f58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4976.4.1163728454\2146289763" -childID 3 -isForBrowser -prefsHandle 3624 -prefMapHandle 3620 -prefsLen 26233 -prefMapSize 233543 -jsInitHandle 1308 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {ce0394a8-13b6-4454-bb65-6ff641549228} 4976 "\\.\pipe\gecko-crash-server-pipe.4976" 3648 1bb58eeec58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4976.5.1114779717\1194440289" -childID 4 -isForBrowser -prefsHandle 4468 -prefMapHandle 4496 -prefsLen 26233 -prefMapSize 233543 -jsInitHandle 1308 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {22654abc-7fc5-4843-8641-8e038852f3f4} 4976 "\\.\pipe\gecko-crash-server-pipe.4976" 4472 1bb58eedd58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4976.6.735052389\1696822977" -childID 5 -isForBrowser -prefsHandle 4608 -prefMapHandle 4612 -prefsLen 26233 -prefMapSize 233543 -jsInitHandle 1308 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a4da6d02-77e3-475e-9776-41215555447e} 4976 "\\.\pipe\gecko-crash-server-pipe.4976" 4600 1bb5a821e58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4976.7.574802809\1352275466" -childID 6 -isForBrowser -prefsHandle 4864 -prefMapHandle 4868 -prefsLen 26233 -prefMapSize 233543 -jsInitHandle 1308 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b00c2b2b-ff38-4c5b-bd35-5c053bfbface} 4976 "\\.\pipe\gecko-crash-server-pipe.4976" 4860 1bb5a821858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4976.8.1548881270\1838948016" -childID 7 -isForBrowser -prefsHandle 5284 -prefMapHandle 5232 -prefsLen 26233 -prefMapSize 233543 -jsInitHandle 1308 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {31a65eb7-df1e-4eff-890f-db0bc6f3383f} 4976 "\\.\pipe\gecko-crash-server-pipe.4976" 5292 1bb5bd92058 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4976.9.112729272\550840976" -childID 8 -isForBrowser -prefsHandle 5464 -prefMapHandle 5468 -prefsLen 26233 -prefMapSize 233543 -jsInitHandle 1308 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1e096503-2447-4a82-a450-e08a0cb359e3} 4976 "\\.\pipe\gecko-crash-server-pipe.4976" 5456 1bb5bd93e58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4976.10.1743010972\967988377" -parentBuildID 20221007134813 -prefsHandle 5708 -prefMapHandle 5712 -prefsLen 26233 -prefMapSize 233543 -appDir "C:\Program Files\Mozilla Firefox\browser" - {346d6ebe-de8c-4bd4-9fce-7980080bd4c5} 4976 "\\.\pipe\gecko-crash-server-pipe.4976" 5700 1bb5c051758 rdd
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4976.11.175888036\997595343" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 5780 -prefMapHandle 5796 -prefsLen 26233 -prefMapSize 233543 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b263a049-06a6-43b7-a7a6-a702f10a263d} 4976 "\\.\pipe\gecko-crash-server-pipe.4976" 5868 1bb5c053558 utility
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4976.12.1954073989\1049771521" -childID 9 -isForBrowser -prefsHandle 3684 -prefMapHandle 3476 -prefsLen 26233 -prefMapSize 233543 -jsInitHandle 1308 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {0eb98895-ba17-4049-9b15-c0b5abb25fac} 4976 "\\.\pipe\gecko-crash-server-pipe.4976" 6168 1bb5c331f58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4976.13.609846240\1409313216" -childID 10 -isForBrowser -prefsHandle 6684 -prefMapHandle 6560 -prefsLen 26233 -prefMapSize 233543 -jsInitHandle 1308 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c5d3de60-0ef7-4e35-a222-aea31d256483} 4976 "\\.\pipe\gecko-crash-server-pipe.4976" 6700 1bb5baf8a58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4976.14.1685951529\944667769" -childID 11 -isForBrowser -prefsHandle 6392 -prefMapHandle 4196 -prefsLen 26233 -prefMapSize 233543 -jsInitHandle 1308 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f739e88f-c8a6-42a1-8024-502967dba80d} 4976 "\\.\pipe\gecko-crash-server-pipe.4976" 10536 1bb49561058 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4976.15.199439785\832004142" -childID 12 -isForBrowser -prefsHandle 6308 -prefMapHandle 4232 -prefsLen 26498 -prefMapSize 233543 -jsInitHandle 1308 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {8411afc4-97eb-4c55-814b-6b853486c415} 4976 "\\.\pipe\gecko-crash-server-pipe.4976" 4236 1bb5bcceb58 tab
Network
| Country | Destination | Domain | Proto |
| N/A | 127.0.0.1:49765 | tcp | |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | shavar.services.mozilla.com | udp |
| US | 8.8.8.8:53 | content-signature-2.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | push.services.mozilla.com | udp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 34.117.188.166:443 | contile.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 52.42.69.239:443 | shavar.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 34.160.144.191:443 | content-signature-2.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 34.149.100.209:443 | firefox.settings.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 34.107.243.93:443 | autopush.prod.mozaws.net | tcp |
| US | 34.117.188.166:443 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | 166.188.117.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 239.69.42.52.in-addr.arpa | udp |
| N/A | 127.0.0.1:49772 | tcp | |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 34.149.100.209:443 | prod.remote-settings.prod.webservices.mozgcp.net | tcp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 142.250.200.14:443 | apis.google.com | tcp |
| US | 8.8.8.8:53 | 195.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 172.217.169.46:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| GB | 142.250.187.206:443 | clients2.google.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 46.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.187.250.142.in-addr.arpa | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 216.58.201.106:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 106.201.58.216.in-addr.arpa | udp |
| N/A | 127.0.0.1:50268 | tcp | |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 34.117.188.166:443 | contile.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| N/A | 127.0.0.1:50283 | tcp | |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 172.217.16.238:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | youtube-ui.l.google.com | udp |
| US | 8.8.8.8:53 | youtube-ui.l.google.com | udp |
| GB | 172.217.16.238:443 | youtube-ui.l.google.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 172.217.16.246:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 172.217.16.246:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | 238.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 246.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 84.27.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 172.217.16.226:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 172.217.16.226:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | rr4---sn-q4fl6nzy.googlevideo.com | udp |
| US | 74.125.3.41:443 | rr4---sn-q4fl6nzy.googlevideo.com | tcp |
| US | 74.125.3.41:443 | rr4---sn-q4fl6nzy.googlevideo.com | tcp |
| US | 8.8.8.8:53 | rr4.sn-q4fl6nzy.googlevideo.com | udp |
| US | 8.8.8.8:53 | rr4.sn-q4fl6nzy.googlevideo.com | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | 226.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 41.3.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| GB | 142.250.200.3:443 | www.google.co.uk | tcp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | rr4---sn-q4fl6nzy.googlevideo.com | udp |
| GB | 142.250.200.3:443 | www.google.co.uk | udp |
| US | 74.125.3.41:443 | rr4---sn-q4fl6nzy.googlevideo.com | tcp |
| US | 74.125.3.41:443 | rr4---sn-q4fl6nzy.googlevideo.com | tcp |
| US | 8.8.8.8:53 | 3.200.250.142.in-addr.arpa | udp |
| US | 74.125.3.41:443 | rr4---sn-q4fl6nzy.googlevideo.com | tcp |
| US | 74.125.3.41:443 | rr4---sn-q4fl6nzy.googlevideo.com | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 172.217.169.42:443 | jnn-pa.googleapis.com | tcp |
| GB | 172.217.169.42:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 216.58.213.6:443 | static.doubleclick.net | udp |
| GB | 172.217.169.42:443 | jnn-pa.googleapis.com | udp |
| GB | 172.217.169.42:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 42.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 172.217.169.46:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 172.217.169.46:443 | play.google.com | tcp |
| GB | 172.217.169.46:443 | play.google.com | udp |
| US | 8.8.8.8:53 | youtube.com | udp |
| GB | 142.250.200.46:443 | youtube.com | tcp |
| US | 8.8.8.8:53 | youtube.com | udp |
| US | 8.8.8.8:53 | youtube.com | udp |
| GB | 142.250.200.46:443 | youtube.com | udp |
| US | 8.8.8.8:53 | 46.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:80 | github.com | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:80 | github.com | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | 215.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.109.199.185.in-addr.arpa | udp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 140.82.112.22:443 | collector.github.com | tcp |
| US | 8.8.8.8:53 | glb-db52c2cf8be544.github.com | udp |
| US | 8.8.8.8:53 | glb-db52c2cf8be544.github.com | udp |
| US | 8.8.8.8:53 | 22.112.82.140.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 8.8.8.8:53 | 210.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 185.199.108.133:443 | avatars.githubusercontent.com | tcp |
| US | 185.199.108.133:443 | avatars.githubusercontent.com | tcp |
| US | 185.199.108.133:443 | avatars.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 185.199.108.133:443 | avatars.githubusercontent.com | tcp |
| US | 185.199.108.133:443 | avatars.githubusercontent.com | tcp |
| US | 185.199.108.133:443 | avatars.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 8.8.8.8:53 | 133.108.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.173.189.20.in-addr.arpa | udp |
| GB | 172.217.16.238:443 | youtube-ui.l.google.com | udp |
| US | 8.8.8.8:53 | suggestqueries-clients6.youtube.com | udp |
| GB | 172.217.16.238:443 | suggestqueries-clients6.youtube.com | tcp |
| GB | 172.217.16.238:443 | suggestqueries-clients6.youtube.com | tcp |
| US | 8.8.8.8:53 | suggestqueries-clients6.youtube.com | udp |
| US | 8.8.8.8:53 | suggestqueries-clients6.youtube.com | udp |
| GB | 172.217.16.238:443 | suggestqueries-clients6.youtube.com | udp |
Files
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\datareporting\glean\pending_pings\aafd90b9-d50f-4991-97f4-1c261ed0fdd5
| MD5 | c3bbbe4d00cc4d1d9021268886136b41 |
| SHA1 | 9cc63067dd379cdf1e33ca6bcb78d70fa26ef979 |
| SHA256 | b3fb68e4dd9a7fed202a334a16c6129fff8b96dcbe19ce737c7b2e6b95084d60 |
| SHA512 | 0aa03dbbc25f7a53365aabdb987a6297709a61c1e0b35db4f8b6526f2690ef2322ab43a4701623b29124d099443ba5952f93f3194710047608ab4c72606d4f8b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\datareporting\glean\pending_pings\c5168f85-b312-42b4-8fb7-7320996f5baa
| MD5 | 26891532b4df76ba872875eaa854caeb |
| SHA1 | 5569789923432e5db9c0dd9a65e555817f1e2eb3 |
| SHA256 | 89989811df1af88a7638bc72755e5f61a6a47e50da74e8db0bbd048e06dc264e |
| SHA512 | f1a6b0f732c6138148eecfdf071219bca4e8b1be56efe0d00f10dd782c91b0560ce32f299384f8f69f3a20755d4bb798d33c727bf4f29a72e4028010194114a4 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\datareporting\glean\db\data.safe.bin
| MD5 | 5ec9f69b56f33f0ff2bac55ffe3dc22b |
| SHA1 | 04230ec64cc8bdaf358e3f9fb85ed4864d47b21f |
| SHA256 | 9cd13d69a7ddabbea060853d9a17923524184ec4b3af62b1581395e2226b2a6c |
| SHA512 | 8571ca55a833ff6617caac19c1745a17687cb28f66bb515848d026c2ee4cbe1a32911d8cf1b52c78e3e1b30e8fa1bef949137cf92744d8a1f9435f1855044440 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\prefs.js
| MD5 | 25f2fde436fbe2d3c50b23b6dfc211ca |
| SHA1 | fb48bca66d7ac6271c365ffa3ac913664529acae |
| SHA256 | a9aba6aa1be260762fef09cbf85bae4e0ed5ed80dc01a678e9dfcbfc96e8f2d0 |
| SHA512 | d10d735e285801cfaf81f8a4d972054b8f87d9568cec293d767aa0f3b4cf019504d88a4e7adfd4f04a385aecc81b3a8febbf1f76380221c05e03a1ea11707052 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | 0d0013d9708d9fef539adc917f5b87f6 |
| SHA1 | 5e071e6b4d8abf007c8bb78ee948caf5bb0439e1 |
| SHA256 | f416d29cdbaa66b7d04483831d2a593a735316fafb643414a12df78da0ab054b |
| SHA512 | 851e9965a0fed9e0f5195ce655635cf13687d18678e4a9df807ab22cbc53c02cd2006fd65d93cd80b2a06d709e59122ea9933ba5cec551c6d51f5e9b4c175388 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\prefs-1.js
| MD5 | d8644a1e832b07925cf2f10695342ab5 |
| SHA1 | 9a198b28872188d61a4a5f49c1be88ffff39b0eb |
| SHA256 | 8118fce6026086955a7e6acb8a6e7b680a7e029f7dd7041be034d1252d15f4d7 |
| SHA512 | 0709a0a6346bd8caa00df8e88c7db0311e4116c79376a8ad7d06267a82d2b8d7b39ad51d85675f54e6ae7cc31654b8f1b37136207affe4c2aba6791804c960f4 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 7e4dd0dff6cfa653d5fb0630c968109c |
| SHA1 | afdb9db789b74c2701a1ea51169046d48751ed38 |
| SHA256 | 8c318758ad00036ad90dd5999e0a0418137b3d1ceaa14c6f7ca4625cc705f38b |
| SHA512 | 69a90494f041a505b9895b1ae03eec11cf3ce432a3b5607851dbfbaf3889ac7d254f818111a591f05e6e71fe95492664c2eecd6925ed0f9baf23a4f88173e3c3 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\sessionstore.jsonlz4
| MD5 | 726d7cd32d0c82cf98ccbaf2d86373c4 |
| SHA1 | 6d9bab9563983b1b01106b1f6bdd3a04e440a42c |
| SHA256 | f4af6921a43341d132c37eb6f91d9c53805fa44ca2280857de10eb3bb8c0f5fe |
| SHA512 | ab0303d0f70790e916519b8fdcfa1da22fd15494b4030b23bb67ab1d17eb97cb4b316843e2a3eaeb2bdd6892497e2b8a2d5ae061c182be08cb11ab81dfb2c06c |
\??\pipe\crashpad_3080_SDATWZSLWSTPDBQL
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | e771aeb699b5d9fea0684fa4009af2ef |
| SHA1 | be7fe3960a9b5941d8ad3741a3bdc9e9982e98aa |
| SHA256 | b1172d2c9510dc33f7a1ab98aeab1752a233e15de5d47d0d5c7a52546ccca2af |
| SHA512 | afa5524e530ef0be44fa6301cc4a2499c7ccd5588ebff53c0288fec903a092729d41ebdbddce95c729c62024c805dc4dc5f0003c39585227cf167cedb8850412 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 55bdacc47e79708a03a048c403263428 |
| SHA1 | 0fb11c27d51db829339ebfb1c1b3c45b965f99df |
| SHA256 | b76d756c02be4bb1b67c237e64566d562c8aee6999426cc0a8894ecf7de4086c |
| SHA512 | 0bf6cd2535054ce2d8bb668c368ac205450c91829a824af1374cfd6cfc24c96603e4c0b5f7fbb0dee392a23a2318cffd73eb3226db4c3e74bf8f8ae9dd4d7f47 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000004
| MD5 | 6a16cbefd2e29c459297b7ccc8d366ad |
| SHA1 | 40da0213a9e5ea4cb6948f4a8e92b5e8b97e6cfe |
| SHA256 | 9462da5aa6e2a762b02a24b7305bac86349e5b5ea182d36fd6a163de550cde60 |
| SHA512 | 6a9de0231f9987554a20208a89c6c802d28c57ecb6f9e95771c94156b65c61ac1e18298ce6d3f0559d3a08052845cc2014dab335e119fde731d745e4857b7d74 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | d1934ce79f16ef000e60f57d651074c5 |
| SHA1 | 75c445da6aac78b4ef5f06d22462c25a5b7df695 |
| SHA256 | 5ba1b269aed097c876d7f2e61d18819a3e4162cb280d05cff0a94356aac12d88 |
| SHA512 | abcd72f5ddc101315b4803e3272bd5f4e94ff37ab84470f9690995dc456575989d9b702050c43da5acae2fc27bd091cd4bab9e0fb872583cbc3ef007ae11c503 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005
| MD5 | 1fc15b901524b92722f9ff863f892a2b |
| SHA1 | cfd0a92d2c92614684524739630a35750c0103ec |
| SHA256 | da9a1e371b04099955c3a322baee3aeee1962c8b8dabe559703a7c2699968ef4 |
| SHA512 | 5cdc691e1be0d28c30819c0245b292d914f0a5beaed3f4fc42ac67ba22834808d66a0bfc663d625274631957c9b7760ada4088309b5941786c794edad1329c75 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | ca2db8fea59aa7767a22f46455f3bb68 |
| SHA1 | 840208b6097072619147c9e5bb8d8f702c3bc928 |
| SHA256 | 05ece71f61e50570a7a866ca0eb040fa4be09a5a7291fb6746f4885811d42171 |
| SHA512 | df17721f32708aac3666e401c1d576627ab8e69401061a88fb85957d682c7ea6c684acf289fdf27e60ec9d695334b15c3885800fd1cb9343e8af56fd96951f11 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b96e06a7fee4e010a29b208d99208dbb |
| SHA1 | 69a1de3ac2f2a436cb6a3d637ab5bf11800a641e |
| SHA256 | 4e54fc5f2676a6f98206e8c981ae1c01157aa8806dfc48a926a061f717591006 |
| SHA512 | 522d89d159d96d52fe75046d667f8867b57be3edadf802e6519a5bc077db8ae397ad7daa9df276deefee89bafffea57291a6616cff5c4966e1060aaa606d74ea |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | aedd008e996da0ef982342e5615ab689 |
| SHA1 | f28d9a8828303ea77acf5454ec8f1007b4fb7c1d |
| SHA256 | 0134ca9360b6f66e402c7d5e49e1c1f3fa54b7b75a52549d8a34d133edb91884 |
| SHA512 | 6af9d3f2c253e310807eecf86ef42a386cd7b8ebc7c927f10fb481e12252ae295362ef4d8bb3efdd41b463296662215d31ed576421388440f9d0be31636c0817 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | aa527784788fbf5bfd1da7d25c38e78f |
| SHA1 | 377b40f6340b642528c500cd9f95fa1d07255cb5 |
| SHA256 | 7afcbe9956beb21f2b393e1e652268fbbfa3600ed4af6ad8ec886b7244323afc |
| SHA512 | 89dc655956d11540435ddfa282bd4255c646e84e1581e11f108bab77703f076acb40efbdc9b427772b659c8c04f78b53719a10a05e1f517f7bb555f012e6df2e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 13c71b7d5e72dd519f679ba45af0426c |
| SHA1 | 4248a0b6eaf3e8bdcf9a0cd6d83abd13faf54a3b |
| SHA256 | b2cfa4629773b11590307c3c33e497f5e58c785dda7e662e2ffde08430dd199a |
| SHA512 | 2464e6bd96b26235c61ab1cdbfd2d27dd604787b11b2f4cd202fa1c15e21cccbed32b4bdac886abbe79b40178c696e8789d27ff6a6b1491537e37e6c14eeee97 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | c53028480814fa2d54930537c63b07d5 |
| SHA1 | 00266fce10a6e82addc98aec1f563ad7b662bc33 |
| SHA256 | dbd00998277bcbfd1aabedabc94e9c0ed1b946799825b1d2778ffc9190eae401 |
| SHA512 | a17e65745cbd03428c94e293074feaac70900d4c02857b9ac7f1f041eb691b072c081fefed7c6dbb2e2e6f96b7614e56cdf7e7b0d2e649d54afc2ae3c5570f5b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1
| MD5 | ecb777b1758cec81d58c388cfc5fc0b7 |
| SHA1 | 0ad579f4ab3c633788495311df9efcf153d79d2a |
| SHA256 | e5e86231b377bff02a8d22f412102b4bdba09cf2516ed27698dc65887a8e2760 |
| SHA512 | a86fb612085556c9d22e7691efb47039cded0e363a76bb0261a30bca8bccecd9d6cc28dcbdc780db65010c4142122b3c944103384c54afe9d629565641eeb773 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\prefs.js
| MD5 | 7f4db298de535798276333a034c8fc78 |
| SHA1 | 6149c247401488964c0068be2b9d27e35c0b3098 |
| SHA256 | 91d39ce9746664abb725e8426a213c9b5b1dab03fc39ae82fb2e9878dd95fc40 |
| SHA512 | aac40b7485afd9520b0f272d662d0336dad6b46eb8c6a5c8353825a11348cfcbce26f3935bd52614cd1c151629078e59e5bcac531f80dbf0a077c133af57a595 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\addonStartup.json.lz4
| MD5 | c50432940b22108ca8696728f0576492 |
| SHA1 | 7231e99b36152013757d372cff7f0699bb63ced7 |
| SHA256 | 45d9643f0c530e4190136f7bb1a59b8c39042a79503217d31c292bca4b64a595 |
| SHA512 | 2cdaad9d449605c4d394efd089149ae5681494aad3376b833825d56df8c661b43b0caaf7edee87868552e41f4dc01d6bef0f5a89abcaba4a57a9ce16def320a0 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\startupCache\scriptCache.bin
| MD5 | f0832224967733af8f5b9beb0daef776 |
| SHA1 | 8efc7c92fb7bf2e0e33a718a8d6f2b34bc44f2ae |
| SHA256 | ecd1224278eec0e3ae4faf1a03e01716c28891873057afdd840424ecee333677 |
| SHA512 | 3460ccb889d72b7aac5f9904fe05f1616d482742ee3281eb6edf12af5f728a4c3b49ddea405bb5e845c5accd4b33980863380ed7db46d063057ad7dee0ff0108 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\xulstore.json
| MD5 | 05e1ddb4298be4c948c3ae839859c3e9 |
| SHA1 | ea9195602eeed8d06644026809e07b3ad29335e5 |
| SHA256 | 1c2c5d5211674c3c8473e0589085499471399e53e9a85d7dd3b075fef6cbb6be |
| SHA512 | 3177b48cd0c877821419d7e5eb247a4c899bc37258994f22257ceaafefb316e6f5959faae02e380e432d7752f0218d45d56d6878c1e751d201d9fdb3ff98612e |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\startupCache\urlCache.bin
| MD5 | 1545a3e921a3098b76cf6cadccc4ae35 |
| SHA1 | 1d67d3f30d70cc8f630fa7efc31bc55e54e56665 |
| SHA256 | 19984a956bb9091780a609c5bfea2a29c9dcee058ca32ae715392eef6debc027 |
| SHA512 | fa364733cf0fa48126ae3b37cafc72b19bc7b8506cedf94f77fff3883de620b5f3402933a1cbbb26abc0ca18651000db882bc4b2c21417bda9c14c4929811ce8 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\cookies.sqlite
| MD5 | d83ecd75f614497bed2baf833f1c909b |
| SHA1 | 84ee73dc63fc668036ebe8dfa732b6886892ab16 |
| SHA256 | 1a56610d07a627b001fd86f5d63026ffe859eb8fb34dc1a75f842579a0d43727 |
| SHA512 | 5fc4c26f1f7317835bffe2f5c3407f5a33759a9faffb3f2e33bf9ce69df28859e99fb2f63879a7f8335bbb066622d7d8e8f8e5115f11de7cebec5db310bb9e38 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\sessionCheckpoints.json
| MD5 | 6b77a9f779399e95d1cee931a2c8f8ff |
| SHA1 | 826efd4feb0d50fcce5696111af7c811b81adcd9 |
| SHA256 | 3a0285c8233ef0324b269f7291094e19fd9b77259f9419861ad796f7e9c979f3 |
| SHA512 | ef537c75fab8e86483ac03cc0d2feaf41575e35f54b95669a26bf6dfbf58021dc9a5bbe54d9537b55da3fbb0e0262adf6c5efd4394faaec81a31604533afec4f |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\sessionCheckpoints.json.tmp
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\permissions.sqlite
| MD5 | eb1860cb81520e104adba7e6ad5a1dda |
| SHA1 | 0184e7720d110c92ee763c69893d7f09771bff7b |
| SHA256 | 058d2e3c8a83cbba205a24f36df4df29597883374d1131375cc1dbe064d89d88 |
| SHA512 | d5067e86189c87d7cf4bb785a42336f818b6d0dcafc26e5a512a5083546f9197ee741bfeadfdf5994b960f49040990ebb9b0271ccfbf688775da5957ce6fb760 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\storage.sqlite
| MD5 | 5cc285e58a5f7b6d4685d59ab78bb880 |
| SHA1 | 146430ea2e5666f9d20dfcba7468004b3581e102 |
| SHA256 | 67d8a55e09f240048f94832d64e3d00e0392fdac7729f15b037e3be2710c8808 |
| SHA512 | 9fdd49ece80a2afa08267c8b53a92a60421c1730e67894cad2a5f120e83c526fd506ba865ee5d58adc52134c48928ce62261e227df8906f7fa2ddd41ce542f78 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\sessionCheckpoints.json.tmp
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\favicons.sqlite
| MD5 | 669dfda29691bf4aa1bec0184b006b15 |
| SHA1 | 0d2bb03c931e91c469d65c276ee7c23a37df4258 |
| SHA256 | 7b4a80dd62f3bdd70219d3db0dba79b2036ea3298ac44abf3313211643b9932f |
| SHA512 | d3118d83a2103f240ddf0e692efbb01031429c96170b9cde96f2aad42897fc125c488b1a27c031d445a4443f9fdda111e9a90668d007d5187f6b7170cadd7638 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\places.sqlite
| MD5 | b153d42426b20c91f5b6d720fb3552ce |
| SHA1 | 7446725d735ea152fa9290f408e9325cd4413e90 |
| SHA256 | 36278be0e2f9a5d996c2a93075cdd68f78cb73efa08c766fe4cacea93a233759 |
| SHA512 | bd3363e7917229ad64e94280bea84030062a55a8ad9922218124032fb9baf7e36ea215b99d79d7fe2a5967cd85b178fac7c1dde2a713715c217e1e793229e7f0 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite
| MD5 | 764d9e64e8432b521628dfde2b9a88bd |
| SHA1 | 8733fb7827b507131b45368331050df8c33466f5 |
| SHA256 | 4d0b45fc536fc81b278d36f593192be6bc038c81041eb572f1fb46e45dce4d64 |
| SHA512 | 572df0a151a0e1333aa14cf997213f81a446cf50a48a72bc27a67397ecde378a05a6fb929c3ac82b0773af8e6e0e0f79ece143350561f3504e01714102110b8d |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\cache2\entries\6D89348819C8881868053197CA0754F36784BF5F
| MD5 | 4c9c221a70e34667d394a9b64d97e560 |
| SHA1 | 682b463612eb927d68eb650f329d06e9737fa302 |
| SHA256 | 396dd2be1acefc7134e38572c5a2298fd5dd1179bc7f3930eb631a156e0833ff |
| SHA512 | 1708cdccbca80ff075d29c01f79821c13fbceec8bc17d91fda06be3fe77ab68415e1f1435ec74f381022ed3ec05da49c04a66efa06c0bfe0ecc09ba7512915a0 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\datareporting\glean\pending_pings\e0677a40-8a2c-4370-bf55-1fddf65473cc
| MD5 | 03ed8326710e0eb32a92b4ccfe737eac |
| SHA1 | 889a25ffea9b93dce5bdd8a44d4f14b6c2eedb92 |
| SHA256 | 09fcc03edb837c4e65f9f1f10ea81b842233024eeccdb3e38259d11e6add4ab1 |
| SHA512 | 2c200cd4fa0343f2e760a7a848c8e57a70035606682bb6e2da7f5745674dadb18e5f8e316163d5edc8d8cada7eabf9ccfca3eb6c8cc361d9dcb966f569860d69 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\datareporting\glean\pending_pings\69ee786e-a5a4-43d2-b200-2196e0d844ed
| MD5 | 7c772fd2354e14ea2104754d6b5eb759 |
| SHA1 | 6a272f381649380f4e6364522a51e785f7765c91 |
| SHA256 | 47fb1347ac51dfafb7c895b75b2bf0db6806b9f2d279d0d1796b8d8a053cf6db |
| SHA512 | 9604988b27c6a2577351ef39abfa1415985bccc46fbf246c01ca19b30c78064f3dbf9b4a3e584860db9dcc0f8b3354734ea802db631695aeea52d2210f60747e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\protections.sqlite
| MD5 | 49397db0486dc59d607907a086f40c9b |
| SHA1 | 08742ce9db9569062def08e99eea8470702feb7d |
| SHA256 | 890033ea279f13478e655150a823a5f84176d2f8f2ec3724dc61dfec775707c4 |
| SHA512 | fc8dad1ae2215cd96c41bb3e683670bb9138467677da46c19d1e58972775842a995b70123c22ea1efb659d043f5116d0c9dca422035a6646b35f81033c9f5f53 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\datareporting\glean\db\data.safe.bin
| MD5 | fbbf45b0fe74e8769ff2265e7e5534da |
| SHA1 | 9b0e6b8cf39fef10b9a0df04dd6e70abf3c99186 |
| SHA256 | accf6f127a7949f78987074943b3698fe3f425a0c9ceedd9e116c9ac38235dfa |
| SHA512 | 574cc8bcf810c0c2b32586f990225d9bd1af85021458cdb573c287c72a6e6634bddc97728af34cdabf8fce061edc35375720ccaa772f0aa4a6b23dd70669d657 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\datareporting\glean\events\events
| MD5 | 28aace69e246587a0154d324714db040 |
| SHA1 | 3ae8e9d4049d45c9067aa7c7769d0f1913f5fcb8 |
| SHA256 | 7b425c6a1fba189513c81136e2991d94a42b7e76e6f2140d32dc4d7e42c61aa7 |
| SHA512 | ba64893f819486c00f375dcf3ffbd6553565764a5fcb3a0f68fbe2df558b627556ee8e2d21e956833e7ad23d2e4431f9c3e5570bea8d55fad1131dd36c64b20e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\AlternateServices.txt
| MD5 | 2abe40dc040df08b054ed31fef6bac1b |
| SHA1 | 95f70c81079119e930f60d90b1609b319364e691 |
| SHA256 | 8414c30e5b0c7d5831179a8592b90d629ea407e557edd60bef79bf0564e265da |
| SHA512 | 6a14ee8533e029c10566eb2da6d7f6ffe3960ce617b2e9504b3a373bd045fc406650b0ea81c64a81d5abaea3c87a8240aaa2a7adc196058fbd4d9ce316ee7662 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\SiteSecurityServiceState.txt
| MD5 | faef0d83df02b608af1b4f960ec0eb97 |
| SHA1 | a47228871ecdea42da9b290992e4d47599b002e8 |
| SHA256 | 017bae07293ffa9b30f2ec2ddf72e49ee38a4f8b19331c7f1c58f275ed5b7fed |
| SHA512 | cb0a9afe14ca7adfa105fea660c9b15170cbde901caf57c05eee52a0b22b7e0a4da6cb461993112403e8ab218d92add8747d1bc169e3d5bff3e7981ddd245ada |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\cert9.db
| MD5 | 4af86c8ef71790581d6158df75bb5025 |
| SHA1 | 2edacf038e644006b272731479452f5c4dfe34a8 |
| SHA256 | d8973b978ba5f5695c6ea3cb55a69cc1d0ef7ef3d3d9b46cc67d819f98d136be |
| SHA512 | 56e5c225d693d600aeafaa72051dda4799bfb174d8ada2226f22d95543a16f1a5bb8ed1d50f7fface6def93f79fd1b0c4e423ba8332d977f5e2be476b0fd38d7 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | e10f14beb49ef18c63b0d034164e70ce |
| SHA1 | 90b57404a350550d27aaab79e8a3042500036fca |
| SHA256 | cd4730c544d76fca5f0ec58a9994996c7f54ceb96da58ac6b1008edfebfb0815 |
| SHA512 | b96615f3b588930813641f23a9ded347020786f436381a416c2dca87d81f9f01a078859b69a68ea5e3b2a94e9999e5777d8ad4bc995e5cb9c0f0408f78e71cf6 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\storage\default\https+++www.youtube.com\cache\morgue\244\{5974e272-8cff-480b-849e-a480828710f4}.final
| MD5 | d542da0ec6c8664f92ca911d66323c92 |
| SHA1 | f205fe7fa0c0860c791892c7c649780b937c9639 |
| SHA256 | 9f4258c0e70fdbf109322c58c6690c34700d41156cae8ddd65b2727c5109c634 |
| SHA512 | c54296930a86a478e17cec060e135c307ba09b884c5afc5c1b68adc544b50881dbbb96c01162365f2627cc2f99630fb03ddd43c196ab2eb81fe2466c00a43166 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\storage\default\https+++www.youtube.com\idb\1980619603PCe7r%sCi7s%teeendt8E.sqlite
| MD5 | e70ef2c9509b1673adb3b08ebfce1337 |
| SHA1 | 799c1bb3d5679866524a3975337114af921c8d57 |
| SHA256 | 55f16523d8ea7ebf3667a45b581c6a0f3f46106eac513d7f329cbbfc1ab7643e |
| SHA512 | b0e3c8327e128a7b9624e9d84b0643e41b96917d3d79e22d96a34987cc62d6c8d433334c2520d6732d954757a0fdc8367d4036fee5f81c9d713de58fe049a02c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\storage\default\https+++www.youtube.com\idb\3211250388sbwdpsunsohintoatciif.sqlite-wal
| MD5 | 90a0fd3f4e44f14564df365cea3df1f0 |
| SHA1 | 72630f3666d1ae4bce73f4fb6c02368775762960 |
| SHA256 | 55774d11aeab5565c1a3661733c61344fbb46c464e0ec612a4c41fc0be7fefe6 |
| SHA512 | 4ee110abec928127739cb0ecb0289fe6e757b6c386b7153a02af7c63df0cf65c170b1028e587c916180cefc2a9bab035a296a48d1f747669dd0502499bd5a12a |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\formhistory.sqlite
| MD5 | 6b843a19837bfde222476d32b74c6aca |
| SHA1 | 5fa32fe6ff0732835f5d569509845a1da6f16cf3 |
| SHA256 | 6b2332cc316d77bc7f161000bc68e752d42c1b9d396b1387fbd14a075bc8958c |
| SHA512 | eeec9d56f3d509f33f4f0d44397c06cc1826a5d12059929a33c6eeec09dbdda66b7832e98b819c2d4063d7bf8553fa9c2b30c26fdf3b8742459308a69b5fc421 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\storage\default\https+++www.google.com\.metadata-v2
| MD5 | f124d97349059ffffbf7eb4e5f0397e3 |
| SHA1 | e83bbc7998249de06d772bb04267b71e78d62653 |
| SHA256 | cccb5fda85e15273aa3fd744bce621370bbdcf316a6b457df67e81fa556156a8 |
| SHA512 | 48ebf0907a2c11272ee910401ef53df000baa5513bf437f383b056ab64608cc1b3bc2283d80dcdb493266dfc820b828a92b2183b33fda406eb767d58791faad8 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\storage\default\https+++www.google.com\ls\data.sqlite
| MD5 | 4d64999d1d02f1a9ec6140ac16ccb4e0 |
| SHA1 | 598e31e72d534104c0804bbfa67b0bf101b09e05 |
| SHA256 | f6221804afe43e885de7758946d29ab38bb95853413a6ef46e1cfbf4dd1183ff |
| SHA512 | 244a0054454ec309afc25eccd0db77bf85c8c11dfef4646adc46953b010b8366198d058976dc64d891898f9eec9274add0056495e59037e65c1e52dc7376478e |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\cache2\entries\CE30F9E7CB4E0D8AEB054228E581960CC2812E48
| MD5 | c2a703e5c7b68a92d86007d3efaff96f |
| SHA1 | 1b9bf737a03db35ba6f3fc249242231f5d2ab121 |
| SHA256 | f7309148f023539d3ebeeec788fc8ddcfc40f9a1b52dab1272ea291ca5611d93 |
| SHA512 | a1da9d10f1acc6b66177245f6e35f68bc11e5db77466491920a7aadc525bc7bd1366aabc99160bfe6114d8db13ebd04089a0f1373ffbe9833485b56a501d396b |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\cache2\entries\8540EC873F08CBAD5DF5121BD3BABF95624B4A14
| MD5 | 9f23fb9f70ce2fd22ec954f12bc365f5 |
| SHA1 | 9dc3ba58c1325302ab77ecd500d3605572cded7b |
| SHA256 | b8f29ed6c40960b7e37faa93566ca35d874c771cb11877db087547ed0c85b675 |
| SHA512 | 3330b26709efc23ff521c0daf5981c37ac630520cc335262bdc4f6abc2581c17073afa770e3f48f841853f6b587c51055b7cda1a2e144e2219bd5ce11e2aa8ab |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\cache2\entries\DB196D4F47247911C47AA62F771F7A9328ECA201
| MD5 | 6d342f61d41bc45f33d4389106858008 |
| SHA1 | 57e2a9019d95d8bb935da59d3af6d348b64ba091 |
| SHA256 | 90e61d057dd0057577e4e4b6a27da9ba9ce5424fd007f2c6ebe2e41c6405178f |
| SHA512 | 20f6be9341e23d5ae4c936aee5e7137cecda58672a4167a5ba0ed5a5d719c0369122b53df0c057b6c3f35edccba2955de87ca6ea2913ffa449fbb895a46b9ed7 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\cache2\entries\6F395F655E15B75C6A67E270B92234144C26CD8F
| MD5 | 476d56e4d4c6f1c2f07777d8d645fa52 |
| SHA1 | 1751a745e2eb35871cd910486adb0098db4c5d5e |
| SHA256 | 72938a95ce9b0a60ba7a785634bff36588ec31d410afa3124f47e50ed467666c |
| SHA512 | fbd2ca3a52996164f76bc4268d1ed4c3f432f1b0f5b40cd040ef760167f114a795cb0545b98d4f7ac5aca625fce42988ba3d3cf214d4fd5c4ede2012cd622263 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\cache2\entries\E469ED0F372A44F05D97518BB8790E844AEF57C0
| MD5 | 071f79af12f14fac0bc9bf46a878926c |
| SHA1 | 4b3e334fd134134c312aee832c20661bd4bfdd87 |
| SHA256 | 84382e5086ed23130d490176621a86ff653568dbe6c4ac1facaf232f39b2dc09 |
| SHA512 | af8a6d71826c1744c390d1085a5e71509f38c4f07fae891851485de7696d37f5f6f5529f2279f323ebc99adda3410c74e43ecda50737c2e632694608e0c729e2 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\cache2\entries\FD3C8B7B2C5FC530AE8D3FC8050677579C3D2E17
| MD5 | 987201f0e6238b8a170d1ea9f8092e0d |
| SHA1 | e27c1c18c6af244f63ceca465191de01260f314e |
| SHA256 | 5a122ac24d6979e6f694fb3ee92f1f4b3fb5dacf2ca233cf13ac4c8199bb5cb9 |
| SHA512 | 976048bae36650179e347dbd36bbffab99a30238f64132d3bd8ba0fdc25dffdcafd3e7bc515ae2922eb47991a9a54cc0d14c8bac232e395cd6633a8cad927adf |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\cache2\entries\97E21079D4338ED644D10F3CF8B6CCFD6F24DA5D
| MD5 | f246264c943a819a13e6fed7607f3743 |
| SHA1 | d40ed01b1f4d4c88293956cccd0a46ddc07cd3bd |
| SHA256 | 93431269e8baf48d9eb40ea433dfe37a757187316c5787dc0016c8c469b6655c |
| SHA512 | 94e8b2749472a242a9c7588a0e5312d9157305d43d9df1d6814f9a1d8c27adc12adc044dc92cabed5e5e4f441d63d05e7996b697498b11ae5db306ff5e36f277 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\cache2\entries\9FC8C85689D31525EACE26158B83B464F43A027B
| MD5 | 7d52bada11b47e2bbfbc37163f876f3e |
| SHA1 | 74dc4b5737c3fe2ccd9cd4e517e75642cf6b5259 |
| SHA256 | 8e87b8de8944c7287833fa52ef627be96749484687a94a3a476ce03c09568aec |
| SHA512 | 6d434797bf0e8d63cdaa806cf38793191facc8d717a80dae4fc21c637c84e2a219588c5d8ac51f409d7c10c151100df88bb1fe3bf8dd5c44ac17c6d6ab7300bd |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\cache2\entries\6F57C7ABF5AA1AEF55DA94E6D30CA3A69005F24C
| MD5 | 976cfe10be8a4b415ef7d2d6258e3ec3 |
| SHA1 | cf36b4eb8265fac235dff2a1f7316813249981d7 |
| SHA256 | 3238f63eb845a146ef631bbb4ffa89c220c054e439c45789eb7e3bb0662d7bab |
| SHA512 | 437c2fa3af760832ecfb8f9ab334c50cf886a8ca5b2eb99444650e09b734669fc7633e9d2ddad3e5231816c7394b371fac3093342433b0fd0a2b8aaaf67bfc70 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | d5f284f2e3325a0ca2cac6574fa7bf6b |
| SHA1 | 9dbccf2458a32db34ebdee7925beaf5dbdf31fa8 |
| SHA256 | 965565746ea4dde70db3e7435f6676c8a895269efec5e566741707fe4e189cce |
| SHA512 | 43711f15c6909e1ba5158d0e171b826359425a94b540cfa9d955244e09477fb6131ffac63c3e15cec64575cadbf46c9b7700aca7212427babe3224ec4c9eb39a |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\prefs-1.js
| MD5 | 7a9ca6c4bfa22fb213ac87061504326a |
| SHA1 | 13aa4c90022a9a9f7ad2edca03c8bb62db8dc3e7 |
| SHA256 | b3ecdb822084f664710d2561407f4cacec94049533cc8980f257c3111c4db6ea |
| SHA512 | df4a1c2026878c7ed8abefe8b6588198ef14163f6f3e83d0900f0c92d5acd5bfc92b0104befea4837a9ae1e8284564415dd225f48d4ae0903ee2af942201cef9 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\cache2\doomed\18279
| MD5 | da708f806c09c11bae3679ed9ef2f6d7 |
| SHA1 | 6f378e988ca123a323f804095c0467e01245d35d |
| SHA256 | ad6b26d37902762543cf9a4e1253fd2db381479c2f9b1b68f872c1d259ed75f5 |
| SHA512 | 220ae32974fbf224b6ff6fec9f25757bb8826e0406714195f2f690807162ba923fddc2b9d29f4453a1bb173dbaeb060028962cadee6106cdc88e210fc5d73052 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 217348c035e7c8ef697af4d85cd62037 |
| SHA1 | 6c35acbc846bf05a2a0160c8b4001ff72b5a70a4 |
| SHA256 | debe49f7e22770250d0398c6a8690c8b63f0e9c1b21ed843156f346e05cdf0b9 |
| SHA512 | 662588347c6e935539ecff708dd2e8651e0d22930dbdf217eded7af099cbdc332f8685466e93ae34dbe7f1310c85a02de71c5b324030cce0aa1b7b3c203fc2d8 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\cache2\entries\254256B27E0C48CF9B80B695F0B3B8CA84610495
| MD5 | bbe482b93ff76dcfadf8f383a351175f |
| SHA1 | b42811e7b800f311199bf97445f4d75de62f36ef |
| SHA256 | 51679edb3ead21acff706887702794fecc0c41183f231edf79ea810100d00f4b |
| SHA512 | 184074bc88ad979f2e92c5cb38d2b1f0ce2cba1245c78c9c39e832fdd15027a719a3459c344df8c4126d7c8c3cb4c735eb7dc02698360c6496b9ca4cdfcf96f0 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\cache2\entries\383A97A57B113BD106DE6984E6DBA5F537327263
| MD5 | b9ea1465f9d05e27ea5d9138b7f5fc95 |
| SHA1 | a2669b33f6dae4b208e33fbd11666e8423a126c0 |
| SHA256 | 5059436a00d14914f4f6e410e3523daa5f908af7f45140ebade7954a50d59baa |
| SHA512 | b89c3ccc31520947be4ef91e98fec58dda1443b9d736ae1c4f3ca802044cf2da0f578ec8f251aa41593135db68f1d4d621f033511296241cedf80afd1f6dbb07 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\cache2\entries\037778A55E1B7E9BED3390289866D09402D6C913
| MD5 | 5d50d6b5a8a87dc0595efdb389d01450 |
| SHA1 | 27b0512e3070eec3154df8e537ca26c98f0f1552 |
| SHA256 | fb75d35908cd4cce0782129f3877a1c491327a4036c165a6dd2b99dab417d903 |
| SHA512 | ea228f3ffdbcb38a4121aeb13f74b50b5dfef040befb902e0764ade4bdafc621360c893bfe10a28f2f5244feed1c38156d4b6bb8ef9f23b0d906334191302a3b |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\cache2\entries\F210D48319A1879FD1C5213FA010C613B99BA085
| MD5 | 5516db054f18fa8468e5e4f6c8592b1b |
| SHA1 | 76ce1013dd979bc10fd05d9f1e1d8ee198db3cde |
| SHA256 | 42b14d28a017047bdd9b67792cd89c32fc7013a2b78612322065b9f94b32847c |
| SHA512 | 0b76068d395fc9ef1b91afb1eb08f12af6ef74f3014872b270b6e7e34003940fb4613a305daf1807b8282ec50683366a885d3252d69f036ffc4a7f770fea8885 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\cache2\entries\C72D4296C2EBC6FD41A9F780CD0C8F30F0FF937C
| MD5 | aa683cabfa1ed2b812617c559897ce26 |
| SHA1 | 43c2e38df7aeebbdaa56a5c8f460d0ca02fbe48d |
| SHA256 | 9e9e2f94f63093d34c39058d6adf05602f10a902a2659e0e3b61e24421c4343e |
| SHA512 | 5bba131570a4c9fdfe70a58df03cc9ddf1037c838a6c15421cfbeae165a0c12074295b8924aea10cb233f2c0b970a828f956797d5b481612d52b0347a43f155d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 63dac7686ad4fe9bbbf50e795df693dd |
| SHA1 | f6681b04d699415a56b6f5808c084619833c11d5 |
| SHA256 | 5d6313c8ff5f1f2212afc75e7e33b9de9076aa3ba861130fd8f488d29343b636 |
| SHA512 | 4a0aa30f3c32d3e3bb399c32a220703ac5a7179c5591b34dbc3e341d93bc942efadd4089f94f3178e94cac7e636f1cd7c9230713236487d75f40a52f41829367 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\storage\default\https+++www.youtube.com\cache\morgue\7\{f8e5dbfd-fc4a-460c-9320-31111ccdb707}.final
| MD5 | d551d4b67a589e9119684930847c5730 |
| SHA1 | e68b7ed75ed54eaf546d59922b47552e00c7b603 |
| SHA256 | 1ff065fdca2da5ee1a22d34584bc94a7102c3052949137a0725627faa5fd61ff |
| SHA512 | 987731457a8efe57e854e3623e0f844932e8f7c6b24629fa52e3c744000e53f53c0fcdf8e4c8f64e33b5a1570d1f46a55233be6b3e7816869fb5c549d85d6c5c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\cache2\doomed\26231
| MD5 | afe33078087e7efad8e193b8365e6124 |
| SHA1 | a0420624642648cf3adbfe10fd4529ecf9036b9e |
| SHA256 | 5720d614bc34f2af09349af595d3fa79373c1a2e9c97e9c3034d0a4cad94a253 |
| SHA512 | 17c78e83d82ab0f6dfb8b22290e38b6f2223523b07d3f2b97c28e96c9ac20f5987edcf28b759b7204f2bf2a2fd40de733d2d105c8a225c445e59b36b840e5238 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\storage\default\https+++www.youtube.com\cache\morgue\149\{e532539a-7855-4651-b4ca-a35e45dc2195}.final
| MD5 | 2842fbaeda0265a0b97ed8a6891c140d |
| SHA1 | c1d68697cac58309b522249b49b548b222ca2ca3 |
| SHA256 | 2c5c90f4e493c46efd0e0d5a162e339fc4723b305a37ddede4b80b106920aabe |
| SHA512 | cb8f6f6cadccd2a094cd471bbca3c87a04844500fde2ad8a8cade80081976f41f82726c86f506d154c244e647f7e43153954222f8a848f4ca1faa934f9bd0e66 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 2562770161c83f89dc873c60f68d732f |
| SHA1 | 498de0369d11d881402524ce1208fa3105579895 |
| SHA256 | 2a68ffe014607a3472dd7c2f6597fa25c8971458843860ce346415c7dfecae92 |
| SHA512 | 5126da9a7d1612b25fdbf3bdc25133290d5e9ef60dee69e5362b8c035bfb20e9bc7c3e5354b4b6a37e551c621ff59c915586b5bd98f9b967c7c5afcbb183f1b8 |
Analysis: behavioral12
Detonation Overview
Submitted
2024-06-11 16:10
Reported
2024-06-11 16:40
Platform
win10-20240404-en
Max time kernel
315s
Max time network
1597s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Monaco\fileaccess\node_modules\debug\src\node.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 30.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 114.83.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.58.20.217.in-addr.arpa | udp |