Analysis Overview
Threat Level: No (potentially) malicious behavior was detected
The file https://j6lyat060624q67.xyz/08f10c664042c174f24981a4ec6e3b3e4105598b_1718450383/file-dln_666d78cf14318/?source=12&grp=17&file=&q=Bandicam-7-1-1-2158-with-Crack--RePack---Portable- was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Suspicious use of SetWindowsHookEx
Checks processor information in registry
Modifies registry class
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
MITRE ATT&CK Matrix V13
Analysis: static1
Detonation Overview
Reported
2024-06-15 17:50
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-15 17:50
Reported
2024-06-17 03:57
Platform
win7-20240220-en
Max time kernel
511s
Max time network
572s
Command Line
Signatures
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_Classes\Local Settings | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Processes
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "https://j6lyat060624q67.xyz/08f10c664042c174f24981a4ec6e3b3e4105598b_1718450383/file-dln_666d78cf14318/?source=12&grp=17&file=&q=Bandicam-7-1-1-2158-with-Crack--RePack---Portable-"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url https://j6lyat060624q67.xyz/08f10c664042c174f24981a4ec6e3b3e4105598b_1718450383/file-dln_666d78cf14318/?source=12&grp=17&file=&q=Bandicam-7-1-1-2158-with-Crack--RePack---Portable-
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2188.0.239201197\881183452" -parentBuildID 20221007134813 -prefsHandle 1216 -prefMapHandle 1196 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {53c727ef-a987-48e8-acb8-19d98e16dbf8} 2188 "\\.\pipe\gecko-crash-server-pipe.2188" 1304 113ede58 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2188.1.364911766\1804896391" -parentBuildID 20221007134813 -prefsHandle 1496 -prefMapHandle 1492 -prefsLen 21610 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {9b1f4cb9-2c69-4df5-a8ed-de2117df6c92} 2188 "\\.\pipe\gecko-crash-server-pipe.2188" 1508 d72858 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2188.2.1370532453\1134577908" -childID 1 -isForBrowser -prefsHandle 2088 -prefMapHandle 2104 -prefsLen 21648 -prefMapSize 233444 -jsInitHandle 860 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {e9687239-afe8-4752-b59d-c8a29e899901} 2188 "\\.\pipe\gecko-crash-server-pipe.2188" 2044 1135f058 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2188.3.814432824\1732682788" -childID 2 -isForBrowser -prefsHandle 736 -prefMapHandle 2288 -prefsLen 26111 -prefMapSize 233444 -jsInitHandle 860 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {354675a0-4846-4792-9c4e-97bd0b685d0d} 2188 "\\.\pipe\gecko-crash-server-pipe.2188" 2572 1bc3a058 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2188.4.627933643\378373875" -childID 3 -isForBrowser -prefsHandle 3680 -prefMapHandle 3672 -prefsLen 26170 -prefMapSize 233444 -jsInitHandle 860 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {943275d7-22ab-42df-bf17-3e6b983ea6b6} 2188 "\\.\pipe\gecko-crash-server-pipe.2188" 3692 21047e58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2188.5.1102176345\360637016" -childID 4 -isForBrowser -prefsHandle 3708 -prefMapHandle 3780 -prefsLen 26170 -prefMapSize 233444 -jsInitHandle 860 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {e6bf8895-76c1-4447-bb94-c8407cd09ec5} 2188 "\\.\pipe\gecko-crash-server-pipe.2188" 3880 2103c858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2188.6.459942608\1184197350" -childID 5 -isForBrowser -prefsHandle 3940 -prefMapHandle 3664 -prefsLen 26170 -prefMapSize 233444 -jsInitHandle 860 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c5d426cd-e6c9-4557-9750-ccf9ef24f026} 2188 "\\.\pipe\gecko-crash-server-pipe.2188" 3932 21039558 tab
Network
| Country | Destination | Domain | Proto |
| N/A | 127.0.0.1:49190 | tcp | |
| US | 8.8.8.8:53 | j6lyat060624q67.xyz | udp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 104.21.46.30:443 | j6lyat060624q67.xyz | tcp |
| US | 8.8.8.8:53 | j6lyat060624q67.xyz | udp |
| US | 34.117.188.166:443 | contile.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | j6lyat060624q67.xyz | udp |
| US | 8.8.8.8:53 | content-signature-2.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | shavar.services.mozilla.com | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 34.160.144.191:443 | prod.content-signature-chains.prod.webservices.mozgcp.net | tcp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | push.services.mozilla.com | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 52.33.96.36:443 | shavar.prod.mozaws.net | tcp |
| US | 34.107.243.93:443 | autopush.prod.mozaws.net | tcp |
| US | 34.149.100.209:443 | prod.remote-settings.prod.webservices.mozgcp.net | tcp |
| US | 34.117.188.166:443 | contile.services.mozilla.com | udp |
| US | 104.21.46.30:443 | j6lyat060624q67.xyz | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 34.149.100.209:443 | prod.remote-settings.prod.webservices.mozgcp.net | tcp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 151.101.65.229:443 | cdn.jsdelivr.net | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 8.8.8.8:53 | jsdelivr.map.fastly.net | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | jsdelivr.map.fastly.net | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 151.101.65.229:443 | jsdelivr.map.fastly.net | udp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | udp |
| US | 151.101.65.229:443 | jsdelivr.map.fastly.net | udp |
| N/A | 127.0.0.1:49198 | tcp | |
| US | 8.8.8.8:53 | aus5.mozilla.org | udp |
| US | 35.244.181.201:443 | aus5.mozilla.org | tcp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | ciscobinary.openh264.org | udp |
| NL | 2.18.121.79:80 | ciscobinary.openh264.org | tcp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| DE | 142.250.185.206:443 | redirector.gvt1.com | tcp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| DE | 142.250.185.206:443 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | r1---sn-aigl6ney.gvt1.com | udp |
| GB | 173.194.183.166:443 | r1---sn-aigl6ney.gvt1.com | tcp |
| US | 8.8.8.8:53 | r1.sn-aigl6ney.gvt1.com | udp |
| US | 8.8.8.8:53 | r1.sn-aigl6ney.gvt1.com | udp |
| GB | 173.194.183.166:443 | r1.sn-aigl6ney.gvt1.com | udp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 34.117.188.166:443 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 34.149.100.209:443 | prod.remote-settings.prod.webservices.mozgcp.net | tcp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 8.8.8.8:53 | aus5.mozilla.org | udp |
| US | 8.8.8.8:53 | aus5.mozilla.org | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 35.244.181.201:443 | prod.balrog.prod.cloudops.mozgcp.net | tcp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
Files
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xkoyglns.default-release\datareporting\glean\db\data.safe.bin
| MD5 | bb83603f04075cdb39261bf669e0b80b |
| SHA1 | 10ef0d1c1c12703711deba54925ea96c86701087 |
| SHA256 | 0bc21fdd019e60e1bc07c3e6d3aae8e7fa26e7f42b699a1be55b71e4f484b06d |
| SHA512 | e6c70232a7e9fcb47fc510cb3cd45f9385a271d6466b37db5a1d924c7c36850a6c8154969c4b1ef52c483851088536cbcf67d39fdb4b28b4bc40cff5256389d3 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xkoyglns.default-release\datareporting\glean\pending_pings\00614a78-784f-4326-b342-5d39b2bfb42d
| MD5 | fe9093afc7819d7bf52a082152a64e91 |
| SHA1 | ae7214e92d58596c0368738900a105c399735c19 |
| SHA256 | ab8731b2d5b6a909bd3cb4b3089b5b5783a70b8ead94a1d8ec66d4a0cfff8fa7 |
| SHA512 | f2917b7cc9757e0573644ac649b921c146fdd3d1e2d2be04ecf9b9eed2457ad797e7c01ccc6ad5e0f9b2baa343c454177a67a51240a1dee61947732f9776ddb4 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xkoyglns.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | 5e408510e49e400798db0c3d8d9d24b9 |
| SHA1 | bdf1af36f1d03934209eac72ca486cf4c9810b45 |
| SHA256 | 81d5663f7cdc1caed0e23fb10c3798a9791c0bdac67b6ca96d321cdfe71c9532 |
| SHA512 | 20a1f7b4d4eb3117f0fae575a6d91bd37207c81fc831ee1baa54c752a3a1b547284ab198126eee37f0687dde2aae81085a555e0101074f391665317a61903357 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xkoyglns.default-release\prefs.js
| MD5 | 3b8b1130f409d6fce1bd60ccb5fe04fc |
| SHA1 | 0d1015a1d2d2dafdf421c427cfde5fedb56e1659 |
| SHA256 | 68a5d5b1d149fa30d5296e4a393b7d95bf2b69fa6514be1076db467cd33f01a3 |
| SHA512 | f689ca64bdde42b4a7ddb3e0f8d01f8311d650b744f70a3e9a0dee558345648d13224bb656cc7246ada42e481430d77fa6258485cdde38038d50ca5c9ae88cd5 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xkoyglns.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 3472645b21f6cd8f88d382deb4d22512 |
| SHA1 | ec632ae180d56c7231974d813ca26c30e9b90d1f |
| SHA256 | 0a0041048402fcd602d307c6e44d6e9cfb99bee378efc98bd9469ddfffe5a0ae |
| SHA512 | bedc71906aedd8096c8188904d5f13259fda7b448a2b64d4301f43efe43c31d468fec25b386639926a505254bf497ee6b0d9a195c9373a68e803635669f57a91 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xkoyglns.default-release\prefs.js
| MD5 | fa2d3da6cd72f462ab469ec13a54ae76 |
| SHA1 | 4c60732d07a53685aaa8f267678ad46b1573c249 |
| SHA256 | 833dae711b2a8c74282105820367b288a9b6a5f62dce0275f17b325a9f6111b8 |
| SHA512 | 24f95202b8650a1537f7fda210e23da9cdd54c228c608f6b249691f46875a5ec1884e2ce417292dfbb8acd410e1884d202b9fa7838b60d22df368be6057cd00d |
C:\Users\Admin\AppData\Local\Temp\tmpaddon
| MD5 | 85430baed3398695717b0263807cf97c |
| SHA1 | fffbee923cea216f50fce5d54219a188a5100f41 |
| SHA256 | a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e |
| SHA512 | 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xkoyglns.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll
| MD5 | fe3355639648c417e8307c6d051e3e37 |
| SHA1 | f54602d4b4778da21bc97c7238fc66aa68c8ee34 |
| SHA256 | 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e |
| SHA512 | 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xkoyglns.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info
| MD5 | 3d33cdc0b3d281e67dd52e14435dd04f |
| SHA1 | 4db88689282fd4f9e9e6ab95fcbb23df6e6485db |
| SHA256 | f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b |
| SHA512 | a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xkoyglns.default-release\prefs-1.js
| MD5 | 389b23e0a2dc19870b9d12ddf9f22553 |
| SHA1 | a3f362ebd7851c73ab82163b0eb5219b91280820 |
| SHA256 | 1a9aafa9e2ed9596ff97b18659437d2529ea9e33f202ea7a5375b3cd665032ba |
| SHA512 | 0ab7265f7edb88aeaf4bd8e178c2e7261ab7d0bbb6a511a1ac789fdddff50cb4beb154d0844c0597adbeb48bfe7b1d94bec3dae3865d85fda188168ef7c02e4f |
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1
| MD5 | a01c5ecd6108350ae23d2cddf0e77c17 |
| SHA1 | c6ac28a2cd979f1f9a75d56271821d5ff665e2b6 |
| SHA256 | 345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42 |
| SHA512 | b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xkoyglns.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt
| MD5 | 49ddb419d96dceb9069018535fb2e2fc |
| SHA1 | 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6 |
| SHA256 | 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539 |
| SHA512 | 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xkoyglns.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json
| MD5 | 8be33af717bb1b67fbd61c3f4b807e9e |
| SHA1 | 7cf17656d174d951957ff36810e874a134dd49e0 |
| SHA256 | e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd |
| SHA512 | 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xkoyglns.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll
| MD5 | 33bf7b0439480effb9fb212efce87b13 |
| SHA1 | cee50f2745edc6dc291887b6075ca64d716f495a |
| SHA256 | 8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e |
| SHA512 | d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xkoyglns.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib
| MD5 | 688bed3676d2104e7f17ae1cd2c59404 |
| SHA1 | 952b2cdf783ac72fcb98338723e9afd38d47ad8e |
| SHA256 | 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237 |
| SHA512 | 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xkoyglns.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig
| MD5 | 937326fead5fd401f6cca9118bd9ade9 |
| SHA1 | 4526a57d4ae14ed29b37632c72aef3c408189d91 |
| SHA256 | 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81 |
| SHA512 | b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xkoyglns.default-release\prefs-1.js
| MD5 | f938f84cbc9acc76987b0fad6148659e |
| SHA1 | ef7325b3bbfd799eb1ee5707cbbc31b6c43b0bcc |
| SHA256 | 00743aa522778501d71cb4189b53153af061eab9b9e610c5ba0f05fece12fb77 |
| SHA512 | 4b2fdc77393ba028028f14d6d4e2ac07b49cd190172ef69bcdc9364d4efdb009fa6cbbb6ba44980e974fefe1e3e72b6a8450a30602b3d261b41ef6ce34e532a5 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xkoyglns.default-release\prefs-1.js
| MD5 | f96e2e06fb56da7436278aa7ee8ebdfa |
| SHA1 | d9a167be7fde4219870757bff1fd373210690a82 |
| SHA256 | 23ac4fbc255aac1987366c389c077334057a4b213e8f56cc6d13ac68eec4de92 |
| SHA512 | 73d02a66e5de26f32a49147fe8e9abcf6d5b5d4dc99dbff2afb92e7cfd12fe4f1e5e774a22b89135316cfd7b6b59a3d7b5da5cfb0d99643a36823ac54d50f4fa |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xkoyglns.default-release\broadcast-listeners.json
| MD5 | 72c95709e1a3b27919e13d28bbe8e8a2 |
| SHA1 | 00892decbee63d627057730bfc0c6a4f13099ee4 |
| SHA256 | 9cf589357fceea2f37cd1a925e5d33fd517a44d22a16c357f7fb5d4d187034aa |
| SHA512 | 613ca9dd2d12afe31fb2c4a8d9337eeecfb58dabaeaaba11404b9a736a4073dfd9b473ba27c1183d3cc91d5a9233a83dce5a135a81f755d978cea9e198209182 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xkoyglns.default-release\targeting.snapshot.json
| MD5 | 0a30cfd00d399015fcbe412150d699cb |
| SHA1 | 9faa2193d8d6be48757b02ce7224e9eaea217ba7 |
| SHA256 | 4dc69ba13deab438dc5210fdbb4e3e2f90d42b1c911009ac246879bf7ca05d4e |
| SHA512 | e10f41b3a2a4f1c6021880cdf927bc27ecfce0e26616042422ce76263df1bf895dc89529fffbb51fae7392bb04847e9bfee000a6c9e98e26b1044bc6ac6f38e1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xkoyglns.default-release\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xkoyglns.default-release\bookmarkbackups\bookmarks-2024-06-17_11_6nkiySCsrSEdz14K-EwBEg==.jsonlz4
| MD5 | 60bb075d45b99ab6548d094e43b702a7 |
| SHA1 | d8c0bb00c90e40deedfecda018089341df85c583 |
| SHA256 | 023dc2f3710c8362780259040899e0a6eddd4dea3595813432fa42212086159b |
| SHA512 | 1355ce0a02b5b4399dea5679f5ac3d6fec851da5e8caa8d0ea7c768f28fd16655829871678afc1258da1fa3368f081880fb50c2ea1888c622ef5eea94e7f9474 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | e5c64079dcc69078c87749fa03e95724 |
| SHA1 | 0ca21d89337364178bfcff5a804b389daae02b33 |
| SHA256 | 4bddff745c7ba4168940cf9635249726f4374f7c1257c1159f1933e78304a452 |
| SHA512 | 5d6dcc77015e545c78056162c4cf282dc89d8af9cf40e12e2d5f696d5fa14eb2c24543481e6f4ccd10945e9d6c49c60b9885ee70f772abfce1360d8891391329 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xkoyglns.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | 70bcc0187a2daf84675e1098fb87a879 |
| SHA1 | 3c39ea24a3af3f73448011fb39805e2fb4d33211 |
| SHA256 | 2437adb3669df3cdc6cbc471d2b1a495ba8514b40c95688739bcded07507445a |
| SHA512 | 61fdba1f7b2c387c8eeb1811ae76b9198dc3f1714010676c38899f5438a5af69c2fbce7070189f220f9eb72c7f4e9ea63c6adcf70bb9448f0be5fcb59eeca955 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-15 17:50
Reported
2024-06-17 03:57
Platform
win10v2004-20240611-en
Max time kernel
595s
Max time network
599s
Command Line
Signatures
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000_Classes\Local Settings | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Processes
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "https://j6lyat060624q67.xyz/08f10c664042c174f24981a4ec6e3b3e4105598b_1718450383/file-dln_666d78cf14318/?source=12&grp=17&file=&q=Bandicam-7-1-1-2158-with-Crack--RePack---Portable-"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url https://j6lyat060624q67.xyz/08f10c664042c174f24981a4ec6e3b3e4105598b_1718450383/file-dln_666d78cf14318/?source=12&grp=17&file=&q=Bandicam-7-1-1-2158-with-Crack--RePack---Portable-
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1048.0.570223060\125697783" -parentBuildID 20230214051806 -prefsHandle 1788 -prefMapHandle 1780 -prefsLen 22076 -prefMapSize 235121 -appDir "C:\Program Files\Mozilla Firefox\browser" - {70bbbe3a-38c0-4a4a-9f70-cd7c143f5d53} 1048 "\\.\pipe\gecko-crash-server-pipe.1048" 1880 1331260fa58 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1048.1.1011944549\2143577071" -parentBuildID 20230214051806 -prefsHandle 2448 -prefMapHandle 2444 -prefsLen 22927 -prefMapSize 235121 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5f8e6512-d976-4892-bb69-b1349db7ed41} 1048 "\\.\pipe\gecko-crash-server-pipe.1048" 2476 1330588d258 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1048.2.1220493589\1938489632" -childID 1 -isForBrowser -prefsHandle 3024 -prefMapHandle 3020 -prefsLen 22965 -prefMapSize 235121 -jsInitHandle 1268 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {44b0136a-ab89-4158-96a8-d9af9a02c69f} 1048 "\\.\pipe\gecko-crash-server-pipe.1048" 3036 1331543ce58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1048.3.1229190991\1545126137" -childID 2 -isForBrowser -prefsHandle 3672 -prefMapHandle 3664 -prefsLen 27616 -prefMapSize 235121 -jsInitHandle 1268 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {84955fd7-5f11-48f1-9653-97553628ed39} 1048 "\\.\pipe\gecko-crash-server-pipe.1048" 3684 133170e3358 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1048.4.856726606\1411646458" -childID 3 -isForBrowser -prefsHandle 5212 -prefMapHandle 5208 -prefsLen 27616 -prefMapSize 235121 -jsInitHandle 1268 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e9d6b44a-1d8f-4a5d-a0bc-6e555ab399fb} 1048 "\\.\pipe\gecko-crash-server-pipe.1048" 5236 133193a8358 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1048.5.905635250\2009641938" -childID 4 -isForBrowser -prefsHandle 5376 -prefMapHandle 5380 -prefsLen 27616 -prefMapSize 235121 -jsInitHandle 1268 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ede0c37b-cfc8-4585-b683-65b01ce72099} 1048 "\\.\pipe\gecko-crash-server-pipe.1048" 5368 13319b62258 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1048.6.1161309646\814067995" -childID 5 -isForBrowser -prefsHandle 5568 -prefMapHandle 5572 -prefsLen 27616 -prefMapSize 235121 -jsInitHandle 1268 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f35bf6ce-cc36-4e5b-bb33-62471905ef63} 1048 "\\.\pipe\gecko-crash-server-pipe.1048" 5560 13319b62b58 tab
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=4084,i,7977653611488681184,6839495125838449898,262144 --variations-seed-version --mojo-platform-channel-handle=3852 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=1392,i,7977653611488681184,6839495125838449898,262144 --variations-seed-version --mojo-platform-channel-handle=3680 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| N/A | 127.0.0.1:49794 | tcp | |
| US | 8.8.8.8:53 | j6lyat060624q67.xyz | udp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | spocs.getpocket.com | udp |
| US | 8.8.8.8:53 | content-signature-2.cdn.mozilla.net | udp |
| US | 34.160.144.191:443 | content-signature-2.cdn.mozilla.net | tcp |
| US | 104.21.46.30:443 | j6lyat060624q67.xyz | tcp |
| US | 34.117.188.166:443 | spocs.getpocket.com | udp |
| US | 34.117.188.166:443 | spocs.getpocket.com | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | j6lyat060624q67.xyz | udp |
| US | 34.117.188.166:443 | contile.services.mozilla.com | tcp |
| US | 34.117.188.166:443 | contile.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | shavar.services.mozilla.com | udp |
| US | 8.8.8.8:53 | push.services.mozilla.com | udp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 8.8.8.8:53 | j6lyat060624q67.xyz | udp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 44.232.194.163:443 | shavar.services.mozilla.com | tcp |
| US | 34.107.243.93:443 | push.services.mozilla.com | tcp |
| US | 34.149.100.209:443 | firefox.settings.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | prod.ads.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | prod.ads.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 34.107.243.93:443 | autopush.prod.mozaws.net | tcp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 30.46.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | getpocket.cdn.mozilla.net | udp |
| US | 104.21.46.30:443 | j6lyat060624q67.xyz | udp |
| US | 34.120.5.221:443 | getpocket.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 34.149.100.209:443 | prod.remote-settings.prod.webservices.mozgcp.net | tcp |
| US | 8.8.8.8:53 | prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 151.101.65.229:443 | cdn.jsdelivr.net | tcp |
| US | 8.8.8.8:53 | jsdelivr.map.fastly.net | udp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | jsdelivr.map.fastly.net | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | udp |
| US | 151.101.65.229:443 | jsdelivr.map.fastly.net | udp |
| US | 151.101.65.229:443 | jsdelivr.map.fastly.net | udp |
| US | 8.8.8.8:53 | 221.5.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.65.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.25.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 13.107.21.237:443 | g.bing.com | tcp |
| N/A | 127.0.0.1:49800 | tcp | |
| US | 8.8.8.8:53 | 140.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| NL | 23.62.61.129:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 237.21.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 129.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | aus5.mozilla.org | udp |
| US | 35.244.181.201:443 | aus5.mozilla.org | tcp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 34.160.144.191:443 | prod.content-signature-chains.prod.webservices.mozgcp.net | tcp |
| US | 8.8.8.8:53 | ciscobinary.openh264.org | udp |
| NL | 2.18.121.73:80 | ciscobinary.openh264.org | tcp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| US | 8.8.8.8:53 | 201.181.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.121.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| DE | 142.250.185.206:443 | redirector.gvt1.com | tcp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| DE | 142.250.185.206:443 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | r1---sn-aigl6ney.gvt1.com | udp |
| GB | 173.194.183.166:443 | r1---sn-aigl6ney.gvt1.com | tcp |
| US | 8.8.8.8:53 | r1.sn-aigl6ney.gvt1.com | udp |
| US | 8.8.8.8:53 | r1.sn-aigl6ney.gvt1.com | udp |
| GB | 173.194.183.166:443 | r1.sn-aigl6ney.gvt1.com | udp |
| US | 8.8.8.8:53 | 206.185.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 166.183.194.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | firefox-settings-attachments.cdn.mozilla.net | udp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | 53.121.117.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.169.127.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.126.166.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.58.20.217.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 29.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 34.117.121.53:443 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | tcp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 34.117.188.166:443 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | 67.112.168.52.in-addr.arpa | udp |
| US | 34.149.100.209:443 | prod.remote-settings.prod.webservices.mozgcp.net | tcp |
| US | 8.8.8.8:53 | aus5.mozilla.org | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 35.244.181.201:443 | prod.balrog.prod.cloudops.mozgcp.net | tcp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
Files
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\m5gevmzl.default-release\activity-stream.discovery_stream.json.tmp
| MD5 | e89329ee865123402126af3cf03108bf |
| SHA1 | c6b117d3e551e1a570015bf1e3335c09fee874bf |
| SHA256 | 9e50c8b049193bdbe55f83bc937356436729cf12eabd7fa779b3cc099deb6518 |
| SHA512 | 099fcb8b2f1ab06c6cb02a568586680d7232fb64682ec752cf2fadd223dea55e0421f54c74c58712fe7d612972bb60a0a7b11ae1751ad9d4a7cb45cff6084188 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\m5gevmzl.default-release\activity-stream.discovery_stream.json.tmp
| MD5 | 191bec47f3369dc0737ce198f6db4af1 |
| SHA1 | 2b5b44e10b8dc2c5b27c95c7935ce18f561252e2 |
| SHA256 | 483daea2c547a63597bbfee5eec77e4a066e8a54375b8e4ffe4698c8b60db77d |
| SHA512 | 31df3ae57320c8847ecb4220e68812f8974babc523faca21f56296cb3a9a5e7d5080de745d154e42a79504506d3cabad6c28aa831da7e226255caa9d61fd5842 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\m5gevmzl.default-release\prefs.js
| MD5 | 4b37731d9150b96aceff36b2464c4a07 |
| SHA1 | ffc208785ce17423c6650a1ec6355da505482b61 |
| SHA256 | 0d97ee53df655d7b5a113fb10dae674e6e965c6fb35a23343e0d7773351d2d31 |
| SHA512 | d311ea4bd73a9be0f23c7871fcab82bcf7037979e80f1820da7638bfdbaf71b4324d17e5166385bb4f9991806df881f233eaa8fa06421d169b39143f76d85424 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\m5gevmzl.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | f1e20c2bbd7c74f557e22219f22ab789 |
| SHA1 | 5805e1306eb7a8893792b639a4afdacffbd42b55 |
| SHA256 | 08d4d85545af95c3d3f7d516704f90d02dc2cbc24f779f235a1bb9700f27b66b |
| SHA512 | dc94159f4b30c4cd315dcdf91f62bd7c59ed14303170eb275e61954c79201e9bd6adfe92fc88701736f4f448305dbd0aebd372fb84575b31250e2ea34ed61fd4 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\m5gevmzl.default-release\cache2\entries\383A97A57B113BD106DE6984E6DBA5F537327263
| MD5 | 6e20b8fe7d880c85cbcd70effc597708 |
| SHA1 | 69fbc9d151034b5f56685ccf3e40e32f53c43308 |
| SHA256 | 3470b303fbcaeeb426780d2f0abd5db88a43da837112b5c742abc9e8bbd5828e |
| SHA512 | 40b08d01bdfbe216e95040f685c70dd8a705258aa948a9e3a8fa6f74cdee541d3013462a1db9816d835ec35f863c1a222a4167b6b193635c344c8926e0261b71 |
C:\Users\Admin\AppData\Local\Temp\tmpaddon
| MD5 | 85430baed3398695717b0263807cf97c |
| SHA1 | fffbee923cea216f50fce5d54219a188a5100f41 |
| SHA256 | a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e |
| SHA512 | 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\m5gevmzl.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info
| MD5 | 3d33cdc0b3d281e67dd52e14435dd04f |
| SHA1 | 4db88689282fd4f9e9e6ab95fcbb23df6e6485db |
| SHA256 | f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b |
| SHA512 | a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\m5gevmzl.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll
| MD5 | fe3355639648c417e8307c6d051e3e37 |
| SHA1 | f54602d4b4778da21bc97c7238fc66aa68c8ee34 |
| SHA256 | 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e |
| SHA512 | 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\m5gevmzl.default-release\prefs-1.js
| MD5 | 43c9e748b22a9ad969ab31d39fd928fb |
| SHA1 | 795692986d4b05087c52567d76812486ab12d957 |
| SHA256 | d7cc98d0d32965c191b4669bc6dde5396eb341db9e4d5fe57856c55e3fbb02c9 |
| SHA512 | 354c508173297abd3eac0beacaa718cdc4d30a8adfae3c42d069ecffcc2f9559c57f798bcd08e97c7b9587dde51ab396d04a0f88c510962bebdc83cc17d6237f |
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1
| MD5 | a01c5ecd6108350ae23d2cddf0e77c17 |
| SHA1 | c6ac28a2cd979f1f9a75d56271821d5ff665e2b6 |
| SHA256 | 345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42 |
| SHA512 | b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\m5gevmzl.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt
| MD5 | 49ddb419d96dceb9069018535fb2e2fc |
| SHA1 | 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6 |
| SHA256 | 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539 |
| SHA512 | 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\m5gevmzl.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json
| MD5 | 8be33af717bb1b67fbd61c3f4b807e9e |
| SHA1 | 7cf17656d174d951957ff36810e874a134dd49e0 |
| SHA256 | e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd |
| SHA512 | 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\m5gevmzl.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll
| MD5 | 33bf7b0439480effb9fb212efce87b13 |
| SHA1 | cee50f2745edc6dc291887b6075ca64d716f495a |
| SHA256 | 8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e |
| SHA512 | d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\m5gevmzl.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib
| MD5 | 688bed3676d2104e7f17ae1cd2c59404 |
| SHA1 | 952b2cdf783ac72fcb98338723e9afd38d47ad8e |
| SHA256 | 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237 |
| SHA512 | 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\m5gevmzl.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig
| MD5 | 937326fead5fd401f6cca9118bd9ade9 |
| SHA1 | 4526a57d4ae14ed29b37632c72aef3c408189d91 |
| SHA256 | 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81 |
| SHA512 | b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\m5gevmzl.default-release\cache2\entries\F8CBD54DDA10F4286A41EC6A537240712D6C2308
| MD5 | 177069aa2c00b0daf4e69e31321146e5 |
| SHA1 | 34a9bf3c3139c29309090185caa4e884706b2956 |
| SHA256 | b5b6ec2256e1fb5352ff0f288d1584041c165227f31624cf217f538782cbbf67 |
| SHA512 | a6d98d11e73a9c4bedd1aa58adbf86ede4772e4124bd5ba1f6eac629274215599d28d44f0be2d44dd0a6dadf456af6e59ee7ae492e226e4f2551ca8095307646 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\m5gevmzl.default-release\prefs-1.js
| MD5 | a88a044af78a7e30fa737326c2b7cf02 |
| SHA1 | 22a3e946be4c4bcebe66770c674a47df5bbec47b |
| SHA256 | 10eb5c4281cc36eeec4a5eb5749f8fc189433633881c33c9665ff8efaebfc552 |
| SHA512 | 9c5383df8c467cbc4cc922491dbc86897fe4459e7ab17c8a60f7976ece83a57b202a7059c609047f6859655e00aa20ccf6312568e6d4fee521f7870bb9a1d300 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\m5gevmzl.default-release\prefs-1.js
| MD5 | ab5c82dcfc0df557f3664208c91163b6 |
| SHA1 | 10b9fc21534d69458d11608cb072ba0062d32705 |
| SHA256 | aa36c94dcb7592d6e36c70432bfc80ecc36804c40e2717cc151755225d7ea34c |
| SHA512 | 1b3b69db0ab76b19fd6792c5e2a04d418f80600abf271c8dfdd2f7af68a5b72271b5cc268d65b9be2e19946735156c245623f3464c4d861eb618c3d8af0a1d49 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\m5gevmzl.default-release\broadcast-listeners.json
| MD5 | 101a3926d9c2aed2171940aa7418b6c3 |
| SHA1 | 83655b37a09055902a7dbd9faf3095dbcd7debd1 |
| SHA256 | 177f82c3df7ac3710b97395d2f181545cddc1b03515625e1e5783c3186f6f1d5 |
| SHA512 | a05038600fb8885dae464eae450f6d11cc33e27b080549ecf2619416b2df8392db8f25e17a136b9c69648435e238baaa3143a31696e233925c5e859b87f9b7cd |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\m5gevmzl.default-release\targeting.snapshot.json
| MD5 | cbccbe05a3a20306bb570a7feac4455e |
| SHA1 | 4fe5c0e6879d80280760d8e536e5a5623074049e |
| SHA256 | 20962ac4c775ce04f1aa24ab55abba7399f99917f1695ee92ba472f4007b1fd6 |
| SHA512 | c65c0e877270564dbbe98d02dd3f6e6dd57194f1e7386753ae1409f31dca559231a6b056ff69c6ee7dec7d5af6fe4041b7e7a19108c012a5df8421a4157a0ccb |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\m5gevmzl.default-release\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\m5gevmzl.default-release\personality-provider\recipe_attachment.json
| MD5 | be3d0f91b7957bbbf8a20859fd32d417 |
| SHA1 | fbc0380fe1928d6d0c8ab8b0a793a2bba0722d10 |
| SHA256 | fc07d42847eeaf69dcbf1b9a16eb48b141c11feb67aa40724be2aee83cb621b7 |
| SHA512 | 8da24afcf587fbd4f945201702168e7cfc12434440200d00f09ddcd1d1d358a5e01065ac2a411fdf96a530e94db3697e3530578b392873cf874476b5e65d774a |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\m5gevmzl.default-release\personality-provider\nb_model_build_attachment_law_and_government.json
| MD5 | 80c49b0f2d195f702e5707ba632ae188 |
| SHA1 | e65161da245318d1f6fdc001e8b97b4fd0bc50e7 |
| SHA256 | 257ee9a218a1b7f9c1a6c890f38920eb7e731808e3d9b9fc956f8346c29a3e63 |
| SHA512 | 972e95de7fe330c61cd22111bd3785999d60e7c02140809122d696a1f1f76f2cd0d63d6d92f657cdec24366d66b681e24f2735a8aabb8bcecec43c74e23fb4f5 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\m5gevmzl.default-release\personality-provider\nb_model_build_attachment_sports.json
| MD5 | ce4e75385300f9c03fdd52420e0f822f |
| SHA1 | 85c34648c253e4c88161d09dd1e25439b763628c |
| SHA256 | 44da98b03350e91e852fe59f0fc05d752fc867a5049ab0363da8bb7b7078ad14 |
| SHA512 | d119dc4706bbf3b6369fe72553cfacf1c9b2688e0188a7524b56d3e2ac85582a18bbee66d5594e0fb40767432646c23bf3e282090bd9b4c29f989a374aeae61f |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\m5gevmzl.default-release\personality-provider\nb_model_build_attachment_computers_and_electronics.json
| MD5 | 6ccd943214682ac8c4ec08b7ec6dbcbd |
| SHA1 | 18417647f7c76581d79b537a70bf64f614f60fa2 |
| SHA256 | ab20b97406b0d9bf4f695e5ec7db4ebad5efb682311e74ca757d45b87ffc106b |
| SHA512 | e57573d6f494df8aa7e8e6a20427a18f6868e19dc853b441b8506998158b23c7a4393b682c83b3513aae5075a21148dd8ca854a11dabcea6a0a0db8f2e6828b8 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\m5gevmzl.default-release\personality-provider\nb_model_build_attachment_science.json
| MD5 | 7a8fd079bb1aeb4710a285ec909c62b9 |
| SHA1 | 8429335e5866c7c21d752a11f57f76399e5634b6 |
| SHA256 | 9606ce3988b2d2a4921b58ac454f54e53a9ea8f358326522a8b1dcc751b50b32 |
| SHA512 | 8fc1546e509b5386c9e1088e0e3a1b81f288ef67f1989f3e83888057e23769907a2b184d624a4e4c44fcd5b88d719bd4cca94dfb33798804a721b8be022ec0c6 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\m5gevmzl.default-release\personality-provider\nb_model_build_attachment_jobs_and_education.json
| MD5 | 2d69892acde24ad6383082243efa3d37 |
| SHA1 | d8edc1c15739e34232012bb255872991edb72bc7 |
| SHA256 | 29080288b2130a67414ecb296a53ddd9f0a4771035e3c1b2112e0ce656a7481a |
| SHA512 | da391152e1fbce1f03607b486c5dea9a298a438e58e440ebb7b871bd5c62d7339b540eed115b4001b9840de1ba3898c6504872ff9094ba4d6a47455051c3f1c5 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\m5gevmzl.default-release\personality-provider\nb_model_build_attachment_real_estate.json
| MD5 | 9899942e9cd28bcb9bf5074800eae2d0 |
| SHA1 | 15e5071e5ed58001011652befc224aed06ee068f |
| SHA256 | efcf6b2d09e89b8c449ffbcdb5354beaa7178673862ebcdd6593561f2aa7d99a |
| SHA512 | 9f7a5fbe6d46c694e8bc9b50e7843e9747ea3229cf4b00b8e95f1a5467bd095d166cbd523b3d9315c62e9603d990b8e56a018ba4a11d30ad607f5281cc42b4cd |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\m5gevmzl.default-release\personality-provider\nb_model_build_attachment_shopping.json
| MD5 | 97d4a0fd003e123df601b5fd205e97f8 |
| SHA1 | a802a515d04442b6bde60614e3d515d2983d4c00 |
| SHA256 | bfd7e68ddca6696c798412402965a0384df0c8c209931bbadabf88ccb45e3bb6 |
| SHA512 | 111e8a96bc8e07be2d1480a820fc30797d861a48d80622425af00b009512aacb30a2df9052c53bfbf4ee0800b6e6f5b56daa93d33f30fecb52e2f3850dfa9130 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\m5gevmzl.default-release\personality-provider\nb_model_build_attachment_people_and_society.json
| MD5 | b1bd26cf5575ebb7ca511a05ea13fbd2 |
| SHA1 | e83d7f64b2884ea73357b4a15d25902517e51da8 |
| SHA256 | 4990a5d17bea15617624c48a0c7c23d16e95f15e2ec9dd1d82ee949567bbaec0 |
| SHA512 | edcede39c17b494474859bc1a9bbf18c9f6abd3f46f832086db3bb1337b01d862452d639f89f9470ca302a6fcb84a1686853ebb4b08003cb248615f0834a1e02 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\m5gevmzl.default-release\personality-provider\nb_model_build_attachment_autos_and_vehicles.json
| MD5 | 39b73a66581c5a481a64f4dedf5b4f5c |
| SHA1 | 90e4a0883bb3f050dba2fee218450390d46f35e2 |
| SHA256 | 022f9495f8867fea275ece900cfa7664c68c25073db4748343452dbc0b9eda17 |
| SHA512 | cfb697958e020282455ab7fabc6c325447db84ead0100d28b417b6a0e2455c9793fa624c23cb9b92dfea25124f59dcd1d5c1f43bf1703a0ad469106b755a7cdd |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\m5gevmzl.default-release\personality-provider\nb_model_build_attachment_internet_and_telecom.json
| MD5 | 36689de6804ca5af92224681ee9ea137 |
| SHA1 | 729d590068e9c891939fc17921930630cd4938dd |
| SHA256 | e646d43505c9c4e53dbaa474ef85d650a3f309ccf153d106f328d9b6aeb66d52 |
| SHA512 | 1c4f4aa02a65a9bbdf83dc5321c24cbe49f57108881616b993e274f5705f0466be2dd3389055a725b79f3317c98bdf9f8d47f86d62ebd151e4c57cc4dca2487c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\m5gevmzl.default-release\personality-provider\nb_model_build_attachment_pets_and_animals.json
| MD5 | 5b26aca80818dd92509f6a9013c4c662 |
| SHA1 | 31e322209ba7cc1abd55bbb72a3c15bc2e4a895f |
| SHA256 | dd537bfb1497eb9457c0c8ecbd2846f325e13ddef3988fd293a29e68ab0b2671 |
| SHA512 | 29038f9f3b9b12259fb42daa93cdefabb9fb32a10f0d20f384a72fe97214eff1864b7fa2674c37224b71309d7d9cea4e36abd24a45a0e65f0c61dc5ca161ec7c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\m5gevmzl.default-release\personality-provider\nb_model_build_attachment_online_communities.json
| MD5 | 37a74ab20e8447abd6ca918b6b39bb04 |
| SHA1 | b50986e6bb542f5eca8b805328be51eaa77e6c39 |
| SHA256 | 11b6084552e2979b5bc0fd6ffdc61e445d49692c0ae8dffedc07792f8062d13f |
| SHA512 | 49c6b96655ba0b5d08425af6815f06237089ec06926f49de1f03bc11db9e579bd125f2b6f3eaf434a2ccf10b262c42af9c35ab27683e8e9f984d5b36ec8f59fd |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\m5gevmzl.default-release\personality-provider\nb_model_build_attachment_books_and_literature.json
| MD5 | df96946198f092c029fd6880e5e6c6ec |
| SHA1 | 9aee90b66b8f9656063f9476ff7b87d2d267dcda |
| SHA256 | df23a5b6f583ec3b4dce2aca8ff53cbdfadfd58c4b7aeb2e397eade5ff75c996 |
| SHA512 | 43a9fc190f4faadef37e01fa8ad320940553b287ed44a95321997a48312142f110b29c79eed7930477bfb29777a5a9913b42bf22ce6bb3e679dda5af54a125ea |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\m5gevmzl.default-release\personality-provider\nb_model_build_attachment_games.json
| MD5 | 4182a69a05463f9c388527a7db4201de |
| SHA1 | 5a0044aed787086c0b79ff0f51368d78c36f76bc |
| SHA256 | 35e67835a5cf82144765dfb1095ebc84ac27d08812507ad0a2d562bf68e13e85 |
| SHA512 | 40023c9f89e0357fae26c33a023609de96b2a0b439318ef944d3d5b335b0877509f90505d119154eaa81e1097ecfb5aa44dd8bb595497cdecfc3ee711a1fe1d5 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\m5gevmzl.default-release\personality-provider\nb_model_build_attachment_beauty_and_fitness.json
| MD5 | 0ed0473b23b5a9e7d1116e8d4d5ca567 |
| SHA1 | 4eb5e948ac28453c4b90607e223f9e7d901301c4 |
| SHA256 | eed46e8fe6ff20f89884b4fc68a81e8d521231440301a01bb89beec8ebad296b |
| SHA512 | 464508d7992edfa0dfb61b04cfc5909b7daacf094fc81745de4d03214b207224133e48750a710979445ee1a65bb791bf240a2b935aacaf3987e5c67ff2d8ba9c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\m5gevmzl.default-release\personality-provider\nb_model_build_attachment_finance.json
| MD5 | e95c2d2fc654b87e77b0a8a37aaa7fcf |
| SHA1 | b4b00c9554839cab6a50a7ed8cd43d21fdaf35dc |
| SHA256 | 384bf5fcc6928200c7ebb1f03f99bf74f6063e78d3cd044374448f879799318e |
| SHA512 | 9696998a8d0e3a85982016ff0a22bb8ae1790410f1f6198bb379c0a192579f24c75c25c7648b76b00d25a32ac204178acaccd744ee78846dfc62ebf70bf7b93a |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\m5gevmzl.default-release\personality-provider\nb_model_build_attachment_arts_and_entertainment.json
| MD5 | 6c651609d367b10d1b25ef4c5f2b3318 |
| SHA1 | 0abcc756ea415abda969cd1e854e7e8ebeb6f2d4 |
| SHA256 | 960065cc44a09bef89206d28048d3c23719d2f5e9b38cfc718ca864c9e0e91e9 |
| SHA512 | 3e084452eefe14e58faa9ef0d9fda2d21af2c2ab1071ae23cde60527df8df43f701668ca0aa9d86f56630b0ab0ca8367803c968347880d674ad8217fba5d8915 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\m5gevmzl.default-release\personality-provider\nb_model_build_attachment_health.json
| MD5 | 11711337d2acc6c6a10e2fb79ac90187 |
| SHA1 | 5583047c473c8045324519a4a432d06643de055d |
| SHA256 | 150f21c4f60856ab5e22891939d68d062542537b42a7ce1f8a8cec9300e7c565 |
| SHA512 | c2301ed72f623b22f05333c5ecc5ebf55d8a2d9593167cc453a66d8f42c05ff7c11e2709b6298912038a8ea6175f050bbc6d1fc4381f385f7ad7a952ad1e856b |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\m5gevmzl.default-release\personality-provider\nb_model_build_attachment_business_and_industrial.json
| MD5 | a92a0fffc831e6c20431b070a7d16d5a |
| SHA1 | da5bbe65f10e5385cbe09db3630ae636413b4e39 |
| SHA256 | 8410809ebac544389cf27a10e2cbd687b7a68753aa50a42f235ac3fc7b60ce2c |
| SHA512 | 31a8602e1972900268651cd074950d16ad989b1f15ff3ebbd8e21e0311a619eef4d7d15cdb029ea8b22cf3b8759fa95b3067b4faaadcb90456944dbc3c9806a9 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\m5gevmzl.default-release\personality-provider\nb_model_build_attachment_food_and_drink.json
| MD5 | 70ba02dedd216430894d29940fc627c2 |
| SHA1 | f0c9aa816c6b0e171525a984fd844d3a8cabd505 |
| SHA256 | 905357002f2eced8bba1be2285a9b83198f60d2f9bb1144b5c119994f2ec6e34 |
| SHA512 | 3ae60d0bf3c45d28e340d97106790787be2cc80ba579d313b5414084664b86e89879391c99e94b6e33bdc5508ea42a9fd34f48ca9b1e7adfa7b6dd22c783c263 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\m5gevmzl.default-release\personality-provider\nb_model_build_attachment_reference.json
| MD5 | 567eaa19be0963b28b000826e8dd6c77 |
| SHA1 | 7e4524c36113bbbafee34e38367b919964649583 |
| SHA256 | 3619daa64036d1f0197cdadf7660e390d4b6e8c1b328ed3b59f828a205a6ea49 |
| SHA512 | 6766919b06ca209eaed86f99bee20c6dad9cc36520fc84e1c251a668bcfe0afcf720ea6c658268dc3bbaaf602bfdf61eb237c68e08d5252ea6e5d1d2a373b9fe |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\m5gevmzl.default-release\personality-provider\nb_model_build_attachment_home_and_garden.json
| MD5 | 250acc54f92176775d6bdd8412432d9f |
| SHA1 | a6ad9ad7519e5c299d4b4ba458742b1b4d64cb65 |
| SHA256 | 19edd15ebce419b83469d2ab783c0c1377d72a186d1ff08857a82bca842eea54 |
| SHA512 | a52c81062f02c15701f13595f4476f0a07735034fcf177b1a65b001394a816020ee791fed5afae81d51de27630b34a85efa717fe80da733556fdda8739030f49 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\m5gevmzl.default-release\personality-provider\nb_model_build_attachment_blogging_resources_and_services.json
| MD5 | c82700fcfcd9b5117176362d25f3e6f6 |
| SHA1 | a7ad40b40c7e8e5e11878f4702952a4014c5d22a |
| SHA256 | c9f2a779dba0bc886cc1255816bd776bdc2e8a6a8e0f9380495a92bb66862780 |
| SHA512 | d38e65ab55cee8fef538ad96448cd0c6b001563714fc7b37c69a424d0661ec6b7d04892cf4b76b13ddbc7d300c115e87e0134d47c3f38ef51617e5367647b217 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\m5gevmzl.default-release\personality-provider\nb_model_build_attachment_hobbies_and_leisure.json
| MD5 | bb45971231bd3501aba1cd07715e4c95 |
| SHA1 | ea5bfd43d60a3d30cda1a31a3a5eb8ea0afa142a |
| SHA256 | 47db7797297a2a81d28c551117e27144b58627dbac1b1d52672b630d220f025d |
| SHA512 | 74767b1badbd32cacd3f996b8172df9c43656b11fea99f5a51fff38c6c6e2120fae8bdd0dd885234a3f173334054f580164fdf8860c27cbcf5fb29c5bcdc060d |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\m5gevmzl.default-release\personality-provider\nb_model_build_attachment_travel.json
| MD5 | 48139e5ba1c595568f59fe880d6e4e83 |
| SHA1 | 5e9ea36b9bb109b1ecfc41356cd5c8c9398d4a78 |
| SHA256 | 4336ac211a822b0a5c3ce5de0d4730665acc351ee1965ea8da1c72477e216dfa |
| SHA512 | 57e826f0e1d9b12d11b05d47e2f5ae4f5787537862f26e039918cb14faff4bc854298c0b7de3023e371756a331c0f3ee1aa7cebbbf94ec70cdfc29e00a900ed1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\m5gevmzl.default-release\bookmarkbackups\bookmarks-2024-06-17_11_nH0f72K8oLsdA3tIEZ-VXw==.jsonlz4
| MD5 | e604fd2aefe5af8e630050cc52d07bc4 |
| SHA1 | d883a8c244c55ca68676888226465dec2f4f87c7 |
| SHA256 | fab9ac923cdd4e00fd5cdf779adcc40698c7c87585a2eb17fc011cb35f6f0163 |
| SHA512 | aea82313eb863ef661fc5ed800c517cbf6e71b1ea7600e7d1d188776fc1ae30adff27ab97500973573fb03d2fce33ab1de6487b6abe0b81c82fbbfe8e4726276 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | 444c42c1fe6f5a0dd698d16ed819eca8 |
| SHA1 | a90bed7eef8fdeacb82404e5c3a9736459e73ce6 |
| SHA256 | 16c23adfae08ac893a7852413cb74d870665312a4a6c3ff5e1641ee1c9c1d263 |
| SHA512 | 5023ba6102b9327e09df298818aab7df1fceacc80cccc5721c838fbd84516342b9db8b17dd5b810f40514c6a466a7819e4e0104bfd97a22deed9d25abc72da3f |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\m5gevmzl.default-release\prefs-1.js
| MD5 | e39538bd5382ef251aac10672c4d97b0 |
| SHA1 | 0c0aca00e75fe2e03a364399079d5a6ac8f27ec6 |
| SHA256 | 46f237e1f84650d24c76c32dd4e2ec820f8fe8bbafe3ea631d3ec3cc0fe02101 |
| SHA512 | 7f41bbb2dba788961ea4bc54e18923d5deac733440c4ae307c67fe2a1b1b94876f6e8a00895d80f4822704c819ef8caa529696c0b431a12696daf3e2db1f7f21 |
Analysis: behavioral3
Detonation Overview
Submitted
2024-06-15 17:50
Reported
2024-06-17 03:58
Platform
win11-20240611-en
Max time kernel
510s
Max time network
573s
Command Line
Signatures
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-2394516847-3409208829-2230326962-1000_Classes\Local Settings | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Processes
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "https://j6lyat060624q67.xyz/08f10c664042c174f24981a4ec6e3b3e4105598b_1718450383/file-dln_666d78cf14318/?source=12&grp=17&file=&q=Bandicam-7-1-1-2158-with-Crack--RePack---Portable-"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url https://j6lyat060624q67.xyz/08f10c664042c174f24981a4ec6e3b3e4105598b_1718450383/file-dln_666d78cf14318/?source=12&grp=17&file=&q=Bandicam-7-1-1-2158-with-Crack--RePack---Portable-
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="412.0.99115025\842410849" -parentBuildID 20230214051806 -prefsHandle 1764 -prefMapHandle 1756 -prefsLen 22074 -prefMapSize 235121 -appDir "C:\Program Files\Mozilla Firefox\browser" - {ab9be8cc-1d97-42ba-b633-ba9d8b3b54c6} 412 "\\.\pipe\gecko-crash-server-pipe.412" 1844 16325e04758 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="412.1.903780637\1079158860" -parentBuildID 20230214051806 -prefsHandle 2376 -prefMapHandle 2372 -prefsLen 22925 -prefMapSize 235121 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {55c53c33-5a35-45b3-ac5b-c290320ec7ff} 412 "\\.\pipe\gecko-crash-server-pipe.412" 2388 16319087d58 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="412.2.1407437167\962596885" -childID 1 -isForBrowser -prefsHandle 2976 -prefMapHandle 2512 -prefsLen 22963 -prefMapSize 235121 -jsInitHandle 1352 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {fdd81102-771d-4368-841e-2dc6a9efff78} 412 "\\.\pipe\gecko-crash-server-pipe.412" 2624 16328c57458 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="412.3.779903393\79485579" -childID 2 -isForBrowser -prefsHandle 3616 -prefMapHandle 3612 -prefsLen 27614 -prefMapSize 235121 -jsInitHandle 1352 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a005a7e9-2739-4132-9e41-cadf758f0ce6} 412 "\\.\pipe\gecko-crash-server-pipe.412" 3628 1632bacaa58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="412.4.991220431\105277177" -childID 3 -isForBrowser -prefsHandle 5320 -prefMapHandle 5316 -prefsLen 27695 -prefMapSize 235121 -jsInitHandle 1352 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5bfd42f7-5519-461f-8052-d2b973feb88d} 412 "\\.\pipe\gecko-crash-server-pipe.412" 5328 1632ddbd058 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="412.5.815683613\1717740431" -childID 4 -isForBrowser -prefsHandle 5456 -prefMapHandle 5460 -prefsLen 27695 -prefMapSize 235121 -jsInitHandle 1352 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7b50b422-20bc-40c7-be18-672d3379332b} 412 "\\.\pipe\gecko-crash-server-pipe.412" 5448 1632ddbd958 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="412.6.21039760\1610305567" -childID 5 -isForBrowser -prefsHandle 5740 -prefMapHandle 5736 -prefsLen 27695 -prefMapSize 235121 -jsInitHandle 1352 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {91f08737-a297-440b-be94-42d67f11ad96} 412 "\\.\pipe\gecko-crash-server-pipe.412" 5748 1632ddbdc58 tab
Network
| Country | Destination | Domain | Proto |
| N/A | 127.0.0.1:49741 | tcp | |
| US | 8.8.8.8:53 | j6lyat060624q67.xyz | udp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | spocs.getpocket.com | udp |
| US | 8.8.8.8:53 | content-signature-2.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | shavar.services.mozilla.com | udp |
| US | 8.8.8.8:53 | push.services.mozilla.com | udp |
| US | 104.21.46.30:443 | j6lyat060624q67.xyz | tcp |
| US | 34.160.144.191:443 | content-signature-2.cdn.mozilla.net | tcp |
| US | 34.117.188.166:443 | contile.services.mozilla.com | udp |
| US | 34.117.188.166:443 | contile.services.mozilla.com | udp |
| US | 52.33.96.36:443 | shavar.services.mozilla.com | tcp |
| US | 34.107.243.93:443 | push.services.mozilla.com | tcp |
| US | 34.117.188.166:443 | contile.services.mozilla.com | tcp |
| US | 34.117.188.166:443 | contile.services.mozilla.com | tcp |
| US | 34.149.100.209:443 | firefox.settings.services.mozilla.com | tcp |
| US | 34.107.243.93:443 | push.services.mozilla.com | tcp |
| US | 104.21.46.30:443 | j6lyat060624q67.xyz | udp |
| US | 34.149.100.209:443 | firefox.settings.services.mozilla.com | tcp |
| US | 151.101.193.229:443 | cdn.jsdelivr.net | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 34.120.5.221:443 | getpocket.cdn.mozilla.net | tcp |
| N/A | 127.0.0.1:49748 | tcp | |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | udp |
| US | 151.101.193.229:443 | cdn.jsdelivr.net | udp |
| US | 151.101.193.229:443 | cdn.jsdelivr.net | udp |
| US | 35.244.181.201:443 | aus5.mozilla.org | tcp |
| US | 34.160.144.191:443 | content-signature-2.cdn.mozilla.net | tcp |
| NL | 2.18.121.73:80 | ciscobinary.openh264.org | tcp |
| DE | 142.250.185.206:443 | redirector.gvt1.com | tcp |
| DE | 142.250.185.206:443 | redirector.gvt1.com | udp |
| GB | 173.194.183.166:443 | r1.sn-aigl6ney.gvt1.com | tcp |
| GB | 173.194.183.166:443 | r1.sn-aigl6ney.gvt1.com | udp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 34.117.188.166:443 | contile.services.mozilla.com | udp |
| US | 34.149.100.209:443 | firefox.settings.services.mozilla.com | tcp |
| US | 35.244.181.201:443 | aus5.mozilla.org | tcp |
Files
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7l3zro2y.default-release\activity-stream.discovery_stream.json.tmp
| MD5 | c9bed23e24559236b0f7b8d4b8911f23 |
| SHA1 | 90adfc9a96d7fe68678c6a3dfcbc3dc2b6124fe9 |
| SHA256 | 1dfb85525c70d46da2ab1a06866ef22d2e6d4b89569d4141fea8c7473ce4ad46 |
| SHA512 | 13525d6a4e6cef2c4203916099fad44208ed94dbb80fa3215c5f35218d50870c5c0371bd011a9b1a841f8ed40d0be9b059a43f02ac8806c8ef514d373c0364bd |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7l3zro2y.default-release\activity-stream.discovery_stream.json.tmp
| MD5 | 4b56a4aab8e9c484b9444467abbe69f5 |
| SHA1 | 2b99cf15cfef6fb85554d5c1a155d072e0ace464 |
| SHA256 | 1b109dbf29b3274b9653747e799b3210584375bf19ae570becb480a703018fd8 |
| SHA512 | 2673609c6d531ede78528e3fe49a8f5ffe0f16f1e79f07089c30df7ab40281f97d5d45c03e4877fe8243a371e668f25573ef5d33c6194ca944914c4c1a33bfd8 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7l3zro2y.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 47ac9c6ebc02c316fe89e6e890beab94 |
| SHA1 | e07fffcbd094b26bc81d728c230c7fd9688e415c |
| SHA256 | e5d2bf7149214c98ecbd414f70e2f8c822014768dc973af7284be5715b2cb3eb |
| SHA512 | 19e4a81b4ffe3e61de31a5321b3615a2beeabf7cb907e073e76116486943018aba163b0d677e63ecf151bc217c4ab4a26edabd186a36823bd7a773af8a5e0a28 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7l3zro2y.default-release\cache2\entries\383A97A57B113BD106DE6984E6DBA5F537327263
| MD5 | e3281a770fe03e6819d7a2fb801af920 |
| SHA1 | e840754652545d10604beefbb7bc3d6ab026ba6f |
| SHA256 | 16e7d6270dc3d1f2c43d8122bae8c4bf6ccb040af862d61d6db9e3ea0d9dd907 |
| SHA512 | ae318d2bada6e4090d5666b9e044e1d6c346973ea6c7da28b7def1780c6f06940c58e84c2d01cb236f79ee350d4b63ff5b42a865cc3ff66a886dfe40974cd139 |
C:\Users\Admin\AppData\Local\Temp\tmpaddon
| MD5 | 85430baed3398695717b0263807cf97c |
| SHA1 | fffbee923cea216f50fce5d54219a188a5100f41 |
| SHA256 | a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e |
| SHA512 | 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7l3zro2y.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info
| MD5 | 3d33cdc0b3d281e67dd52e14435dd04f |
| SHA1 | 4db88689282fd4f9e9e6ab95fcbb23df6e6485db |
| SHA256 | f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b |
| SHA512 | a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7l3zro2y.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll
| MD5 | fe3355639648c417e8307c6d051e3e37 |
| SHA1 | f54602d4b4778da21bc97c7238fc66aa68c8ee34 |
| SHA256 | 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e |
| SHA512 | 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7l3zro2y.default-release\prefs-1.js
| MD5 | 000885b7eba26983c7803b0e138e26ce |
| SHA1 | 4de77e4b5a7a1201f80fd7e64b1c78edaf443160 |
| SHA256 | 68af634ba27117c43665468494fed0539ad4a7a7c3f6a1161128e28acfcd8adf |
| SHA512 | a2f033d6cea5d640c63e910919a0f9d6850b1cad4fe352ab332e2a035f9be4a9542889381d0e79dd851116bc79e1abb5a304e22469181f8aacaa8308ecbfb825 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7l3zro2y.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json
| MD5 | 8be33af717bb1b67fbd61c3f4b807e9e |
| SHA1 | 7cf17656d174d951957ff36810e874a134dd49e0 |
| SHA256 | e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd |
| SHA512 | 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7l3zro2y.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt
| MD5 | 49ddb419d96dceb9069018535fb2e2fc |
| SHA1 | 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6 |
| SHA256 | 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539 |
| SHA512 | 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2 |
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1
| MD5 | a01c5ecd6108350ae23d2cddf0e77c17 |
| SHA1 | c6ac28a2cd979f1f9a75d56271821d5ff665e2b6 |
| SHA256 | 345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42 |
| SHA512 | b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7l3zro2y.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll
| MD5 | 33bf7b0439480effb9fb212efce87b13 |
| SHA1 | cee50f2745edc6dc291887b6075ca64d716f495a |
| SHA256 | 8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e |
| SHA512 | d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7l3zro2y.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib
| MD5 | 688bed3676d2104e7f17ae1cd2c59404 |
| SHA1 | 952b2cdf783ac72fcb98338723e9afd38d47ad8e |
| SHA256 | 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237 |
| SHA512 | 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7l3zro2y.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig
| MD5 | 937326fead5fd401f6cca9118bd9ade9 |
| SHA1 | 4526a57d4ae14ed29b37632c72aef3c408189d91 |
| SHA256 | 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81 |
| SHA512 | b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7l3zro2y.default-release\cache2\entries\F8CBD54DDA10F4286A41EC6A537240712D6C2308
| MD5 | fe6e4386852af9ac63184d5ca94c119e |
| SHA1 | 4391645538f5ee415c228e53a468b03dbcb54e9c |
| SHA256 | 299ceae62f3c96e86058f05dd4de3c5a4a12583c2f2250879bd962ec66d6f53b |
| SHA512 | e8361366dbae2f7bbdce3cedcd930690fba909eeef9fdf0cc55b05512c66ed093498ce05eba2abbf2da2fa5022487cf01e889851a48769b36914cb7fe524266b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7l3zro2y.default-release\prefs-1.js
| MD5 | ef8b6f34f3142321868afa0126a9d28f |
| SHA1 | e21c66e25c6d4576b05d63a924b4d0657be2cba5 |
| SHA256 | 180bd13dc310380c215ad5fa7e5d4c2e4ffbda7d3bd85694e77a7a63c1081464 |
| SHA512 | 447d5e56bee4465e582a13d68bbe3fd5cced98cb0155f16d4294f92b80f4cc951ae86d1c12a3c3da1dde0582740ade1501744377ebd1db0774626a59915e6a2b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7l3zro2y.default-release\prefs-1.js
| MD5 | c8d774efbe895149ee87bd6b361c5c9b |
| SHA1 | c8a2fcf7a77aa9f9a981d273216fd09fec379548 |
| SHA256 | 64c2469fb5409f201bda710644159463786d14431ebacfe988ab7d20fe951241 |
| SHA512 | cd201412a7d9602a315262dd7e0792e019099a9265db331fdf2434e4571cf4e9bc440aac5c24e966033df03ae7f8d27d44f98f68d0845fbed6fb9f4c0d7ebb7f |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7l3zro2y.default-release\broadcast-listeners.json
| MD5 | 101a3926d9c2aed2171940aa7418b6c3 |
| SHA1 | 83655b37a09055902a7dbd9faf3095dbcd7debd1 |
| SHA256 | 177f82c3df7ac3710b97395d2f181545cddc1b03515625e1e5783c3186f6f1d5 |
| SHA512 | a05038600fb8885dae464eae450f6d11cc33e27b080549ecf2619416b2df8392db8f25e17a136b9c69648435e238baaa3143a31696e233925c5e859b87f9b7cd |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7l3zro2y.default-release\targeting.snapshot.json
| MD5 | b0c5884499cee28245b276221e39527f |
| SHA1 | 8ded4458fbe8587c03580d475842a5fc9c699305 |
| SHA256 | 759d7c3dad2aace3f489bae8fe666ecd09bd8cb82a3ab25c478132bddb4dfac1 |
| SHA512 | 25712184c027ae61629b3312e596c179ae85f55c527170e0538f2da0c203d4522e000f4ed313756583db270c4c87508d01d9bca02661cde0bb2f29a784a1c47b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7l3zro2y.default-release\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7l3zro2y.default-release\personality-provider\recipe_attachment.json
| MD5 | be3d0f91b7957bbbf8a20859fd32d417 |
| SHA1 | fbc0380fe1928d6d0c8ab8b0a793a2bba0722d10 |
| SHA256 | fc07d42847eeaf69dcbf1b9a16eb48b141c11feb67aa40724be2aee83cb621b7 |
| SHA512 | 8da24afcf587fbd4f945201702168e7cfc12434440200d00f09ddcd1d1d358a5e01065ac2a411fdf96a530e94db3697e3530578b392873cf874476b5e65d774a |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7l3zro2y.default-release\personality-provider\nb_model_build_attachment_sports.json
| MD5 | ce4e75385300f9c03fdd52420e0f822f |
| SHA1 | 85c34648c253e4c88161d09dd1e25439b763628c |
| SHA256 | 44da98b03350e91e852fe59f0fc05d752fc867a5049ab0363da8bb7b7078ad14 |
| SHA512 | d119dc4706bbf3b6369fe72553cfacf1c9b2688e0188a7524b56d3e2ac85582a18bbee66d5594e0fb40767432646c23bf3e282090bd9b4c29f989a374aeae61f |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7l3zro2y.default-release\personality-provider\nb_model_build_attachment_computers_and_electronics.json
| MD5 | 6ccd943214682ac8c4ec08b7ec6dbcbd |
| SHA1 | 18417647f7c76581d79b537a70bf64f614f60fa2 |
| SHA256 | ab20b97406b0d9bf4f695e5ec7db4ebad5efb682311e74ca757d45b87ffc106b |
| SHA512 | e57573d6f494df8aa7e8e6a20427a18f6868e19dc853b441b8506998158b23c7a4393b682c83b3513aae5075a21148dd8ca854a11dabcea6a0a0db8f2e6828b8 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7l3zro2y.default-release\personality-provider\nb_model_build_attachment_science.json
| MD5 | 7a8fd079bb1aeb4710a285ec909c62b9 |
| SHA1 | 8429335e5866c7c21d752a11f57f76399e5634b6 |
| SHA256 | 9606ce3988b2d2a4921b58ac454f54e53a9ea8f358326522a8b1dcc751b50b32 |
| SHA512 | 8fc1546e509b5386c9e1088e0e3a1b81f288ef67f1989f3e83888057e23769907a2b184d624a4e4c44fcd5b88d719bd4cca94dfb33798804a721b8be022ec0c6 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7l3zro2y.default-release\personality-provider\nb_model_build_attachment_jobs_and_education.json
| MD5 | 2d69892acde24ad6383082243efa3d37 |
| SHA1 | d8edc1c15739e34232012bb255872991edb72bc7 |
| SHA256 | 29080288b2130a67414ecb296a53ddd9f0a4771035e3c1b2112e0ce656a7481a |
| SHA512 | da391152e1fbce1f03607b486c5dea9a298a438e58e440ebb7b871bd5c62d7339b540eed115b4001b9840de1ba3898c6504872ff9094ba4d6a47455051c3f1c5 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7l3zro2y.default-release\personality-provider\nb_model_build_attachment_real_estate.json
| MD5 | 9899942e9cd28bcb9bf5074800eae2d0 |
| SHA1 | 15e5071e5ed58001011652befc224aed06ee068f |
| SHA256 | efcf6b2d09e89b8c449ffbcdb5354beaa7178673862ebcdd6593561f2aa7d99a |
| SHA512 | 9f7a5fbe6d46c694e8bc9b50e7843e9747ea3229cf4b00b8e95f1a5467bd095d166cbd523b3d9315c62e9603d990b8e56a018ba4a11d30ad607f5281cc42b4cd |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7l3zro2y.default-release\personality-provider\nb_model_build_attachment_shopping.json
| MD5 | 97d4a0fd003e123df601b5fd205e97f8 |
| SHA1 | a802a515d04442b6bde60614e3d515d2983d4c00 |
| SHA256 | bfd7e68ddca6696c798412402965a0384df0c8c209931bbadabf88ccb45e3bb6 |
| SHA512 | 111e8a96bc8e07be2d1480a820fc30797d861a48d80622425af00b009512aacb30a2df9052c53bfbf4ee0800b6e6f5b56daa93d33f30fecb52e2f3850dfa9130 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7l3zro2y.default-release\personality-provider\nb_model_build_attachment_people_and_society.json
| MD5 | b1bd26cf5575ebb7ca511a05ea13fbd2 |
| SHA1 | e83d7f64b2884ea73357b4a15d25902517e51da8 |
| SHA256 | 4990a5d17bea15617624c48a0c7c23d16e95f15e2ec9dd1d82ee949567bbaec0 |
| SHA512 | edcede39c17b494474859bc1a9bbf18c9f6abd3f46f832086db3bb1337b01d862452d639f89f9470ca302a6fcb84a1686853ebb4b08003cb248615f0834a1e02 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7l3zro2y.default-release\personality-provider\nb_model_build_attachment_autos_and_vehicles.json
| MD5 | 39b73a66581c5a481a64f4dedf5b4f5c |
| SHA1 | 90e4a0883bb3f050dba2fee218450390d46f35e2 |
| SHA256 | 022f9495f8867fea275ece900cfa7664c68c25073db4748343452dbc0b9eda17 |
| SHA512 | cfb697958e020282455ab7fabc6c325447db84ead0100d28b417b6a0e2455c9793fa624c23cb9b92dfea25124f59dcd1d5c1f43bf1703a0ad469106b755a7cdd |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7l3zro2y.default-release\personality-provider\nb_model_build_attachment_internet_and_telecom.json
| MD5 | 36689de6804ca5af92224681ee9ea137 |
| SHA1 | 729d590068e9c891939fc17921930630cd4938dd |
| SHA256 | e646d43505c9c4e53dbaa474ef85d650a3f309ccf153d106f328d9b6aeb66d52 |
| SHA512 | 1c4f4aa02a65a9bbdf83dc5321c24cbe49f57108881616b993e274f5705f0466be2dd3389055a725b79f3317c98bdf9f8d47f86d62ebd151e4c57cc4dca2487c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7l3zro2y.default-release\personality-provider\nb_model_build_attachment_pets_and_animals.json
| MD5 | 5b26aca80818dd92509f6a9013c4c662 |
| SHA1 | 31e322209ba7cc1abd55bbb72a3c15bc2e4a895f |
| SHA256 | dd537bfb1497eb9457c0c8ecbd2846f325e13ddef3988fd293a29e68ab0b2671 |
| SHA512 | 29038f9f3b9b12259fb42daa93cdefabb9fb32a10f0d20f384a72fe97214eff1864b7fa2674c37224b71309d7d9cea4e36abd24a45a0e65f0c61dc5ca161ec7c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7l3zro2y.default-release\personality-provider\nb_model_build_attachment_online_communities.json
| MD5 | 37a74ab20e8447abd6ca918b6b39bb04 |
| SHA1 | b50986e6bb542f5eca8b805328be51eaa77e6c39 |
| SHA256 | 11b6084552e2979b5bc0fd6ffdc61e445d49692c0ae8dffedc07792f8062d13f |
| SHA512 | 49c6b96655ba0b5d08425af6815f06237089ec06926f49de1f03bc11db9e579bd125f2b6f3eaf434a2ccf10b262c42af9c35ab27683e8e9f984d5b36ec8f59fd |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7l3zro2y.default-release\personality-provider\nb_model_build_attachment_books_and_literature.json
| MD5 | df96946198f092c029fd6880e5e6c6ec |
| SHA1 | 9aee90b66b8f9656063f9476ff7b87d2d267dcda |
| SHA256 | df23a5b6f583ec3b4dce2aca8ff53cbdfadfd58c4b7aeb2e397eade5ff75c996 |
| SHA512 | 43a9fc190f4faadef37e01fa8ad320940553b287ed44a95321997a48312142f110b29c79eed7930477bfb29777a5a9913b42bf22ce6bb3e679dda5af54a125ea |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7l3zro2y.default-release\personality-provider\nb_model_build_attachment_games.json
| MD5 | 4182a69a05463f9c388527a7db4201de |
| SHA1 | 5a0044aed787086c0b79ff0f51368d78c36f76bc |
| SHA256 | 35e67835a5cf82144765dfb1095ebc84ac27d08812507ad0a2d562bf68e13e85 |
| SHA512 | 40023c9f89e0357fae26c33a023609de96b2a0b439318ef944d3d5b335b0877509f90505d119154eaa81e1097ecfb5aa44dd8bb595497cdecfc3ee711a1fe1d5 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7l3zro2y.default-release\personality-provider\nb_model_build_attachment_beauty_and_fitness.json
| MD5 | 0ed0473b23b5a9e7d1116e8d4d5ca567 |
| SHA1 | 4eb5e948ac28453c4b90607e223f9e7d901301c4 |
| SHA256 | eed46e8fe6ff20f89884b4fc68a81e8d521231440301a01bb89beec8ebad296b |
| SHA512 | 464508d7992edfa0dfb61b04cfc5909b7daacf094fc81745de4d03214b207224133e48750a710979445ee1a65bb791bf240a2b935aacaf3987e5c67ff2d8ba9c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7l3zro2y.default-release\personality-provider\nb_model_build_attachment_finance.json
| MD5 | e95c2d2fc654b87e77b0a8a37aaa7fcf |
| SHA1 | b4b00c9554839cab6a50a7ed8cd43d21fdaf35dc |
| SHA256 | 384bf5fcc6928200c7ebb1f03f99bf74f6063e78d3cd044374448f879799318e |
| SHA512 | 9696998a8d0e3a85982016ff0a22bb8ae1790410f1f6198bb379c0a192579f24c75c25c7648b76b00d25a32ac204178acaccd744ee78846dfc62ebf70bf7b93a |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7l3zro2y.default-release\personality-provider\nb_model_build_attachment_arts_and_entertainment.json
| MD5 | 6c651609d367b10d1b25ef4c5f2b3318 |
| SHA1 | 0abcc756ea415abda969cd1e854e7e8ebeb6f2d4 |
| SHA256 | 960065cc44a09bef89206d28048d3c23719d2f5e9b38cfc718ca864c9e0e91e9 |
| SHA512 | 3e084452eefe14e58faa9ef0d9fda2d21af2c2ab1071ae23cde60527df8df43f701668ca0aa9d86f56630b0ab0ca8367803c968347880d674ad8217fba5d8915 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7l3zro2y.default-release\personality-provider\nb_model_build_attachment_law_and_government.json
| MD5 | 80c49b0f2d195f702e5707ba632ae188 |
| SHA1 | e65161da245318d1f6fdc001e8b97b4fd0bc50e7 |
| SHA256 | 257ee9a218a1b7f9c1a6c890f38920eb7e731808e3d9b9fc956f8346c29a3e63 |
| SHA512 | 972e95de7fe330c61cd22111bd3785999d60e7c02140809122d696a1f1f76f2cd0d63d6d92f657cdec24366d66b681e24f2735a8aabb8bcecec43c74e23fb4f5 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7l3zro2y.default-release\personality-provider\nb_model_build_attachment_health.json
| MD5 | 11711337d2acc6c6a10e2fb79ac90187 |
| SHA1 | 5583047c473c8045324519a4a432d06643de055d |
| SHA256 | 150f21c4f60856ab5e22891939d68d062542537b42a7ce1f8a8cec9300e7c565 |
| SHA512 | c2301ed72f623b22f05333c5ecc5ebf55d8a2d9593167cc453a66d8f42c05ff7c11e2709b6298912038a8ea6175f050bbc6d1fc4381f385f7ad7a952ad1e856b |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7l3zro2y.default-release\personality-provider\nb_model_build_attachment_business_and_industrial.json
| MD5 | a92a0fffc831e6c20431b070a7d16d5a |
| SHA1 | da5bbe65f10e5385cbe09db3630ae636413b4e39 |
| SHA256 | 8410809ebac544389cf27a10e2cbd687b7a68753aa50a42f235ac3fc7b60ce2c |
| SHA512 | 31a8602e1972900268651cd074950d16ad989b1f15ff3ebbd8e21e0311a619eef4d7d15cdb029ea8b22cf3b8759fa95b3067b4faaadcb90456944dbc3c9806a9 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7l3zro2y.default-release\personality-provider\nb_model_build_attachment_food_and_drink.json
| MD5 | 70ba02dedd216430894d29940fc627c2 |
| SHA1 | f0c9aa816c6b0e171525a984fd844d3a8cabd505 |
| SHA256 | 905357002f2eced8bba1be2285a9b83198f60d2f9bb1144b5c119994f2ec6e34 |
| SHA512 | 3ae60d0bf3c45d28e340d97106790787be2cc80ba579d313b5414084664b86e89879391c99e94b6e33bdc5508ea42a9fd34f48ca9b1e7adfa7b6dd22c783c263 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7l3zro2y.default-release\personality-provider\nb_model_build_attachment_reference.json
| MD5 | 567eaa19be0963b28b000826e8dd6c77 |
| SHA1 | 7e4524c36113bbbafee34e38367b919964649583 |
| SHA256 | 3619daa64036d1f0197cdadf7660e390d4b6e8c1b328ed3b59f828a205a6ea49 |
| SHA512 | 6766919b06ca209eaed86f99bee20c6dad9cc36520fc84e1c251a668bcfe0afcf720ea6c658268dc3bbaaf602bfdf61eb237c68e08d5252ea6e5d1d2a373b9fe |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7l3zro2y.default-release\personality-provider\nb_model_build_attachment_home_and_garden.json
| MD5 | 250acc54f92176775d6bdd8412432d9f |
| SHA1 | a6ad9ad7519e5c299d4b4ba458742b1b4d64cb65 |
| SHA256 | 19edd15ebce419b83469d2ab783c0c1377d72a186d1ff08857a82bca842eea54 |
| SHA512 | a52c81062f02c15701f13595f4476f0a07735034fcf177b1a65b001394a816020ee791fed5afae81d51de27630b34a85efa717fe80da733556fdda8739030f49 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7l3zro2y.default-release\personality-provider\nb_model_build_attachment_blogging_resources_and_services.json
| MD5 | c82700fcfcd9b5117176362d25f3e6f6 |
| SHA1 | a7ad40b40c7e8e5e11878f4702952a4014c5d22a |
| SHA256 | c9f2a779dba0bc886cc1255816bd776bdc2e8a6a8e0f9380495a92bb66862780 |
| SHA512 | d38e65ab55cee8fef538ad96448cd0c6b001563714fc7b37c69a424d0661ec6b7d04892cf4b76b13ddbc7d300c115e87e0134d47c3f38ef51617e5367647b217 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7l3zro2y.default-release\personality-provider\nb_model_build_attachment_hobbies_and_leisure.json
| MD5 | bb45971231bd3501aba1cd07715e4c95 |
| SHA1 | ea5bfd43d60a3d30cda1a31a3a5eb8ea0afa142a |
| SHA256 | 47db7797297a2a81d28c551117e27144b58627dbac1b1d52672b630d220f025d |
| SHA512 | 74767b1badbd32cacd3f996b8172df9c43656b11fea99f5a51fff38c6c6e2120fae8bdd0dd885234a3f173334054f580164fdf8860c27cbcf5fb29c5bcdc060d |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7l3zro2y.default-release\personality-provider\nb_model_build_attachment_travel.json
| MD5 | 48139e5ba1c595568f59fe880d6e4e83 |
| SHA1 | 5e9ea36b9bb109b1ecfc41356cd5c8c9398d4a78 |
| SHA256 | 4336ac211a822b0a5c3ce5de0d4730665acc351ee1965ea8da1c72477e216dfa |
| SHA512 | 57e826f0e1d9b12d11b05d47e2f5ae4f5787537862f26e039918cb14faff4bc854298c0b7de3023e371756a331c0f3ee1aa7cebbbf94ec70cdfc29e00a900ed1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7l3zro2y.default-release\bookmarkbackups\bookmarks-2024-06-17_11_4UuDNlBdpGBhcMj1x94kew==.jsonlz4
| MD5 | 271f403f4181515f4c7224ad45bece6f |
| SHA1 | e97b4f8771b0555f0c61c4cf1cca5a4e1cd4cf56 |
| SHA256 | 57e3583d13546253f13c4b39d4e12e80bb91f15a4143858868d458d1af6494bf |
| SHA512 | 83b0bd7f5f31a589d0cbcd517cfa4127c26dea7b5e421ca3f010716755363a5f27c368f2146961697768d9f8ea9dac1231ba3da15f28da003a4aedfda79b5d3b |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | f4625183b303afdb3572eecb2bace247 |
| SHA1 | cfc39943bd06e8699f0e9b779d7bc70b0c54e4df |
| SHA256 | 7c01564656a661c37a312a9aafed9834c2f43dc5a3e63cbfad5c8bdb992d2622 |
| SHA512 | 807e5f6abf61ac9ece6fc806145d2649a6d9b980eb85a119f45adca934ff2c076f95c80dc90e9a0d9157f89e06a0def2b8a7f8d47e664d5ee4426040d106ac31 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7l3zro2y.default-release\cert9.db
| MD5 | d812fe9cf32cf8b8f715fb170f853282 |
| SHA1 | e35d2c0c0aa0eceeaf0cbe6b60ee0c9eca6c4d9b |
| SHA256 | ea7d3a15a90923ac565cfeb7b73d059be1239917f3503b41264d936eb9e9454f |
| SHA512 | 50e8ea9bc83b1cb04e05ba8c30f7cac9b77edaf05441562e2693a48d8df6464f821733f3e781a3baeb6c8806a2bf9e01e48ee1f9af932178d6a476cdbd573ad1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7l3zro2y.default-release\prefs-1.js
| MD5 | f958cab5afbbdb25885877148df1fdbb |
| SHA1 | 55d3c50ad2a541beaf1fba9e7745ca9d87b365a9 |
| SHA256 | c0da3a0593a0074b4c6319d647c71efbd3d012861add637f236399ab00c57cc3 |
| SHA512 | 74ba6449a35bffc2b85fd86d2cdc1230b039b72baa6c2929eec336e624769359b64894a226fd992d3b035de341417fc21815869ba92e0f36ac8e8edcd4683755 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7l3zro2y.default-release\cache2\entries\7943793AD6EF12CA229A1DF7A721B44C210BBC82
| MD5 | afc1c06d39131a1e4e9e17ea0317a402 |
| SHA1 | a248a8ee364afac711c85159aaa5a78e8ef16e20 |
| SHA256 | 97638bc8333fffdc1d4d24d9177811ab8b9e212e2f3d2f79ad63b205254dcf94 |
| SHA512 | 029a32af56290c57297fc3cf119a0d3ffad9c4d231d9683e70badbad71bc3db5285202f8b969e899e7c432abc1bdaec01d18cce6304fd5ac1ed94fa61b1c7fdd |