2dbf27909ae942e4750db2a186e7548b37919fe638f82cddca7e95b29fb847f0

Analysis

max time kernel
55s
max time network
157s
platform
windows7_x64
resource
win7-20240611-en
resource tags

arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
submitted
23/06/2024, 23:23

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Lossless.Scaling.v2.8.2.rar
Size

1.5MB
MD5

3d201580563c409e4645db0e8bf3735b
SHA1

eeacc75bc0987a07de577d0f62b03ecf53927699
SHA256

2dbf27909ae942e4750db2a186e7548b37919fe638f82cddca7e95b29fb847f0
SHA512

501d1b9b4c117f9f3a409324d9d48f9663fa8c6435c5f5fba77c17750e712fa9440d6ab401c076551d0cfab26378452bac1f8501dcf84e25a43fbc659cf8a045
SSDEEP

24576:UzmvvD4e43SfojYCRiZFTl4h2CaUvv1oiAFWPh9J4p/mmArSTxnOdvPC/JdnriQ0:UzmvvD4LphRiZFTqvdoiAcImmNTxnECa

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/memory/2584-571-0x0000000000400000-0x0000000000480000-memory.dmp	upx
behavioral1/memory/2584-767-0x0000000000400000-0x0000000000480000-memory.dmp	upx
behavioral1/memory/2584-1857-0x0000000000400000-0x0000000000480000-memory.dmp	upx

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies registry class 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000_Classes\Local Settings	rundll32.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000_Classes\Local Settings	rundll32.exe

Suspicious behavior: AddClipboardFormatListener 1 IoCs

pid	Process
2972	vlc.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
912	chrome.exe
912	chrome.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2972	vlc.exe

Suspicious use of AdjustPrivilegeToken 30 IoCs

description	pid	Process
Token: SeShutdownPrivilege	912	chrome.exe
Token: SeShutdownPrivilege	912	chrome.exe
Token: SeShutdownPrivilege	912	chrome.exe
Token: SeShutdownPrivilege	912	chrome.exe
Token: SeShutdownPrivilege	912	chrome.exe
Token: SeShutdownPrivilege	912	chrome.exe
Token: SeShutdownPrivilege	912	chrome.exe
Token: SeShutdownPrivilege	912	chrome.exe
Token: SeShutdownPrivilege	912	chrome.exe
Token: SeShutdownPrivilege	912	chrome.exe
Token: SeShutdownPrivilege	912	chrome.exe
Token: SeShutdownPrivilege	912	chrome.exe
Token: SeShutdownPrivilege	912	chrome.exe
Token: SeShutdownPrivilege	912	chrome.exe
Token: SeShutdownPrivilege	912	chrome.exe
Token: SeShutdownPrivilege	912	chrome.exe
Token: SeShutdownPrivilege	912	chrome.exe
Token: SeShutdownPrivilege	912	chrome.exe
Token: SeShutdownPrivilege	912	chrome.exe
Token: SeShutdownPrivilege	912	chrome.exe
Token: SeShutdownPrivilege	912	chrome.exe
Token: SeShutdownPrivilege	912	chrome.exe
Token: SeShutdownPrivilege	912	chrome.exe
Token: SeShutdownPrivilege	912	chrome.exe
Token: SeShutdownPrivilege	912	chrome.exe
Token: SeShutdownPrivilege	912	chrome.exe
Token: SeShutdownPrivilege	912	chrome.exe
Token: SeShutdownPrivilege	912	chrome.exe
Token: SeShutdownPrivilege	912	chrome.exe
Token: SeShutdownPrivilege	912	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe

Suspicious use of SendNotifyMessage 64 IoCs

pid	Process
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe
2972	vlc.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2972	vlc.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2080 wrote to memory of 2892	2080	cmd.exe	29
PID 2080 wrote to memory of 2892	2080	cmd.exe	29
PID 2080 wrote to memory of 2892	2080	cmd.exe	29
PID 2892 wrote to memory of 2780	2892	rundll32.exe	30
PID 2892 wrote to memory of 2780	2892	rundll32.exe	30
PID 2892 wrote to memory of 2780	2892	rundll32.exe	30
PID 2780 wrote to memory of 2972	2780	rundll32.exe	32
PID 2780 wrote to memory of 2972	2780	rundll32.exe	32
PID 2780 wrote to memory of 2972	2780	rundll32.exe	32
PID 912 wrote to memory of 648	912	chrome.exe	37
PID 912 wrote to memory of 648	912	chrome.exe	37
PID 912 wrote to memory of 648	912	chrome.exe	37
PID 912 wrote to memory of 900	912	chrome.exe	39
PID 912 wrote to memory of 900	912	chrome.exe	39
PID 912 wrote to memory of 900	912	chrome.exe	39
PID 912 wrote to memory of 900	912	chrome.exe	39
PID 912 wrote to memory of 900	912	chrome.exe	39
PID 912 wrote to memory of 900	912	chrome.exe	39
PID 912 wrote to memory of 900	912	chrome.exe	39
PID 912 wrote to memory of 900	912	chrome.exe	39
PID 912 wrote to memory of 900	912	chrome.exe	39
PID 912 wrote to memory of 900	912	chrome.exe	39
PID 912 wrote to memory of 900	912	chrome.exe	39
PID 912 wrote to memory of 900	912	chrome.exe	39
PID 912 wrote to memory of 900	912	chrome.exe	39
PID 912 wrote to memory of 900	912	chrome.exe	39
PID 912 wrote to memory of 900	912	chrome.exe	39
PID 912 wrote to memory of 900	912	chrome.exe	39
PID 912 wrote to memory of 900	912	chrome.exe	39
PID 912 wrote to memory of 900	912	chrome.exe	39
PID 912 wrote to memory of 900	912	chrome.exe	39
PID 912 wrote to memory of 900	912	chrome.exe	39
PID 912 wrote to memory of 900	912	chrome.exe	39
PID 912 wrote to memory of 900	912	chrome.exe	39
PID 912 wrote to memory of 900	912	chrome.exe	39
PID 912 wrote to memory of 900	912	chrome.exe	39
PID 912 wrote to memory of 900	912	chrome.exe	39
PID 912 wrote to memory of 900	912	chrome.exe	39
PID 912 wrote to memory of 900	912	chrome.exe	39
PID 912 wrote to memory of 900	912	chrome.exe	39
PID 912 wrote to memory of 900	912	chrome.exe	39
PID 912 wrote to memory of 900	912	chrome.exe	39
PID 912 wrote to memory of 900	912	chrome.exe	39
PID 912 wrote to memory of 900	912	chrome.exe	39
PID 912 wrote to memory of 900	912	chrome.exe	39
PID 912 wrote to memory of 900	912	chrome.exe	39
PID 912 wrote to memory of 900	912	chrome.exe	39
PID 912 wrote to memory of 900	912	chrome.exe	39
PID 912 wrote to memory of 900	912	chrome.exe	39
PID 912 wrote to memory of 900	912	chrome.exe	39
PID 912 wrote to memory of 900	912	chrome.exe	39
PID 912 wrote to memory of 1632	912	chrome.exe	40
PID 912 wrote to memory of 1632	912	chrome.exe	40
PID 912 wrote to memory of 1632	912	chrome.exe	40
PID 912 wrote to memory of 1720	912	chrome.exe	41
PID 912 wrote to memory of 1720	912	chrome.exe	41
PID 912 wrote to memory of 1720	912	chrome.exe	41
PID 912 wrote to memory of 1720	912	chrome.exe	41
PID 912 wrote to memory of 1720	912	chrome.exe	41
PID 912 wrote to memory of 1720	912	chrome.exe	41
PID 912 wrote to memory of 1720	912	chrome.exe	41
PID 912 wrote to memory of 1720	912	chrome.exe	41
PID 912 wrote to memory of 1720	912	chrome.exe	41
PID 912 wrote to memory of 1720	912	chrome.exe	41

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\Lossless.Scaling.v2.8.2.rar
1⤵
- Suspicious use of WriteProcessMemory
PID:2080
- C:\Windows\system32\rundll32.exe
  "C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\Lossless.Scaling.v2.8.2.rar
  2⤵
  - Modifies registry class
  - Suspicious use of WriteProcessMemory
  PID:2892
- - C:\Windows\system32\rundll32.exe
    "C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\Lossless.Scaling.v2.8.2.rar
    3⤵
    - Modifies registry class
    - Suspicious use of WriteProcessMemory
    PID:2780
  - - C:\Program Files\VideoLAN\VLC\vlc.exe
      "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\Lossless.Scaling.v2.8.2.rar"
      4⤵
      Suspicious behavior: AddClipboardFormatListener
      Suspicious behavior: GetForegroundWindowSpam
      Suspicious use of FindShellTrayWindow
      Suspicious use of SendNotifyMessage
      Suspicious use of SetWindowsHookEx
      PID:2972

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
PID:912
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6389758,0x7fef6389768,0x7fef6389778
  2⤵
  PID:648
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1112 --field-trial-handle=1200,i,4043959046891317768,18081545106482613401,131072 /prefetch:2
  2⤵
  PID:900
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1488 --field-trial-handle=1200,i,4043959046891317768,18081545106482613401,131072 /prefetch:8
  2⤵
  PID:1632
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1592 --field-trial-handle=1200,i,4043959046891317768,18081545106482613401,131072 /prefetch:8
  2⤵
  PID:1720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2316 --field-trial-handle=1200,i,4043959046891317768,18081545106482613401,131072 /prefetch:1
  2⤵
  PID:1656
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2328 --field-trial-handle=1200,i,4043959046891317768,18081545106482613401,131072 /prefetch:1
  2⤵
  PID:2748
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1464 --field-trial-handle=1200,i,4043959046891317768,18081545106482613401,131072 /prefetch:2
  2⤵
  PID:1648
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3244 --field-trial-handle=1200,i,4043959046891317768,18081545106482613401,131072 /prefetch:1
  2⤵
  PID:852
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3456 --field-trial-handle=1200,i,4043959046891317768,18081545106482613401,131072 /prefetch:8
  2⤵
  PID:1456
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3540 --field-trial-handle=1200,i,4043959046891317768,18081545106482613401,131072 /prefetch:8
  2⤵
  PID:1640
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3864 --field-trial-handle=1200,i,4043959046891317768,18081545106482613401,131072 /prefetch:8
  2⤵
  PID:2408
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3684 --field-trial-handle=1200,i,4043959046891317768,18081545106482613401,131072 /prefetch:1
  2⤵
  PID:428
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4000 --field-trial-handle=1200,i,4043959046891317768,18081545106482613401,131072 /prefetch:1
  2⤵
  PID:2456
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=3868 --field-trial-handle=1200,i,4043959046891317768,18081545106482613401,131072 /prefetch:1
  2⤵
  PID:2796
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3396 --field-trial-handle=1200,i,4043959046891317768,18081545106482613401,131072 /prefetch:8
  2⤵
  PID:2868
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=1324 --field-trial-handle=1200,i,4043959046891317768,18081545106482613401,131072 /prefetch:1
  2⤵
  PID:2080
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3784 --field-trial-handle=1200,i,4043959046891317768,18081545106482613401,131072 /prefetch:8
  2⤵
  PID:632
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4104 --field-trial-handle=1200,i,4043959046891317768,18081545106482613401,131072 /prefetch:8
  2⤵
  PID:2408
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4028 --field-trial-handle=1200,i,4043959046891317768,18081545106482613401,131072 /prefetch:8
  2⤵
  PID:2412
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3408 --field-trial-handle=1200,i,4043959046891317768,18081545106482613401,131072 /prefetch:8
  2⤵
  PID:1636
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4088 --field-trial-handle=1200,i,4043959046891317768,18081545106482613401,131072 /prefetch:8
  2⤵
  PID:2968
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4152 --field-trial-handle=1200,i,4043959046891317768,18081545106482613401,131072 /prefetch:8
  2⤵
  PID:1504
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4364 --field-trial-handle=1200,i,4043959046891317768,18081545106482613401,131072 /prefetch:8
  2⤵
  PID:1496
- C:\Users\Admin\Downloads\Waterfox Setup G6.0.16.exe
  "C:\Users\Admin\Downloads\Waterfox Setup G6.0.16.exe"
  2⤵
  PID:2584
- - C:\Users\Admin\AppData\Local\Temp\7zS81AA83D7\setup.exe
    .\setup.exe
    3⤵
    PID:2864
  - - C:\Windows\system32\regsvr32.exe
      "C:\Windows\system32\regsvr32.exe" /s "C:\Program Files\Waterfox\AccessibleMarshal.dll"
      4⤵
      PID:2192
  - - C:\Program Files\Waterfox\default-browser-agent.exe
      "C:\Program Files\Waterfox\default-browser-agent.exe" register-task 6F940AC27A98DD61
      4⤵
      PID:2828
  - - C:\Program Files\Waterfox\waterfox.exe
      "C:\Program Files\Waterfox\waterfox.exe" --backgroundtask install
      4⤵
      PID:1160
    - - C:\Program Files\Waterfox\waterfox.exe
        
        "C:\Program Files\Waterfox\waterfox.exe" --backgroundtask install
        5⤵
        
        PID:2648
  - - C:\Program Files\Waterfox\waterfox.exe
      "C:\Program Files\Waterfox\waterfox.exe" -first-startup
      4⤵
      PID:2908
    - - C:\Program Files\Waterfox\waterfox.exe
        
        "C:\Program Files\Waterfox\waterfox.exe" -first-startup
        5⤵
        
        PID:1992
      - C:\Program Files\Waterfox\waterfox.exe
        
        "C:\Program Files\Waterfox\waterfox.exe" -contentproc --channel="1992.0.1711371814\261433721" -parentBuildID 20240611200000 -prefsHandle 1328 -prefMapHandle 1344 -prefsLen 20240 -prefMapSize 269191 -appDir "C:\Program Files\Waterfox\browser" - {2596d3e5-2c57-4d9c-a7a4-a4b4cad34055} 1992 gpu
        6⤵
        
        PID:1076
      - C:\Program Files\Waterfox\waterfox.exe
        
        "C:\Program Files\Waterfox\waterfox.exe" -contentproc --channel="1992.1.1074134555\469353476" -parentBuildID 20240611200000 -prefsHandle 1712 -prefMapHandle 1708 -prefsLen 20285 -prefMapSize 269191 -appDir "C:\Program Files\Waterfox\browser" - {c1b86094-300a-4623-a312-bee3d7719a7a} 1992 socket
        6⤵
        
        PID:2564
      - C:\Program Files\Waterfox\waterfox.exe
        
        "C:\Program Files\Waterfox\waterfox.exe" -contentproc --channel="1992.2.1833464048\1093236007" -childID 1 -isForBrowser -prefsHandle 2472 -prefMapHandle 2468 -prefsLen 20565 -prefMapSize 269191 -jsInitHandle 824 -jsInitLen 240916 -parentBuildID 20240611200000 -appDir "C:\Program Files\Waterfox\browser" - {37987adc-3b20-4b4f-9d41-ef4af048dd07} 1992 tab
        6⤵
        
        PID:860
      - C:\Program Files\Waterfox\waterfox.exe
        
        "C:\Program Files\Waterfox\waterfox.exe" -contentproc --channel="1992.3.790434375\1595198395" -childID 2 -isForBrowser -prefsHandle 2836 -prefMapHandle 2832 -prefsLen 21237 -prefMapSize 269191 -jsInitHandle 824 -jsInitLen 240916 -parentBuildID 20240611200000 -appDir "C:\Program Files\Waterfox\browser" - {db25f505-c454-4ce1-a4d4-a43daaf3f4d9} 1992 tab
        6⤵
        
        PID:2276
      - C:\Program Files\Waterfox\waterfox.exe
        
        "C:\Program Files\Waterfox\waterfox.exe" -contentproc --channel="1992.4.1210675983\1690712113" -childID 3 -isForBrowser -prefsHandle 2932 -prefMapHandle 2872 -prefsLen 21862 -prefMapSize 269191 -jsInitHandle 824 -jsInitLen 240916 -parentBuildID 20240611200000 -appDir "C:\Program Files\Waterfox\browser" - {8cb18229-17ae-4bc5-903d-cd297ab03973} 1992 tab
        6⤵
        
        PID:2548
      - C:\Program Files\Waterfox\waterfox.exe
        
        "C:\Program Files\Waterfox\waterfox.exe" -contentproc --channel="1992.5.405801098\153420784" -childID 4 -isForBrowser -prefsHandle 2920 -prefMapHandle 2860 -prefsLen 21987 -prefMapSize 269191 -jsInitHandle 824 -jsInitLen 240916 -parentBuildID 20240611200000 -appDir "C:\Program Files\Waterfox\browser" - {ca2074b5-05a2-499e-8f7e-1429940b7359} 1992 tab
        6⤵
        
        PID:1732
      - C:\Program Files\Waterfox\waterfox.exe
        
        "C:\Program Files\Waterfox\waterfox.exe" -contentproc --channel="1992.6.1109613368\700167372" -parentBuildID 20240611200000 -prefsHandle 2860 -prefMapHandle 2368 -prefsLen 23917 -prefMapSize 269191 -appDir "C:\Program Files\Waterfox\browser" - {0d307dcf-145b-41dc-8625-52e23fc7b64a} 1992 rdd
        6⤵
        
        PID:2944
      - C:\Program Files\Waterfox\waterfox.exe
        
        "C:\Program Files\Waterfox\waterfox.exe" -contentproc --channel="1992.7.1668341869\1629711292" -childID 5 -isForBrowser -prefsHandle 3076 -prefMapHandle 2932 -prefsLen 23917 -prefMapSize 269191 -jsInitHandle 824 -jsInitLen 240916 -parentBuildID 20240611200000 -appDir "C:\Program Files\Waterfox\browser" - {403426e7-2b18-4ec6-88d9-9cc7d6eec828} 1992 tab
        6⤵
        
        PID:904
      - C:\Program Files\Waterfox\waterfox.exe
        
        "C:\Program Files\Waterfox\waterfox.exe" -contentproc --channel="1992.8.739372963\1726718260" -childID 6 -isForBrowser -prefsHandle 3084 -prefMapHandle 3088 -prefsLen 26108 -prefMapSize 269191 -jsInitHandle 824 -jsInitLen 240916 -parentBuildID 20240611200000 -appDir "C:\Program Files\Waterfox\browser" - {0e1177c8-3760-433c-8477-01d0f0ab72c5} 1992 tab
        6⤵
        
        PID:2000
      - C:\Program Files\Waterfox\waterfox.exe
        
        "C:\Program Files\Waterfox\waterfox.exe" -contentproc --channel="1992.9.188953974\1804048137" -childID 7 -isForBrowser -prefsHandle 2536 -prefMapHandle 2532 -prefsLen 27604 -prefMapSize 269191 -jsInitHandle 824 -jsInitLen 240916 -parentBuildID 20240611200000 -appDir "C:\Program Files\Waterfox\browser" - {69ef36f6-e472-4911-905e-3b3a43b2cd3c} 1992 tab
        6⤵
        
        PID:2560
      - C:\Program Files\Waterfox\waterfox.exe
        
        "C:\Program Files\Waterfox\waterfox.exe" -contentproc --channel="1992.10.648661205\195391172" -childID 8 -isForBrowser -prefsHandle 3244 -prefMapHandle 3548 -prefsLen 27604 -prefMapSize 269191 -jsInitHandle 824 -jsInitLen 240916 -parentBuildID 20240611200000 -appDir "C:\Program Files\Waterfox\browser" - {5457aa6d-fcc4-4036-bc65-f9c0c5f54cb9} 1992 tab
        6⤵
        
        PID:1756
      - C:\Program Files\Waterfox\waterfox.exe
        
        "C:\Program Files\Waterfox\waterfox.exe" -contentproc --channel="1992.11.1822199530\762825411" -childID 9 -isForBrowser -prefsHandle 2752 -prefMapHandle 2768 -prefsLen 27604 -prefMapSize 269191 -jsInitHandle 824 -jsInitLen 240916 -parentBuildID 20240611200000 -appDir "C:\Program Files\Waterfox\browser" - {3b9d12c5-fd27-4e0d-b557-7a0da383fc1b} 1992 tab
        6⤵
        
        PID:2960

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2520

C:\Windows\system32\winver.exe
"C:\Windows\system32\winver.exe"
1⤵
PID:1396

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\Waterfox\browser\VisualElements\PrivateBrowsing_150.png

Filesize
55KB

MD5
72dcdf55bd3c679229fd2be31a4ee5d1

SHA1
d66a501a611cab86c77108ca2bd6bf0573b0fbc4

SHA256
77b00c4d67b5e2a0fc4fac2c2cf4ec8b9e852c0940683b0462eca139fd86964a

SHA512
c025f2fec9aa43b193b1743da0f814e2889fd4761190c104b0540ab92f6a322d23d053d290aa9f95740ce614c836d7d23e282170a4285540fe3beaed97f715bc

Download Submit
C:\Program Files\Waterfox\browser\VisualElements\PrivateBrowsing_70.png

Filesize
16KB

MD5
9f0484ac8e114cbaccd0aac2e4ac7e37

SHA1
f1a4be166cd02323508745a56fc18f3c77c39386

SHA256
f521152207b6948383e6ddd7f5707042fa531758369d55b99c44974f5d53fe99

SHA512
8e7bdeb1da15916c3d2f67725fba720e52f4a71afd6b9e5116b99d329e378f84e684e472b1cfa68fcbcd35488e8b35a01b6260ffc91de7d7700a4545f2c64598

Download Submit
C:\Program Files\Waterfox\browser\VisualElements\VisualElements_150.png

Filesize
40KB

MD5
c108b3e9c3975ef74c2bef1bb63be62f

SHA1
ce5420baf1305cbf20aa7d8bae39a11509bef8a5

SHA256
3bd88410c45e3d0bf6aa69a4802b310bd1bc53181c5c10dd7c9945be48411a3b

SHA512
a39ca17f3b6ac4ed43bec2eb30da0bf82eb5265cd52c69a5712bb181a0727b9a0fe2129c3ee533cb8a21202600d2631486139bdd6d1dfd2cf1b2e23f562d4a5d

Download Submit
C:\Program Files\Waterfox\browser\VisualElements\VisualElements_70.png

Filesize
14KB

MD5
e3fd6716ecfcb22385dd72abd095656a

SHA1
04ae8fd5277ab071d6b43b6465b34dbcbee63b2e

SHA256
b0bb04d9742d801b43574e4355374f5db2f3d378924b3a5ca91d36b6cda44740

SHA512
442bf524ad2523e42ec8f53703815f94f809fd2874b9852f348af09ea325a08d21e004798b67e29e6891aae0e0b78844bc1933903d06807b48ee0d80fc424d97

Download Submit
C:\Program Files\Waterfox\browser\features\[email protected]

Filesize
250KB

MD5
6a6ad1547a5de8ac3e897af2f8838c0b

SHA1
7fba268b6b775acdc01ba46e9bc5e33a9aef2131

SHA256
9f615f80df892def00248f38228feacd4bc26962bab637d047fcb967cdc4d52b

SHA512
0c53549dd468bec126b095efddec65070ed5ff1a1133f589409ea19156c5217930d0f242a4afb62b7e40682627b859dd2ac8b6c0280738ced31f2867812ee70e

Download Submit
C:\Program Files\Waterfox\browser\features\[email protected]

Filesize
57KB

MD5
09a0c6ae9035ad0de9b0bc98a5aa79ef

SHA1
46b556c7ba06479971778d84205172c2d975866e

SHA256
587159df8fcfd246c880acadc9d504f0d74b54e69fc14dd74a287da64c0681d7

SHA512
f003ee3d13f776da6856c06cc1064bca5368f6cfd07695d8d9dc5eaa8651478c4f7d7a9ea51770831b54dc8f76c469f4209ca540a1d357402140adc42a507d8f

Download Submit
C:\Program Files\Waterfox\browser\features\[email protected]

Filesize
168KB

MD5
e1e6d991360d66aeb432c18212d7352c

SHA1
6ed87390439c1895b20ec80db93fb4cbc59d7449

SHA256
b4162f66a209ff4100fa9835e6b952a50b9529e2efcb24a320d46bfdef4fca9a

SHA512
ce13c5169e340e5e4320d748b0244198e05d46cd2d3bafa708eca156e296760cdff6de7692db416a1ce983097c97f25882a1344f62cbfe3ed19f90c5d6716a92

Download Submit
C:\Program Files\Waterfox\browser\features\[email protected]

Filesize
38KB

MD5
e8150f37acf2aef634f039026192916c

SHA1
367c0330507e5917087bcfd434fd805ad745200a

SHA256
dcdcdeb295f099281ac32b45f42080614c1a74b9f83709c26c67772719aeacc6

SHA512
a529b969054f84ab18e0e17b5dd6a061d9c1d8189b5c7ad95f4bd52043ad41ed6519846b360c3c6ef7c0d720009439ac67da022ff96518df48a22fb6fe1af5bd

Download Submit
C:\Program Files\Waterfox\browser\features\[email protected]

Filesize
408KB

MD5
17eff3b94e193548c55eb6820b76f0c5

SHA1
ef9ae13a84ee09a38d2ec73e5bc714c55c95d9f7

SHA256
75b620a2b433b1d1d9d99424c7ab8e2cb2487901ae3477deb5ea088312dbb739

SHA512
f4e8a4dce575d1bd4494eb6edfdc752f5e54b446479f1540f2d299cff388fd4ec51142155bf778ec502cee2d74c3b6c1b87519a72ba0226cd7c912a6eb308c21

Download Submit
C:\Program Files\Waterfox\defaults\pref\channel-prefs.js

Filesize
429B

MD5
3d84d108d421f30fb3c5ef2536d2a3eb

SHA1
0f3b02737462227a9b9e471f075357c9112f0a68

SHA256
7d9d37eff1dc4e59a6437026602f1953ef58ee46ff3d81dbb8e13b0fd0bec86b

SHA512
76cb3d59b08b0e546034cbb4fb11d8cfbb80703430dfe6c9147612182ba01910901330db7f0f304a90474724f32fd7b9d102c351218f7a291d28b3a80b7ac1e5

Download Submit
C:\Program Files\Waterfox\fonts\TwemojiMozilla.ttf

Filesize
1.4MB

MD5
0ec14cdd489f598097ace1ab76ef1bdb

SHA1
28198dcfee04d76545830ab3c7eb62f3ae21bbdd

SHA256
7e8480e0a2bb5fefdb66b930933a7b365432a1602b14d188ade8f19afcc8ed45

SHA512
609827718c6b1feb2b9c4e7de383d182fcfb4223d5ee89ddea2aa4022fcf66c34b6d39e9c2249bad70a8f01c2a9629a791d34988a6f101c364e8fadcbc34198b

Download Submit
C:\Program Files\Waterfox\gmp-clearkey\0.1\clearkey.dll

Filesize
101KB

MD5
ce9f6bca5509bd596adf3f457f428db6

SHA1
cd47ce5b72478e18384fa52dba3e6071f4e297db

SHA256
b2a30d9ab0966ca92cfc8349c264293fc7fafb1dff320dfe91ca6916cc241bcd

SHA512
4487abe319ffadccb89255c45755643d65289ace0990bc404c609a397de79a78300f863fe98c7c382398281478bfe7138db70a07efc63af09d3ecb23173c63ac

Download Submit
C:\Program Files\Waterfox\gmp-clearkey\0.1\clearkey.dll.sig

Filesize
1KB

MD5
a3231473661ca1f3e874a7619a4f48ae

SHA1
1c362fa1fc085ae1577e55572fd4dec4c5a3da16

SHA256
5f5d8129b35aa7c42b1087891f7888381768bae52adb64c6363f043dbd628638

SHA512
f335d92167feda8ec2355453406c9f726c256b5b3c710e38ec83c78373eff8b437e46109f91a413f7603f321c7732e7738e62ddf9957a563a1a9f12bb8ef7400

Download Submit
C:\Program Files\Waterfox\gmp-clearkey\0.1\manifest.json

Filesize
229B

MD5
cffdadfaeeaaf0a5a78e7f9a299aa7f1

SHA1
7a8f06d7c91877484301ce8474dfbb1bde08a040

SHA256
ef47e83036753b53f59d079fef62bfedc749abdbcdb0fe16f448d9920f11114c

SHA512
5a11e448389326ddbd3be792d9a10ae746c66e4a41f9c96f4979ec71fde385fc4deb205a40f1b4f24415abd9d41c453ca1285f4b813005b1d12a2701f214db85

Download Submit
C:\Program Files\Waterfox\mozavcodec.dll

Filesize
3.0MB

MD5
918f1c8838fe1f4f5244dc43c0f39846

SHA1
5527ea07a2dbf037c69feec1191990caba8bda59

SHA256
7c12f721240d54174dc6b7abe53f0eae837756105916db2c738e2ef594f9c6ec

SHA512
8947e0ace73386ee7eb8f72b315dcea6c1c984060350bc4603f062069fd742fc142821a809e5278c0e1fdc9ef34d4289cf7d42c76805a2493aaf508866114f05

Download Submit
C:\Program Files\Waterfox\mozavutil.dll

Filesize
206KB

MD5
7a11ba8ecc67e59dbb10643b3b320194

SHA1
c8d4965e5d41387759e21f6ca16a301dea4d074b

SHA256
48c35f24f0a450988810e1a80437da06685f88c4c2422f0d4b2fa1432a701219

SHA512
71d2e4af10cddca4cf490467c3081b35c04da045c2a447d24265d7c1b8eefbae49910a91be63343e638f764836706ac67225f3709ffd4f71b0be7e85b17ef75f

Download Submit
C:\Program Files\Waterfox\mozglue.dll

Filesize
703KB

MD5
d03887c603c246aef801caf04994b4e0

SHA1
e8e690d77163071d0d2d0ffe92ac1857db9ccdb7

SHA256
b1f7c656d8ba8c551063c0b6a283a7890a7794743479ad39bb3a5e7017658981

SHA512
ad6d3066c6781ce00ad970d70a737586861efd455a1d026e5b683298fca9e7a65fcfbaa13b21a8aab141cde5c3a60c2040a6c81fb03ef007ebb44aa29fbb9ae9

Download Submit
C:\Program Files\Waterfox\msvcp140.dll

Filesize
574KB

MD5
befb2895a7ed10b75f86e0e489a9acc1

SHA1
e70c57c1b699ced676ef0f75336b54fb240e4b57

SHA256
9974dd1de2b550797d0ce2c8f1359e5f00600ca794aea717209d5099e41ac6ac

SHA512
6f79a8f8f4e9a6fe35978ed603a28b5e0ce375c0560566b0c4e68292a5d44a4ffbb9d24f0315caf9d0d1cb100cf9f20ef91d7cc21d25b28bee0f6bd84c4ce7aa

Download Submit
C:\Program Files\Waterfox\notificationserver.dll

Filesize
58KB

MD5
1ceaa51a00d8ab9cf71180147b88a8f0

SHA1
dadd75ac5f2807d76bdb6482290203c69ae72319

SHA256
832c71a63dd8917794111f5a9d17bd135c0c997765c9c0681a7627589bd25ac0

SHA512
63489863edc5a7e67856d269fde8152f88b38501d5c2ad4db79df52781ac0542a82502663bf98b3a30b84d75b1851b7f0ae6e68f95bb6c1947bad34d687ad86c

Download Submit
C:\Program Files\Waterfox\nss3.dll

Filesize
2.5MB

MD5
6325a41cc6df545d4a11a38dbd18af53

SHA1
603ab58117dee3e85ea26a1a10296953d45c4ded

SHA256
d67d0e103541dd17bc7e2de7b0ee06d94d2e4bfa8d2410a12b7e5817b45c2f3a

SHA512
89b0b3ee2bf29c6c5d287e21a1452d590110488233c1bfb991d6e00e3da08266d4711695a7651e18eb795457801ba2e61507fabd6e11d8a2b25e400eb56404b9

Download Submit
C:\Program Files\Waterfox\nssckbi.dll

Filesize
353KB

MD5
7d70ceb1b4d85da28c1ba601f61bf2ed

SHA1
bcb115eee4046c604d22c9a0de3b60063f7cc706

SHA256
8f427b459758c5559732b7fd6c1b52a7b5724aa1a2458ab88df859faef6b87a4

SHA512
0363a0974c7cc9a137b0a2b089abee1de1ac55071223fd44c6bbcb6ad12ce5fc1296d56920774f1d7facc2f87ab525f2e281f48fc8f575da9e19f2284bee5e25

Download Submit
C:\Program Files\Waterfox\omni.ja

Filesize
41.5MB

MD5
d69c17f166b8337228d1a7b5120fd370

SHA1
ed97662c61c061e23fb982714a2162a2f8537e18

SHA256
9ab366464e2a6ade1ab00bbaae7582acc2b78aa633141ffa8c98700390543304

SHA512
f446940df9a279bdd62b620401d57f72d2dbcdb1d644af2a9fdea6b1538d7951b902c18837268098ad678db795afe3f3f3c38fe2093742365abedb4babb45f30

Download Submit
C:\Program Files\Waterfox\osclientcerts.dll

Filesize
340KB

MD5
aa3f20e5a5e73fc8be05e12423c76970

SHA1
c53c3fb2bb8c7839d5f13c12e14aa59b738b1aaa

SHA256
d604e6be740465c8f1991b786ffa6fef015e554131153912cdae2f533ef7542a

SHA512
5c6eefc0a3850fec6adaa4e80d43f14f1e5208cb71778306e9608ec45b0ec66cd479eade9ce498480b0941e6a45757dbece7b053e61f129ef5d7af451c1247fe

Download Submit
C:\Program Files\Waterfox\platform.ini

Filesize
163B

MD5
3590bfd7722b9e37c693f43494c4cada

SHA1
a22c582f681becf06c632a2718db83888c15ef6e

SHA256
d4bc2ef28fb141622f7fc4f8a3357f78af376d81741d0fa58e7771943ecea65a

SHA512
9c494d240ea46aca97b85de3f141816ac745dff28405d4a6342fc4f2f166eeb67493a4753ea802ec199e5cec428de7523b56114c7cc37658d32a55fd19704859

Download Submit
C:\Program Files\Waterfox\plugin-container.exe

Filesize
285KB

MD5
bb747f45ea5b3d5dfe7553024e246d73

SHA1
21c282825a5f788e385ed3c34bd3040699c4d224

SHA256
918984431f48ac456715dd25be70d9c837557ce171a4942cfc65d2b02c66f238

SHA512
72ec3df37a4411ae8eeca15e46d58d89ac876309607203133490e1edf110d6c0dd3debe69d3080e25b75c69bbd2c930a9c99d2950b8a3e664e2a89e4d838b2ad

Download Submit
C:\Program Files\Waterfox\plugin-container.exe.sig

Filesize
1KB

MD5
cf4a3e7dfe68411e36acec9722469cbd

SHA1
2e2eef1368769dce25fe253e6d706b38938e87b9

SHA256
4c35062201ceaa34f38f1c45f57ab461c321fa09df27a44572c5101b4e83e609

SHA512
d0a9696f6dd4e4496a288efa80d1faa9c4b1dcf389c52df70bc4ed2f72a6725ad5af774a872afefd468173f67148aec7f53b36dd01fcc3c062433bd683fad6dd

Download Submit
C:\Program Files\Waterfox\precomplete

Filesize
2KB

MD5
2baf7d08019a2e85ae0a5efa95822d57

SHA1
ff39cde7ba87f88113077937a4bf1d972da76f3c

SHA256
c4d8d10b44cff38f42380620c73fca7854e04ce7b9085ef5fe75052f7c96a550

SHA512
53ffe4893737fd1ee0a08910f45079e3d33dda06c8fc78b466aca583d5ae9449d7261febcae078a82c62ce875f7cb7ef56a770c8739b92d357c7fbfa0aa7e236

Download Submit
C:\Program Files\Waterfox\private_browsing.VisualElementsManifest.xml

Filesize
559B

MD5
b499ede5c9228c742578086591193efe

SHA1
18e682ec73ed8fcea99893142fa8b08ee8a32b72

SHA256
9ea86a18d41112e25b17454044ac29b458f508d9814700a6f4c0f9370678f3ae

SHA512
b99ef0e9152da3bf6adac5fef67b44738ae7a2d1ef0041786a5700b8389acde7380f1bc9bf1402c7a356f1777aca7c2b05af5ee22b7297bc879fe2e6b9741f13

Download Submit
C:\Program Files\Waterfox\private_browsing.exe

Filesize
399KB

MD5
a70445bcce9fe42d24e2840de2b37ab0

SHA1
5a50bab6e5df2ce5bb98ed39daf8baaf220bb6ac

SHA256
9776a6f89dc3028c178d0da8e365e6e4434ec64cf8f9acdf9ab8ad8aba343457

SHA512
1490187676275f1c16b2b6067e80fdb4b2ea067dc4dd15385ee356b8ca6aaf19f7974fe8cbf82a61d0278237470f5630760680656c982ec49e8762129f94f1bc

Download Submit
C:\Program Files\Waterfox\qipcap64.dll

Filesize
18KB

MD5
fb855ac98e4697987a7e7549067812f0

SHA1
b930eed75f91b9a365a9171906b86b070be4bd4f

SHA256
32b9817ffdd56b80a9f9d823ef4aca74f8925ef5aafbec4b0f1d3ed36e86b1d8

SHA512
9fee72525353f3f8e5f4851368a05224fddfd5f966aa9c4b49c38d5a3eba9b426e388c5c220b9f83d9cb6160a6c84087a72ab3205a64962321c4ab335ecd8333

Download Submit
C:\Program Files\Waterfox\removed-files

Filesize
16B

MD5
fefbfac37461bd30e05f5befaa1f7705

SHA1
74f9024662db06184e645cab76bfecb0e6897545

SHA256
52523da24287c4d459131c2e4818a713a732765e06e9bbba1cf353888ba34f9f

SHA512
874d6bdef28dea531c858443810d0b026a3a5667e0b9985bce84b7c5ab63d06a015487bd1da2a914d28af7b6568335b1927f9fb9656715947929cd6671ccc4b7

Download Submit
C:\Program Files\Waterfox\softokn3.dll

Filesize
308KB

MD5
61139858775ea789419b5bbfffb8499d

SHA1
096745572f782efa55fff8271312607bbce7c943

SHA256
1ea60613260a241d701c8918fd5e7e70925edd20a7403753aac3a76dc00b1756

SHA512
05f4395edf4fe8eae8fd0501ffecbe6ce282bf7417cbbb50ab2dd2a52b798c16f6f3102b2079574a79477c10ae49f4e02ed52174c8157776cf36614e1100d819

Download Submit
C:\Program Files\Waterfox\ucrtbase.dll

Filesize
1.1MB

MD5
2ba22549ebc5121888e224783f0106f8

SHA1
6719d4b5e7999e7ae51663bc612a4af83e8c85cb

SHA256
5d62575fcdb8029554f5b51ec5ae8022ce19a8b2f373bdcf92cfa436bee32318

SHA512
8263a4158c16b8296728358009a09747efdf1c94fc65e43a1f7fc72f2559e146a5ea875f0aafb3143714a19f381f51cd2659746d0e756f49da78f801b3621eb6

Download Submit
C:\Program Files\Waterfox\uninstall\helper.exe

Filesize
1.1MB

MD5
9c6353e80e8ccc98191d908a0249e5b5

SHA1
207fd208c788707507d48612f91325c2c7c968b9

SHA256
26cc988e0b9c1b617a0c2873e06633f1e6a6af6a541dd686fcba18c7f5f992e3

SHA512
79feb4a39cb7e46780f350e20dc2f7b3568a003ac9fb469dcd9ff264a8b6989624a9aa4919a0ea80f60e0da1f7b1563c0c03f61bc432d7c151840e67b39419d4

Download Submit
C:\Program Files\Waterfox\uninstall\shortcuts_log.ini

Filesize
228B

MD5
b26e2020b30a0d4f350b4974ca6f1c0b

SHA1
b50dd7268e3c12249b59ca0beb5d1992fc1dd6f4

SHA256
e79b4d93ccfe977a1cf434b667254293b5ca0ed57e8b87ac4af27810affb0485

SHA512
16ad0f89f8dfb018f499228e00e67cc52ec34e2d15931e26d712923c0917e5f0ad0aa7ad09fc8ee07226ecf6894c6a12ab2a7e30dffffc48f6bdfd3b5f63e238

Download Submit
C:\Program Files\Waterfox\update-settings.ini

Filesize
109B

MD5
b23537f22e0cca13ff93047b685ff046

SHA1
ec77701e8c49c1ab48256b93fe7504fb40b408e6

SHA256
e337a87d021fc25ac78f39d93fef709e51ca269c6e10d4d5c61b29b099f3b7d5

SHA512
9e8a86d70bbe4948290f3405d6f043f2d2baae0ec94dcdc759eae69f19bd6e0221405e43552c3da9a44b101e30c1a01fb2ef4288a386f234a9f73e8043f09735

Download Submit
C:\Program Files\Waterfox\updater.exe

Filesize
408KB

MD5
6610cac2f810e3bf3d44091941704885

SHA1
46c279575cd574c7bef77a5de862ddd7766611fc

SHA256
c9a70946104aea555596e6b2d2fef001271f19363272ba3be4c7d276aec97d6d

SHA512
00ace07740bb533bbde8ae42b73a0a2dbc4d640beb5a036cceca6553e6d027f28fcef76a24773cb096d0b1cae1b34e2ea192f313fa93c6838f1b891f51c710c8

Download Submit
C:\Program Files\Waterfox\updater.ini

Filesize
1KB

MD5
dbcb32abae7ce421e5f9cdd9ce8d6ba3

SHA1
63db438fe218b34a26e5b9b0dfedce5a4d385fc1

SHA256
21e8f89064899b455f9269f4db942fc802122d18aad60ef573a955151a64cc4f

SHA512
e1875c2a16ce7a08bec947ddc10ac9aa58838859df9470497c78c0f98020b963732e4ab393d01a92631657a848ff1aa33eff1c7ef673ae6b167c5bce122ca886

Download Submit
C:\Program Files\Waterfox\vcruntime140_1.dll

Filesize
57KB

MD5
9fc906af231ab3c422c81eaba1f81091

SHA1
1832b3bc45cce2613b9bf9db4e41a6885489b0e9

SHA256
3bdafd6fb840c49103d4c3873b0afe0424e83dfdb7ecc1fc1d00bd2e77b98ee4

SHA512
ce75d84e4493cc824bccfdb30744ef25fc2a41520b9bb0714965dcef1e21519eb7d033eea735b6a7be243b6a6ff76dbc1d824abedf4ca6b9cfbb138fdce2c6a5

Download Submit
C:\Program Files\Waterfox\waterfox.exe

Filesize
1.2MB

MD5
717181c5d9467c389524b20357232f27

SHA1
e1dbe9b879ebaf2fd8064900a675085eb141f85c

SHA256
2d8a4ba66bc572f19a37ee2b07795a66848b8636fd6d435e2a93e34631871f85

SHA512
04ef2ce0372b141ec638d7c78c2aaa33d1336dbe69ca88403f069ea219e89521a2fb4de5789c26998df5e4b67521effc73577e24f7969055af6385d5b3230824

Download Submit
C:\Program Files\Waterfox\waterfox.exe.sig

Filesize
1KB

MD5
cfa79690c2e0fb8a7436e3760d51480a

SHA1
6b2c20cf583817be2166282bb071018026123eb8

SHA256
1c89fb3bd8adda6800003208c40badf50915d371c7f2bb1bd721dacc6868325c

SHA512
c6e5818dee0a31ccc3b852b7e1a4aed7d70833d0cbcc4a71a1df944b323690d24f09f133a00605b3d7552852e7624aaf70c82795d4b9007ee2a347d6543eee58

Download Submit
C:\Program Files\Waterfox\xul.dll.sig

Filesize
1KB

MD5
58b0dddd69d8f7a00d20149b5d20b349

SHA1
e3b2e3401af95a212623ad3e6684b2d71f048d83

SHA256
0305950d4438143113e317772fb22b43b694633c09c4dccd7d745a4f05e8214f

SHA512
1b74077b121723736bda7ceae4cbf5208701f370fb9cb7d05b53b3701d1a9bfda69804c47535bfda82933c6005ab3a12b3cdf88c72b2938d6cf307e667500fc7

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waterfox Private Browsing.lnk

Filesize
1KB

MD5
fb93a0215eee885fcb7ecb58bd6388a9

SHA1
b94f696f7000e7c9ec2cbe0f3500031159e8b3cf

SHA256
c1e591b1ea894511ee73301a030a9b561a27e7587752b4628f95de3903d9d6f6

SHA512
93a4e7dbc81d0acaa51a6b4846aafebc64c1c726d24f147fec3a23ca21ea1e3f84fa71cd58a99674a84d0141ccd048666143342c1296ca3138a54dcbd3475bab

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waterfox Private Browsing.lnk

Filesize
1KB

MD5
5edda8a7593ce2f45a16b3fe3b033add

SHA1
9441b48a94cb8324baf6d80e3a2a6379923895c5

SHA256
69f216d9daa870fdff038dd2c51de6340ef3fb60e15b7dd57b071dc771f4a3f8

SHA512
bfdfcb54394ce23870a4d763bbc1b49d72cc0df7e7ccf5944ac47f356cd025a14fbb0aac6891447339b909d6efd5686cacab05a15251e70be1e997191629a41a

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waterfox.lnk

Filesize
831B

MD5
8b88b39c000ed3fc11c81c0a10ec99ad

SHA1
be671988cae5f3428868faafe4635e92a386ad75

SHA256
c6771f7ebeca5e2ec44039b6ba629b66185f96821da25808c3414002480f10ca

SHA512
e4a4bd008452d9d577e86c5f3d63e6c5118d1c600a6821dfaba4bef383d1ba71ca0bf3a5ce6034335c7365c9403217c07c029f9c7fb1b5b4d3b60d335d45d03e

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waterfox.lnk

Filesize
901B

MD5
70ac49ac3c98dd827407c72b37ef1e2f

SHA1
73939ea0588d5730c5f5db392d4e3966d7a6dfd2

SHA256
0028093277fb5f52e35991011b04dfa4c4321d449bd1509e909f5ff58bc31981

SHA512
d13e5191f1533f5eb0570ce9480e4182cb01332d9014991629eafc683ae0bbd3633495db9cad62b27c8d371c3cc8abe85e1add8697b3c46ad9359bc297382457

Download Submit
C:\ProgramData\Waterfox-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\6F940AC27A98DD61\update-config.json

Filesize
78B

MD5
fe74f5c38f433736ee7015868cfb159e

SHA1
f723b0032565fb3007407201963f7bb762bdd981

SHA256
3f7b3252ef3b6217ad78adb7007738601ce1eebca69f55990b64bf254bd4fc63

SHA512
19fe20baff40c195955a921ee2fe1927d00da14e0ed3eb683e5f6f026353bfcd5322a1d2399b8977bdf97bb23dfd6cc811c9a9494f019b6e404aff477316cafd

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
3c02b3a9223aeaeadf22274a1a5ac6b7

SHA1
6e3d4034a31a5ad4cc5a976b17076509551069b6

SHA256
a502b3df1c5fa58de0e974adcee0450d298067c57b2242d2e6fdf4fa91403742

SHA512
e22cb18b55dabdde6f0061ddc430d5470bb57b79dd14a83c0ebdf40f2b6f7d57a0e7b91ef81d0bb544c259133a638d3e01d7aa8e591bf6b7bb3a4aea64766ce3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
b1454a1a1b719c795010688c1bf87e98

SHA1
ee19027cf8420ff2a314e13a8bbe4401a9e1eb02

SHA256
621e5bc297b5a51640768561095916656f0caaa0e011ed065623af6c9cce16a5

SHA512
b58a18e6681e5e278637d487f0693a5f705b30b2d18ee6040bad7b1a765d302d6ab8d7146764447d1162082124707a5bb25112304486b5f48c66c756ab799f34

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
521B

MD5
def51c123d7f9797fb7ed3610ca15ad3

SHA1
c311bee9bbed56a56b6628d457b192b276bb41fd

SHA256
e33ef1eeaa50486d170fa3e1e6ff9ebf1eacbf62c0cc6e0710a560da0036e036

SHA512
5b5ad29b9b84180c6acac501203ea1ad61e0cb64f90ec20519a2f2cd30e2c5502050d570cdfc32e4068194eb29f27c6010da41aade850cd3febd66df70cfc7a0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
521B

MD5
2f0fbc3396aeebd751fe489a466b13b9

SHA1
1b4f7db2550fb79d1dc1ca75c008a7bfb94dcf1e

SHA256
9743425956345c5447d49475390545ec97a69f3fab10bc9be8623ce5dff43d74

SHA512
66295da649e497b552064e60cb8021362434fddf804922a76d0b3f5f07dea2ee705f4082ede92c1a5e7ebfa5fc124135984536f8c84a844fe295852413bae9cf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
17d822d189221c589fa6f0043d6c3154

SHA1
59e9d6a118b0bc76073112d025f0915f77aa62b8

SHA256
de1be2c52329f4fa95bf7009099cad8baad3f63c17967b67e118969b1fa91444

SHA512
6e52b242cd18d5c8351404af74332c9eea3f7f9485a487286cbeabc198178f0ab1a79853179095c67102fd067c8f98a435d373c85ccab9ec27b3eb9ebaac87c8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
4KB

MD5
4cc1a57a81d643c9a7f5d49dc662a588

SHA1
158cd9ee9f151090f25ab5e5b4831d361c61540a

SHA256
5ddc6c4564bd695b673395ac468ad5e8e447c7ec87ce26653b1305faf7c6c022

SHA512
738e4058f6556619fdefe7186341535e4f1dc005a06513b639c033a12b2c01ef31f4e177a422825341955b22d27624013389e206b7a9a60431147fbc625e4a44

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
d0be87e1f5652383bb50304202d40904

SHA1
b03f0091ba94d22ef8b0ca0776b3f653ce690b00

SHA256
dc1e35d4f9feb08c504991f002db32f1791e0b5e47eea37fe3ec9815a6818aaa

SHA512
7fced657c7489460caeda9eb5fed11849f9122b2bc5682af062fcb444ec3cb080a2f3ac494a50165d2ae8dbe0716a4c1156c61a57b5902f791981b1bdab5e661

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
b3bf74970deeb60e9decc5448dd19433

SHA1
29a34ae05b82d6aa211a7a494ba79a1b5491490b

SHA256
6d30ccfb0a2a9843e0370d88d7aac6aa5d194727724a185e774dca65d29990a4

SHA512
68ea746d272a5d19538ce1ce3dc393d28aea5ef06bd3f54d2ee6dd0c5274e27d8cd42e393971ff095140e798810d1e54927c3cc912ea89e5602c15c00900b185

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp

Filesize
16B

MD5
18e723571b00fb1694a3bad6c78e4054

SHA1
afcc0ef32d46fe59e0483f9a3c891d3034d12f32

SHA256
8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa

SHA512
43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\c7757ce3-c7e1-4022-8374-9712edc09f19.tmp

Filesize
5KB

MD5
04341378a6886e77f9ef156905b51087

SHA1
24251091139bd57e9e431cc5d944afa4dbfd6f72

SHA256
a554dabb530d1804acf4229e8f811084e9aa7a0c21cac85f43d11de2ca200615

SHA512
7fc9c7264063d871813c1c6cbaba8e3b3082692801b3ae97a0b36be2e483a82ccd23f5efb4821bf77ef9e70d9503d6ceace30e0397c7504b15abac20a1f02e6a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
300KB

MD5
ef218f0b8d87c53b2046ab93f1344668

SHA1
9c1fef4fe0adc89e4b9802256dfc9e1d5b43e807

SHA256
4706532570689575aeb99b94d82c0fdc589c9f99ea3d6d1c0ce53a56318add5a

SHA512
ee3fa2a979631e487ff4f019c35d8aec16b471cdc0c87b0796543b06dd1a9c9277d8f457114d62f35b53a0607f7a6b54db0148faff2de4b6480b7da7c2634145

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State~RFf7884c9.TMP

Filesize
300KB

MD5
1e70ed7f680aff7999119283b4b4ce0e

SHA1
1357d1e27ca560d60d246edd5b303ea9d4e846d6

SHA256
f4269352417aef0dcd92c42589744db9c5bdc5766733fe04245ec9259a744d4c

SHA512
b2672c664410198a571aeff904618d098da899e3316d3d1e6627dbcd4791b3ec2a97b75c319cf50879dcdfa014cc5d878aca1f6a280b4222cbd37ebc721c180d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
81KB

MD5
0e2287386ba96bfb1f39d9fb0cb16a03

SHA1
d7da6ae600930808ae7b359b084f745a917262ec

SHA256
509dbd4717876413ea9493b1497b3a9db1cf46162c4cb76b3b568e1cb2a0afd5

SHA512
887314d7a969cfdb22361c4ac27d345887e3755cd5c753885a3d7a3935fdc6f0883c1cc9110004f717439cb9e1f5c2dfaf24a5bd56fc724533dc257dbfdf309a

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS81AA83D7\core\AccessibleMarshal.dll

Filesize
28KB

MD5
bdc8dc5c412fa84bb4e2a880c2935e5c

SHA1
93b4da55640f463e3104f6dd73801c8be824e9a2

SHA256
b930800872b0e58df8d493955d2871568a9fe8c75e1a753fc221a95005fd2ccf

SHA512
2d15b73aa39f8242187d6cdfd9aae011aeba91352861a26d605c5421d4241e1199c927725fdb0f0a4288cac840f2db9512aa5fb3c9af1afc4581108572c7440d

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS81AA83D7\core\api-ms-win-core-file-l1-2-0.dll

Filesize
30KB

MD5
1ff81a0b98c42908ad1bbb061744314b

SHA1
af1cd0355d8b9633dd10dd8c21e58702db963a3d

SHA256
51aa0fff36b6ae6a0c24809dc1a1ae63b8b777d5e65a39f21c8016785516f2a0

SHA512
164ce80cb390086370a91489a2d8cffca44607f5bc57bbc391873877a1e6918639cc774bee63f764168fde04cb5067942aa8f857019fc152c5ff227b139beb87

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS81AA83D7\core\api-ms-win-core-file-l2-1-0.dll

Filesize
30KB

MD5
83f2ae4cfc6c2ba0d1ac6433e49ab2d1

SHA1
bc1d909d82c739f41ee7c00c52ed7d276a681166

SHA256
87ad4e5e38ca6c43f44324f7417c0a298387e3e9523515b5eef0668d7cea5f93

SHA512
1c628ffdd5b0b10d0f694809823b7898bb37996868242015bf72bb61d043d68b0ca2e4d1768c114f3961a684cfa338e5ca06fffbff3af41bc6142586b1d06cf2

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS81AA83D7\core\api-ms-win-core-localization-l1-2-0.dll

Filesize
30KB

MD5
06db0de8776f0d71a3acd709016636dc

SHA1
476ba862d792cbbe611212ead190f0d310c0cb2e

SHA256
bfb30d809be29c88a2fe140c4dca694c2dce688c0f0c1d2251078634c34a998b

SHA512
a56be47c001563e3d9ce1594bd3388d3da2ac76c914e8861119fe26a1472c9df815dc8a299055a24ea66b791604916fc00a4a2db29f46ccd0b1fd4c7c40c739e

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS81AA83D7\core\api-ms-win-core-processthreads-l1-1-1.dll

Filesize
30KB

MD5
a89e56876c3a3a4b30daa9df9cc733f1

SHA1
aef36897bebcc20b5a75e9520cf380cde91da5ef

SHA256
fb277d3c9e77e7d6cd349b02609fb8b8cd1bdb6415a710cd721b8622991bf5d8

SHA512
aa782367a9ccc9a3fec5252cb5b5e5aff76e5aaeea9203710905cf67b3fac4925cf138cc140c288e28c20cbcdc3b4e91a52ba9f71f8e93da47a524568f1d7cf6

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS81AA83D7\core\api-ms-win-core-synch-l1-2-0.dll

Filesize
30KB

MD5
37e3d70edf008649ee412929346f8638

SHA1
bdfb10325ecc315f7d6bc7a0a38d6bac343ce38b

SHA256
b82dfb289b6eac9b17be72e8f82a24de7d0aa6e0b874fb7a1e86ca99632caee5

SHA512
071d6ab83f4b76ba4ebd5e725fed19cf678c39f5301deeb3a02d63fcfe1ef31e973fe0c33a74e8adbaba2f484ca63db0a1e9887af5471d4da73acd239c0c5713

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS81AA83D7\core\api-ms-win-core-timezone-l1-1-0.dll

Filesize
30KB

MD5
f800bfe27918bfe1fd41aa5e35d33477

SHA1
a293686d6bb7ddb6e04b782b8cfa29c13b163294

SHA256
e7e83b8f9311778ea94baed8aaad4eccacb8432ba0cf677e33ac67055a1379d0

SHA512
fa08aa5568e632e944cf211c50ab46ae0326ecb3ac538a7f07e6dd119f6d5ae63f7935d5d6b43be9e8933d5f313d5d8a8c8726900a08855bcf5d4f093010a005

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS81AA83D7\core\api-ms-win-crt-conio-l1-1-0.dll

Filesize
30KB

MD5
59652c2ad82f3f3d786fd497cf4a92a0

SHA1
6c4c95ffe057e345a4b426b20147ed11f3f7f71a

SHA256
27f75a680d3898337dcab5dc992828ae4ae00b9118d6a8a0c6307ab195646ad4

SHA512
180aa7c3617fbc98e1c6de3af95a14a2aaa09bc8c4b28ae15062354e6743128114575103ea558469efa4c9322dd7b5e7aa8c7efa4adfe2854eb201ce14de1966

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS81AA83D7\core\api-ms-win-crt-convert-l1-1-0.dll

Filesize
34KB

MD5
d6aa6fdcee1ce01aa312c05b788b2199

SHA1
f57e9d1b9f2107e60ecd7873065933fe2d7a9b45

SHA256
d96e1ac4117bc09172f046dbacba8c7afdb69533a77832096016ebebecf6bdc7

SHA512
4f313ecb103afeab67cd0ba279efc8ffd6a97ec95db46f92567ad889ff74eac0740138b949cc45c5e06bc71f25856f3552ce95136966c4c98b0eb60d56453569

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS81AA83D7\core\api-ms-win-crt-environment-l1-1-0.dll

Filesize
30KB

MD5
a6faeec601234500522b1c4e5fae0fe5

SHA1
450897bd9575ead6155934d720f09d1796cf9b09

SHA256
fb52c17e56325c218d0666b0cc9d0b7445dcebbffd96ae9462ecc8568f8971ea

SHA512
fd8d9c16fe130100e79c4b617d4c3373e418bac754007b71658fdf4e0b1c47ed1d962bb7d92046350412622e49c83648c884d2969c5813323a933083730ed52b

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS81AA83D7\core\api-ms-win-crt-filesystem-l1-1-0.dll

Filesize
30KB

MD5
d667013e2a92ee94b1b125be541f578a

SHA1
533af187f360984b528f9ef7975080677b09250c

SHA256
6e6334b1dcb51d9e4d4512479e86deaf9bb17ebb3ea7b05998e0071802cbb7f0

SHA512
33af4ed4472a4aad777b57f66bcd3fb4c0ce6ca0114e3839c7636b8ec5d68244cff7ab70b4ce86fbefb6cd6fd4855efe2ea1f1dfa4b94cd76784bc22314dfd2b

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS81AA83D7\core\api-ms-win-crt-heap-l1-1-0.dll

Filesize
30KB

MD5
e61cefe2866df9e35a6dd1d996ef8ef6

SHA1
c64ce0a71572ee8b652a90fe56d7a7f59e56bfeb

SHA256
33f980f3456123a498309eed0d15384861a258706e724ccf5b93c003c33f4025

SHA512
af707cb474a27bb5dd67a7aaba0923cd296b0f03354db6e02c9d9b6400b51afb74507061588501bed29114bd9d63c11b938c75c1e1704961142a933b186f8dba

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS81AA83D7\core\api-ms-win-crt-locale-l1-1-0.dll

Filesize
30KB

MD5
e7dff0db3dc6bf0dfe0cd34097486a78

SHA1
f1954c32b3b7ea667252b9ba4b6e1b311876920e

SHA256
f5824b21cea4ca9d13f952403a0304cd65c56af595fc485c88b7e01328bb7579

SHA512
6566db9c24d796ca61d7622e04f674be0bef611c45570caf18332fcf180a8d6c3ea2c62c819abb377dc5f5c2bc76db2a47c0859733c77d95358b550752f74027

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS81AA83D7\core\api-ms-win-crt-math-l1-1-0.dll

Filesize
38KB

MD5
2cf80dba32e7416305e5e22d37d0cfb8

SHA1
1302e5f2c4c45a7e4c09ab1ee9ee9c09117f66d1

SHA256
df4ae37fe9ad1db915a101737ebecfb9fc7d69fa067626fc98dbd243975136e0

SHA512
c3c576ad90b5dff9d9f80e424fc35f77c76dd0cef6b192dc2ba2d9dc7582159d0120b2a8f1d92801286c463aba3ccdf2216cd6a73c9f65b2ae439ba77511c13b

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS81AA83D7\core\api-ms-win-crt-multibyte-l1-1-0.dll

Filesize
38KB

MD5
d3de4c6d6d0a5b0453c343e422338121

SHA1
7d60d18a34e741e5bb5d475a766b66ac6e2bd2a7

SHA256
ea9f68d130077162733f645974734250a66c985ff114f15611d8b626b16ce9b4

SHA512
51a10b9ee0506a7739510532ecf6d3a5ab430cf571ca15083cb085cb19ac6d6fcd91f47d030acac778143368b0670f3cff4a48a75149dee10a7069ef230a7815

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS81AA83D7\core\api-ms-win-crt-private-l1-1-0.dll

Filesize
82KB

MD5
314ff46078f9badd46696b5f92723448

SHA1
b063cf672969c908749dc7b399993e9870b49f27

SHA256
77772f09d7c0492c4c5d40ec5ac72be6ef56c18dde36d7e37ad42bfa32c81701

SHA512
a1ae25649e75eb9da38da7e1b18de540cca4ad0ef9a9cef6218527bf179903467b5ff1762eda86a7bc97e184ed150dc4bba6251dca63a1c67226939a081b22f0

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS81AA83D7\core\api-ms-win-crt-process-l1-1-0.dll

Filesize
30KB

MD5
3279b34977cfe6f3c92671c53d856cdc

SHA1
f668f697ba0832259603bd85dc0d9880e0e7e01e

SHA256
0ccd7a9af33ea4300c36622fb1ba8ada699e8e1a8f53bab7217a56a97e032c50

SHA512
021d9e33b0b855c2b3f7e4414fdd4ece5e889b0e93d30c90493e8e0a96591d8958ca2354cf6e62eab972ebad9e22d520e2c961c5edbdb1293de7ee7c4f780a8c

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS81AA83D7\core\api-ms-win-crt-runtime-l1-1-0.dll

Filesize
34KB

MD5
a9185aa01922285f156a5e542dac47ef

SHA1
36b9c3f1e3145d3832fddb257a4cfb74a74142e5

SHA256
022482f6883751d09ac62f56886a64530fc9f4eec95df8e23d9edb56deabcbc2

SHA512
1a4e800ebfc8b1a08cd051076a0fcaa06307d5f9a08e05f5e6de665c149c553be2a514e7e9357b36224c4b48fbcfe76afbc33d77d551172df99b94480aca7357

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS81AA83D7\core\api-ms-win-crt-stdio-l1-1-0.dll

Filesize
34KB

MD5
500f6695fe5d658ad1fbf4c48fa4ce8c

SHA1
777010eca091a8d6df250597ba7be7403f0c7cdb

SHA256
608072474b4955c8966f61f450046ec189b76787c7307833dbbdec6546677152

SHA512
886a0742418c14385967ad71b08fd87792eee3fd7cb7c450de00c6816fb665b12c1daa4ec78dac9c8ddc59b4da94ebe6f80cd1a539431eb674bb01d0223ad0a5

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS81AA83D7\core\api-ms-win-crt-string-l1-1-0.dll

Filesize
34KB

MD5
db4f81dbc7acf5658fc10cd4cec8c1fa

SHA1
9eb0d83be9d226301308ce92db4b378806161002

SHA256
2a1fb79656b3de2baaab74295b4441c05ed9efb95f0edaed1347c16e3cc579a9

SHA512
7ac7440320157f7c76cea9e297a2285c8c4fa95a8a2183e94743f67ebefcdf4fce7bb3d3367b1861e46c577675f8688259d9e9c7dd32a53cb72961521b88dd2c

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS81AA83D7\core\api-ms-win-crt-time-l1-1-0.dll

Filesize
30KB

MD5
bbb911586cdd1b9522e4f69b5761f472

SHA1
ebaaefcb527ed7ab1b026119d420a5e076526327

SHA256
7115cc37cb4a9382243fd1b2ce8a806ece974886ce1914ad436152bbd36e0797

SHA512
64180e6326c58d7e5aebb3bb6504fc1973de0861d377f1fca2071123c3fda9b51e1ccf11154cdc97ff1f8a2010d462fef42f2fce81744797368fb7b7de9955ae

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS81AA83D7\core\api-ms-win-crt-utility-l1-1-0.dll

Filesize
30KB

MD5
269a0b73ae1c203fd050df95321e2b9f

SHA1
65597e560447500ffbc0d106c54c2e0d7ce0aebc

SHA256
6751ec9e523c9a19509b995c32476eb010d6267c3a679871496bd065c9651b4b

SHA512
97ff27d08bc76fa4ee588155968458bdc99817d12a2d83f56f0f1f8f758ef553f2b407fecae7f7d92b5e2b1b5248d8d3fe624f2a3a8abeb0ddef28bc5f638f10

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS81AA83D7\core\application.ini

Filesize
749B

MD5
3762504481e65a423dcd0c98bc6a3bb9

SHA1
940931f41012811471439fa27c94a10171673ea2

SHA256
7e3e4d4cec97570fe63268429aeff7aab3490980c8e8aff890f54404f1a27f73

SHA512
bc769d7a8e87d6a197f5d47dc24ab76dfae28e9efde819f4d8a47fbe09a78b29bfd11692c706304bc8c3f7306e01cc04550e4a8adb26532f664258e176d6dae4

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS81AA83D7\core\d3dcompiler_47.dll

Filesize
4.7MB

MD5
ca6e8dbb1935da865cc15af68456c2fd

SHA1
800f579d9edd74a01820e6e97b4f48c099982057

SHA256
454180b65957ff5363569e7be3cff7e5f233b982c4bbc89fa4bd7515963d0696

SHA512
df2658bce05a8eecb7a005b966563b69227bde2cb542b300705e08c3c3639a2191ec790fcd550dba5e92771bf100d88da3253c72ddbb875d5a3c3a9cb9656389

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS81AA83D7\core\default-browser-agent.exe

Filesize
662KB

MD5
841a12b85e1ffe795b1099c8aefd772f

SHA1
49a237b473ddb8a340b2da3360c648521f973364

SHA256
bbae2245ad7060b2620d44293fc537e8b2fffc0164cab6472bd098603b37b9ca

SHA512
676f9c27eaeba132c7c58e0ec624bd5f1eabe1b372104a4ccd71c2a309f87283b98930b0bb18778b1df9ed37c2e6f0aa613305a805169e83d68880975022e0bd

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS81AA83D7\core\defaultagent.ini

Filesize
933B

MD5
5e9933470b164015f636d98852a9e091

SHA1
a944de0694461f0a5d0273fac10246317b7f6578

SHA256
ad0b05d3f91d363257c788c7809a49db6f244b8595927a1028f569129acf46e7

SHA512
c22646a0689f5422077f82706c42f601a86c106fead04aa6656729b1454e045e4e7010f86eb16c80a365362db5e24573740b15a09ab6f7c397cad8dd273c252f

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS81AA83D7\core\defaultagent_localized.ini

Filesize
1KB

MD5
3474890714b7adbc3ae61181be71cad7

SHA1
b1510bb7723c7b0ccc47ef22c0540cede85ef7c0

SHA256
1e704b65b98835232395613a064f3deec416c4b1f49d6b3a2c12820164bcc36c

SHA512
ca3142503fb5bcfaee0d5fd52045ae007865497258533f481b687f93a703150e581b6ce5f1fdf881bd35b549ade12633ee5709b7ce419de88a295803cea9d95a

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS81AA83D7\core\dependentlibs.list

Filesize
495B

MD5
34f977ffe92ab3e98d18c4f0d994e67f

SHA1
4784489c32b675d081f36f0b6c0e9d4dd8cc144d

SHA256
7fba19896004a82650ee1c2dce2fbf6c34bf0bfa681cbae3f1a21568b0cef12a

SHA512
280a45565f4320d07d786c075037f4ec16ef03b898dbd20e6017992f09f37c56357aecc6e3041ef1c926934e266f8ca94fe1638f3572648e1244b723f0a4a1f4

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS81AA83D7\core\firefox.VisualElementsManifest.xml

Filesize
557B

MD5
0aa43576f0420593451b10ab3b7582ec

SHA1
b5f535932053591c7678faa1cd7cc3a7de680d0d

SHA256
3b25ae142729ed15f3a10ebce2621bfa07fda5e4d76850763987a064122f7ae6

SHA512
6efb63c66f60e039cf99bfaf2e107c3c5ed4b6f319f3d5e4ef9316c1f26298b90d33c60b48b03699059d28b835fbc589417ac955fc45a2bc4c116a5200dfdc32

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS81AA83D7\core\freebl3.dll

Filesize
790KB

MD5
d9759f889b7556b53c9f618dab23ada0

SHA1
7a60c826968859032542e46687d301252ff87082

SHA256
541237dc113815bc6d73094cc4752b94e238355a35473f93cfb5dcbc920afd9c

SHA512
e7cd591e599c1ee3b0ca6d75788240611251f5052aa14e50c581d05d27eb0e853fc10944ffa49d97eaa91802d4b4a5ca90cbb8a650924ac851559407743ef819

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS81AA83D7\core\ipcclientcerts.dll

Filesize
194KB

MD5
75a02d7d4b863c4897522f2c44668c05

SHA1
45c5524baeea7f0b88aff059fab58a7cef44c793

SHA256
04d697703b2cfa1aa62935825df67a9257bc1e5bebaf327cf89b6e85453e4124

SHA512
3a17f4f6e3540ac70fbbb6f2d164fe28264c09bffc562956579ffbd1830d6ba818af33b8ba8cabbba52da3f82bf0dcc54099b4d99adf06b6a828757aa3740ad6

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS81AA83D7\core\lgpllibs.dll

Filesize
37KB

MD5
a2b46aa2708a72fa9d7de8d2d157498d

SHA1
66a7d46a7ee3a28e12a235e1a379a88ad18fe452

SHA256
10813244cff774db2442826992756086eb036f94c6e2074700740d6b4116e5c1

SHA512
53dc6316a597a7f0be0d2b37ebb0e00c647700614c73a9380e7e4641da279b8c54c087e8a63a5fc0fa47270d8cdd51187438ee76df1e4c6220f814a39be3c6ad

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS81AA83D7\core\libEGL.dll

Filesize
45KB

MD5
866c19226c6b08e43a33662f298d089f

SHA1
bbb0b048666f43240692c7e4eecdc077c539ba15

SHA256
a1ec47c1c820a829dbcef1b7aaa1ec58cd3b5ebcf8c44e41e9dc72f83162bddd

SHA512
d0da3985752574b77aa40dca7fe4e9deee903a8db417f539540fa064fe2dd6308d5db42d76861a973ef008c06557fc2c52e76eeb0ffb5cb1c5c540ca8c0e5f5e

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS81AA83D7\core\libGLESv2.dll

Filesize
4.9MB

MD5
0f60649164f33c66cd424d3a38c98030

SHA1
cee9284b80046f2617f9a1b4b68ca4fe5b851b1a

SHA256
f9ae755813243020893155ccf2529fc3947c43074ab4b8a5ef00531e3b1f4c2e

SHA512
0f84db0dc99091938cc4de04ebd78f704db6e37164fa16d46c51408f13fe46e10aadce6c7a39ba82237ca212a19981205abf6cd804d7d677251e040374a29174

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS81AA83D7\core\locale.ini

Filesize
22B

MD5
bad74b155b8731bfddb8d54cbd1b0021

SHA1
5a4d8b98ae81f75e362d510713e05022be64c60b

SHA256
a4a030b6f430548e5bba3cfc748515d40b72c522a1345957df4ed5f88736013c

SHA512
ebfab2f589390553bd93c1299db8b7a7bfb8b1ac9ac5ce3c2c8d478c79ef8b93d6193f9e739e94f662dfc026cd49b04a8f2fe3ed82dd4bd191d1cf34e1e4501a

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab6673.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar6712.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsoFC1B.tmp\AppAssocReg.dll

Filesize
14KB

MD5
012461cad43cc5a871bb2019a461a2e4

SHA1
75617dce95008117b5b1bd602bbbe58dfda4e6d8

SHA256
eeed86addbf5989fe54e862e68e9a287eeaad11b209c26de67ab660b21445e15

SHA512
f1c42d0703e5c4fafae2fab90a7c23499e8b72f9e04ecc10602d1c48ca08781000cda36af86577b3e2380684ca442db54668f390822f3590b6dca6507e80fa2e

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsoFC1B.tmp\ApplicationID.dll

Filesize
55KB

MD5
fdc0338e6faeaf6f7c271982e103473b

SHA1
9a41f7932abe8be7e32c6371f085cf14de355d00

SHA256
a9dad9fdaae93d10dc2ee346b231913445e731049554b8bb1506827e46f8a44e

SHA512
a766eef11db4c94b1445d1cd70cf1d3b6141d6b3973562e9fa8d81c79195886b884dbc9b9f6952f8a6e8619534a6bf2d615d539d2cace9c8843dc19415051cc0

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsoFC1B.tmp\CityHash.dll

Filesize
53KB

MD5
2021acc65fa998daa98131e20c4605be

SHA1
2e8407cfe3b1a9d839ea391cfc423e8df8d8a390

SHA256
c299a0a71bf57eb241868158b4fcfe839d15d5ba607e1bdc5499fdf67b334a14

SHA512
cb96d3547bab778cbe94076be6765ed2ae07e183e4888d6c380f240b8c6708662a3b2b6b2294e38c48bc91bf2cc5fc7cfcd3afe63775151ba2fe34b06ce38948

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsoFC1B.tmp\InstallOptions.dll

Filesize
25KB

MD5
fd249bc508706f04a18e0bc0afddec82

SHA1
b94efda9f41c89fc6120ed385867125d03f28bea

SHA256
c34f095e200db420ce9af5489c3e392be285e43c3f4c9fbe34686b1f0a1531ad

SHA512
c820c06ad5ae21101602d9e7864fed9b470b25fa9a0ee025d05e72697d88c7e03cbee7ad476f4e3d5b6e467248b8ad1fefa2710c76011e2156b85068961404ba

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsoFC1B.tmp\InvokeShellVerb.dll

Filesize
14KB

MD5
79eedad48e956f125b4b518f5351db5f

SHA1
2bb8c4952a3310244394fa28b91797521ff7d154

SHA256
2bcab0487134238f5109d1f4364b99b6d03941c2c091fba6d660eb2b92f65adb

SHA512
bbab20281bd48b9ef285651c0fef385143465082254ec99435710e14d7389efbc93c6f4d571ada9d92e9e7648b230abf83d5a17b286f698c751026b8e8aa6f55

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsoFC1B.tmp\ShellLink.dll

Filesize
14KB

MD5
fa94d120efb029b43217c66bbc8c650c

SHA1
1fcf2d76adf69b403b7400681ac91d50ed20385f

SHA256
5f6f414b412c72b10f49eb92af1d368ede531b58fb200d539fd2b45e371612db

SHA512
07ed0771d5bbb651ea7421a5f6b08fa234f9cc041315d9360a7135ba12180064fc99a27725385a8ecd3ceb25bed5c00de169f7dabb3ccf6e987f45254dff8158

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsoFC1B.tmp\components.ini

Filesize
44B

MD5
c9b5d86a9a0f014293b24a0922837564

SHA1
3cc73b4a30a1a0bfdc6812bbd17994f53eb5db2a

SHA256
775c85f3552754ad3794b88c0cb6d6fc43d412cd9a87a4b9e847386a5bd0a9c4

SHA512
790f365afbe4c5a37dbb56443d38f0c439eadca002e4001d373d6db8c1d80c4adacf3749e9d210cd0316381682fbbc46616a3fa36581c7ea6f5ce69119944b62

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsoFC1B.tmp\components.ini

Filesize
568B

MD5
87f5e2596d37b625a16e7a12de564392

SHA1
d321ec95fe72a526c6ca74d36fbd3f4acc96e720

SHA256
0a184368b6ae413837f046c918cd90d1e42f9bbdf5a1333143ef2c916a097c26

SHA512
0f43c56e040d6fe796e8a74f5da86f085cf920b71f39e4c781251561bab21fd72912192b33abc2e9101f1c1ded3cedb5a87a61a5eb861da915b65403482aa07a

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsoFC1B.tmp\extensions.ini

Filesize
630B

MD5
940e15a3691292c513f015e351f33072

SHA1
0545d9d43b188182988195db8a01fcd3ff43afc4

SHA256
0723b5d0c55354754b2084b712854c39ca089b1d883de067ac3c20935808397d

SHA512
cab225845a6ad929b643f3c6f8e9f1b8d0e7f0b19ca7ddaeb6350c508e9d21294749077ab3d041facca1d41578b2434f0faa37a5bb64f1ab1ddadda0edce4b75

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsoFC1B.tmp\ioSpecial.ini

Filesize
1KB

MD5
1276cebb76b4138cdef2db53f7747114

SHA1
c016aacd307fc74abe0d3098a04153cbeb2dcbb2

SHA256
b905ea738989f91efdbed4f3307a2f7290e6647d032ad682a15bf419c8413743

SHA512
cd3598dcbf1acf8928904c43d8c1cb6a52e79359222251d181e9fb0fca75a0347d90cddbba86930c574ee0097f527be45c5e85ef91e1442fa5db0ade1ab32894

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsoFC1B.tmp\ioSpecial.ini

Filesize
1KB

MD5
4cccba5bee64e9bae173a827029354b0

SHA1
b0d6b168dd7d2b96854a1294e75383638ef47ee5

SHA256
66eaeb4cb24d4e45a9898bdb94d7c965db5e8d1797617ebdaeb344c76c3b4103

SHA512
0f2781f895d03515490593fec27dd035fc1737a16ab8c1ccb84f90ebe1ebd93f0e5a059a01cf78227d79534d7b801f0867bc5a379eafc08e0ef74829cc874c7a

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsoFC1B.tmp\modern-header.bmp

Filesize
25KB

MD5
470261eb1db88b783084c5244fea4d40

SHA1
d751dad9b8724b815e4f8ce2e1dd2d9896931483

SHA256
582bca614b1658994935b158ba7eac86b78d561122c59943eedbd294f1aeb44d

SHA512
9ff1d79d03f0310cd2f8ad5b104455b9f4933ad1f590dbbe76b277b827162444ecea5c0e2604901335082a17c992c6e1271d5913d9676aed9663cd742f8bdcb1

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsoFC1B.tmp\modern-wizard.bmp

Filesize
150KB

MD5
07d52c053f2d9003ad81fcd055032dfc

SHA1
eea2d0000a8755482d2bb294ee9bc07890487cb9

SHA256
829da3d3af2550bb4ee208cd02473db35796f47c3bb8f6372efd7a6f86a32074

SHA512
d8146479de159609e2700518e6d39fca3d32bb735b7a2efdce34a84549fbb5c177c417cf7bd8d2864e70dc1a33b214db18194133ec4cf663033e01416a534ae1

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsoFC1B.tmp\nsJSON.dll

Filesize
33KB

MD5
e832077eaee06f3b2ac9a8d2e7264567

SHA1
decbc329257c9c7fb67d3c449b4c5dfc1f87471f

SHA256
705f4947fb94254c4e5084e6a962045f6a4e790dfc1ecf59cd0fc3feb38bcbbf

SHA512
c1bada98c52ee2318d23c48fe202380eb42c5e1f18226cdc017f264c8c34f548bfe4d9b6eef13caae69ba321a71b199431b249fdec65f8bb1c386810932ccf6a

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsoFC1B.tmp\options.ini

Filesize
1KB

MD5
0aaf73f1c1a52508a4c5a2500ca234fa

SHA1
0d419ccaea782a60efbe0c05691a05b8591faf6c

SHA256
b6c1438315bbb47e05462a15d1568da16ef0f46491a11fee9fbc9a049a88deb3

SHA512
a2c2b5d008799556feb34e7b8931e404c0415598980ad7e6b0a58b3a764fa34bbb3f49017e5a71180abcf3d2839d2931642d86b94a67c38dad78de48861f394f

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsoFC1B.tmp\options.ini

Filesize
1KB

MD5
5de2db86690c719705b25a582b31f9df

SHA1
8b8fe9ff21370993511ccf00f6d20803cf6c907c

SHA256
1621350504e237379a870967813840863986b11ea445cf1c86766cb1e57a2d96

SHA512
64a57808efbf2420101368e734356dabde6f144b49e4c2d5c4e22fb4991e7e546198118108bdda2ced81a4d96188ab400a3f0079578da9b67041f6ec078e1edf

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsoFC1B.tmp\options.ini

Filesize
1KB

MD5
3ddbda20013a98dbaf58eb86cd2f0239

SHA1
6115accae5bb63934709f55909ab34a0c03a1fa2

SHA256
ecb8a3fed1f9675d4b2016051fc1d2fa310bedf12c213d682892e32d0b2313f3

SHA512
1f480a33140127d8f9ce06ea13532e7e14d90d502b36518842c42860bc4a91b6b62eb6736698a15fd90c65e8c35695a01787f81184cc4315462188b9beffa9c8

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsoFC1B.tmp\shortcuts.ini

Filesize
876B

MD5
d1ec50b89beaff7899fa761688cd14fe

SHA1
129f602dfdfc0baec0ed2c6baa3517229a161384

SHA256
cb6f45b4baebc298bdf4b59933acf0bfbb39905fb0a5cf76918362a7a373e2a8

SHA512
e4471b7569eae943e09ef6e2dae4bbda15b66fe7db6aef2bb1d44d7685324fccc6307cd50f5ddcd2db3ab69c0b2fb89372852effff1da4bbb0e5d615d29f7f87

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsoFC1B.tmp\summary.ini

Filesize
1004B

MD5
82841ba4b064965589323a9229405d53

SHA1
c252f87042ee8cf3eeb955ad9e917e9fc3de4040

SHA256
195f7932629f0622ee2c0d168e6d1ae021dce8bdcf5b3023d7d4ff6702e478eb

SHA512
d5b55baac1c7d1db7f495caf9d9a4aa6fd692462eb2c77842000772e82090baee9b9026691ad12625bf30d8de28d612a54be362107fdeba84e11078eb3c50564

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsoFC1B.tmp\summary.ini

Filesize
1KB

MD5
457b01bee34cc1113312daebb71a0261

SHA1
bdc9013f844e1381db20eeb20981454efc7e0d45

SHA256
26f1b77e28ce6efd144f5856a4e184772f93df75ee4111111024530625337e19

SHA512
c6c922e51f80712621cf4b82fc6d5733d79eeb54ae5fe51a7002d6a9b15a36500017d3361bb0c6bd8b33701ee15946f34b986e98ac5bad0c4e4cf36704c7d6c3

Download Submit
C:\Users\Admin\AppData\Roaming\Waterfox\Profiles\r2mkqocn.default-release\datareporting\glean\db\data.safe.tmp

Filesize
182B

MD5
7fba44cb533472c1e260d1f28892d86b

SHA1
727dce051fc511e000053952d568f77b538107bb

SHA256
14fb5cda1708000576f35c39c15f80a0c653afaf42ed137a3d31678f94b6e8bf

SHA512
1330b0f39614a3af2a6f5e1ea558b3f5451a7af20b6f7a704784b139a0ec17a20c8d7b903424cb8020a003319a3d75794e9fe8bc0aeb39e81721b9b2fdb9e031

Download Submit
C:\Users\Admin\AppData\Roaming\Waterfox\Profiles\r2mkqocn.default-release\extensions.json

Filesize
26KB

MD5
3a4c87c33ae83be06c683edc7377d4ba

SHA1
1b140d7f02927ec062767a279a4b6066e0396e2d

SHA256
195e30b869e4af01a3d1edd0e57a3a9ab58dc33679ffc18618f3f9d3c198b7bd

SHA512
489bd283c8f1f680c73181fdde2828b6d9536ee091cbfe259e2cace66fc40594bad4edf1e70a13fcc82bc1f8f50c7e5ecd38cbdcdba11b0e4012a5e8ead40408

Download Submit
C:\Users\Admin\AppData\Roaming\Waterfox\Profiles\r2mkqocn.default-release\key4.db

Filesize
288KB

MD5
b1eb83c05b1cd61572a94ba6639bb850

SHA1
9628d448d76ff9c58fb72495dfe54cc3f0712275

SHA256
99e23340d1f16749947bb0e916bda3d411e3dce1069c8343df76ec613a212107

SHA512
e90fd794255933c52c2b1d543d12d1cda8f3bdcd3c60bde6ffddb902510b7ace8119629db70735f521b49ce75b792d23071feb7c3f2ae231a7fb87af553d1d88

Download Submit
C:\Users\Admin\AppData\Roaming\Waterfox\Profiles\r2mkqocn.default-release\prefs.js

Filesize
6KB

MD5
7f561bed9e0bb27b8c3b8fac5f74d2a6

SHA1
adfca60efbe803d4d0de0ad65cebf692dfad276d

SHA256
4f7309c6ae6e7cf90932ced846e9df7d36ab8c5cdcf0e1c3ad5e30847afaee4f

SHA512
af4537dcdc5a041db72eb1bd363183af57142ac96be6dd368fcef2611f13a144440c8e0b7f2e4032c1793e637af062d12467cabb21bb7d5b3b7ddaacb10c0926

Download Submit
C:\Users\Admin\AppData\Roaming\Waterfox\Profiles\r2mkqocn.default-release\prefs.js

Filesize
5KB

MD5
0749ae5423a083def1c94e2621d37d5b

SHA1
6bf80268aee74c0a69351aca8ff1c33f3fb783b0

SHA256
c947e2128486f5024907f189000f79ef3bd5d314baa2c712d86c2754bba38e69

SHA512
2ff15725fbe3fe272b38945a892c35fd6e6ec03e0aef0aa1a6961c125ea5026356553be749178d113f7a790d4d9e8e91825e668800c4165c6b8bf60865e815fd

Download Submit
C:\Users\Admin\AppData\Roaming\Waterfox\Profiles\r2mkqocn.default-release\prefs.js

Filesize
3KB

MD5
3ffb3378f1ce3277eddb318a42e7058f

SHA1
f905fa1c267f2d41c8fd5c0d97cdf6ade3aefee4

SHA256
4cf7395361ee47bb3b9f94a639a3cbb68161e6878e5ca4c3d7439b2384057158

SHA512
ca41c2e587b7358e2bab2c623d6c6f0c70292122f690d8cb23e449670e00803613d5a61f3dda50ea5a1e60d364b74766faa5299c33af383ba5cfb9ac97eccd00

Download Submit
C:\Users\Admin\AppData\Roaming\Waterfox\Profiles\r2mkqocn.default-release\storage\permanent\chrome\idb\2918063365piupsah.sqlite

Filesize
48KB

MD5
137bcb87f07f622600d5e29cb6098960

SHA1
12c1ed4fb403a33f33760ae894348ade4ee045ab

SHA256
fb9418fec36cc301fe95446aaf8520f4f3c6e464735e2996ad38da9cbd17bb41

SHA512
c3362cb47e7aa3122e0e8bd31d19e4a57e3b57e0535115384b14a0595f62ea4d19818a7b856a325bd01ff8eac6a66ba88419e8b430b879fdf12c0f60302119f0

Download Submit
C:\Users\Admin\AppData\Roaming\vlc\vlc-qt-interface.ini.lock

Filesize
18B

MD5
a3fb99236b0e68e03f6a4c98c1b265c3

SHA1
68d01d9ee1cc192fca9545536ae958900834b87c

SHA256
c8756c73083942781e00fb02afd496ce129ebbe9af47047f8aecf1958ab9350c

SHA512
369f5ac010caafff78b4ae481ccb84fbbfdeb8afd71e57d967a649fa5f6df81870605634469e75cddb631fd9ff1a1d3761062bd730692aa641ebcc35fa077bcb

Download Submit
C:\Users\Public\Desktop\Waterfox.lnk

Filesize
889B

MD5
0046b5f80eaf9240e37232f946c577fb

SHA1
9c0a816fa4d6110c40a9210d5b0806b38bc96488

SHA256
ced44d65cdb94310c531e07931d9ad4f7bddec74115fabc5280526d4e5bbca14

SHA512
270e87205d3d66ea15cff4285b5efee70882eb9db96b84546bff1a936da1bfd19603a8fced69bf9d9c741f5c78ef47ef6d6cff3f681099917e7910d18e81c566

Download Submit
C:\Users\Public\Desktop\Waterfox.lnk

Filesize
819B

MD5
16557993a32b7fcde0c2fbf4e8da5d30

SHA1
990e0669d1a87463bbfdb58c1138443f86a14e6f

SHA256
148b5ae75ba40acfc5ff62ec343040100265f4f3501f1f91961d556d62f6e43e

SHA512
f13edeaad2344e558db8394ace842a85d4113dcc5e3fe1aaca3e9ebddc7aa6e45879fd74075f475cb32d8068702ae353d5254e074a677ddc5f350eb0320c7729

Download Submit
\Users\Admin\AppData\Local\Temp\7zS81AA83D7\setup.exe

Filesize
910KB

MD5
06d54d841d41878ed2d40bce509bba8c

SHA1
e42d319f6673d2204d10ab05cefd62cb99989fb4

SHA256
0efe1bb5dee3057be192d99b0dc1db8046deb4f87c563f123d759b08e0c4f6a3

SHA512
1237092b3e75ec5ff359e47666d44139aa8ee225188b364fdac028fed87bba6be5840808e0eb2f4aaa44441c0fecd974d0610c6e1c61896ba59e04229ba88589

Download Submit
\Users\Admin\AppData\Local\Temp\nsoFC1B.tmp\CPUFeatures.dll

Filesize
9KB

MD5
808baa6ba8e18f4f7072b0caab5d956a

SHA1
621e962358ebb422b71225201a3542c0805eba92

SHA256
1826a7973e9e3fccf4e7a8cc955cc3401a4b4f75fa5c0beb4d43808f01179935

SHA512
2a22632363eb297baa4bd4a64c8f855a9bb5d3a210a4636db005a57b0edbd04fcb4cd95677038d98bb3fd058f651b0caa60850e269a9e08568a70a56c91a158c

Download Submit
\Users\Admin\AppData\Local\Temp\nsoFC1B.tmp\System.dll

Filesize
22KB

MD5
b361682fa5e6a1906e754cfa08aa8d90

SHA1
c6701aee0c866565de1b7c1f81fd88da56b395d3

SHA256
b711c4f17690421c9dc8ddb9ed5a9ddc539b3a28f11e19c851e25dcfc7701c04

SHA512
2778f91c9bcf83277d26c71118a1ccb0fb3ce50e89729f14f4915bc65dd48503a77b1e5118ce774dea72f5ce3cc8681eb9ca3c55cf90e9f61a177101ba192ae9

Download Submit
\Users\Admin\AppData\Local\Temp\nsoFC1B.tmp\UAC.dll

Filesize
28KB

MD5
d23b256e9c12fe37d984bae5017c5f8c

SHA1
fd698b58a563816b2260bbc50d7f864b33523121

SHA256
ec6a56d981892bf251df1439bea425a5f6c7e1c7312d44bedd5e2957f270338c

SHA512
13f284821324ffaeadafd3651f64d896186f47cf9a68735642cf37b37de777dba197067fbccd3a7411b5dc7976e510439253bd24c9be1d36c0a59d924c17ae8e

Download Submit
memory/2584-571-0x0000000000400000-0x0000000000480000-memory.dmp

Filesize
512KB

Download
memory/2584-1857-0x0000000000400000-0x0000000000480000-memory.dmp

Filesize
512KB

Download
memory/2584-767-0x0000000000400000-0x0000000000480000-memory.dmp

Filesize
512KB

Download
memory/2972-78-0x000007FEF6AF0000-0x000007FEF6B08000-memory.dmp

Filesize
96KB

Download
memory/2972-91-0x000007FEF59B0000-0x000007FEF59D4000-memory.dmp

Filesize
144KB

Download
memory/2972-76-0x000007FEF6C20000-0x000007FEF6C61000-memory.dmp

Filesize
260KB

Download
memory/2972-116-0x000007FEF2CA0000-0x000007FEF2CB1000-memory.dmp

Filesize
68KB

Download
memory/2972-77-0x000007FEF6BF0000-0x000007FEF6C11000-memory.dmp

Filesize
132KB

Download
memory/2972-117-0x000007FEF2C40000-0x000007FEF2C97000-memory.dmp

Filesize
348KB

Download
memory/2972-79-0x000007FEF6AD0000-0x000007FEF6AE1000-memory.dmp

Filesize
68KB

Download
memory/2972-80-0x000007FEF6640000-0x000007FEF6651000-memory.dmp

Filesize
68KB

Download
memory/2972-81-0x000007FEF5D90000-0x000007FEF5DA1000-memory.dmp

Filesize
68KB

Download
memory/2972-82-0x000007FEF5CD0000-0x000007FEF5CEB000-memory.dmp

Filesize
108KB

Download
memory/2972-83-0x000007FEF5CB0000-0x000007FEF5CC1000-memory.dmp

Filesize
68KB

Download
memory/2972-85-0x000007FEF5C60000-0x000007FEF5C90000-memory.dmp

Filesize
192KB

Download
memory/2972-88-0x000007FEF5AE0000-0x000007FEF5AF1000-memory.dmp

Filesize
68KB

Download
memory/2972-92-0x000007FEF5940000-0x000007FEF5958000-memory.dmp

Filesize
96KB

Download
memory/2972-94-0x000007FEF58F0000-0x000007FEF5901000-memory.dmp

Filesize
68KB

Download
memory/2972-95-0x000007FEF58D0000-0x000007FEF58E2000-memory.dmp

Filesize
72KB

Download
memory/2972-96-0x000007FEF58A0000-0x000007FEF58C1000-memory.dmp

Filesize
132KB

Download
memory/2972-98-0x000007FEF2E30000-0x000007FEF2F3E000-memory.dmp

Filesize
1.1MB

Download
memory/2972-99-0x000007FEF2E10000-0x000007FEF2E21000-memory.dmp

Filesize
68KB

Download
memory/2972-101-0x000007FEF2DD0000-0x000007FEF2DE2000-memory.dmp

Filesize
72KB

Download
memory/2972-102-0x000007FEF2DB0000-0x000007FEF2DC8000-memory.dmp

Filesize
96KB

Download
memory/2972-104-0x000007FEF2D60000-0x000007FEF2D8A000-memory.dmp

Filesize
168KB

Download
memory/2972-105-0x000007FEF2D40000-0x000007FEF2D52000-memory.dmp

Filesize
72KB

Download
memory/2972-106-0x000007FEF2D20000-0x000007FEF2D31000-memory.dmp

Filesize
68KB

Download
memory/2972-107-0x000007FEF2D00000-0x000007FEF2D11000-memory.dmp

Filesize
68KB

Download
memory/2972-108-0x000007FEF2CE0000-0x000007FEF2CF1000-memory.dmp

Filesize
68KB

Download
memory/2972-109-0x000007FEF2CC0000-0x000007FEF2CDA000-memory.dmp

Filesize
104KB

Download
memory/2972-103-0x000007FEF2D90000-0x000007FEF2DA6000-memory.dmp

Filesize
88KB

Download
memory/2972-100-0x000007FEF2DF0000-0x000007FEF2E01000-memory.dmp

Filesize
68KB

Download
memory/2972-97-0x000007FEF3BE0000-0x000007FEF3BF3000-memory.dmp

Filesize
76KB

Download
memory/2972-93-0x000007FEF5910000-0x000007FEF5933000-memory.dmp

Filesize
140KB

Download
memory/2972-75-0x000007FEF5DB0000-0x000007FEF5FBB000-memory.dmp

Filesize
2.0MB

Download
memory/2972-90-0x000007FEF59E0000-0x000007FEF5A08000-memory.dmp

Filesize
160KB

Download
memory/2972-89-0x000007FEF5A80000-0x000007FEF5AD7000-memory.dmp

Filesize
348KB

Download
memory/2972-87-0x000007FEF5B00000-0x000007FEF5B7C000-memory.dmp

Filesize
496KB

Download
memory/2972-86-0x000007FEF5BF0000-0x000007FEF5C57000-memory.dmp

Filesize
412KB

Download
memory/2972-74-0x000007FEF46A0000-0x000007FEF5750000-memory.dmp

Filesize
16.7MB

Download
memory/2972-84-0x000007FEF5C90000-0x000007FEF5CA8000-memory.dmp

Filesize
96KB

Download
memory/2972-68-0x000007FEFAFC0000-0x000007FEFAFD7000-memory.dmp

Filesize
92KB

Download
memory/2972-71-0x000007FEF70E0000-0x000007FEF70F1000-memory.dmp

Filesize
68KB

Download
memory/2972-73-0x000007FEF6C70000-0x000007FEF6C81000-memory.dmp

Filesize
68KB

Download
memory/2972-72-0x000007FEF70C0000-0x000007FEF70DD000-memory.dmp

Filesize
116KB

Download
memory/2972-69-0x000007FEF7940000-0x000007FEF7951000-memory.dmp

Filesize
68KB

Download
memory/2972-118-0x000007FEF2C10000-0x000007FEF2C3F000-memory.dmp

Filesize
188KB

Download
memory/2972-119-0x000007FEF2BF0000-0x000007FEF2C03000-memory.dmp

Filesize
76KB

Download
memory/2972-121-0x000007FEF2B00000-0x000007FEF2BC5000-memory.dmp

Filesize
788KB

Download
memory/2972-120-0x000007FEF2BD0000-0x000007FEF2BE1000-memory.dmp

Filesize
68KB

Download
memory/2972-122-0x000007FEF2AE0000-0x000007FEF2AF3000-memory.dmp

Filesize
76KB

Download
memory/2972-124-0x000007FEF2AA0000-0x000007FEF2AB4000-memory.dmp

Filesize
80KB

Download
memory/2972-123-0x000007FEF2AC0000-0x000007FEF2AD1000-memory.dmp

Filesize
68KB

Download
memory/2972-110-0x000007FEED690000-0x000007FEEEEFF000-memory.dmp

Filesize
24.4MB

Download
memory/2972-126-0x000007FEF2870000-0x000007FEF2882000-memory.dmp

Filesize
72KB

Download
memory/2972-70-0x000007FEF7100000-0x000007FEF7117000-memory.dmp

Filesize
92KB

Download
memory/2972-66-0x000007FEF60F0000-0x000007FEF63A6000-memory.dmp

Filesize
2.7MB

Download
memory/2972-67-0x000007FEFB250000-0x000007FEFB268000-memory.dmp

Filesize
96KB

Download
memory/2972-64-0x000000013FB30000-0x000000013FC28000-memory.dmp

Filesize
992KB

Download
memory/2972-65-0x000007FEF7120000-0x000007FEF7154000-memory.dmp

Filesize
208KB

Download
memory/2972-127-0x000007FEF2820000-0x000007FEF2862000-memory.dmp

Filesize
264KB

Download
memory/2972-128-0x000007FEF27D0000-0x000007FEF281D000-memory.dmp

Filesize
308KB

Download
memory/2972-125-0x000007FEF2890000-0x000007FEF2A96000-memory.dmp

Filesize
2.0MB

Download
memory/2972-129-0x000007FEF2660000-0x000007FEF27CB000-memory.dmp

Filesize
1.4MB

Download
memory/2972-131-0x000007FEF23F0000-0x000007FEF2402000-memory.dmp

Filesize
72KB

Download
memory/2972-132-0x000007FEF23D0000-0x000007FEF23E4000-memory.dmp

Filesize
80KB

Download
memory/2972-133-0x000007FEF23B0000-0x000007FEF23CE000-memory.dmp

Filesize
120KB

Download