Overview

overview

6

Static

static

1

42.zip

windows10-1703-x64

6

Resubmissions

02-08-2024 21:31

240802-1c217a1cqm 6

02-08-2024 21:28

240802-1a99sa1ckr 1

Analysis

  • max time kernel
    209s
  • max time network
    209s
  • platform
    windows10-1703_x64
  • resource
    win10-20240404-en
  • resource tags

    arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
  • submitted
    02-08-2024 21:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    42.zip

  • Size

    41KB

  • MD5

    1df9a18b18332f153918030b7b516615

  • SHA1

    6c42c62696616b72bbfc88a4be4ead57aa7bc503

  • SHA256

    bbd05de19aa2af1455c0494639215898a15286d9b05073b6c4817fe24b2c36fa

  • SHA512

    6382ca9c307d66ab7566acf78b1afd44b18b24d766253e1dc1cb3a3c0be96ecf1f2042d6bd3332d49078ffee571cf98869c1284c1d3e5c1c7dc3e4c64f71af80

  • SSDEEP

    768:hzyVr8GSKL6O3QOXk/0u3wqOghrFCezL1VFJdbq2QTJTw02Q:hGx8DKXE//ZhhCirFi2cwK

Score
6/10

Malware Config

Signatures

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 4 IoCs
  • Checks processor information in registry 2 TTPs 5 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Modifies registry class 1 IoCs
  • NTFS ADS 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 6 IoCs
  • Suspicious use of FindShellTrayWindow 24 IoCs
  • Suspicious use of SendNotifyMessage 23 IoCs
  • Suspicious use of SetWindowsHookEx 13 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs
  • Uses Task Scheduler COM API 1 TTPs

    The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.

    persistence

Processes

  • C:\Windows\Explorer.exe
    C:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\42.zip
    1⤵
      PID:3080
    • C:\Program Files\Mozilla Firefox\firefox.exe
      "C:\Program Files\Mozilla Firefox\firefox.exe"
      1⤵
      • Suspicious use of WriteProcessMemory
      PID:4216
      • C:\Program Files\Mozilla Firefox\firefox.exe
        "C:\Program Files\Mozilla Firefox\firefox.exe"
        2⤵
        • Checks processor information in registry
        • Modifies registry class
        • NTFS ADS
        • Suspicious use of AdjustPrivilegeToken
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of SendNotifyMessage
        • Suspicious use of SetWindowsHookEx
        • Suspicious use of WriteProcessMemory
        PID:4308
        • C:\Program Files\Mozilla Firefox\firefox.exe
          "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4308.0.1145777022\1025845765" -parentBuildID 20221007134813 -prefsHandle 1684 -prefMapHandle 1648 -prefsLen 20747 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1e24fefa-818d-479a-b99d-6d292874fa13} 4308 "\\.\pipe\gecko-crash-server-pipe.4308" 1764 2c68b6cd958 gpu
          3⤵
            PID:2252
          • C:\Program Files\Mozilla Firefox\firefox.exe
            "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4308.1.1048226084\997377848" -parentBuildID 20221007134813 -prefsHandle 2108 -prefMapHandle 2104 -prefsLen 20828 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {394b5784-4a83-41bb-9785-8b48711115f3} 4308 "\\.\pipe\gecko-crash-server-pipe.4308" 2120 2c68b5fa158 socket
            3⤵
              PID:3720
            • C:\Program Files\Mozilla Firefox\firefox.exe
              "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4308.2.1355784179\714857784" -childID 1 -isForBrowser -prefsHandle 2784 -prefMapHandle 2972 -prefsLen 20931 -prefMapSize 233444 -jsInitHandle 1292 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {31b8aaca-f3a6-4f36-be7a-d14b6c0b4af9} 4308 "\\.\pipe\gecko-crash-server-pipe.4308" 2480 2c68f797e58 tab
              3⤵
                PID:4712
              • C:\Program Files\Mozilla Firefox\firefox.exe
                "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4308.3.782520261\325995793" -childID 2 -isForBrowser -prefsHandle 3576 -prefMapHandle 3572 -prefsLen 26109 -prefMapSize 233444 -jsInitHandle 1292 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {4619818f-0e3a-45ca-8818-eeab550833a4} 4308 "\\.\pipe\gecko-crash-server-pipe.4308" 3588 2c68fd9cc58 tab
                3⤵
                  PID:8
                • C:\Program Files\Mozilla Firefox\firefox.exe
                  "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4308.4.1843706656\1282257406" -childID 3 -isForBrowser -prefsHandle 4188 -prefMapHandle 4184 -prefsLen 26168 -prefMapSize 233444 -jsInitHandle 1292 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {79450e0a-334c-4f69-9b90-ca4cbe37b274} 4308 "\\.\pipe\gecko-crash-server-pipe.4308" 4200 2c6914ef258 tab
                  3⤵
                    PID:428
                  • C:\Program Files\Mozilla Firefox\firefox.exe
                    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4308.5.1393757763\557017843" -childID 4 -isForBrowser -prefsHandle 4844 -prefMapHandle 4828 -prefsLen 26168 -prefMapSize 233444 -jsInitHandle 1292 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d8e2c408-a940-416c-9b45-e5d03ffbab79} 4308 "\\.\pipe\gecko-crash-server-pipe.4308" 4852 2c691cde058 tab
                    3⤵
                      PID:3028
                    • C:\Program Files\Mozilla Firefox\firefox.exe
                      "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4308.6.540872226\2042875675" -childID 5 -isForBrowser -prefsHandle 4988 -prefMapHandle 4992 -prefsLen 26168 -prefMapSize 233444 -jsInitHandle 1292 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {bde3a87b-dfb0-424a-8a39-e8c9f94310cc} 4308 "\\.\pipe\gecko-crash-server-pipe.4308" 4980 2c6fef61658 tab
                      3⤵
                        PID:4516
                      • C:\Program Files\Mozilla Firefox\firefox.exe
                        "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4308.7.1814610304\1710210479" -childID 6 -isForBrowser -prefsHandle 5172 -prefMapHandle 5176 -prefsLen 26168 -prefMapSize 233444 -jsInitHandle 1292 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1ed03f06-070f-4470-ba37-b1e2caaabe5b} 4308 "\\.\pipe\gecko-crash-server-pipe.4308" 5164 2c6923b0258 tab
                        3⤵
                          PID:4820
                        • C:\Program Files\Mozilla Firefox\firefox.exe
                          "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4308.8.1378738260\262834813" -childID 7 -isForBrowser -prefsHandle 4384 -prefMapHandle 4192 -prefsLen 26249 -prefMapSize 233444 -jsInitHandle 1292 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {9b312d8b-cc56-4357-8f30-66f4b2b6e42d} 4308 "\\.\pipe\gecko-crash-server-pipe.4308" 4372 2c68f72c758 tab
                          3⤵
                            PID:1808
                          • C:\Program Files\Mozilla Firefox\firefox.exe
                            "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4308.9.1704178293\1167767264" -childID 8 -isForBrowser -prefsHandle 4916 -prefMapHandle 4928 -prefsLen 26689 -prefMapSize 233444 -jsInitHandle 1292 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d9823839-6830-4829-a475-1545a62a9edb} 4308 "\\.\pipe\gecko-crash-server-pipe.4308" 4892 2c69436e658 tab
                            3⤵
                              PID:1132
                            • C:\Program Files\Mozilla Firefox\firefox.exe
                              "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4308.10.1705380046\188223468" -childID 9 -isForBrowser -prefsHandle 5852 -prefMapHandle 4536 -prefsLen 26817 -prefMapSize 233444 -jsInitHandle 1292 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {19c07b68-19d7-41a7-998f-148054ed3d45} 4308 "\\.\pipe\gecko-crash-server-pipe.4308" 4928 2c692d1fb58 tab
                              3⤵
                                PID:3028
                              • C:\Program Files\Mozilla Firefox\firefox.exe
                                "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4308.11.1217688835\28196021" -parentBuildID 20221007134813 -prefsHandle 5840 -prefMapHandle 2672 -prefsLen 26817 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {aca47fe3-cad0-498c-a450-93542bd7d013} 4308 "\\.\pipe\gecko-crash-server-pipe.4308" 6516 2c6944a8958 rdd
                                3⤵
                                  PID:5076
                                • C:\Program Files\Mozilla Firefox\firefox.exe
                                  "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4308.12.12940824\1738327548" -childID 10 -isForBrowser -prefsHandle 6780 -prefMapHandle 6772 -prefsLen 26817 -prefMapSize 233444 -jsInitHandle 1292 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {de546e1c-c8df-4e65-b1fb-180b6f47a2d1} 4308 "\\.\pipe\gecko-crash-server-pipe.4308" 6792 2c6944d3458 tab
                                  3⤵
                                    PID:1860
                                  • C:\Program Files\Mozilla Firefox\firefox.exe
                                    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4308.13.823495503\1820939768" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 4340 -prefMapHandle 5736 -prefsLen 26817 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b03ad542-c902-442a-84ac-1ee94231ad3e} 4308 "\\.\pipe\gecko-crash-server-pipe.4308" 4428 2c694f53658 utility
                                    3⤵
                                      PID:2260
                                    • C:\Program Files\Mozilla Firefox\firefox.exe
                                      "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4308.14.2084900095\1403010004" -childID 11 -isForBrowser -prefsHandle 4536 -prefMapHandle 4340 -prefsLen 26817 -prefMapSize 233444 -jsInitHandle 1292 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {3a6ba307-fa33-4efc-9774-047834e52979} 4308 "\\.\pipe\gecko-crash-server-pipe.4308" 6660 2c68dc67558 tab
                                      3⤵
                                        PID:5048
                                      • C:\Program Files\Mozilla Firefox\firefox.exe
                                        "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4308.15.534238371\1221560696" -childID 12 -isForBrowser -prefsHandle 5444 -prefMapHandle 4896 -prefsLen 26817 -prefMapSize 233444 -jsInitHandle 1292 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d10c7232-422c-4773-b3ef-b99d296b06ca} 4308 "\\.\pipe\gecko-crash-server-pipe.4308" 5912 2c694494f58 tab
                                        3⤵
                                          PID:3628
                                    • C:\Windows\System32\rundll32.exe
                                      C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
                                      1⤵
                                        PID:3560

                                      Network

                                      MITRE ATT&CK Enterprise v15

                                      Replay Monitor

                                      Loading Replay Monitor...

                                      Downloads

                                      • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\cache2\doomed\23012
                                        Filesize

                                        16KB

                                        MD5

                                        ea8447616209e2961a24101dd6a0b267

                                        SHA1

                                        1e6ef283b4d66cc7e38ae2d02850f2df682e0645

                                        SHA256

                                        870b4a3554fe1ff97d8fb814fd6c9f4440d075fda776fb0ffadab09855cbb27c

                                        SHA512

                                        ad7cb97b41ddbc9b365fe39ad11e90c84febf94e6c32c0feae88f153ca8871451e34b4d009ab5dd8be8d37c2bfa070395d8eb557760d4a67bba714325fcb8a8a

                                        Download Submit

                                      • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\cache2\doomed\721
                                        Filesize

                                        9KB

                                        MD5

                                        a14fe9e55609f1fce90909b1b00ae88b

                                        SHA1

                                        f9346610732fe214f5a0a482a30bd5585cf7fd37

                                        SHA256

                                        b143e3a2fdbedcf08a07b6fa33a73a91735124df9cf51beb3a01516df8c7d0bf

                                        SHA512

                                        d67ae75a06378bc1a69c5be1f6c05d748eee32a0c0b887f178d18258ec93ebcad8e4abd5fe9774a6adda69640009f4273518f4e4b8f884f118ee1dc3934b21e1

                                        Download Submit

                                      • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\cache2\entries\63AB4F2E5740F2C8E05740141A7241E977C61A6D
                                        Filesize

                                        5.3MB

                                        MD5

                                        239fc9c0722f0d90471b88f036703995

                                        SHA1

                                        83a81a409e6286cbdc7cd396f3cbefd39d362b27

                                        SHA256

                                        d51661a4c8eeae8b1e0bbba2dc30e2e1feace5dc769ffa6a933c9d74a6615e0d

                                        SHA512

                                        19450fcc1a414e55c5aba45b9c9330d2ac9dda323690a30ac2a3c0f29da5a4965d62cce1776719875111ffaa6bbf76e7190d8ea4214f8b9c50c15957f4581936

                                        Download Submit

                                      • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\cache2\entries\842A09BB00FA95724B0F6A72A1BB98F1728D9154
                                        Filesize

                                        60KB

                                        MD5

                                        a28319acfdd6c12ad039a9886eb38c7a

                                        SHA1

                                        86bd631d968154d643431967a514fa8904f48e92

                                        SHA256

                                        0b19db1a670e3d71d1483eace7d73b93bf6a6f192b15cf4335cf1e7a998dfe8c

                                        SHA512

                                        4fb54e9392157bf199b5cfd3b9409fdda1cfbeacb71ff0d4c21ea24298942950371d05db9d00199baba1ee5df98e021776a423a332561dc40be0f6a839d84bbf

                                        Download Submit

                                      • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\cache2\entries\C45EB0179CFFFC7B4CA1E522C371AA6043DFB334
                                        Filesize

                                        218KB

                                        MD5

                                        200359f8de838c94e0a1123dc4f95cc7

                                        SHA1

                                        eed7d345a3e853db023295a6c96f40eed02132ed

                                        SHA256

                                        874391f704c9ebb7ef55cd354e61b3b1afea1fc0f1ad153b8aeb1264115eee15

                                        SHA512

                                        e6435b627359484ca64366b72eb5ecddf11c36bcd25e4ad51e9ef977de2332a1db0c310e580956438f08406ad26ae44052c4ea8507a479c18ebc852d063ce861

                                        Download Submit

                                      • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\cache2\entries\E5FE0FD82E9F99773A440F234630A68ADB8F958D
                                        Filesize

                                        971KB

                                        MD5

                                        c4b57bfda9192348345405eb70c136dc

                                        SHA1

                                        8cc0539e925775f0a71534e934a90619ee93fa6f

                                        SHA256

                                        288c774496b295f9d6c899f524b7f205d242071c1b6b5eca50798daa42542e14

                                        SHA512

                                        46d3fb0cca9cb3733224a6148aaa5ee9c42e95fec57610f14f088df1ed8e49e104619e89fb38bbc17b0e6d2c11f298d3224c2f3e6654fce1257a53d13d4a0040

                                        Download Submit

                                      • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\datareporting\glean\db\data.safe.bin
                                        Filesize

                                        2KB

                                        MD5

                                        6f07a6d5f473324d0d371c8fb6243b2f

                                        SHA1

                                        ff328e34d9759867b9cf157a6f67aa59f25970e5

                                        SHA256

                                        e30a881516511fec8b9e5a242ba2cc46b3455e5dfbfeb6b2b0266f5f647f2bcc

                                        SHA512

                                        6b8d66f3270405ec8a9c9df4db656dee2bc103d3aa30de1dde0b7ced7ea65d45d08b54d45b5a59cc696dc98d4ca661206d5d36677fbe9c22a1542186a4e149fb

                                        Download Submit

                                      • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\datareporting\glean\pending_pings\5c16116f-4782-41bf-91f2-06da078c813e
                                        Filesize

                                        11KB

                                        MD5

                                        b4afcbae006500507824feef3f13816c

                                        SHA1

                                        7f56781040c96f820cc1858c1ef57c6319617921

                                        SHA256

                                        be6d8e09553ceec5ae94d6335988eff4a13521c0af5bc5fcc42c18aa5f8cc4df

                                        SHA512

                                        679b59be60826bf799b85a4893a4fbac285761f931161214efe43d79e0f576515700385f36382bcb10327ed4e117b06d176bbbc460c31e442ed24895710310b3

                                        Download Submit

                                      • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\datareporting\glean\pending_pings\7bc670cd-be29-4968-8f30-4af573acf712
                                        Filesize

                                        1KB

                                        MD5

                                        4fbdeba4df8498854f20a2247a7f14ed

                                        SHA1

                                        733740a5dfc59496fa79a710d919a540b6477d83

                                        SHA256

                                        3378c63361e00ee958933c730f2b0ab232f0f9a6ae7fa57386fa6dc0ebcaae28

                                        SHA512

                                        9fa505c6003a0fd7ea214101c4a63eebb6c297488268ac14abd4c1e22ba06cbe5462dd45acb44ccb8de84852ac4b180e75241052c473109205734eaba08ddef8

                                        Download Submit

                                      • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\datareporting\glean\pending_pings\af5bca6e-ae49-47d8-a042-f7f0c0be9330
                                        Filesize

                                        746B

                                        MD5

                                        27df922d6b47b83e36188201514aaa98

                                        SHA1

                                        98fab5bee58aaa637b7ed4089faa46eb82faa0dd

                                        SHA256

                                        420ac2fd97c79c575a001ab17353033526094cc6845fb734a9ac82f6878003ca

                                        SHA512

                                        1ccd96bea4672875646a0515271bb6819ff74268f579971cc5adcf49648625d874b699e073d25059c94e2ed1fa3de552739d2d5d162636987b0350ba75fdeeb6

                                        Download Submit

                                      • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\datareporting\glean\pending_pings\c357b8d9-a24e-4345-9189-93eb46e1c2ac
                                        Filesize

                                        855B

                                        MD5

                                        4d26fc55319ef16dc51dafb993d2611a

                                        SHA1

                                        9bbba3a567cccad1fe615ee118081f795c288cf3

                                        SHA256

                                        ff0d32273175c581b584d001c375b33951229fba3f82df4e5ee07eea5ac8225a

                                        SHA512

                                        f04f3414631ff8bf5468b42f4f9089984359eac97d2ac4fedb58aef54c5c338f72f624359b8ee88996ffa1ca8ba39393217d7167cfe81c7deb1366ef75dac994

                                        Download Submit

                                      • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\prefs-1.js
                                        Filesize

                                        6KB

                                        MD5

                                        12f856c36db60b858b3b16abb6468c9d

                                        SHA1

                                        fa8f0ed3a98fcc1080c28740dca3bc944e6e57fa

                                        SHA256

                                        7c3d1440cb74c763244bcf30fbe82e059b232df801e918d511919e611821fb1b

                                        SHA512

                                        fae79c9a511536a17f2e88de7fd41c9cebdc6659d5ed935e448955ff01ef80f0cfbbbebe5b8d3c90231dd6a9e2d228978f2c3f2a99ec8f35ecbcfe7d546aa224

                                        Download Submit

                                      • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\prefs-1.js
                                        Filesize

                                        6KB

                                        MD5

                                        b64028f3d07ba183ab49b84a396a9f16

                                        SHA1

                                        e49ba6e91af175cb5c448e549f2a8a62b6c14c64

                                        SHA256

                                        2af90283191f5af4b1bdbce4aace1157414e02d5e984f27446460849511bfc0d

                                        SHA512

                                        53134268f2e5563cb2b9e8deccb335d7128414d17696b792cdaad74e9c7216e014d674811199c7116b4aa1dc9b580b2004831c30269f1a87a5383a26645f6669

                                        Download Submit

                                      • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\prefs-1.js
                                        Filesize

                                        6KB

                                        MD5

                                        0d7ff1338221add40276fb5001dd191f

                                        SHA1

                                        b684b43635fe83757fd7a496d0160876a85a201c

                                        SHA256

                                        411d7db3da0552b2ff9c7439b19f5c1a5221390fd97d20a806790d835e68c858

                                        SHA512

                                        4f919d0c60b177eb49854be98e75912751561b88dd9ec31bf98e055a7ff4a6abcb18424e24adf6b345a5407a363140d9d184f8ca9fda071952c3ecfb19835343

                                        Download Submit

                                      • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\prefs-1.js
                                        Filesize

                                        6KB

                                        MD5

                                        d7f36463ad18113fba2724f93335cc3b

                                        SHA1

                                        3e22a8f4bd509a16d7939525843eeb6909f57d07

                                        SHA256

                                        8eaf93f5b44531de5f9f1f4bc547ccf63154d825e7d298b61b2d8a872f6f5d3e

                                        SHA512

                                        d8cd9efa4cac4ebe91fe38ebbc66418388b9a698170245b08faedeadae5aea1443858f89f84796a7c594c419dfc505c52e7b826d65b2219f3aaab6acdd696342

                                        Download Submit

                                      • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\sessionstore-backups\recovery.jsonlz4
                                        Filesize

                                        6KB

                                        MD5

                                        787a43233a9b5d70b2c38a75515f8798

                                        SHA1

                                        1b67bc5afa3c895ce9f9459cffbae747d4a0bcf3

                                        SHA256

                                        0618febddbed119a54146bf9cc9b09110a8508d250c063321528680eaffe75ed

                                        SHA512

                                        5b2e411aa6328d3c6ef218b0023df27b306d68a473847a4d448cf3abe5514a4c19fbb3fada8e04fcfe3a84d89702f7ae6740dabe8bb2f5f7b334df92e5663ef2

                                        Download Submit

                                      • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\sessionstore-backups\recovery.jsonlz4
                                        Filesize

                                        9KB

                                        MD5

                                        e36f7e89cf5ba2370021ec22a6aa7707

                                        SHA1

                                        64982a77bbc684752e22017f3c85d93bb568248c

                                        SHA256

                                        98adeb52ee15b59de985907e7051c022fc613aa40f9daf1a26e1921ba6a35cb0

                                        SHA512

                                        3979433f2b1a5ad9c657a163d3cfc00fe305bd2333f7d9256efb4514b6ca0d676f31915b5748619986d8a4acc65362bdbf7cf63b23c2ebcb679f01ca0c2b6ca9

                                        Download Submit

                                      • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\sessionstore-backups\recovery.jsonlz4
                                        Filesize

                                        6KB

                                        MD5

                                        b8dac65e0e772ec4d208ed900c972596

                                        SHA1

                                        215c032ee4826e3fee2ea68648405d8a526172df

                                        SHA256

                                        d4a522ed61c1df853fdc5148474c0d88bfdcb253b83de76f0eaabc334223f360

                                        SHA512

                                        bc516abdeb55857c7983d255b04c2259f792fa4785919386ec9ac0a2988b38f9ef01bd357564cca97512eb16e85ca91e9b8177de27b26e4f7e9f0e3e94535779

                                        Download Submit

                                      • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\sessionstore-backups\recovery.jsonlz4
                                        Filesize

                                        9KB

                                        MD5

                                        3afa8cf4897869bac7e4d6f1d93b1c3d

                                        SHA1

                                        f749a9ba8fb74f20854408e6e36f8e90affbc5b8

                                        SHA256

                                        ef76ccb67d1c36d27c458d744b13fd6765ea8b0107fe5f3b36fa241da68b8dcf

                                        SHA512

                                        cad6494b707ad5d6bb71a3c2843c8707c95564f5336d0f0c6a72568921ffae64a56f8a756a146523388a40a7a4349919b429e0f52df913b67fd078ddfb0a9fd1

                                        Download Submit

                                      • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\sessionstore-backups\recovery.jsonlz4
                                        Filesize

                                        3KB

                                        MD5

                                        f0292499bac1fb116d69070e233f0806

                                        SHA1

                                        bdabe8a807e3fbfeba78e487865b8467d0ddd5dd

                                        SHA256

                                        465dc32f6d67a2ddb02569c7958d25d8d7adad59c6f73fabc33ba246010922df

                                        SHA512

                                        69360a08e8741817988038987b6d97b34cdbf672506d784dfa90abc32c338b47affa3af779ce07a836ab548f1f2ade4fa52233d959cb183f1bbaf52ff7e6b5c6

                                        Download Submit

                                      • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\sessionstore-backups\recovery.jsonlz4
                                        Filesize

                                        4KB

                                        MD5

                                        69ae06093f5d852e5be5df40ee7c1396

                                        SHA1

                                        2c45280c5aac90442830970fc9efb0262314ec2c

                                        SHA256

                                        8f600ef01e2ddde7b437fa39389a98dfce7a3b966523c6468dc27cfa5c8f7ec7

                                        SHA512

                                        26be9e515fee57f851142def6391b3ae123a77605f1025da592f98f5499be61cf31d1d402346af0374f86be7167e9f40c3265f45a472a991537bb08f992b97f2

                                        Download Submit

                                      • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\sessionstore-backups\recovery.jsonlz4
                                        Filesize

                                        5KB

                                        MD5

                                        e73fbf071e29553c13397aeb2c770131

                                        SHA1

                                        b37e27b0a0766f81cf9be0904d1ef6b7fbebc01b

                                        SHA256

                                        4aaf71198403156cd7ab0726f5ec0f61d86139613f8a1973bda2e4f813869669

                                        SHA512

                                        2ccbeee7505887ff3d814d8e7131007b718514df33d757b64ec7b520f27b9a0c646e34015e0aa1d53a4d98a9f563c035bd0478620625732b577831368c04c943

                                        Download Submit

                                      • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\sessionstore-backups\recovery.jsonlz4
                                        Filesize

                                        4KB

                                        MD5

                                        c931518a5a527332d0a64f67844b1592

                                        SHA1

                                        0ddb3e31be1fb1588e830be395162c28adc327c5

                                        SHA256

                                        7929914b423a1badbeaaccee012f4f1fdc80ec4443ad88e5cba4974862eaa370

                                        SHA512

                                        602a158ff9a7acc2f5ad3c71283c61e5c59f03eb42ca02d881cab9fc8185d18d3f63ff55925096c17be5b8fcd095f4322b3f77c8fc4fab156370d024a8f0f43a

                                        Download Submit

                                      • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\sessionstore-backups\recovery.jsonlz4
                                        Filesize

                                        4KB

                                        MD5

                                        0eb127e456a67cd8206eb7eb4b181777

                                        SHA1

                                        dc1404dc509abb4517ddd387dba513183bdda849

                                        SHA256

                                        aee7b796ffc86e106a77df7dcc6d53bee59123d760d7e02cfc6b9951df8c4723

                                        SHA512

                                        613ac4c9c12239658156bbebfef65cf017c92ffd9a531f7d284a5b3860725539f5efada1c3fddb663f5de8110cac886fbaa48189c29731ad53c5e3269929099f

                                        Download Submit

                                      • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\sessionstore-backups\recovery.jsonlz4
                                        Filesize

                                        5KB

                                        MD5

                                        661b4e99ea636aca587f096f4d626289

                                        SHA1

                                        9ff57bd6e0b595c7411f3c0a20571269e10926bd

                                        SHA256

                                        ee5708f69eba0fa7992b618cb14ee11861d58a12f881bc849c6c8ef3c21333f9

                                        SHA512

                                        ca018ece0dd5cc0f3fc480974812ec45bc66a3befc03be259d555c9ad501e07dc52dfb0c52abec09d1514df4e566161aa8ba793a11359b2f02e9a6625856e9d8

                                        Download Submit

                                      • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\storage\default\https+++www.youtube.com^partitionKey=%28https%2Cgoogle.com%29\idb\2232182701SeesravbiacteaWDosrgk.sqlite
                                        Filesize

                                        48KB

                                        MD5

                                        7c301ebfc717a7fd52bd610724f6dff5

                                        SHA1

                                        36587fc3320fd3f842e85724ed41e25a0909530f

                                        SHA256

                                        80483a3b4f4430aa4f320e49cf65026a530bfb4e02bc3752377bad84083dc0ed

                                        SHA512

                                        15c7628dc59c554df5c2cc4052c3460e17f33c926568b17acc796ea7bc15ae863c661d9f8e570845be57c2cdc588b47b2a55d05e1730f9b973ed4bcaf3e31578

                                        Download Submit

                                      • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
                                        Filesize

                                        184KB

                                        MD5

                                        7f868e557b098795d645df9ea302427f

                                        SHA1

                                        001f3306144559b4049a8ab139b4139f51e59c0e

                                        SHA256

                                        b228e23ecfb7965e3badefcbb031de0b4bb887634bccb34a826ac8ac89124ac5

                                        SHA512

                                        56fd8aa514cc25db5a2c9191d665eaffe90182cc5e4f15317e0cfbc9adf7336d9ad937d20384b0504f784e5939b76b4c4b0020cb06e4a472c650355cc6c4c89a

                                        Download Submit

                                      • C:\Users\Admin\Downloads\z3-hZwwr.zip.part
                                        Filesize

                                        41KB

                                        MD5

                                        1df9a18b18332f153918030b7b516615

                                        SHA1

                                        6c42c62696616b72bbfc88a4be4ead57aa7bc503

                                        SHA256

                                        bbd05de19aa2af1455c0494639215898a15286d9b05073b6c4817fe24b2c36fa

                                        SHA512

                                        6382ca9c307d66ab7566acf78b1afd44b18b24d766253e1dc1cb3a3c0be96ecf1f2042d6bd3332d49078ffee571cf98869c1284c1d3e5c1c7dc3e4c64f71af80

                                        Download Submit