d0a51cb03a56aab7c084098b6b242518a79737c9cc5a7c8ec21eb2338e6a5cd1

Analysis

max time kernel
437s
max time network
922s
platform
windows11-21h2_x64
resource
win11-20240802-en
resource tags

arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
submitted
05-08-2024 16:46

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

setup.js
Size

155KB
MD5

c2057776ac17539ab32a3edafaeb811b
SHA1

9a2392d239dc576c3a6098c16a6f0be1874467bf
SHA256

d0a51cb03a56aab7c084098b6b242518a79737c9cc5a7c8ec21eb2338e6a5cd1
SHA512

9e65c94eab68cff74375b85cdfc579fb8c3df465e4c8201975a5b1396523567d2cbd35f021faf7edc05fc9c68fe8a824a10f2b74e06172db6c020f9f896c93be
SSDEEP

3072:MIHm8ak0+NLZaoA9V+hg3XcqJ0avMpzi+7qqHpBkY:RDNLZaoA9V+hg3XcqJ0eMpzi++Y

Score

3^/10

execution

Malware Config

Signatures

Command and Scripting Interpreter: JavaScript 1 TTPs
execution

JavaScript
T1059.007

Checks processor information in registry 2 TTPs 8 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-661032028-162657920-1226909816-1000_Classes\Local Settings	firefox.exe

Suspicious use of AdjustPrivilegeToken 6 IoCs

description	pid	Process
Token: SeDebugPrivilege	2228	firefox.exe
Token: SeDebugPrivilege	2228	firefox.exe
Token: SeDebugPrivilege	2228	firefox.exe
Token: SeDebugPrivilege	2228	firefox.exe
Token: SeDebugPrivilege	2228	firefox.exe
Token: SeDebugPrivilege	2228	firefox.exe

Suspicious use of FindShellTrayWindow 21 IoCs

pid	Process
2228	firefox.exe
2228	firefox.exe
2228	firefox.exe
2228	firefox.exe
2228	firefox.exe
2228	firefox.exe
2228	firefox.exe
2228	firefox.exe
2228	firefox.exe
2228	firefox.exe
2228	firefox.exe
2228	firefox.exe
2228	firefox.exe
2228	firefox.exe
2228	firefox.exe
2228	firefox.exe
2228	firefox.exe
2228	firefox.exe
2228	firefox.exe
2228	firefox.exe
2228	firefox.exe

Suspicious use of SetWindowsHookEx 10 IoCs

pid	Process
2228	firefox.exe
2228	firefox.exe
2228	firefox.exe
2228	firefox.exe
2228	firefox.exe
2228	firefox.exe
2228	firefox.exe
2228	firefox.exe
2228	firefox.exe
2228	firefox.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3472 wrote to memory of 2228	3472	firefox.exe	81
PID 3472 wrote to memory of 2228	3472	firefox.exe	81
PID 3472 wrote to memory of 2228	3472	firefox.exe	81
PID 3472 wrote to memory of 2228	3472	firefox.exe	81
PID 3472 wrote to memory of 2228	3472	firefox.exe	81
PID 3472 wrote to memory of 2228	3472	firefox.exe	81
PID 3472 wrote to memory of 2228	3472	firefox.exe	81
PID 3472 wrote to memory of 2228	3472	firefox.exe	81
PID 3472 wrote to memory of 2228	3472	firefox.exe	81
PID 3472 wrote to memory of 2228	3472	firefox.exe	81
PID 3472 wrote to memory of 2228	3472	firefox.exe	81
PID 2228 wrote to memory of 2332	2228	firefox.exe	82
PID 2228 wrote to memory of 2332	2228	firefox.exe	82
PID 2228 wrote to memory of 2332	2228	firefox.exe	82
PID 2228 wrote to memory of 2332	2228	firefox.exe	82
PID 2228 wrote to memory of 2332	2228	firefox.exe	82
PID 2228 wrote to memory of 2332	2228	firefox.exe	82
PID 2228 wrote to memory of 2332	2228	firefox.exe	82
PID 2228 wrote to memory of 2332	2228	firefox.exe	82
PID 2228 wrote to memory of 2332	2228	firefox.exe	82
PID 2228 wrote to memory of 2332	2228	firefox.exe	82
PID 2228 wrote to memory of 2332	2228	firefox.exe	82
PID 2228 wrote to memory of 2332	2228	firefox.exe	82
PID 2228 wrote to memory of 2332	2228	firefox.exe	82
PID 2228 wrote to memory of 2332	2228	firefox.exe	82
PID 2228 wrote to memory of 2332	2228	firefox.exe	82
PID 2228 wrote to memory of 2332	2228	firefox.exe	82
PID 2228 wrote to memory of 2332	2228	firefox.exe	82
PID 2228 wrote to memory of 2332	2228	firefox.exe	82
PID 2228 wrote to memory of 2332	2228	firefox.exe	82
PID 2228 wrote to memory of 2332	2228	firefox.exe	82
PID 2228 wrote to memory of 2332	2228	firefox.exe	82
PID 2228 wrote to memory of 2332	2228	firefox.exe	82
PID 2228 wrote to memory of 2332	2228	firefox.exe	82
PID 2228 wrote to memory of 2332	2228	firefox.exe	82
PID 2228 wrote to memory of 2332	2228	firefox.exe	82
PID 2228 wrote to memory of 2332	2228	firefox.exe	82
PID 2228 wrote to memory of 2332	2228	firefox.exe	82
PID 2228 wrote to memory of 2332	2228	firefox.exe	82
PID 2228 wrote to memory of 2332	2228	firefox.exe	82
PID 2228 wrote to memory of 2332	2228	firefox.exe	82
PID 2228 wrote to memory of 2332	2228	firefox.exe	82
PID 2228 wrote to memory of 2332	2228	firefox.exe	82
PID 2228 wrote to memory of 2332	2228	firefox.exe	82
PID 2228 wrote to memory of 2332	2228	firefox.exe	82
PID 2228 wrote to memory of 2332	2228	firefox.exe	82
PID 2228 wrote to memory of 2332	2228	firefox.exe	82
PID 2228 wrote to memory of 2332	2228	firefox.exe	82
PID 2228 wrote to memory of 2332	2228	firefox.exe	82
PID 2228 wrote to memory of 2332	2228	firefox.exe	82
PID 2228 wrote to memory of 2332	2228	firefox.exe	82
PID 2228 wrote to memory of 2332	2228	firefox.exe	82
PID 2228 wrote to memory of 2332	2228	firefox.exe	82
PID 2228 wrote to memory of 2332	2228	firefox.exe	82
PID 2228 wrote to memory of 2332	2228	firefox.exe	82
PID 2228 wrote to memory of 2332	2228	firefox.exe	82
PID 2228 wrote to memory of 2812	2228	firefox.exe	83
PID 2228 wrote to memory of 2812	2228	firefox.exe	83
PID 2228 wrote to memory of 2812	2228	firefox.exe	83
PID 2228 wrote to memory of 2812	2228	firefox.exe	83
PID 2228 wrote to memory of 2812	2228	firefox.exe	83
PID 2228 wrote to memory of 2812	2228	firefox.exe	83
PID 2228 wrote to memory of 2812	2228	firefox.exe	83
PID 2228 wrote to memory of 2812	2228	firefox.exe	83

Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
persistence

Query Registry
T1012

C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\setup.js
1⤵
PID:2416

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:3472
- C:\Program Files\Mozilla Firefox\firefox.exe
  "C:\Program Files\Mozilla Firefox\firefox.exe"
  2⤵
  - Checks processor information in registry
  - Modifies registry class
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SetWindowsHookEx
  - Suspicious use of WriteProcessMemory
  PID:2228
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=1992 -parentBuildID 20240401114208 -prefsHandle 1904 -prefMapHandle 1880 -prefsLen 23678 -prefMapSize 244658 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1dd9ada7-ec2b-49da-85e1-ff12e40a1519} 2228 "\\.\pipe\gecko-crash-server-pipe.2228" gpu
    3⤵
    PID:2332
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2396 -parentBuildID 20240401114208 -prefsHandle 2372 -prefMapHandle 2360 -prefsLen 23714 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {6d98433a-740e-477e-ad4e-7a8752b5c92a} 2228 "\\.\pipe\gecko-crash-server-pipe.2228" socket
    3⤵
    PID:2812
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2928 -childID 1 -isForBrowser -prefsHandle 2808 -prefMapHandle 3092 -prefsLen 23855 -prefMapSize 244658 -jsInitHandle 1304 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {4b3eae71-6d72-472b-ada1-e39465190181} 2228 "\\.\pipe\gecko-crash-server-pipe.2228" tab
    3⤵
    PID:1100
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3620 -childID 2 -isForBrowser -prefsHandle 3476 -prefMapHandle 2752 -prefsLen 29088 -prefMapSize 244658 -jsInitHandle 1304 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3c3f598f-baae-48cd-bc58-0ff4e11fff64} 2228 "\\.\pipe\gecko-crash-server-pipe.2228" tab
    3⤵
    PID:1804
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4304 -parentBuildID 20240401114208 -sandboxingKind 0 -prefsHandle 4040 -prefMapHandle 4288 -prefsLen 29088 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {0556372f-5263-4236-844a-6aa11a75ab69} 2228 "\\.\pipe\gecko-crash-server-pipe.2228" utility
    3⤵
    - Checks processor information in registry
    PID:3524
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5528 -childID 3 -isForBrowser -prefsHandle 5524 -prefMapHandle 5496 -prefsLen 27211 -prefMapSize 244658 -jsInitHandle 1304 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3c046933-3318-4b49-babd-60a2ac2392aa} 2228 "\\.\pipe\gecko-crash-server-pipe.2228" tab
    3⤵
    PID:3324
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5660 -childID 4 -isForBrowser -prefsHandle 5668 -prefMapHandle 5672 -prefsLen 27211 -prefMapSize 244658 -jsInitHandle 1304 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {33d9faed-158a-44e0-b121-3d85798e16bd} 2228 "\\.\pipe\gecko-crash-server-pipe.2228" tab
    3⤵
    PID:3060
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5852 -childID 5 -isForBrowser -prefsHandle 5860 -prefMapHandle 5864 -prefsLen 27211 -prefMapSize 244658 -jsInitHandle 1304 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e7c547ad-a80b-4338-a500-5d5d5d4e819d} 2228 "\\.\pipe\gecko-crash-server-pipe.2228" tab
    3⤵
    PID:1500

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\seoxtri5.default-release\activity-stream.discovery_stream.json

Filesize
21KB

MD5
3f55844f0f4ce43a3ba35cde9d862241

SHA1
3d4ed58ca8ec42147d479b4e851d4fd0d293af26

SHA256
e5ac80ae8d78a4109f6f56fcf70ff364acb0155ed0344081c080ff32b1806b8c

SHA512
6e1edcbdb863a0c461f71392e169e6efa8b46ef70e1c1ab04dc8b455ca3e08a92151fc4a39807c9a91cc3be946eb70b88faa3c4265c338c3085fd416cf6483a1

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\seoxtri5.default-release\activity-stream.discovery_stream.json.tmp

Filesize
18KB

MD5
7b30408260cf3ec1d54f057a6abf769a

SHA1
3a09fefd4b527352e68807d2e413c6f9ec8bfa26

SHA256
9f1a0dfdc12fd36ab7a400b006c5add7d0c0219b522e83d69bb72231b83dad7e

SHA512
c18441b11bb301a0f38d8b041b15db4b94f837cc3e1cc661f476bdc86aac180a297dfbb22a0bb1706d6b9dd2c8d285549eb17a84ad0eac0bc9bd2d6eb9a76e60

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon

Filesize
479KB

MD5
09372174e83dbbf696ee732fd2e875bb

SHA1
ba360186ba650a769f9303f48b7200fb5eaccee1

SHA256
c32efac42faf4b9878fb8917c5e71d89ff40de580c4f52f62e11c6cfab55167f

SHA512
b667086ed49579592d435df2b486fe30ba1b62ddd169f19e700cd079239747dd3e20058c285fa9c10a533e34f22b5198ed9b1f92ae560a3067f3e3feacc724f1

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

Filesize
13.8MB

MD5
0a8747a2ac9ac08ae9508f36c6d75692

SHA1
b287a96fd6cc12433adb42193dfe06111c38eaf0

SHA256
32d544baf2facc893057a1d97db33207e642f0dacf235d8500a0b5eff934ce03

SHA512
59521f8c61236641b3299ab460c58c8f5f26fa67e828de853c2cf372f9614d58b9f541aae325b1600ec4f3a47953caacb8122b0dfce7481acfec81045735947d

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms

Filesize
5KB

MD5
871db485c8117783e1341d9c03163ea1

SHA1
fde9960d41636f515f643f316eb82ae68d4f54a8

SHA256
bb22f1cebf0937c55f0a836c3920b1b32ead2847bd4a19fe0747125cd7d169f4

SHA512
047997b7a92b8f3f5ec7d1430ee90ed0ede35b51e622fbf4fe957dc5209dc9a2a6403e9f98b676efe1a716668ec0137671a2d70572997218069470bb28e0d8b9

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\seoxtri5.default-release\AlternateServices.bin

Filesize
8KB

MD5
a4890fa04893c22149ffdbbcba08d3c3

SHA1
b8fd05f4bc4de038ff8f9dcd4b5288519a8c5d4f

SHA256
e4ce1bd7a9ab599a8544b6ead92f733e76f5ffd9941bb5c67ba7c81f100709c2

SHA512
8a54429ca8e3409cbeed5f67601bb48d1913112debced1759c1f5c2463fa80447d95de4636f4232e329541da2c43c153a05362de7b28c348df239b8f99adf319

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\seoxtri5.default-release\bookmarkbackups\bookmarks-2024-08-05_11_2ih6vbhK+0qxg0ocallBYQ==.jsonlz4

Filesize
1004B

MD5
2548d48e249e8879ff36897cc608bc03

SHA1
5b981f972dec210a34075b96cab9d09a81fa1ac1

SHA256
dcba501f0ba8dd66baad9d755d57488a66bff96995f29f1b990e03d24d49fe5a

SHA512
7cfe4b3d4df8abfc0cd5afadb38059d8190146fec7a4e7ccdbd1fd807c4de8d8df355cfdc5856622cc86c17d3da16790f1d092a2306a397ffde63c2eb6710e60

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\seoxtri5.default-release\datareporting\glean\db\data.safe.tmp

Filesize
5KB

MD5
c2811c91e66160042e3534b8d9fb984d

SHA1
2e3f4c40a94afc7e640784dbcacec14d9ec5e692

SHA256
9e09571373d7e8ce1ef4bb6a5a95e9ee04bd664889aaf656216a2834b516ee10

SHA512
ee806ab9ef4b7ac5e7938e0a132912e6a760c998247ed60758be7c98e6bb5357fca08c9108004f0c9fff7ac70519424d4afbb931cd52431c5fc51b7960d2524f

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\seoxtri5.default-release\datareporting\glean\db\data.safe.tmp

Filesize
25KB

MD5
81ce854c0162ac5f4bc730aa6ff12f0a

SHA1
c51a8bfb9feaeaf3fe9d4e74bfd4b08a56800a20

SHA256
dec7478d61a269e4e91d1164324d3d3835956751638040ba040d32c321bfce3f

SHA512
12ceff9d66b07cb0035ec12ead515beec7852db9a4c7bb51be0fb7d5e5eccd64d44f7bd68bef35ad5688ab4830539ed27a19e2990a34058b154a7240bc7ba279

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\seoxtri5.default-release\datareporting\glean\db\data.safe.tmp

Filesize
5KB

MD5
c2e3eae156cd73dfc9051168837682ec

SHA1
f5bb2e7b1f46294da81e70d225519265b24b82df

SHA256
434fb1811c72480c32ffb7321e6347fd5ae26a5f6436cd2db33aa58f7cf7f82b

SHA512
58e10db220824e7a0327ae6da53f1c3a766979f9ebfe0a57a2bd556ac7b5711a2ef28ad1d5df2fa94ae64c2424015795416f82e76263442c8caf6ece3a0ad3ad

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\seoxtri5.default-release\datareporting\glean\db\data.safe.tmp

Filesize
15KB

MD5
1de5d065bda0b0c17e2f79439cc9f11d

SHA1
9a1980013f068fd5cba490cd6cf05e7de9460b46

SHA256
5a8a05ee52e44deb2c93c7ba4febca75d6dab5ef8d5d858c312c0e4c63089c05

SHA512
f16f2a0b5be50da874c57e2550ff252af6ff43711a286c9da32875a018f53f5ff4349b07d4e12f44b0b9fdbe7e4feb1f61e719d6f35f983714bc0e66c7a0732b

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\seoxtri5.default-release\datareporting\glean\pending_pings\0dd45a13-faac-401c-9f87-11a6219e1d1e

Filesize
24KB

MD5
3042203f724cd0617e8f79b7dff6a92a

SHA1
99c4c44b7b6c0b2510f09248548e7b8ed96cb6b9

SHA256
7c0ab3db82ac2bfdafb918d4a8136c3b12cddab22c3ddce3642e7ace4fa06e6c

SHA512
2f60cbecd43f46e721c29e6e30bd88f79ee9d2851c34a82ed14928b45545117c293d8a517542364a180b1f60e60dc04d921eb9569522568c288ee0bd6c527acd

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\seoxtri5.default-release\datareporting\glean\pending_pings\bc19ce89-bbb8-4f6c-b06b-3ed9e6ddb9d7

Filesize
671B

MD5
a0ba6780a47bede9914997937ae477fc

SHA1
95f35e7079227faa6c00854a7b8c5ecd8a124c23

SHA256
e673133e5b8fd73c96fdacad4b4a3934cd36a6aa63f73d3f313fb0065650da3b

SHA512
fa0463e0c3e605b33803a7e3f9119a57b92fd15608fb6adf3f7f4ee51020eea1a52e4dadbfc9122c438d75be3b943067f4abc2d8165c32e16412aed34ce1997f

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\seoxtri5.default-release\datareporting\glean\pending_pings\eb9b8258-bf47-41bc-9f0e-68821575d9bf

Filesize
982B

MD5
ceb29dc69bfedc600c095dd3274151ce

SHA1
ce1f0c124c99f8f1d4df93d9b7b1d426c4b3c76f

SHA256
adab6f20e5397ec7088abe8fd8ade5cc065f033b6a0f851e2c08b8ebe9c2257d

SHA512
f6c5b119c084c9482d38d3c6c7a4b9eb27bc04950e7ff6b5468c64147a087d4a936b1043ac6f8ed3811315329ffb37c7017ecc16616b81388a8a7084dcb7eca7

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\seoxtri5.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.dll

Filesize
1.1MB

MD5
842039753bf41fa5e11b3a1383061a87

SHA1
3e8fe1d7b3ad866b06dca6c7ef1e3c50c406e153

SHA256
d88dd3bfc4a558bb943f3caa2e376da3942e48a7948763bf9a38f707c2cd0c1c

SHA512
d3320f7ac46327b7b974e74320c4d853e569061cb89ca849cd5d1706330aca629abeb4a16435c541900d839f46ff72dfde04128c450f3e1ee63c025470c19157

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\seoxtri5.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.info

Filesize
116B

MD5
2a461e9eb87fd1955cea740a3444ee7a

SHA1
b10755914c713f5a4677494dbe8a686ed458c3c5

SHA256
4107f76ba1d9424555f4e8ea0acef69357dfff89dfa5f0ec72aa4f2d489b17bc

SHA512
34f73f7bf69d7674907f190f257516e3956f825e35a2f03d58201a5a630310b45df393f2b39669f9369d1ac990505a4b6849a0d34e8c136e1402143b6cedf2d3

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\seoxtri5.default-release\gmp-widevinecdm\4.10.2710.0\manifest.json

Filesize
372B

MD5
bf957ad58b55f64219ab3f793e374316

SHA1
a11adc9d7f2c28e04d9b35e23b7616d0527118a1

SHA256
bbab6ca07edbed72a966835c7907b3e60c7aa3d48ddea847e5076bd05f4b1eda

SHA512
79c179b56e4893fb729b225818ab4b95a50b69666ac41d17aad0b37ab0ca8cd9f0848cbc3c5d9e69e4640a8b261d7ced592eae9bcb0e0b63c05a56e7c477f44e

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\seoxtri5.default-release\gmp-widevinecdm\4.10.2710.0\widevinecdm.dll

Filesize
17.8MB

MD5
daf7ef3acccab478aaa7d6dc1c60f865

SHA1
f8246162b97ce4a945feced27b6ea114366ff2ad

SHA256
bc40c7821dcd3fea9923c6912ab1183a942c11b7690cfd79ed148ded0228777e

SHA512
5840a45cfdb12c005e117608b1e5d946e1b2e76443ed39ba940d7f56de4babeab09bee7e64b903eb82bb37624c0a0ef19e9b59fbe2ce2f0e0b1c7a6015a63f75

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\seoxtri5.default-release\prefs-1.js

Filesize
12KB

MD5
f0bcc9f84ba0a795adadd001b432ac9b

SHA1
ed1f232b6a551e776917ed8ae67b3475f3ee17eb

SHA256
3056fe5bf9aa42588bbf6e15713b54b4c81c32fc5e3b5eea784b9ce9d1a77a6f

SHA512
8f595bcebc9088bb4869accadfaf1e78ee6867ee3cf5c977e42d0af52e0413ce79796e2cd9ae95685a2dc5cbee46781aa6b2a84283f0443801e1665dbb989f17

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\seoxtri5.default-release\prefs-1.js

Filesize
13KB

MD5
9cae9bb035b26c8be45d4f9ae840ad86

SHA1
ec30e01f7176474fae9bb5d1b55551c349320732

SHA256
63c67561304de187ea195cf1588d5a90a11799bd26d67ad10f89b417a20dc10d

SHA512
ab6e2ac01ffaf92773f855ffafe862ff9ce1e90512f7174c6c05bb56d78f2008fda8efe50228813dbcc0eeca8812c337a27a386344b25fd125a45170d07ef016

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\seoxtri5.default-release\prefs.js

Filesize
10KB

MD5
0c52186c7d2cda32fa2718bdb6229a4f

SHA1
2d40602643fa9d4f00c8921c633f54cddd3980fb

SHA256
bcff5c424973073784b66cef56db59401c8afa2cf6e989b2e1738f8bd223b050

SHA512
3408d79c71749bebc5b49705a29b74b46ea1b9d773a6982c7b1823710a4fd232aa74aca46090e2d6bf682a8459b9d51636854e8920c0452cdf08a611d3118437

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\seoxtri5.default-release\sessionstore-backups\recovery.baklz4

Filesize
1KB

MD5
fba7ee9e8f3535c369cf5b4109747d83

SHA1
7300f81a102898a5759c23f3c6bf04502a10466f

SHA256
eced87e77df1c99385e53795555353d86a2f342607b788e1ed2bf86e99cb463e

SHA512
da239ac58bcd30bccd0690689046fa2dabd9c6c7ae358be91c46b33fe606d54bc86d32096fdb52ec85ce21a846f6e574053377795f18429d450fb433e57d2606

Download Submit