Analysis
-
max time kernel
270s -
max time network
253s -
platform
windows7_x64 -
resource
win7-20240705-en -
resource tags
arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system -
submitted
05-08-2024 17:15
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
https://youareanidiot.com/
Resource
win7-20240705-en
General
-
Target
https://youareanidiot.com/
Malware Config
Signatures
-
Checks processor information in registry 2 TTPs 6 IoCs
Processor information is often read in order to detect sandboxing environments.
description ioc Process Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 firefox.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature firefox.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision firefox.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel firefox.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz firefox.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier firefox.exe -
Modifies registry class 1 IoCs
description ioc Process Key created \REGISTRY\USER\S-1-5-21-1385883288-3042840365-2734249351-1000_Classes\Local Settings firefox.exe -
Suspicious use of AdjustPrivilegeToken 2 IoCs
description pid Process Token: SeDebugPrivilege 2116 firefox.exe Token: SeDebugPrivilege 2116 firefox.exe -
Suspicious use of FindShellTrayWindow 4 IoCs
pid Process 2116 firefox.exe 2116 firefox.exe 2116 firefox.exe 2116 firefox.exe -
Suspicious use of SendNotifyMessage 3 IoCs
pid Process 2116 firefox.exe 2116 firefox.exe 2116 firefox.exe -
Suspicious use of SetWindowsHookEx 9 IoCs
pid Process 2116 firefox.exe 2116 firefox.exe 2116 firefox.exe 2116 firefox.exe 2116 firefox.exe 2116 firefox.exe 2116 firefox.exe 2116 firefox.exe 2116 firefox.exe -
Suspicious use of WriteProcessMemory 64 IoCs
description pid Process procid_target PID 2500 wrote to memory of 2116 2500 firefox.exe 30 PID 2500 wrote to memory of 2116 2500 firefox.exe 30 PID 2500 wrote to memory of 2116 2500 firefox.exe 30 PID 2500 wrote to memory of 2116 2500 firefox.exe 30 PID 2500 wrote to memory of 2116 2500 firefox.exe 30 PID 2500 wrote to memory of 2116 2500 firefox.exe 30 PID 2500 wrote to memory of 2116 2500 firefox.exe 30 PID 2500 wrote to memory of 2116 2500 firefox.exe 30 PID 2500 wrote to memory of 2116 2500 firefox.exe 30 PID 2500 wrote to memory of 2116 2500 firefox.exe 30 PID 2500 wrote to memory of 2116 2500 firefox.exe 30 PID 2500 wrote to memory of 2116 2500 firefox.exe 30 PID 2116 wrote to memory of 2912 2116 firefox.exe 31 PID 2116 wrote to memory of 2912 2116 firefox.exe 31 PID 2116 wrote to memory of 2912 2116 firefox.exe 31 PID 2116 wrote to memory of 2676 2116 firefox.exe 32 PID 2116 wrote to memory of 2676 2116 firefox.exe 32 PID 2116 wrote to memory of 2676 2116 firefox.exe 32 PID 2116 wrote to memory of 2676 2116 firefox.exe 32 PID 2116 wrote to memory of 2676 2116 firefox.exe 32 PID 2116 wrote to memory of 2676 2116 firefox.exe 32 PID 2116 wrote to memory of 2676 2116 firefox.exe 32 PID 2116 wrote to memory of 2676 2116 firefox.exe 32 PID 2116 wrote to memory of 2676 2116 firefox.exe 32 PID 2116 wrote to memory of 2676 2116 firefox.exe 32 PID 2116 wrote to memory of 2676 2116 firefox.exe 32 PID 2116 wrote to memory of 2676 2116 firefox.exe 32 PID 2116 wrote to memory of 2676 2116 firefox.exe 32 PID 2116 wrote to memory of 2676 2116 firefox.exe 32 PID 2116 wrote to memory of 2676 2116 firefox.exe 32 PID 2116 wrote to memory of 2676 2116 firefox.exe 32 PID 2116 wrote to memory of 2676 2116 firefox.exe 32 PID 2116 wrote to memory of 2676 2116 firefox.exe 32 PID 2116 wrote to memory of 2676 2116 firefox.exe 32 PID 2116 wrote to memory of 2676 2116 firefox.exe 32 PID 2116 wrote to memory of 2676 2116 firefox.exe 32 PID 2116 wrote to memory of 2676 2116 firefox.exe 32 PID 2116 wrote to memory of 2676 2116 firefox.exe 32 PID 2116 wrote to memory of 2676 2116 firefox.exe 32 PID 2116 wrote to memory of 2676 2116 firefox.exe 32 PID 2116 wrote to memory of 2676 2116 firefox.exe 32 PID 2116 wrote to memory of 2676 2116 firefox.exe 32 PID 2116 wrote to memory of 2676 2116 firefox.exe 32 PID 2116 wrote to memory of 2676 2116 firefox.exe 32 PID 2116 wrote to memory of 2676 2116 firefox.exe 32 PID 2116 wrote to memory of 2676 2116 firefox.exe 32 PID 2116 wrote to memory of 2676 2116 firefox.exe 32 PID 2116 wrote to memory of 2676 2116 firefox.exe 32 PID 2116 wrote to memory of 2676 2116 firefox.exe 32 PID 2116 wrote to memory of 2676 2116 firefox.exe 32 PID 2116 wrote to memory of 2676 2116 firefox.exe 32 PID 2116 wrote to memory of 2676 2116 firefox.exe 32 PID 2116 wrote to memory of 2676 2116 firefox.exe 32 PID 2116 wrote to memory of 2676 2116 firefox.exe 32 PID 2116 wrote to memory of 2676 2116 firefox.exe 32 PID 2116 wrote to memory of 2676 2116 firefox.exe 32 PID 2116 wrote to memory of 2676 2116 firefox.exe 32 PID 2116 wrote to memory of 2676 2116 firefox.exe 32 PID 2116 wrote to memory of 2676 2116 firefox.exe 32 PID 2116 wrote to memory of 2576 2116 firefox.exe 33 PID 2116 wrote to memory of 2576 2116 firefox.exe 33 PID 2116 wrote to memory of 2576 2116 firefox.exe 33 PID 2116 wrote to memory of 2576 2116 firefox.exe 33 PID 2116 wrote to memory of 2576 2116 firefox.exe 33 -
Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
Processes
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "https://youareanidiot.com/"1⤵
- Suspicious use of WriteProcessMemory
PID:2500 -
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url https://youareanidiot.com/2⤵
- Checks processor information in registry
- Modifies registry class
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2116 -
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2116.0.202643697\1076214766" -parentBuildID 20221007134813 -prefsHandle 1240 -prefMapHandle 1204 -prefsLen 20847 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f9afb032-719a-46d0-99d4-2332eaff53da} 2116 "\\.\pipe\gecko-crash-server-pipe.2116" 1336 112d5e58 gpu3⤵PID:2912
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2116.1.1946251242\584033578" -parentBuildID 20221007134813 -prefsHandle 1484 -prefMapHandle 1464 -prefsLen 21708 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {638fbfc3-cec1-42e0-8b95-718e7338d2d1} 2116 "\\.\pipe\gecko-crash-server-pipe.2116" 1496 f6f858 socket3⤵PID:2676
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2116.2.351126937\2057066471" -childID 1 -isForBrowser -prefsHandle 1860 -prefMapHandle 1856 -prefsLen 21746 -prefMapSize 233444 -jsInitHandle 840 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {782c5d94-dda2-4c9e-9f28-c87e647f8b70} 2116 "\\.\pipe\gecko-crash-server-pipe.2116" 1884 43c6c58 tab3⤵PID:2576
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2116.3.1244175085\768252069" -childID 2 -isForBrowser -prefsHandle 2840 -prefMapHandle 2836 -prefsLen 26151 -prefMapSize 233444 -jsInitHandle 840 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {be1703bb-5196-42ba-9947-8807fa9540b7} 2116 "\\.\pipe\gecko-crash-server-pipe.2116" 2852 1d9f4e58 tab3⤵PID:1648
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2116.4.1644942891\1008720431" -childID 3 -isForBrowser -prefsHandle 3716 -prefMapHandle 3724 -prefsLen 26450 -prefMapSize 233444 -jsInitHandle 840 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {56800c25-b802-4a25-9f7d-3488790f991b} 2116 "\\.\pipe\gecko-crash-server-pipe.2116" 3736 2201ec58 tab3⤵PID:2940
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2116.5.1485236067\1728829974" -childID 4 -isForBrowser -prefsHandle 3852 -prefMapHandle 3856 -prefsLen 26450 -prefMapSize 233444 -jsInitHandle 840 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {00cacdeb-7171-460b-89b0-c812cd20d379} 2116 "\\.\pipe\gecko-crash-server-pipe.2116" 3840 2201f258 tab3⤵PID:2532
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2116.6.660410430\1869800208" -childID 5 -isForBrowser -prefsHandle 4016 -prefMapHandle 4020 -prefsLen 26450 -prefMapSize 233444 -jsInitHandle 840 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {e16998a2-a009-40e7-9a34-de1576c49f91} 2116 "\\.\pipe\gecko-crash-server-pipe.2116" 4004 220d5e58 tab3⤵PID:660
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2116.7.2109864643\295632809" -childID 6 -isForBrowser -prefsHandle 2052 -prefMapHandle 2056 -prefsLen 26531 -prefMapSize 233444 -jsInitHandle 840 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {7beb279e-d9ec-4807-b4b8-b4c8eca82ae9} 2116 "\\.\pipe\gecko-crash-server-pipe.2116" 2216 21abfb58 tab3⤵PID:2200
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2116.8.1090384806\720570800" -childID 7 -isForBrowser -prefsHandle 3920 -prefMapHandle 3916 -prefsLen 26531 -prefMapSize 233444 -jsInitHandle 840 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c1b0c80e-9b16-4063-b2cd-88aa74ef5586} 2116 "\\.\pipe\gecko-crash-server-pipe.2116" 2404 22158e58 tab3⤵PID:2032
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2116.9.1670940224\287000365" -childID 8 -isForBrowser -prefsHandle 2748 -prefMapHandle 2752 -prefsLen 26531 -prefMapSize 233444 -jsInitHandle 840 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b5eb7839-dd61-48a9-bab0-53885875e3bf} 2116 "\\.\pipe\gecko-crash-server-pipe.2116" 2992 223fe258 tab3⤵PID:2888
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2116.10.1379965858\570333929" -childID 9 -isForBrowser -prefsHandle 3940 -prefMapHandle 3928 -prefsLen 26531 -prefMapSize 233444 -jsInitHandle 840 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {7b69587f-2c09-476a-81c0-1b633feb3c44} 2116 "\\.\pipe\gecko-crash-server-pipe.2116" 3968 234e5858 tab3⤵PID:1820
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2116.11.1772099880\779197163" -childID 10 -isForBrowser -prefsHandle 3860 -prefMapHandle 8120 -prefsLen 26531 -prefMapSize 233444 -jsInitHandle 840 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {4c80328b-c5de-4e3b-98ea-0fd61cc0d498} 2116 "\\.\pipe\gecko-crash-server-pipe.2116" 4296 1984e258 tab3⤵PID:1036
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2116.12.991832712\1464497656" -childID 11 -isForBrowser -prefsHandle 4416 -prefMapHandle 4408 -prefsLen 26531 -prefMapSize 233444 -jsInitHandle 840 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {37e8d8a6-0678-45f4-9428-abd5d65a1b6a} 2116 "\\.\pipe\gecko-crash-server-pipe.2116" 4392 19851258 tab3⤵PID:2244
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2116.13.828956724\2141557118" -childID 12 -isForBrowser -prefsHandle 4404 -prefMapHandle 3860 -prefsLen 26796 -prefMapSize 233444 -jsInitHandle 840 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {978b2039-a8c5-40ba-a98b-bd2f2ed111a7} 2116 "\\.\pipe\gecko-crash-server-pipe.2116" 7972 25938658 tab3⤵PID:1744
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2116.14.1349154083\1434711083" -parentBuildID 20221007134813 -prefsHandle 3928 -prefMapHandle 3716 -prefsLen 26796 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {549c0ea0-de12-4760-a946-ab14aa8341d2} 2116 "\\.\pipe\gecko-crash-server-pipe.2116" 7956 17b6d358 rdd3⤵PID:3240
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2116.15.534847234\2061615015" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 7712 -prefMapHandle 3928 -prefsLen 26796 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {4d166b63-23a1-4ed7-b6b0-6f59c7c02717} 2116 "\\.\pipe\gecko-crash-server-pipe.2116" 7700 17b6e558 utility3⤵PID:3304
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2116.16.1437754207\1725460194" -childID 13 -isForBrowser -prefsHandle 7548 -prefMapHandle 7552 -prefsLen 26796 -prefMapSize 233444 -jsInitHandle 840 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {9a9850b2-3648-44c4-931e-f438996d4495} 2116 "\\.\pipe\gecko-crash-server-pipe.2116" 7584 26643158 tab3⤵PID:3384
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2116.17.185425139\756233073" -childID 14 -isForBrowser -prefsHandle 7892 -prefMapHandle 2284 -prefsLen 26796 -prefMapSize 233444 -jsInitHandle 840 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {01cc5874-1ff2-4b94-b9db-c4426af14616} 2116 "\\.\pipe\gecko-crash-server-pipe.2116" 2296 26643758 tab3⤵PID:3528
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2116.18.1056323509\1239527679" -childID 15 -isForBrowser -prefsHandle 8280 -prefMapHandle 8268 -prefsLen 26796 -prefMapSize 233444 -jsInitHandle 840 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {62bcf7b1-b481-4909-bb9e-a7e30b19eebd} 2116 "\\.\pipe\gecko-crash-server-pipe.2116" 8244 1d51cf58 tab3⤵PID:3800
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2116.19.122414123\1007949966" -childID 16 -isForBrowser -prefsHandle 8184 -prefMapHandle 8188 -prefsLen 26796 -prefMapSize 233444 -jsInitHandle 840 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {55062663-8fd0-42c1-b6b8-decabda26046} 2116 "\\.\pipe\gecko-crash-server-pipe.2116" 8276 2309cb58 tab3⤵PID:3808
-
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\activity-stream.discovery_stream.json.tmp
Filesize25KB
MD55affcd35137a332dc29dadefb298d487
SHA16d16787710f08e81a8b6c5a5d2fdad1d4e90465f
SHA25678141b2b2ef21c81eda6cda3c111278f80b99da938e694de7b4a0ba70e28ce79
SHA5121ad09d6b0d3169509c95cbf8300a2464d5cf446d754efc69dbdd6604f9ec672d59e4e2e4170206e219d42953f6a8e54d194e31ea92357bd6d2279a2e3a4e0c67
-
Filesize
9KB
MD5b8f57393df1099a815d801c203a4147d
SHA1861a98e1793bf0b7e30e1418bd710147fc6b50af
SHA2561cbfd0363eb4979256b3b865ae74fcd908402fa4f881f187052ecdc7b6b47e48
SHA512636b393d97c8f285a9e995f399a66b868fccd96e33c11aa79e70cbd47ddaadfd61eb439d7d999b4c92442115dc70a04c791ba2a8bb29c35390d8b9c19eeb3d3b
-
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\cache2\entries\0A73C6E23F02820E5C7F05AD9890531BF91D87DB
Filesize60KB
MD58343c0b46be52fbb6b55a288e95096a2
SHA13e7a7837df04c4fd066da1bc402929d1ad7cbed8
SHA256e591f64b0f703a88e43ff6f428cd546be0b15bf3fde3cdb9b764c48cb1f988d5
SHA51247905de18d3e7c10b8ce2ba6e0383936921cd832143982510e5f4ba1151d22f8e7a9ef017639d127db784c8bfb97ee99501fe62a09926ad73a4106022b81f082
-
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\cache2\entries\46C625DB4964C00323A8EF4C60828B52A454EBB4
Filesize666KB
MD5badbbee054904a20cf7ee7c88e29e13d
SHA152e8ac80f672395454619918ea34eaf976387858
SHA256d58bbe0800d60f9a7cfa7ce8757a303442ba71e938be77c0946f1ef53555321d
SHA5120fc6cca76823756d678d52aa8f2e002e3294885cbdfe1524957eaa2ce98f5820af71c556b96d12d775ba94759c471b06b513f474cc4d1050398bfbf561c8d1f9
-
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\cache2\entries\4C7B6F2CAD8B3C17C2BFE488FBEA72FE061AE34B
Filesize20KB
MD57d66d5a7156847bab6df8fd666bae425
SHA1918a60fd375f081a9ede6090dfa0b6a012b7840c
SHA256a133c321e50c005be9d5f734c47527ded2c56262c10cc752f46ab1a4c5423051
SHA512b68350b81656c013b330ecf2e776559eb254f6d1c9d83915f478723317220f1bfe948f170d9fc704f2dab1fcdf6abece6a7213618ac6499447442c45d8de1ab8
-
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\cache2\entries\9357B92D7A82DC731CBB46EBC4F197AB314C7C11
Filesize218KB
MD52150ff94ff90b66707067f4fe88a688f
SHA1ef3c4dd830b43e64489d34f23e00ceb0fa5f32e8
SHA256241b065418174008deb5fec3021b68bb31c4f243465322573d3735f00523613c
SHA5123f82f22a241577d0e73f9b70bb13b042a07268e494aafc3ee445c53e49d8bac0f67dd5bff061fc1875ff10ddcd5d9d3b9de004cf0849a1a25c4f226eb359b1a6
-
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\cache2\entries\971254C7341460E85C93D0821B91E9985A0B32D6
Filesize1.2MB
MD520548d8803c17cf7929207bb8a4e857f
SHA11067bff8bd82f6824a511b8a2c695b0e20b1de75
SHA256f2e04414a67485e48ec77adadc3a65e3b8a0020d3f4f4f8075c6b79fc4ca0362
SHA51246d8ca3eb230858305002c789e80001a910f825d74c6d5fb297d9848e278989bfa7599617ba41e7368312ecc2aee973e0de34020760beb782067d45d116c0f3f
-
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\cache2\entries\98AF737DD946CA3B37F8CD63EC1E1756F57F2E19
Filesize36KB
MD5e776434a74e20f33708a4900893fc643
SHA107678de64c64b3cc3556d109910d3fce014a6581
SHA256edf00dfc01f98e421ca36e62eb56e4b5ef985fc63345e5f74aa516c3e1f38e39
SHA5124f12259ee4f05314bf25f430b49893d83525788ee30e6134190a6783fc459ebc02a0a18b33897d71fa57ff5e57437d48e27db96a6cdb4c9ca6d2600d68c85f05
-
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\cache2\entries\A316A67D82F673191BAD9C75885EB5E7557D7EFD
Filesize47KB
MD5ec56b593327d28b85ad8a8eed85996d3
SHA12cec72ea218c100f996609cca80b61aabff42bcb
SHA256f6172c58a29688937d651dab0b5d8e6d418c2e317bafda96a6b26d851b5f4fd0
SHA5121e28f789389dde2541026ea89e0a961b9e5388939bfabdd63d1aef1d22bd0850537a5b6e3593fbe652bb789e1e4116e4fdff4a502d67a76035d1cebd5493fc2e
-
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\cache2\entries\C4AAEE471FD881F41014FF913D963E720F894843
Filesize14KB
MD50e5f7d0064a3d091c8ac19aa1aeb861e
SHA1cf62a994af896e65967e538408a30f4c73cd6026
SHA25665a69589e6cb4c585ea3e4f373762ae8c53bbca1586de1cb054a643b4f456c08
SHA512123d6e5f24efdc4d1bbc5f9ce654df05057f7b635c6ba492a1a581a554fc58bb4f63f30dd4ddfc2f523bbfeff3a782433555f2c4f8d3e61eab62245edb813b4c
-
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\cache2\entries\D59E7EA8431582F0C3E1114D9A7804355A66E647
Filesize142KB
MD501c5771769acffaa42706039ecd95699
SHA19ad8f8f5dc4c3914369100a42ca4f2bf3650e3ec
SHA25640d027af492cded1d4e67858716ae53ed942b832ba3c7aaac17b32aaa3e38ad9
SHA512e268be0416ee4b8228d7bdc4c04be4b171a3739f10f4c6024542a7f703448702ccf4245e8221836a2bb13312ec1e46c31938eb5ada74fb05d802ca9056aa36bd
-
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\cache2\entries\D7A4E74EFAE3B5ECC428A1CAF6EEA6BD959D8CC4
Filesize229KB
MD5285329edeb989da4408fcf85bb63cbed
SHA161b3a1d7b6e61b4f5ea493a6198ab60cca220df4
SHA2564b38ba2c558c6e8c2c1fd710380c582d6b21bbd5176cd4bb633aa230f27a12e8
SHA5123a82405f1471ec29c003fe2fd93fb15d4deb73530888dd65313e19f229bc756bce9b008490e9475078ecdeb554d7e71f52357c5d65150205943217a1261fefd1
-
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\cache2\entries\E560318F02F0E2FD35176F9FC365E72D99E1B64E
Filesize54KB
MD5cf0f86235602b70213ddd8b3f5b8c390
SHA159613f3f47841f6dc87e3b9772ae5a4e6c714495
SHA2566418cdedb09b08cb896563c3becdf12c5e1ead20ae5b5b25ef143e48b79bbbf5
SHA51249b80a8e91eb68aa6429f4e9d20a1383239e2b6b13377b5c919b9ac22af9de234d4d3cb5c8c64187b492fa7c0bad8e2639db0cbff25c11f017a9220658457aa0
-
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\cache2\entries\FC4B8FDC718110FADA00CC33AB81EAD9EEB56324
Filesize6KB
MD50b708c2740ec61d70b7a0faa8a203972
SHA1ae94919a0cbf9a725374188f2bc987a8e3241bf9
SHA256bd2c7df9afef3140142f6fccd52e178b347e482d0cfa4474f585e8cedb58a32d
SHA5124b781c3e64591b653b15cf0cfd651881b39bb6372dd33e2196eaf475ed0885060b821065da414eec8b5a7f3f1c54820bcce40e89beced7c54327017d4393d0ec
-
Filesize
442KB
MD585430baed3398695717b0263807cf97c
SHA1fffbee923cea216f50fce5d54219a188a5100f41
SHA256a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e
SHA51206511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1
-
Filesize
8.0MB
MD5a01c5ecd6108350ae23d2cddf0e77c17
SHA1c6ac28a2cd979f1f9a75d56271821d5ff665e2b6
SHA256345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42
SHA512b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72
-
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
Filesize20KB
MD51e0265e3a2e440d31ba6013ce55e44c4
SHA10de035c048b41283c0ca6690ba94e52c9e2b824a
SHA25681713091e9d3fdb7ee511c1d6035cc171634b9b9f6a89299596ab042135a5c37
SHA512c8511241230c09bd0d1389f24ce5d50be438d256ffe8d6a2e4b2d0e7a70a9ecdfe1116d93bf8cd84a60c928a004cea9a6a5e260c8ce91a1c10cfba9f5624bcfb
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\addonStartup.json.lz4
Filesize5KB
MD541b618353b4d2dcf9245fc2b705941c8
SHA18da3f96ab69fc7c83e43b3a0f7b04a945fc0bbbd
SHA256c222e352ebebbcd99e31b336b837b236c9ece69607d6238bd01d40bfd07261cb
SHA5120f05b4173827eb2e3840ef8eaa7c56f729d7623570b91b126d634a4b057505214f466268a6670602cdde0eb549bc40f367c7a74a562302d5342f5b5c749b5a8b
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\broadcast-listeners.json
Filesize204B
MD572c95709e1a3b27919e13d28bbe8e8a2
SHA100892decbee63d627057730bfc0c6a4f13099ee4
SHA2569cf589357fceea2f37cd1a925e5d33fd517a44d22a16c357f7fb5d4d187034aa
SHA512613ca9dd2d12afe31fb2c4a8d9337eeecfb58dabaeaaba11404b9a736a4073dfd9b473ba27c1183d3cc91d5a9233a83dce5a135a81f755d978cea9e198209182
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\datareporting\glean\db\data.safe.bin
Filesize2KB
MD55423874c3ad5764f288727ef7beb0b77
SHA1ce749cb707f75fc4f4c06baa5b2bd4ae6d4bc82c
SHA2567635f2ae3745c764dd6a8301d875dc8c51d842e41d27f116e77724f98c80a736
SHA5127e39eb678a5b8040d1934f0bee35c2ee85df1b1156d164803eb9058d2df68844c3d823eaa78ab4d94f8f9b718e01a35c5a6946aed6cd1d0261f5d194e8323275
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\datareporting\glean\pending_pings\162f9f4b-79dc-478e-ace4-687240bb2430
Filesize745B
MD518ce6f2b5bcd6bacd1cc901122f78b5b
SHA1c4983392e7caf0c7ad82d64ad885ffc2d7b73f4c
SHA256a766d0773806325794f80f398529e1901b464899d803bf88d5fde58ae9bf1300
SHA512a0aac37ccd1274fa4e16670f0c7bd4874ce3fba838dce9be95497d62151f73aea1f552c7d92b3452c9590147df7213b286894e5a37cd5b1cd7c1e8763c4d8843
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\datareporting\glean\pending_pings\1f20f968-4ed8-4fbd-9f93-651cae66f765
Filesize12KB
MD513113deb137a6b77991ed74af01edd6e
SHA1f5a6f5679afe3d2538ba16fb186eb51d4019114d
SHA256b03631029856254100b6796cbe7932de8a3ea7c010b30a1a57a7c1f233de5c5b
SHA5126884a12da44566c847d13025c33348d79f2426e4b2eff9f9172c6739366b5294685a658ec2ceb0b750b3f597bc3b1ee4f9fc7cca3bf97bae0a7cbbeb3c600e50
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll
Filesize997KB
MD5fe3355639648c417e8307c6d051e3e37
SHA1f54602d4b4778da21bc97c7238fc66aa68c8ee34
SHA2561ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e
SHA5128f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info
Filesize116B
MD53d33cdc0b3d281e67dd52e14435dd04f
SHA14db88689282fd4f9e9e6ab95fcbb23df6e6485db
SHA256f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b
SHA512a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt
Filesize479B
MD549ddb419d96dceb9069018535fb2e2fc
SHA162aa6fea895a8b68d468a015f6e6ab400d7a7ca6
SHA2562af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539
SHA51248386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json
Filesize372B
MD58be33af717bb1b67fbd61c3f4b807e9e
SHA17cf17656d174d951957ff36810e874a134dd49e0
SHA256e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd
SHA5126125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll
Filesize11.8MB
MD533bf7b0439480effb9fb212efce87b13
SHA1cee50f2745edc6dc291887b6075ca64d716f495a
SHA2568ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e
SHA512d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib
Filesize1KB
MD5688bed3676d2104e7f17ae1cd2c59404
SHA1952b2cdf783ac72fcb98338723e9afd38d47ad8e
SHA25633899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237
SHA5127a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig
Filesize1KB
MD5937326fead5fd401f6cca9118bd9ade9
SHA14526a57d4ae14ed29b37632c72aef3c408189d91
SHA25668a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81
SHA512b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2
-
Filesize
7KB
MD51e6565f2a644abb49dc40adabf3b7e73
SHA1234794fb4461a1160fe5bd43e82de64cd103e5e7
SHA256d6638c27114f2ab694c247412bed2d695823a439e2a5ebb61f0af4d4dfffa37b
SHA5121043fff58b38c64c70227ce6026672ae07277b1997ed5c6d4909fd446ef070236bafc7adbe996eb55a04bb3edc34f2962f49f2efec0dd4794a69358268ccef6d
-
Filesize
6KB
MD5ce178bb36f9653c1559243a2559653e1
SHA18e453b11be988d6516f1ae3f6ccee8e5d3fea62f
SHA256c6b3b68512e7fefb10129623e4b446ae9ba22bf651a328a8546f1998496d24c6
SHA51230eb971499e41d9e7b3f0315b2b2de86d654c90fda86399aa0c1ecb02c3fdf55e929fc74774e61ca38300bd88b65a372e231ff5c6469069fd8a814f5696694ea
-
Filesize
7KB
MD558bff05524333e8754cf0b88d0f1a1fb
SHA1bc22e799375656f031b28c1258b23780ff8c5f0c
SHA2562a34e3254394cd08a5ed5a3d837ed335fcbc48c6174098347e6c3ca744452cc3
SHA5122b4cc28e70a803ad2902d404285df91b74567de9aed00b1f59ac470a5a69ff0f499e9ada5ee8527fb8a4b5d3a412f155b86f6ccb1411a4bd2e8479a93b29b082
-
Filesize
6KB
MD54e4cf2536a674a89b0ebd75d16cc0a04
SHA14bcd5cdeeb850f2c9480ac196a544377eab36bba
SHA2560577e3ae0b55d17b4241d61eb837f0e618d885ab521ab5eaec065a2dcabfee9a
SHA512f6a1a5303d7a5492ad646989cd650bdb24ee44878f1240554f005ff8a0e792457bde816b8f627a15c984d9a4a405bf47489d824ec972ddbfc699db67aee7e42a
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\sessionCheckpoints.json
Filesize90B
MD5c4ab2ee59ca41b6d6a6ea911f35bdc00
SHA15942cd6505fc8a9daba403b082067e1cdefdfbc4
SHA25600ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2
SHA51271ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\sessionstore-backups\recovery.jsonlz4
Filesize5KB
MD568c0266898f8e01d67b2c98c645e8abe
SHA1de42ade3d52f7fd49c6cc6eb92bcbd142012957b
SHA256035d713b15eeedbe115891c344d206434c28c51678d387bd7482c4d4f8808a5d
SHA5129131f3ccd575352de8c9d2d32796c381999b337d9097a93fb2df792c1e2e0a1b448f88b57b85248a238ac30a0bea8ee4b453e363490202507ca791d6652e5c8d
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\sessionstore-backups\recovery.jsonlz4
Filesize7KB
MD51a3304f42ba78c99f201c0d17d2d8c6e
SHA1de5e6a9c9a56931b4413a44eaaf50ed0d783a511
SHA2569d7494c96143e76361ad2f7b03a87e6d26acfd9c5e3526bdfa3eac92e022227f
SHA51210035752aed08037065b9a82194e39d04d43abefbf0f8bd31fb2b5ca49232f3fdb5d83fe1ff4a1adf46316152d81aba4be857473642e4da17a193d1c01d5c7be
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\sessionstore-backups\recovery.jsonlz4
Filesize1KB
MD5db6b2d35e9f821d813365bdc7ce78b8a
SHA1728a591ed5d6fa7a0c0c171dac550cebee9cbfa6
SHA256c078553e1bc92611e681d27c1f41f7bdcbb75abd31343d165220fe90650bf9a1
SHA5123a906d5f42ef6df539637772805b1154e697544a3a59b601e36bfe31ed9e9c35a0e02387b3e550581cf27de987a1dd727c224db9817584fb21335107f7a71a48
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\sessionstore-backups\recovery.jsonlz4
Filesize5KB
MD53c743565444e120c9f10ef177aec724d
SHA1287406699726b71bdf858e8bd988775ba3fd2ace
SHA2567a6a77146e9f31be70def66cf3d3bc1899cfca53ebf9a7c7c61c47e73ba3fc6e
SHA51229a95616e7620b9e18ac58da5ed0bd4b83c4d37f397e06ed2ddaa297fcaa89661eb95cc9d1461eb1e3325a73e4f9eff6c32225f09328ce0d86ab8b0dc7f796ab
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\sessionstore-backups\recovery.jsonlz4
Filesize59KB
MD5b9edada17dd1260fda92aa8ad7f2c39c
SHA123e3142c11838233690fc391b9f1aa61c037a8f8
SHA256aa82808cb92dc4dd9963eff790d528ff5eda46ae9aa968047dd8daca3ef65f50
SHA512a22eaf137b30bb2f2d018b7dbfa98b01a8aea06c6e8ca7339f4cde21867751fb91f4e70dabc0fb2afef9c31521a7e2a74012f5518622a36dab26ec23806bcca6
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
Filesize192KB
MD542263f9209600f5aa3a632651f058084
SHA159055da8d80efca6abda91f60472147282675653
SHA2560e6d4c68c451639b28ad81bd2ded9d4aafcbf873a2c3617a1ea5be2e78825029
SHA5128262d7b174cac1da2b2f740464fe1f55759c4edf5d319418bb44195a60f83b03cc64491441e1f6d82f128fe8fe2b263fbfffc812df92401a12f18f9f5c8d0c0a
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\targeting.snapshot.json
Filesize4KB
MD5da00043ec0e8fe87df1b73602a2345e5
SHA17c378af8fb8f826f25a18f89fc17424008dbe1c6
SHA2565c58de33bd1e4e4e7773fb3a7a10e0cd971185b6f158d801b2cfa5fae78adba8
SHA512bd471b79b9b61c3051363a87d66190bf380261eeef58f054cc72dfcede177c47e1ae5d5ab0040f8e3b4562ab39d8f8fee773153aa3712951134cea2f396bcdc6