Analysis

  • max time kernel
    270s
  • max time network
    253s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    05-08-2024 17:15

General

  • Target

    https://youareanidiot.com/

Score
1/10

Malware Config

Signatures

  • Checks processor information in registry 2 TTPs 6 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Modifies registry class 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 4 IoCs
  • Suspicious use of SendNotifyMessage 3 IoCs
  • Suspicious use of SetWindowsHookEx 9 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs
  • Uses Task Scheduler COM API 1 TTPs

    The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.

Processes

  • C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "https://youareanidiot.com/"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2500
    • C:\Program Files\Mozilla Firefox\firefox.exe
      "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url https://youareanidiot.com/
      2⤵
      • Checks processor information in registry
      • Modifies registry class
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SendNotifyMessage
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2116
      • C:\Program Files\Mozilla Firefox\firefox.exe
        "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2116.0.202643697\1076214766" -parentBuildID 20221007134813 -prefsHandle 1240 -prefMapHandle 1204 -prefsLen 20847 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f9afb032-719a-46d0-99d4-2332eaff53da} 2116 "\\.\pipe\gecko-crash-server-pipe.2116" 1336 112d5e58 gpu
        3⤵
          PID:2912
        • C:\Program Files\Mozilla Firefox\firefox.exe
          "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2116.1.1946251242\584033578" -parentBuildID 20221007134813 -prefsHandle 1484 -prefMapHandle 1464 -prefsLen 21708 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {638fbfc3-cec1-42e0-8b95-718e7338d2d1} 2116 "\\.\pipe\gecko-crash-server-pipe.2116" 1496 f6f858 socket
          3⤵
            PID:2676
          • C:\Program Files\Mozilla Firefox\firefox.exe
            "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2116.2.351126937\2057066471" -childID 1 -isForBrowser -prefsHandle 1860 -prefMapHandle 1856 -prefsLen 21746 -prefMapSize 233444 -jsInitHandle 840 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {782c5d94-dda2-4c9e-9f28-c87e647f8b70} 2116 "\\.\pipe\gecko-crash-server-pipe.2116" 1884 43c6c58 tab
            3⤵
              PID:2576
            • C:\Program Files\Mozilla Firefox\firefox.exe
              "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2116.3.1244175085\768252069" -childID 2 -isForBrowser -prefsHandle 2840 -prefMapHandle 2836 -prefsLen 26151 -prefMapSize 233444 -jsInitHandle 840 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {be1703bb-5196-42ba-9947-8807fa9540b7} 2116 "\\.\pipe\gecko-crash-server-pipe.2116" 2852 1d9f4e58 tab
              3⤵
                PID:1648
              • C:\Program Files\Mozilla Firefox\firefox.exe
                "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2116.4.1644942891\1008720431" -childID 3 -isForBrowser -prefsHandle 3716 -prefMapHandle 3724 -prefsLen 26450 -prefMapSize 233444 -jsInitHandle 840 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {56800c25-b802-4a25-9f7d-3488790f991b} 2116 "\\.\pipe\gecko-crash-server-pipe.2116" 3736 2201ec58 tab
                3⤵
                  PID:2940
                • C:\Program Files\Mozilla Firefox\firefox.exe
                  "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2116.5.1485236067\1728829974" -childID 4 -isForBrowser -prefsHandle 3852 -prefMapHandle 3856 -prefsLen 26450 -prefMapSize 233444 -jsInitHandle 840 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {00cacdeb-7171-460b-89b0-c812cd20d379} 2116 "\\.\pipe\gecko-crash-server-pipe.2116" 3840 2201f258 tab
                  3⤵
                    PID:2532
                  • C:\Program Files\Mozilla Firefox\firefox.exe
                    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2116.6.660410430\1869800208" -childID 5 -isForBrowser -prefsHandle 4016 -prefMapHandle 4020 -prefsLen 26450 -prefMapSize 233444 -jsInitHandle 840 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {e16998a2-a009-40e7-9a34-de1576c49f91} 2116 "\\.\pipe\gecko-crash-server-pipe.2116" 4004 220d5e58 tab
                    3⤵
                      PID:660
                    • C:\Program Files\Mozilla Firefox\firefox.exe
                      "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2116.7.2109864643\295632809" -childID 6 -isForBrowser -prefsHandle 2052 -prefMapHandle 2056 -prefsLen 26531 -prefMapSize 233444 -jsInitHandle 840 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {7beb279e-d9ec-4807-b4b8-b4c8eca82ae9} 2116 "\\.\pipe\gecko-crash-server-pipe.2116" 2216 21abfb58 tab
                      3⤵
                        PID:2200
                      • C:\Program Files\Mozilla Firefox\firefox.exe
                        "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2116.8.1090384806\720570800" -childID 7 -isForBrowser -prefsHandle 3920 -prefMapHandle 3916 -prefsLen 26531 -prefMapSize 233444 -jsInitHandle 840 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c1b0c80e-9b16-4063-b2cd-88aa74ef5586} 2116 "\\.\pipe\gecko-crash-server-pipe.2116" 2404 22158e58 tab
                        3⤵
                          PID:2032
                        • C:\Program Files\Mozilla Firefox\firefox.exe
                          "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2116.9.1670940224\287000365" -childID 8 -isForBrowser -prefsHandle 2748 -prefMapHandle 2752 -prefsLen 26531 -prefMapSize 233444 -jsInitHandle 840 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b5eb7839-dd61-48a9-bab0-53885875e3bf} 2116 "\\.\pipe\gecko-crash-server-pipe.2116" 2992 223fe258 tab
                          3⤵
                            PID:2888
                          • C:\Program Files\Mozilla Firefox\firefox.exe
                            "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2116.10.1379965858\570333929" -childID 9 -isForBrowser -prefsHandle 3940 -prefMapHandle 3928 -prefsLen 26531 -prefMapSize 233444 -jsInitHandle 840 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {7b69587f-2c09-476a-81c0-1b633feb3c44} 2116 "\\.\pipe\gecko-crash-server-pipe.2116" 3968 234e5858 tab
                            3⤵
                              PID:1820
                            • C:\Program Files\Mozilla Firefox\firefox.exe
                              "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2116.11.1772099880\779197163" -childID 10 -isForBrowser -prefsHandle 3860 -prefMapHandle 8120 -prefsLen 26531 -prefMapSize 233444 -jsInitHandle 840 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {4c80328b-c5de-4e3b-98ea-0fd61cc0d498} 2116 "\\.\pipe\gecko-crash-server-pipe.2116" 4296 1984e258 tab
                              3⤵
                                PID:1036
                              • C:\Program Files\Mozilla Firefox\firefox.exe
                                "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2116.12.991832712\1464497656" -childID 11 -isForBrowser -prefsHandle 4416 -prefMapHandle 4408 -prefsLen 26531 -prefMapSize 233444 -jsInitHandle 840 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {37e8d8a6-0678-45f4-9428-abd5d65a1b6a} 2116 "\\.\pipe\gecko-crash-server-pipe.2116" 4392 19851258 tab
                                3⤵
                                  PID:2244
                                • C:\Program Files\Mozilla Firefox\firefox.exe
                                  "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2116.13.828956724\2141557118" -childID 12 -isForBrowser -prefsHandle 4404 -prefMapHandle 3860 -prefsLen 26796 -prefMapSize 233444 -jsInitHandle 840 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {978b2039-a8c5-40ba-a98b-bd2f2ed111a7} 2116 "\\.\pipe\gecko-crash-server-pipe.2116" 7972 25938658 tab
                                  3⤵
                                    PID:1744
                                  • C:\Program Files\Mozilla Firefox\firefox.exe
                                    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2116.14.1349154083\1434711083" -parentBuildID 20221007134813 -prefsHandle 3928 -prefMapHandle 3716 -prefsLen 26796 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {549c0ea0-de12-4760-a946-ab14aa8341d2} 2116 "\\.\pipe\gecko-crash-server-pipe.2116" 7956 17b6d358 rdd
                                    3⤵
                                      PID:3240
                                    • C:\Program Files\Mozilla Firefox\firefox.exe
                                      "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2116.15.534847234\2061615015" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 7712 -prefMapHandle 3928 -prefsLen 26796 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {4d166b63-23a1-4ed7-b6b0-6f59c7c02717} 2116 "\\.\pipe\gecko-crash-server-pipe.2116" 7700 17b6e558 utility
                                      3⤵
                                        PID:3304
                                      • C:\Program Files\Mozilla Firefox\firefox.exe
                                        "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2116.16.1437754207\1725460194" -childID 13 -isForBrowser -prefsHandle 7548 -prefMapHandle 7552 -prefsLen 26796 -prefMapSize 233444 -jsInitHandle 840 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {9a9850b2-3648-44c4-931e-f438996d4495} 2116 "\\.\pipe\gecko-crash-server-pipe.2116" 7584 26643158 tab
                                        3⤵
                                          PID:3384
                                        • C:\Program Files\Mozilla Firefox\firefox.exe
                                          "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2116.17.185425139\756233073" -childID 14 -isForBrowser -prefsHandle 7892 -prefMapHandle 2284 -prefsLen 26796 -prefMapSize 233444 -jsInitHandle 840 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {01cc5874-1ff2-4b94-b9db-c4426af14616} 2116 "\\.\pipe\gecko-crash-server-pipe.2116" 2296 26643758 tab
                                          3⤵
                                            PID:3528
                                          • C:\Program Files\Mozilla Firefox\firefox.exe
                                            "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2116.18.1056323509\1239527679" -childID 15 -isForBrowser -prefsHandle 8280 -prefMapHandle 8268 -prefsLen 26796 -prefMapSize 233444 -jsInitHandle 840 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {62bcf7b1-b481-4909-bb9e-a7e30b19eebd} 2116 "\\.\pipe\gecko-crash-server-pipe.2116" 8244 1d51cf58 tab
                                            3⤵
                                              PID:3800
                                            • C:\Program Files\Mozilla Firefox\firefox.exe
                                              "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2116.19.122414123\1007949966" -childID 16 -isForBrowser -prefsHandle 8184 -prefMapHandle 8188 -prefsLen 26796 -prefMapSize 233444 -jsInitHandle 840 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {55062663-8fd0-42c1-b6b8-decabda26046} 2116 "\\.\pipe\gecko-crash-server-pipe.2116" 8276 2309cb58 tab
                                              3⤵
                                                PID:3808

                                          Network

                                          MITRE ATT&CK Enterprise v15

                                          Replay Monitor

                                          Loading Replay Monitor...

                                          Downloads

                                          • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\activity-stream.discovery_stream.json.tmp

                                            Filesize

                                            25KB

                                            MD5

                                            5affcd35137a332dc29dadefb298d487

                                            SHA1

                                            6d16787710f08e81a8b6c5a5d2fdad1d4e90465f

                                            SHA256

                                            78141b2b2ef21c81eda6cda3c111278f80b99da938e694de7b4a0ba70e28ce79

                                            SHA512

                                            1ad09d6b0d3169509c95cbf8300a2464d5cf446d754efc69dbdd6604f9ec672d59e4e2e4170206e219d42953f6a8e54d194e31ea92357bd6d2279a2e3a4e0c67

                                          • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\cache2\doomed\28396

                                            Filesize

                                            9KB

                                            MD5

                                            b8f57393df1099a815d801c203a4147d

                                            SHA1

                                            861a98e1793bf0b7e30e1418bd710147fc6b50af

                                            SHA256

                                            1cbfd0363eb4979256b3b865ae74fcd908402fa4f881f187052ecdc7b6b47e48

                                            SHA512

                                            636b393d97c8f285a9e995f399a66b868fccd96e33c11aa79e70cbd47ddaadfd61eb439d7d999b4c92442115dc70a04c791ba2a8bb29c35390d8b9c19eeb3d3b

                                          • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\cache2\entries\0A73C6E23F02820E5C7F05AD9890531BF91D87DB

                                            Filesize

                                            60KB

                                            MD5

                                            8343c0b46be52fbb6b55a288e95096a2

                                            SHA1

                                            3e7a7837df04c4fd066da1bc402929d1ad7cbed8

                                            SHA256

                                            e591f64b0f703a88e43ff6f428cd546be0b15bf3fde3cdb9b764c48cb1f988d5

                                            SHA512

                                            47905de18d3e7c10b8ce2ba6e0383936921cd832143982510e5f4ba1151d22f8e7a9ef017639d127db784c8bfb97ee99501fe62a09926ad73a4106022b81f082

                                          • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\cache2\entries\46C625DB4964C00323A8EF4C60828B52A454EBB4

                                            Filesize

                                            666KB

                                            MD5

                                            badbbee054904a20cf7ee7c88e29e13d

                                            SHA1

                                            52e8ac80f672395454619918ea34eaf976387858

                                            SHA256

                                            d58bbe0800d60f9a7cfa7ce8757a303442ba71e938be77c0946f1ef53555321d

                                            SHA512

                                            0fc6cca76823756d678d52aa8f2e002e3294885cbdfe1524957eaa2ce98f5820af71c556b96d12d775ba94759c471b06b513f474cc4d1050398bfbf561c8d1f9

                                          • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\cache2\entries\4C7B6F2CAD8B3C17C2BFE488FBEA72FE061AE34B

                                            Filesize

                                            20KB

                                            MD5

                                            7d66d5a7156847bab6df8fd666bae425

                                            SHA1

                                            918a60fd375f081a9ede6090dfa0b6a012b7840c

                                            SHA256

                                            a133c321e50c005be9d5f734c47527ded2c56262c10cc752f46ab1a4c5423051

                                            SHA512

                                            b68350b81656c013b330ecf2e776559eb254f6d1c9d83915f478723317220f1bfe948f170d9fc704f2dab1fcdf6abece6a7213618ac6499447442c45d8de1ab8

                                          • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\cache2\entries\9357B92D7A82DC731CBB46EBC4F197AB314C7C11

                                            Filesize

                                            218KB

                                            MD5

                                            2150ff94ff90b66707067f4fe88a688f

                                            SHA1

                                            ef3c4dd830b43e64489d34f23e00ceb0fa5f32e8

                                            SHA256

                                            241b065418174008deb5fec3021b68bb31c4f243465322573d3735f00523613c

                                            SHA512

                                            3f82f22a241577d0e73f9b70bb13b042a07268e494aafc3ee445c53e49d8bac0f67dd5bff061fc1875ff10ddcd5d9d3b9de004cf0849a1a25c4f226eb359b1a6

                                          • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\cache2\entries\971254C7341460E85C93D0821B91E9985A0B32D6

                                            Filesize

                                            1.2MB

                                            MD5

                                            20548d8803c17cf7929207bb8a4e857f

                                            SHA1

                                            1067bff8bd82f6824a511b8a2c695b0e20b1de75

                                            SHA256

                                            f2e04414a67485e48ec77adadc3a65e3b8a0020d3f4f4f8075c6b79fc4ca0362

                                            SHA512

                                            46d8ca3eb230858305002c789e80001a910f825d74c6d5fb297d9848e278989bfa7599617ba41e7368312ecc2aee973e0de34020760beb782067d45d116c0f3f

                                          • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\cache2\entries\98AF737DD946CA3B37F8CD63EC1E1756F57F2E19

                                            Filesize

                                            36KB

                                            MD5

                                            e776434a74e20f33708a4900893fc643

                                            SHA1

                                            07678de64c64b3cc3556d109910d3fce014a6581

                                            SHA256

                                            edf00dfc01f98e421ca36e62eb56e4b5ef985fc63345e5f74aa516c3e1f38e39

                                            SHA512

                                            4f12259ee4f05314bf25f430b49893d83525788ee30e6134190a6783fc459ebc02a0a18b33897d71fa57ff5e57437d48e27db96a6cdb4c9ca6d2600d68c85f05

                                          • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\cache2\entries\A316A67D82F673191BAD9C75885EB5E7557D7EFD

                                            Filesize

                                            47KB

                                            MD5

                                            ec56b593327d28b85ad8a8eed85996d3

                                            SHA1

                                            2cec72ea218c100f996609cca80b61aabff42bcb

                                            SHA256

                                            f6172c58a29688937d651dab0b5d8e6d418c2e317bafda96a6b26d851b5f4fd0

                                            SHA512

                                            1e28f789389dde2541026ea89e0a961b9e5388939bfabdd63d1aef1d22bd0850537a5b6e3593fbe652bb789e1e4116e4fdff4a502d67a76035d1cebd5493fc2e

                                          • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\cache2\entries\C4AAEE471FD881F41014FF913D963E720F894843

                                            Filesize

                                            14KB

                                            MD5

                                            0e5f7d0064a3d091c8ac19aa1aeb861e

                                            SHA1

                                            cf62a994af896e65967e538408a30f4c73cd6026

                                            SHA256

                                            65a69589e6cb4c585ea3e4f373762ae8c53bbca1586de1cb054a643b4f456c08

                                            SHA512

                                            123d6e5f24efdc4d1bbc5f9ce654df05057f7b635c6ba492a1a581a554fc58bb4f63f30dd4ddfc2f523bbfeff3a782433555f2c4f8d3e61eab62245edb813b4c

                                          • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\cache2\entries\D59E7EA8431582F0C3E1114D9A7804355A66E647

                                            Filesize

                                            142KB

                                            MD5

                                            01c5771769acffaa42706039ecd95699

                                            SHA1

                                            9ad8f8f5dc4c3914369100a42ca4f2bf3650e3ec

                                            SHA256

                                            40d027af492cded1d4e67858716ae53ed942b832ba3c7aaac17b32aaa3e38ad9

                                            SHA512

                                            e268be0416ee4b8228d7bdc4c04be4b171a3739f10f4c6024542a7f703448702ccf4245e8221836a2bb13312ec1e46c31938eb5ada74fb05d802ca9056aa36bd

                                          • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\cache2\entries\D7A4E74EFAE3B5ECC428A1CAF6EEA6BD959D8CC4

                                            Filesize

                                            229KB

                                            MD5

                                            285329edeb989da4408fcf85bb63cbed

                                            SHA1

                                            61b3a1d7b6e61b4f5ea493a6198ab60cca220df4

                                            SHA256

                                            4b38ba2c558c6e8c2c1fd710380c582d6b21bbd5176cd4bb633aa230f27a12e8

                                            SHA512

                                            3a82405f1471ec29c003fe2fd93fb15d4deb73530888dd65313e19f229bc756bce9b008490e9475078ecdeb554d7e71f52357c5d65150205943217a1261fefd1

                                          • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\cache2\entries\E560318F02F0E2FD35176F9FC365E72D99E1B64E

                                            Filesize

                                            54KB

                                            MD5

                                            cf0f86235602b70213ddd8b3f5b8c390

                                            SHA1

                                            59613f3f47841f6dc87e3b9772ae5a4e6c714495

                                            SHA256

                                            6418cdedb09b08cb896563c3becdf12c5e1ead20ae5b5b25ef143e48b79bbbf5

                                            SHA512

                                            49b80a8e91eb68aa6429f4e9d20a1383239e2b6b13377b5c919b9ac22af9de234d4d3cb5c8c64187b492fa7c0bad8e2639db0cbff25c11f017a9220658457aa0

                                          • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\cache2\entries\FC4B8FDC718110FADA00CC33AB81EAD9EEB56324

                                            Filesize

                                            6KB

                                            MD5

                                            0b708c2740ec61d70b7a0faa8a203972

                                            SHA1

                                            ae94919a0cbf9a725374188f2bc987a8e3241bf9

                                            SHA256

                                            bd2c7df9afef3140142f6fccd52e178b347e482d0cfa4474f585e8cedb58a32d

                                            SHA512

                                            4b781c3e64591b653b15cf0cfd651881b39bb6372dd33e2196eaf475ed0885060b821065da414eec8b5a7f3f1c54820bcce40e89beced7c54327017d4393d0ec

                                          • C:\Users\Admin\AppData\Local\Temp\tmpaddon

                                            Filesize

                                            442KB

                                            MD5

                                            85430baed3398695717b0263807cf97c

                                            SHA1

                                            fffbee923cea216f50fce5d54219a188a5100f41

                                            SHA256

                                            a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e

                                            SHA512

                                            06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

                                          • C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

                                            Filesize

                                            8.0MB

                                            MD5

                                            a01c5ecd6108350ae23d2cddf0e77c17

                                            SHA1

                                            c6ac28a2cd979f1f9a75d56271821d5ff665e2b6

                                            SHA256

                                            345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42

                                            SHA512

                                            b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72

                                          • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms

                                            Filesize

                                            20KB

                                            MD5

                                            1e0265e3a2e440d31ba6013ce55e44c4

                                            SHA1

                                            0de035c048b41283c0ca6690ba94e52c9e2b824a

                                            SHA256

                                            81713091e9d3fdb7ee511c1d6035cc171634b9b9f6a89299596ab042135a5c37

                                            SHA512

                                            c8511241230c09bd0d1389f24ce5d50be438d256ffe8d6a2e4b2d0e7a70a9ecdfe1116d93bf8cd84a60c928a004cea9a6a5e260c8ce91a1c10cfba9f5624bcfb

                                          • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\addonStartup.json.lz4

                                            Filesize

                                            5KB

                                            MD5

                                            41b618353b4d2dcf9245fc2b705941c8

                                            SHA1

                                            8da3f96ab69fc7c83e43b3a0f7b04a945fc0bbbd

                                            SHA256

                                            c222e352ebebbcd99e31b336b837b236c9ece69607d6238bd01d40bfd07261cb

                                            SHA512

                                            0f05b4173827eb2e3840ef8eaa7c56f729d7623570b91b126d634a4b057505214f466268a6670602cdde0eb549bc40f367c7a74a562302d5342f5b5c749b5a8b

                                          • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\broadcast-listeners.json

                                            Filesize

                                            204B

                                            MD5

                                            72c95709e1a3b27919e13d28bbe8e8a2

                                            SHA1

                                            00892decbee63d627057730bfc0c6a4f13099ee4

                                            SHA256

                                            9cf589357fceea2f37cd1a925e5d33fd517a44d22a16c357f7fb5d4d187034aa

                                            SHA512

                                            613ca9dd2d12afe31fb2c4a8d9337eeecfb58dabaeaaba11404b9a736a4073dfd9b473ba27c1183d3cc91d5a9233a83dce5a135a81f755d978cea9e198209182

                                          • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\datareporting\glean\db\data.safe.bin

                                            Filesize

                                            2KB

                                            MD5

                                            5423874c3ad5764f288727ef7beb0b77

                                            SHA1

                                            ce749cb707f75fc4f4c06baa5b2bd4ae6d4bc82c

                                            SHA256

                                            7635f2ae3745c764dd6a8301d875dc8c51d842e41d27f116e77724f98c80a736

                                            SHA512

                                            7e39eb678a5b8040d1934f0bee35c2ee85df1b1156d164803eb9058d2df68844c3d823eaa78ab4d94f8f9b718e01a35c5a6946aed6cd1d0261f5d194e8323275

                                          • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\datareporting\glean\pending_pings\162f9f4b-79dc-478e-ace4-687240bb2430

                                            Filesize

                                            745B

                                            MD5

                                            18ce6f2b5bcd6bacd1cc901122f78b5b

                                            SHA1

                                            c4983392e7caf0c7ad82d64ad885ffc2d7b73f4c

                                            SHA256

                                            a766d0773806325794f80f398529e1901b464899d803bf88d5fde58ae9bf1300

                                            SHA512

                                            a0aac37ccd1274fa4e16670f0c7bd4874ce3fba838dce9be95497d62151f73aea1f552c7d92b3452c9590147df7213b286894e5a37cd5b1cd7c1e8763c4d8843

                                          • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\datareporting\glean\pending_pings\1f20f968-4ed8-4fbd-9f93-651cae66f765

                                            Filesize

                                            12KB

                                            MD5

                                            13113deb137a6b77991ed74af01edd6e

                                            SHA1

                                            f5a6f5679afe3d2538ba16fb186eb51d4019114d

                                            SHA256

                                            b03631029856254100b6796cbe7932de8a3ea7c010b30a1a57a7c1f233de5c5b

                                            SHA512

                                            6884a12da44566c847d13025c33348d79f2426e4b2eff9f9172c6739366b5294685a658ec2ceb0b750b3f597bc3b1ee4f9fc7cca3bf97bae0a7cbbeb3c600e50

                                          • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

                                            Filesize

                                            997KB

                                            MD5

                                            fe3355639648c417e8307c6d051e3e37

                                            SHA1

                                            f54602d4b4778da21bc97c7238fc66aa68c8ee34

                                            SHA256

                                            1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e

                                            SHA512

                                            8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

                                          • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

                                            Filesize

                                            116B

                                            MD5

                                            3d33cdc0b3d281e67dd52e14435dd04f

                                            SHA1

                                            4db88689282fd4f9e9e6ab95fcbb23df6e6485db

                                            SHA256

                                            f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b

                                            SHA512

                                            a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

                                          • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

                                            Filesize

                                            479B

                                            MD5

                                            49ddb419d96dceb9069018535fb2e2fc

                                            SHA1

                                            62aa6fea895a8b68d468a015f6e6ab400d7a7ca6

                                            SHA256

                                            2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539

                                            SHA512

                                            48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

                                          • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

                                            Filesize

                                            372B

                                            MD5

                                            8be33af717bb1b67fbd61c3f4b807e9e

                                            SHA1

                                            7cf17656d174d951957ff36810e874a134dd49e0

                                            SHA256

                                            e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd

                                            SHA512

                                            6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

                                          • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

                                            Filesize

                                            11.8MB

                                            MD5

                                            33bf7b0439480effb9fb212efce87b13

                                            SHA1

                                            cee50f2745edc6dc291887b6075ca64d716f495a

                                            SHA256

                                            8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e

                                            SHA512

                                            d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275

                                          • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

                                            Filesize

                                            1KB

                                            MD5

                                            688bed3676d2104e7f17ae1cd2c59404

                                            SHA1

                                            952b2cdf783ac72fcb98338723e9afd38d47ad8e

                                            SHA256

                                            33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237

                                            SHA512

                                            7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

                                          • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

                                            Filesize

                                            1KB

                                            MD5

                                            937326fead5fd401f6cca9118bd9ade9

                                            SHA1

                                            4526a57d4ae14ed29b37632c72aef3c408189d91

                                            SHA256

                                            68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81

                                            SHA512

                                            b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

                                          • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\prefs-1.js

                                            Filesize

                                            7KB

                                            MD5

                                            1e6565f2a644abb49dc40adabf3b7e73

                                            SHA1

                                            234794fb4461a1160fe5bd43e82de64cd103e5e7

                                            SHA256

                                            d6638c27114f2ab694c247412bed2d695823a439e2a5ebb61f0af4d4dfffa37b

                                            SHA512

                                            1043fff58b38c64c70227ce6026672ae07277b1997ed5c6d4909fd446ef070236bafc7adbe996eb55a04bb3edc34f2962f49f2efec0dd4794a69358268ccef6d

                                          • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\prefs-1.js

                                            Filesize

                                            6KB

                                            MD5

                                            ce178bb36f9653c1559243a2559653e1

                                            SHA1

                                            8e453b11be988d6516f1ae3f6ccee8e5d3fea62f

                                            SHA256

                                            c6b3b68512e7fefb10129623e4b446ae9ba22bf651a328a8546f1998496d24c6

                                            SHA512

                                            30eb971499e41d9e7b3f0315b2b2de86d654c90fda86399aa0c1ecb02c3fdf55e929fc74774e61ca38300bd88b65a372e231ff5c6469069fd8a814f5696694ea

                                          • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\prefs-1.js

                                            Filesize

                                            7KB

                                            MD5

                                            58bff05524333e8754cf0b88d0f1a1fb

                                            SHA1

                                            bc22e799375656f031b28c1258b23780ff8c5f0c

                                            SHA256

                                            2a34e3254394cd08a5ed5a3d837ed335fcbc48c6174098347e6c3ca744452cc3

                                            SHA512

                                            2b4cc28e70a803ad2902d404285df91b74567de9aed00b1f59ac470a5a69ff0f499e9ada5ee8527fb8a4b5d3a412f155b86f6ccb1411a4bd2e8479a93b29b082

                                          • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\prefs-1.js

                                            Filesize

                                            6KB

                                            MD5

                                            4e4cf2536a674a89b0ebd75d16cc0a04

                                            SHA1

                                            4bcd5cdeeb850f2c9480ac196a544377eab36bba

                                            SHA256

                                            0577e3ae0b55d17b4241d61eb837f0e618d885ab521ab5eaec065a2dcabfee9a

                                            SHA512

                                            f6a1a5303d7a5492ad646989cd650bdb24ee44878f1240554f005ff8a0e792457bde816b8f627a15c984d9a4a405bf47489d824ec972ddbfc699db67aee7e42a

                                          • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\sessionCheckpoints.json

                                            Filesize

                                            90B

                                            MD5

                                            c4ab2ee59ca41b6d6a6ea911f35bdc00

                                            SHA1

                                            5942cd6505fc8a9daba403b082067e1cdefdfbc4

                                            SHA256

                                            00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2

                                            SHA512

                                            71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2

                                          • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\sessionstore-backups\recovery.jsonlz4

                                            Filesize

                                            5KB

                                            MD5

                                            68c0266898f8e01d67b2c98c645e8abe

                                            SHA1

                                            de42ade3d52f7fd49c6cc6eb92bcbd142012957b

                                            SHA256

                                            035d713b15eeedbe115891c344d206434c28c51678d387bd7482c4d4f8808a5d

                                            SHA512

                                            9131f3ccd575352de8c9d2d32796c381999b337d9097a93fb2df792c1e2e0a1b448f88b57b85248a238ac30a0bea8ee4b453e363490202507ca791d6652e5c8d

                                          • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\sessionstore-backups\recovery.jsonlz4

                                            Filesize

                                            7KB

                                            MD5

                                            1a3304f42ba78c99f201c0d17d2d8c6e

                                            SHA1

                                            de5e6a9c9a56931b4413a44eaaf50ed0d783a511

                                            SHA256

                                            9d7494c96143e76361ad2f7b03a87e6d26acfd9c5e3526bdfa3eac92e022227f

                                            SHA512

                                            10035752aed08037065b9a82194e39d04d43abefbf0f8bd31fb2b5ca49232f3fdb5d83fe1ff4a1adf46316152d81aba4be857473642e4da17a193d1c01d5c7be

                                          • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\sessionstore-backups\recovery.jsonlz4

                                            Filesize

                                            1KB

                                            MD5

                                            db6b2d35e9f821d813365bdc7ce78b8a

                                            SHA1

                                            728a591ed5d6fa7a0c0c171dac550cebee9cbfa6

                                            SHA256

                                            c078553e1bc92611e681d27c1f41f7bdcbb75abd31343d165220fe90650bf9a1

                                            SHA512

                                            3a906d5f42ef6df539637772805b1154e697544a3a59b601e36bfe31ed9e9c35a0e02387b3e550581cf27de987a1dd727c224db9817584fb21335107f7a71a48

                                          • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\sessionstore-backups\recovery.jsonlz4

                                            Filesize

                                            5KB

                                            MD5

                                            3c743565444e120c9f10ef177aec724d

                                            SHA1

                                            287406699726b71bdf858e8bd988775ba3fd2ace

                                            SHA256

                                            7a6a77146e9f31be70def66cf3d3bc1899cfca53ebf9a7c7c61c47e73ba3fc6e

                                            SHA512

                                            29a95616e7620b9e18ac58da5ed0bd4b83c4d37f397e06ed2ddaa297fcaa89661eb95cc9d1461eb1e3325a73e4f9eff6c32225f09328ce0d86ab8b0dc7f796ab

                                          • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\sessionstore-backups\recovery.jsonlz4

                                            Filesize

                                            59KB

                                            MD5

                                            b9edada17dd1260fda92aa8ad7f2c39c

                                            SHA1

                                            23e3142c11838233690fc391b9f1aa61c037a8f8

                                            SHA256

                                            aa82808cb92dc4dd9963eff790d528ff5eda46ae9aa968047dd8daca3ef65f50

                                            SHA512

                                            a22eaf137b30bb2f2d018b7dbfa98b01a8aea06c6e8ca7339f4cde21867751fb91f4e70dabc0fb2afef9c31521a7e2a74012f5518622a36dab26ec23806bcca6

                                          • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

                                            Filesize

                                            192KB

                                            MD5

                                            42263f9209600f5aa3a632651f058084

                                            SHA1

                                            59055da8d80efca6abda91f60472147282675653

                                            SHA256

                                            0e6d4c68c451639b28ad81bd2ded9d4aafcbf873a2c3617a1ea5be2e78825029

                                            SHA512

                                            8262d7b174cac1da2b2f740464fe1f55759c4edf5d319418bb44195a60f83b03cc64491441e1f6d82f128fe8fe2b263fbfffc812df92401a12f18f9f5c8d0c0a

                                          • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9tg2k5l8.default-release\targeting.snapshot.json

                                            Filesize

                                            4KB

                                            MD5

                                            da00043ec0e8fe87df1b73602a2345e5

                                            SHA1

                                            7c378af8fb8f826f25a18f89fc17424008dbe1c6

                                            SHA256

                                            5c58de33bd1e4e4e7773fb3a7a10e0cd971185b6f158d801b2cfa5fae78adba8

                                            SHA512

                                            bd471b79b9b61c3051363a87d66190bf380261eeef58f054cc72dfcede177c47e1ae5d5ab0040f8e3b4562ab39d8f8fee773153aa3712951134cea2f396bcdc6