hxxps://assets[.]msn[.]com/service/msn/livetile/singletile?market=en-US&source=appxmanifest&tenant=amp&vertical=finance

Analysis

max time kernel
242s
max time network
272s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
09/08/2024, 14:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://assets.msn.com/service/msn/livetile/singletile?market=en-US&source=appxmanifest&tenant=amp&vertical=finance

Score

1^/10

Malware Config

Signatures

Checks processor information in registry 2 TTPs 8 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	firefox.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-656926755-4116854191-210765258-1000_Classes\Local Settings	firefox.exe

Suspicious use of AdjustPrivilegeToken 6 IoCs

description	pid	Process
Token: SeDebugPrivilege	2044	firefox.exe
Token: SeDebugPrivilege	2044	firefox.exe
Token: SeDebugPrivilege	2044	firefox.exe
Token: SeDebugPrivilege	2044	firefox.exe
Token: SeDebugPrivilege	2044	firefox.exe
Token: SeDebugPrivilege	2044	firefox.exe

Suspicious use of FindShellTrayWindow 21 IoCs

pid	Process
2044	firefox.exe
2044	firefox.exe
2044	firefox.exe
2044	firefox.exe
2044	firefox.exe
2044	firefox.exe
2044	firefox.exe
2044	firefox.exe
2044	firefox.exe
2044	firefox.exe
2044	firefox.exe
2044	firefox.exe
2044	firefox.exe
2044	firefox.exe
2044	firefox.exe
2044	firefox.exe
2044	firefox.exe
2044	firefox.exe
2044	firefox.exe
2044	firefox.exe
2044	firefox.exe

Suspicious use of SendNotifyMessage 20 IoCs

pid	Process
2044	firefox.exe
2044	firefox.exe
2044	firefox.exe
2044	firefox.exe
2044	firefox.exe
2044	firefox.exe
2044	firefox.exe
2044	firefox.exe
2044	firefox.exe
2044	firefox.exe
2044	firefox.exe
2044	firefox.exe
2044	firefox.exe
2044	firefox.exe
2044	firefox.exe
2044	firefox.exe
2044	firefox.exe
2044	firefox.exe
2044	firefox.exe
2044	firefox.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2044	firefox.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3728 wrote to memory of 2044	3728	firefox.exe	83
PID 3728 wrote to memory of 2044	3728	firefox.exe	83
PID 3728 wrote to memory of 2044	3728	firefox.exe	83
PID 3728 wrote to memory of 2044	3728	firefox.exe	83
PID 3728 wrote to memory of 2044	3728	firefox.exe	83
PID 3728 wrote to memory of 2044	3728	firefox.exe	83
PID 3728 wrote to memory of 2044	3728	firefox.exe	83
PID 3728 wrote to memory of 2044	3728	firefox.exe	83
PID 3728 wrote to memory of 2044	3728	firefox.exe	83
PID 3728 wrote to memory of 2044	3728	firefox.exe	83
PID 3728 wrote to memory of 2044	3728	firefox.exe	83
PID 2044 wrote to memory of 540	2044	firefox.exe	84
PID 2044 wrote to memory of 540	2044	firefox.exe	84
PID 2044 wrote to memory of 540	2044	firefox.exe	84
PID 2044 wrote to memory of 540	2044	firefox.exe	84
PID 2044 wrote to memory of 540	2044	firefox.exe	84
PID 2044 wrote to memory of 540	2044	firefox.exe	84
PID 2044 wrote to memory of 540	2044	firefox.exe	84
PID 2044 wrote to memory of 540	2044	firefox.exe	84
PID 2044 wrote to memory of 540	2044	firefox.exe	84
PID 2044 wrote to memory of 540	2044	firefox.exe	84
PID 2044 wrote to memory of 540	2044	firefox.exe	84
PID 2044 wrote to memory of 540	2044	firefox.exe	84
PID 2044 wrote to memory of 540	2044	firefox.exe	84
PID 2044 wrote to memory of 540	2044	firefox.exe	84
PID 2044 wrote to memory of 540	2044	firefox.exe	84
PID 2044 wrote to memory of 540	2044	firefox.exe	84
PID 2044 wrote to memory of 540	2044	firefox.exe	84
PID 2044 wrote to memory of 540	2044	firefox.exe	84
PID 2044 wrote to memory of 540	2044	firefox.exe	84
PID 2044 wrote to memory of 540	2044	firefox.exe	84
PID 2044 wrote to memory of 540	2044	firefox.exe	84
PID 2044 wrote to memory of 540	2044	firefox.exe	84
PID 2044 wrote to memory of 540	2044	firefox.exe	84
PID 2044 wrote to memory of 540	2044	firefox.exe	84
PID 2044 wrote to memory of 540	2044	firefox.exe	84
PID 2044 wrote to memory of 540	2044	firefox.exe	84
PID 2044 wrote to memory of 540	2044	firefox.exe	84
PID 2044 wrote to memory of 540	2044	firefox.exe	84
PID 2044 wrote to memory of 540	2044	firefox.exe	84
PID 2044 wrote to memory of 540	2044	firefox.exe	84
PID 2044 wrote to memory of 540	2044	firefox.exe	84
PID 2044 wrote to memory of 540	2044	firefox.exe	84
PID 2044 wrote to memory of 540	2044	firefox.exe	84
PID 2044 wrote to memory of 540	2044	firefox.exe	84
PID 2044 wrote to memory of 540	2044	firefox.exe	84
PID 2044 wrote to memory of 540	2044	firefox.exe	84
PID 2044 wrote to memory of 540	2044	firefox.exe	84
PID 2044 wrote to memory of 540	2044	firefox.exe	84
PID 2044 wrote to memory of 540	2044	firefox.exe	84
PID 2044 wrote to memory of 540	2044	firefox.exe	84
PID 2044 wrote to memory of 540	2044	firefox.exe	84
PID 2044 wrote to memory of 540	2044	firefox.exe	84
PID 2044 wrote to memory of 540	2044	firefox.exe	84
PID 2044 wrote to memory of 540	2044	firefox.exe	84
PID 2044 wrote to memory of 540	2044	firefox.exe	84
PID 2044 wrote to memory of 4868	2044	firefox.exe	85
PID 2044 wrote to memory of 4868	2044	firefox.exe	85
PID 2044 wrote to memory of 4868	2044	firefox.exe	85
PID 2044 wrote to memory of 4868	2044	firefox.exe	85
PID 2044 wrote to memory of 4868	2044	firefox.exe	85
PID 2044 wrote to memory of 4868	2044	firefox.exe	85
PID 2044 wrote to memory of 4868	2044	firefox.exe	85
PID 2044 wrote to memory of 4868	2044	firefox.exe	85

Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
persistence

Query Registry
T1012

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "https://assets.msn.com/service/msn/livetile/singletile?market=en-US&source=appxmanifest&tenant=amp&vertical=finance"
1⤵
- Suspicious use of WriteProcessMemory
PID:3728
- C:\Program Files\Mozilla Firefox\firefox.exe
  "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url https://assets.msn.com/service/msn/livetile/singletile?market=en-US&source=appxmanifest&tenant=amp&vertical=finance
  2⤵
  - Checks processor information in registry
  - Modifies registry class
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SendNotifyMessage
  - Suspicious use of SetWindowsHookEx
  - Suspicious use of WriteProcessMemory
  PID:2044
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2024 -parentBuildID 20240401114208 -prefsHandle 1956 -prefMapHandle 1948 -prefsLen 23680 -prefMapSize 244658 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b2cfd998-0ac1-473a-a75d-f152467e7fcd} 2044 "\\.\pipe\gecko-crash-server-pipe.2044" gpu
    3⤵
    PID:540
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2468 -parentBuildID 20240401114208 -prefsHandle 2444 -prefMapHandle 2432 -prefsLen 24600 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {982f1ed8-4192-4697-90d8-2f0201f664d9} 2044 "\\.\pipe\gecko-crash-server-pipe.2044" socket
    3⤵
    PID:4868
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2992 -childID 1 -isForBrowser -prefsHandle 3080 -prefMapHandle 3032 -prefsLen 22652 -prefMapSize 244658 -jsInitHandle 988 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {13894078-b6a8-4f1a-92ed-a2b5d2da0b68} 2044 "\\.\pipe\gecko-crash-server-pipe.2044" tab
    3⤵
    PID:1656
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3920 -childID 2 -isForBrowser -prefsHandle 3932 -prefMapHandle 3928 -prefsLen 29090 -prefMapSize 244658 -jsInitHandle 988 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c79e3bd2-f1f6-446d-b16b-2d1f7a493baa} 2044 "\\.\pipe\gecko-crash-server-pipe.2044" tab
    3⤵
    PID:1928
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4964 -parentBuildID 20240401114208 -sandboxingKind 0 -prefsHandle 4960 -prefMapHandle 4968 -prefsLen 29090 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5b22faa0-a3d4-4bda-83b5-ab570bdc435a} 2044 "\\.\pipe\gecko-crash-server-pipe.2044" utility
    3⤵
    - Checks processor information in registry
    PID:3864
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5356 -childID 3 -isForBrowser -prefsHandle 5324 -prefMapHandle 5288 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 988 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {8d3b6787-fad5-435c-bf95-8284fa11577f} 2044 "\\.\pipe\gecko-crash-server-pipe.2044" tab
    3⤵
    PID:4384
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5492 -childID 4 -isForBrowser -prefsHandle 5500 -prefMapHandle 5504 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 988 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {69453f02-825d-4ebf-8f20-0ea86a5b7e58} 2044 "\\.\pipe\gecko-crash-server-pipe.2044" tab
    3⤵
    PID:4372
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5708 -childID 5 -isForBrowser -prefsHandle 5784 -prefMapHandle 5780 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 988 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c71190b7-bde9-4a90-b273-8ad761a8a96c} 2044 "\\.\pipe\gecko-crash-server-pipe.2044" tab
    3⤵
    PID:436

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\5utpapi8.default-release\cache2\entries\E449899591A9BC91DFBA673EC0589B51E541A88B

Filesize
13KB

MD5
28f35eb1007e21f0c43265c6cff55850

SHA1
dc097d7fc2d3a1980e01532b86be5977e203c8ce

SHA256
a1a3e36e4169dc8dfa9f6a566d46d2a71129fe98b8b0cb9794584735647e2a7a

SHA512
7b0380a29f082be9ad50f81bf77c5e4b0bf9a4715ccd72d642445c2b21525bf05e25605d06238aaf025fe4ff1f72073083eb8df13817cd32040d35b6e0bea274

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon

Filesize
479KB

MD5
09372174e83dbbf696ee732fd2e875bb

SHA1
ba360186ba650a769f9303f48b7200fb5eaccee1

SHA256
c32efac42faf4b9878fb8917c5e71d89ff40de580c4f52f62e11c6cfab55167f

SHA512
b667086ed49579592d435df2b486fe30ba1b62ddd169f19e700cd079239747dd3e20058c285fa9c10a533e34f22b5198ed9b1f92ae560a3067f3e3feacc724f1

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

Filesize
13.8MB

MD5
0a8747a2ac9ac08ae9508f36c6d75692

SHA1
b287a96fd6cc12433adb42193dfe06111c38eaf0

SHA256
32d544baf2facc893057a1d97db33207e642f0dacf235d8500a0b5eff934ce03

SHA512
59521f8c61236641b3299ab460c58c8f5f26fa67e828de853c2cf372f9614d58b9f541aae325b1600ec4f3a47953caacb8122b0dfce7481acfec81045735947d

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\WHPA40YUHAH2BL748ES9.temp

Filesize
7KB

MD5
e34730c703e715aba07c473f29995069

SHA1
d1ab393206af5817197e5ef61c7909a507695c85

SHA256
c1feaec051e3c1f4228bc54d3129bc37bf139f5811803f3643983a663a1ffb02

SHA512
41dc377e2cb12060c3a58c75d662a42e5cbba5f2cdfb766a8a29d0411476f7db9045c76117236f7fd7f68d266060d7df03c046d65be809c8232a50a6361f3359

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5utpapi8.default-release\AlternateServices.bin

Filesize
8KB

MD5
14fc55d4afef0608695f4e29d55785ec

SHA1
3e480523a1b93f707c09ae3000b3b47a36d7d223

SHA256
01387e15de70fe5606326815606757c65a741b09d8f77363ccc01234500cd0c6

SHA512
7363fc2f6c797470b98bb530752ba360068a3eaac38440b44b1e0012fc6c8a126f77b1133f859af28cbbdc7cede705f86188c41860bd1b2805b95ff805210eb1

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5utpapi8.default-release\datareporting\glean\db\data.safe.tmp

Filesize
5KB

MD5
3d1002d2bfbc77e368c6d14c50bc5f0e

SHA1
530b38a883c49f7bbb82a9077e67f339a02e8b36

SHA256
6d61eb2cdba3e9646d762e489ff113c32920ea5fff200100d93d404a13d5df02

SHA512
b1397d0d5abf78344e0b777be5812b5764aa5548fc881636507a778310fcea29dfb0b89f933b3e9a26610a7c460ce85064cb520044afc034106cb10ddaf16739

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5utpapi8.default-release\datareporting\glean\db\data.safe.tmp

Filesize
6KB

MD5
bf968e6a8fabf814ee76b40835bf449e

SHA1
127c288b0c5b28543cf051c68788ad1cb5a5ab6b

SHA256
1b1e99a158cdf6da0fb5d5f9e3a6abbb2ac64bd43993bf63333822e8e8d15b2c

SHA512
f61fbc13375d01356f93b358d6069fdd06f009bd0f60adc11d9ee7d0c1f06ac37c0a68151bde6f18634b997442d5d720103fb2727bd2c57f8d2e39faedbaadde

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5utpapi8.default-release\datareporting\glean\db\data.safe.tmp

Filesize
24KB

MD5
e5402876328906e9e9380e1f3b755d8c

SHA1
ec3969afecc57375ed13e24870a0b62c6fa65cdf

SHA256
2bef19d827933c1d97191f97eb61db006d69c348d549d3917adae1c4e70b9565

SHA512
5e56db9e450275c9f8fcbfc721e6ce74ec804027644a9c14c092e48541c2058f0c04c7e9535e0531c7ebeb9135c0d42bdc7b90cc9f1a2dc4931c96084f98dc31

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5utpapi8.default-release\datareporting\glean\db\data.safe.tmp

Filesize
24KB

MD5
9f209fa920a693a816ecbbd09f2cc6a0

SHA1
c244a92fc5b455a908bac840acc654d2c6d221e4

SHA256
4861bab82e839495088181a06b5da3c2467411828491550cd3990691ba76fcc7

SHA512
3d6adc8807d10977178b6cab151ec207d55acba1ab509a7cc07aa35d14f40810ce22eb1e6c19e56f6401be09d1fe44e673325312646220d6d562cb58e9c90cd5

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5utpapi8.default-release\datareporting\glean\pending_pings\0b835317-b616-44ba-ae98-e0a5a4116164

Filesize
671B

MD5
b311d074e958fda76c18d4464a1f06e9

SHA1
272542bc8d82772c53ad7ce30fa22bea5c96f0cd

SHA256
5bb2fab9ef5a26375f0a5200e1a489ef476aad0c16c40acec65dbe8c2ac25da3

SHA512
fb7c5417586bab25909a6de6a6681b3cb2d6be9e31e04c3e5802109b6ccbfa659a8ffc2ab0a6ab613bfba339418eedebdb325fd8fa482e4d307d42bf6a0d6fae

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5utpapi8.default-release\datareporting\glean\pending_pings\534524c6-730f-479c-8b13-0aaa410df3b6

Filesize
982B

MD5
5504d37468a74636709b4b5de1e64102

SHA1
02cb54f053d1ae13352d25e5ed75e17c9588debd

SHA256
4c498c44d646178c7bdac178089abc2c69620203e4b2f5186bc3d252c2eaa514

SHA512
9707156e2bad8e445e9f2c150b358b511646623be76636ca8f18e8d023a342089007ab70f3e9498c13ee52f3c95994dcab65b98fecadc850e3c7aa583fd80562

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5utpapi8.default-release\datareporting\glean\pending_pings\f3a9f306-ffcb-48f0-ba94-cd3d46c58333

Filesize
27KB

MD5
cc98a48397a360eb5b24721eba5fe875

SHA1
02cd0739a6590ee7c0cf7da0a001b134c0102c84

SHA256
098dadbacdb74a95a803e6e6efa314532c58c08df45460a62b677f4361e744d8

SHA512
3f0c2e03d1c063829accf4cb4a9e6ec8e761bb440aa504c3ee2a19a7925a8947bedc579f0d9207487172d6ff5f800e52f19390b6caa4407ed24b033db41006c7

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5utpapi8.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.dll

Filesize
1.1MB

MD5
842039753bf41fa5e11b3a1383061a87

SHA1
3e8fe1d7b3ad866b06dca6c7ef1e3c50c406e153

SHA256
d88dd3bfc4a558bb943f3caa2e376da3942e48a7948763bf9a38f707c2cd0c1c

SHA512
d3320f7ac46327b7b974e74320c4d853e569061cb89ca849cd5d1706330aca629abeb4a16435c541900d839f46ff72dfde04128c450f3e1ee63c025470c19157

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5utpapi8.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.info

Filesize
116B

MD5
2a461e9eb87fd1955cea740a3444ee7a

SHA1
b10755914c713f5a4677494dbe8a686ed458c3c5

SHA256
4107f76ba1d9424555f4e8ea0acef69357dfff89dfa5f0ec72aa4f2d489b17bc

SHA512
34f73f7bf69d7674907f190f257516e3956f825e35a2f03d58201a5a630310b45df393f2b39669f9369d1ac990505a4b6849a0d34e8c136e1402143b6cedf2d3

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5utpapi8.default-release\gmp-widevinecdm\4.10.2710.0\manifest.json

Filesize
372B

MD5
bf957ad58b55f64219ab3f793e374316

SHA1
a11adc9d7f2c28e04d9b35e23b7616d0527118a1

SHA256
bbab6ca07edbed72a966835c7907b3e60c7aa3d48ddea847e5076bd05f4b1eda

SHA512
79c179b56e4893fb729b225818ab4b95a50b69666ac41d17aad0b37ab0ca8cd9f0848cbc3c5d9e69e4640a8b261d7ced592eae9bcb0e0b63c05a56e7c477f44e

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5utpapi8.default-release\gmp-widevinecdm\4.10.2710.0\widevinecdm.dll

Filesize
17.8MB

MD5
daf7ef3acccab478aaa7d6dc1c60f865

SHA1
f8246162b97ce4a945feced27b6ea114366ff2ad

SHA256
bc40c7821dcd3fea9923c6912ab1183a942c11b7690cfd79ed148ded0228777e

SHA512
5840a45cfdb12c005e117608b1e5d946e1b2e76443ed39ba940d7f56de4babeab09bee7e64b903eb82bb37624c0a0ef19e9b59fbe2ce2f0e0b1c7a6015a63f75

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5utpapi8.default-release\prefs-1.js

Filesize
12KB

MD5
ec0273dc35d48a6b35a3716805124b6a

SHA1
c707427da18474ee9e575f138d52de982c96ff12

SHA256
2b2f40bcbef2b2260f6a60643e2f205127ecadc86b1415b7eba74b639fa4fa88

SHA512
f7e02937131bfa9d64419b12853b0f334bcf22dd634fd1db7432b66756337c1f29c07bc03737dd2eac8b4284b1b05624bac651a934e0c5c270f3d32655dc8e29

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5utpapi8.default-release\prefs-1.js

Filesize
16KB

MD5
c820a4268a3be258447cf60c9d72a78e

SHA1
5a7b27d2123ff04ed0c5531a2170799389bfce37

SHA256
9b5e91ebfe315131002a87dc3474fa2519043fba0a68cb98e7bdb24d01ec8521

SHA512
6dd94d50b223cf9988333f629d66d503ccff731a49c72de6aee36c283a082571f0960defd0e8c7257e6d1fe498f99499d7e8194be888fee2a93b03f3ceb937df

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5utpapi8.default-release\prefs.js

Filesize
11KB

MD5
1a300e98435abf68b9a4621d985451db

SHA1
213b41df60598f01132c7c27e0abcca85f34ee63

SHA256
60f3039121f2ac64369521cee56e53a43fa88e11f3f00e5e4dd820af2035bd0d

SHA512
dfe8ba0ce52a5316aa3b28c7d86ed46506b1c4b817e7262bcf6408ca50e27ea582b6e08ccf488d2393c864d4bb2a7ea5d1e2c921aa631b03127a663927e56fac

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5utpapi8.default-release\prefs.js

Filesize
16KB

MD5
befdffe3b3ebc96de9db474857f5215b

SHA1
6d3b8ebdf6a50c428405185984e35fbab934b2c2

SHA256
43ab8ab7d24dfe9c03296bf35baf3fbdacea72d695ba7f629aac0d77b1046f08

SHA512
85e036d48a4b018d3c48a8bc9ebd75a36d6f0f3990879df1994d478c6bfac8e06627fb62216a9a37337b172f6a4b7cfbecbb4af283f430e591f1caae83911ff1

Download Submit