Malware Analysis Report

2025-01-19 04:35

Sample ID 240812-xtbnsavflk
Target https://cdn.discordapp.com/attachments/1271767857734221844/1271767858141073459/lol.exe?ex=66bb2c9d&is=66b9db1d&hm=6ecb3a274001883d9565202be676f968730be8052a12527b2907a913acb6f806&
Tags
microsoft credential_access defense_evasion discovery persistence phishing stealer
score
9/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
9/10

Threat Level: Likely malicious

The file https://cdn.discordapp.com/attachments/1271767857734221844/1271767858141073459/lol.exe?ex=66bb2c9d&is=66b9db1d&hm=6ecb3a274001883d9565202be676f968730be8052a12527b2907a913acb6f806& was found to be: Likely malicious.

Malicious Activity Summary

microsoft credential_access defense_evasion discovery persistence phishing stealer

Credentials from Password Stores: Credentials from Web Browsers

Downloads MZ/PE file

Executes dropped EXE

Loads dropped DLL

Checks computer location settings

Enumerates connected drives

Adds Run key to start application

Checks installed software on the system

Detected potential entity reuse from brand microsoft.

Drops file in System32 directory

Subvert Trust Controls: Mark-of-the-Web Bypass

Drops file in Windows directory

Browser Information Discovery

System Location Discovery: System Language Discovery

Enumerates physical storage devices

Suspicious use of WriteProcessMemory

Suspicious use of FindShellTrayWindow

Uses Task Scheduler COM API

Suspicious use of AdjustPrivilegeToken

Modifies registry class

Suspicious behavior: EnumeratesProcesses

Suspicious use of SetWindowsHookEx

Suspicious use of SendNotifyMessage

Checks SCSI registry key(s)

Uses Volume Shadow Copy service COM API

NTFS ADS

Checks processor information in registry

Modifies data under HKEY_USERS

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-08-12 19:08

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-08-12 19:08

Reported

2024-08-12 19:21

Platform

win10v2004-20240802-en

Max time kernel

761s

Max time network

739s

Command Line

"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "https://cdn.discordapp.com/attachments/1271767857734221844/1271767858141073459/lol.exe?ex=66bb2c9d&is=66b9db1d&hm=6ecb3a274001883d9565202be676f968730be8052a12527b2907a913acb6f806&"

Signatures

Credentials from Password Stores: Credentials from Web Browsers

credential_access stealer

Downloads MZ/PE file

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\Control Panel\International\Geo\Nation C:\Windows\Temp\{27BA76C9-07D9-4C67-B8C1-92CE7E58FDCB}\.cr\VC_redist.x64.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\Control Panel\International\Geo\Nation C:\Windows\system32\rundll32.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\Control Panel\International\Geo\Nation C:\Windows\system32\rundll32.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\Control Panel\International\Geo\Nation C:\Windows\system32\rundll32.exe N/A

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\{5af95fd8-a22e-458f-acee-c61bd787178e} = "\"C:\\ProgramData\\Package Cache\\{5af95fd8-a22e-458f-acee-c61bd787178e}\\VC_redist.x64.exe\" /burn.runonce" C:\Windows\Temp\{2C68D14F-954E-489A-A059-F5E59D4DC380}\.be\VC_redist.x64.exe N/A

Checks installed software on the system

discovery

Enumerates connected drives

Description Indicator Process Target
File opened (read-only) \??\J: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\M: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\P: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\R: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\S: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\X: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\A: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\O: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\Y: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\I: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\K: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\L: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\N: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\Q: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\T: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\V: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\Z: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\B: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\E: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\G: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\H: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\U: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\W: C:\Windows\system32\msiexec.exe N/A

Detected potential entity reuse from brand microsoft.

phishing microsoft

Drops file in System32 directory

Description Indicator Process Target
File created C:\Windows\system32\vcruntime140_1.dll C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\system32\vcruntime140_threads.dll C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\system32\mfc140deu.dll C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\system32\mfc140esn.dll C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\system32\mfc140kor.dll C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\system32\msvcp140_1.dll C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\system32\msvcp140.dll C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\system32\msvcp140_2.dll C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\system32\mfc140.dll C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\system32\mfc140.dll C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\system32\mfcm140.dll C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\system32\msvcp140_1.dll C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\system32\vcamp140.dll C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\system32\mfcm140u.dll C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\system32\mfc140jpn.dll C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\system32\mfc140cht.dll C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\system32\mfc140enu.dll C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\system32\msvcp140.dll C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\system32\msvcp140_2.dll C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\system32\vcruntime140.dll C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\system32\mfc140ita.dll C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\system32\mfc140chs.dll C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\system32\mfc140u.dll C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\system32\msvcp140_atomic_wait.dll C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\system32\msvcp140_atomic_wait.dll C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\system32\mfc140kor.dll C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\system32\vcomp140.dll C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\system32\msvcp140_codecvt_ids.dll C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\system32\mfc140cht.dll C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\system32\mfc140rus.dll C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\system32\vcruntime140.dll C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\system32\mfcm140u.dll C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\system32\vcamp140.dll C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\system32\vcomp140.dll C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\system32\mfc140deu.dll C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\system32\mfc140fra.dll C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\system32\mfc140esn.dll C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\system32\mfc140u.dll C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\system32\concrt140.dll C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\system32\mfc140enu.dll C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\system32\mfc140fra.dll C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\system32\mfc140rus.dll C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\system32\vcruntime140_1.dll C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\system32\vccorlib140.dll C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\system32\mfc140chs.dll C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\system32\msvcp140_codecvt_ids.dll C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\system32\concrt140.dll C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\system32\vccorlib140.dll C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\system32\mfcm140.dll C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\system32\mfc140ita.dll C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\system32\mfc140jpn.dll C:\Windows\system32\msiexec.exe N/A

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\Installer\inprogressinstallinfo.ipi C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\Installer\e601044.msi C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\Installer\e601031.msi C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSI1524.tmp C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSI163E.tmp C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\Installer\e601059.msi C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\Installer\SourceHash{59CED48F-EBFE-480C-8A38-FC079C2BEC0F} C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\e601031.msi C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\ C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSI1225.tmp C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\Installer\SourceHash{B8B3BB4A-A10D-4F51-91B7-A64FFAC31EA7} C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSI1320.tmp C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\e601044.msi C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\Installer\e601043.msi C:\Windows\system32\msiexec.exe N/A

Subvert Trust Controls: Mark-of-the-Web Bypass

defense_evasion
Description Indicator Process Target
File created C:\Users\Admin\Downloads\lol.exe:Zone.Identifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
File created C:\Users\Admin\Downloads\VC_redist.x64.exe:Zone.Identifier C:\Program Files\Mozilla Firefox\firefox.exe N/A

Browser Information Discovery

discovery

Enumerates physical storage devices

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\ProgramData\Package Cache\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}\VC_redist.x64.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\VC_redist.x64.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\Temp\{27BA76C9-07D9-4C67-B8C1-92CE7E58FDCB}\.cr\VC_redist.x64.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\Temp\{2C68D14F-954E-489A-A059-F5E59D4DC380}\.be\VC_redist.x64.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\ProgramData\Package Cache\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}\VC_redist.x64.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\ProgramData\Package Cache\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}\VC_redist.x64.exe N/A

Checks SCSI registry key(s)

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A C:\Windows\system32\taskmgr.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\FriendlyName C:\Windows\system32\taskmgr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000 C:\Windows\system32\taskmgr.exe N/A

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\2a C:\Windows\system32\msiexec.exe N/A
Key deleted \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26 C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\27 C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\29 C:\Windows\system32\msiexec.exe N/A
Key deleted \REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\28 C:\Windows\system32\msiexec.exe N/A
Key deleted \REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\29 C:\Windows\system32\msiexec.exe N/A
Key deleted \REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\26\52C64B7E C:\Windows\system32\msiexec.exe N/A
Key deleted \REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\27 C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\28 C:\Windows\system32\msiexec.exe N/A

Modifies registry class

Description Indicator Process Target
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\F84DEC95EFBEC084A883CF70C9B2CEF0\Clients = 3a0000000000 C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\A4BB3B8BD01A15F4197B6AF4AF3CE17A\Servicing_Key C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\A4BB3B8BD01A15F4197B6AF4AF3CE17A\PackageCode = "A40E8013387385E43AA0F61A9357B166" C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\A4BB3B8BD01A15F4197B6AF4AF3CE17A\SourceList C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\A4BB3B8BD01A15F4197B6AF4AF3CE17A\SourceList\LastUsedSource = "n;1;C:\\ProgramData\\Package Cache\\{B8B3BB4A-A10D-4F51-91B7-A64FFAC31EA7}v14.40.33810\\packages\\vcRuntimeMinimum_amd64\\" C:\Windows\system32\msiexec.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\8A567BD6FA501A947AD1F646E53EEC14\SourceList\Net C:\Windows\system32\msiexec.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\F84DEC95EFBEC084A883CF70C9B2CEF0\Version = "237536274" C:\Windows\system32\msiexec.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\INSTALLER\DEPENDENCIES\VC,REDIST.X64,AMD64,14.30,BUNDLE\DEPENDENTS\{57A73DF6-4BA9-4C1D-BBBB-517289FF6C13} C:\ProgramData\Package Cache\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}\VC_redist.x64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\VC,redist.x64,amd64,14.30,bundle\Dependents C:\ProgramData\Package Cache\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}\VC_redist.x64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\VC,redist.x64,amd64,14.40,bundle\ = "{5af95fd8-a22e-458f-acee-c61bd787178e}" C:\Windows\Temp\{2C68D14F-954E-489A-A059-F5E59D4DC380}\.be\VC_redist.x64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\VC,redist.x64,amd64,14.40,bundle\Dependents\{5af95fd8-a22e-458f-acee-c61bd787178e} C:\Windows\Temp\{2C68D14F-954E-489A-A059-F5E59D4DC380}\.be\VC_redist.x64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\8800A266DCF6DD54E97A86760485EA5D\SourceList\Media C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\Microsoft.VS.VC_RuntimeMinimumVSU_amd64,v14\Version = "14.40.33810" C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\F84DEC95EFBEC084A883CF70C9B2CEF0\Servicing_Key C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\F84DEC95EFBEC084A883CF70C9B2CEF0\SourceList\Media\1 = ";" C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\F84DEC95EFBEC084A883CF70C9B2CEF0\VC_Runtime_Additional C:\Windows\system32\msiexec.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\F84DEC95EFBEC084A883CF70C9B2CEF0\Assignment = "1" C:\Windows\system32\msiexec.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\F84DEC95EFBEC084A883CF70C9B2CEF0\InstanceType = "0" C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\F84DEC95EFBEC084A883CF70C9B2CEF0\SourceList\PackageName = "vc_runtimeAdditional_x64.msi" C:\Windows\system32\msiexec.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\INSTALLER\DEPENDENCIES\MICROSOFT.VS.VC_RUNTIMEADDITIONALVSU_AMD64,V14\DEPENDENTS\{57A73DF6-4BA9-4C1D-BBBB-517289FF6C13} C:\ProgramData\Package Cache\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}\VC_redist.x64.exe N/A
Key created \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key created \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Installer\Dependencies\Microsoft.VS.VC_RuntimeMinimumVSU_amd64,v14 C:\Windows\system32\msiexec.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\A4BB3B8BD01A15F4197B6AF4AF3CE17A\AdvertiseFlags = "388" C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\F84DEC95EFBEC084A883CF70C9B2CEF0\ProductName = "Microsoft Visual C++ 2022 X64 Additional Runtime - 14.40.33810" C:\Windows\system32\msiexec.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\F84DEC95EFBEC084A883CF70C9B2CEF0\DeploymentFlags = "3" C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\VC,redist.x64,amd64,14.40,bundle\DisplayName = "Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.40.33810" C:\Windows\Temp\{2C68D14F-954E-489A-A059-F5E59D4DC380}\.be\VC_redist.x64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\UpgradeCodes\09A86F63C932FD435BC8463B1035EC53 C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\Microsoft.VS.VC_RuntimeMinimumVSU_amd64,v14\ = "{B8B3BB4A-A10D-4F51-91B7-A64FFAC31EA7}" C:\Windows\system32\msiexec.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\A4BB3B8BD01A15F4197B6AF4AF3CE17A\Version = "237536274" C:\Windows\system32\msiexec.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\F84DEC95EFBEC084A883CF70C9B2CEF0\Language = "1033" C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\UpgradeCodes\88AAB0B9F51EF1A3CA0C2B609EDD7FC1\F84DEC95EFBEC084A883CF70C9B2CEF0 C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Installer\Dependencies\VC,redist.x64,amd64,14.40,bundle C:\Windows\Temp\{2C68D14F-954E-489A-A059-F5E59D4DC380}\.be\VC_redist.x64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\VC,redist.x64,amd64,14.40,bundle\Dependents C:\Windows\Temp\{2C68D14F-954E-489A-A059-F5E59D4DC380}\.be\VC_redist.x64.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\A4BB3B8BD01A15F4197B6AF4AF3CE17A\DeploymentFlags = "3" C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\F84DEC95EFBEC084A883CF70C9B2CEF0\SourceList\Net\1 = "C:\\ProgramData\\Package Cache\\{59CED48F-EBFE-480C-8A38-FC079C2BEC0F}v14.40.33810\\packages\\vcRuntimeAdditional_amd64\\" C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\F84DEC95EFBEC084A883CF70C9B2CEF0\SourceList\Media C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\A4BB3B8BD01A15F4197B6AF4AF3CE17A\Provider C:\Windows\system32\msiexec.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\UpgradeCodes\88AAB0B9F51EF1A3CA0C2B609EDD7FC1 C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\Microsoft.VS.VC_RuntimeAdditionalVSU_amd64,v14\Version = "14.40.33810" C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\Microsoft.VS.VC_RuntimeAdditionalVSU_amd64,v14\ = "{59CED48F-EBFE-480C-8A38-FC079C2BEC0F}" C:\Windows\system32\msiexec.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\F84DEC95EFBEC084A883CF70C9B2CEF0\AuthorizedLUAApp = "0" C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\F84DEC95EFBEC084A883CF70C9B2CEF0\SourceList\LastUsedSource = "n;1;C:\\ProgramData\\Package Cache\\{59CED48F-EBFE-480C-8A38-FC079C2BEC0F}v14.40.33810\\packages\\vcRuntimeAdditional_amd64\\" C:\Windows\system32\msiexec.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\8800A266DCF6DD54E97A86760485EA5D\SourceList\Net C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\UpgradeCodes\09A86F63C932FD435BC8463B1035EC53\A4BB3B8BD01A15F4197B6AF4AF3CE17A C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\A4BB3B8BD01A15F4197B6AF4AF3CE17A\SourceList\Media\1 = ";" C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\Microsoft.VS.VC_RuntimeMinimumVSU_amd64,v14\Dependents\{5af95fd8-a22e-458f-acee-c61bd787178e} C:\Windows\Temp\{2C68D14F-954E-489A-A059-F5E59D4DC380}\.be\VC_redist.x64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\8A567BD6FA501A947AD1F646E53EEC14 C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\F84DEC95EFBEC084A883CF70C9B2CEF0 C:\Windows\system32\msiexec.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\8800A266DCF6DD54E97A86760485EA5D\SourceList C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\A4BB3B8BD01A15F4197B6AF4AF3CE17A\SourceList\PackageName = "vc_runtimeMinimum_x64.msi" C:\Windows\system32\msiexec.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\8A567BD6FA501A947AD1F646E53EEC14 C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Installer\Dependencies\Microsoft.VS.VC_RuntimeAdditionalVSU_amd64,v14 C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\F84DEC95EFBEC084A883CF70C9B2CEF0 C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\A4BB3B8BD01A15F4197B6AF4AF3CE17A C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\UpgradeCodes\09A86F63C932FD435BC8463B1035EC53 C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\A4BB3B8BD01A15F4197B6AF4AF3CE17A\SourceList\Net C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\A4BB3B8BD01A15F4197B6AF4AF3CE17A\SourceList\Net\1 = "C:\\ProgramData\\Package Cache\\{B8B3BB4A-A10D-4F51-91B7-A64FFAC31EA7}v14.40.33810\\packages\\vcRuntimeMinimum_amd64\\" C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\Microsoft.VS.VC_RuntimeAdditionalVSU_amd64,v14\Dependents\{5af95fd8-a22e-458f-acee-c61bd787178e} C:\Windows\Temp\{2C68D14F-954E-489A-A059-F5E59D4DC380}\.be\VC_redist.x64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\VC,redist.x64,amd64,14.40,bundle\Version = "14.40.33810.0" C:\Windows\Temp\{2C68D14F-954E-489A-A059-F5E59D4DC380}\.be\VC_redist.x64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\8800A266DCF6DD54E97A86760485EA5D C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\A4BB3B8BD01A15F4197B6AF4AF3CE17A C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\Microsoft.VS.VC_RuntimeMinimumVSU_amd64,v14\DisplayName = "Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.40.33810" C:\Windows\system32\msiexec.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\A4BB3B8BD01A15F4197B6AF4AF3CE17A\AuthorizedLUAApp = "0" C:\Windows\system32\msiexec.exe N/A

NTFS ADS

Description Indicator Process Target
File created C:\Users\Admin\Downloads\lol.exe:Zone.Identifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
File created C:\Users\Admin\Downloads\libstdc++-6_x86-64.zip:Zone.Identifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
File created C:\Users\Admin\Downloads\libgcc_s_seh-1_x86-64.zip:Zone.Identifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
File created C:\Users\Admin\Downloads\libwinpthread_1_x86-64.zip:Zone.Identifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
File created C:\Users\Admin\Downloads\VC_redist.x64.exe:Zone.Identifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
File created C:\Users\Admin\Downloads\libwinpthread-1_x86-64.zip:Zone.Identifier C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeBackupPrivilege N/A C:\Windows\system32\vssvc.exe N/A
Token: SeRestorePrivilege N/A C:\Windows\system32\vssvc.exe N/A
Token: SeAuditPrivilege N/A C:\Windows\system32\vssvc.exe N/A
Token: SeShutdownPrivilege N/A C:\Windows\Temp\{2C68D14F-954E-489A-A059-F5E59D4DC380}\.be\VC_redist.x64.exe N/A
Token: SeIncreaseQuotaPrivilege N/A C:\Windows\Temp\{2C68D14F-954E-489A-A059-F5E59D4DC380}\.be\VC_redist.x64.exe N/A
Token: SeSecurityPrivilege N/A C:\Windows\system32\msiexec.exe N/A
Token: SeCreateTokenPrivilege N/A C:\Windows\Temp\{2C68D14F-954E-489A-A059-F5E59D4DC380}\.be\VC_redist.x64.exe N/A
Token: SeAssignPrimaryTokenPrivilege N/A C:\Windows\Temp\{2C68D14F-954E-489A-A059-F5E59D4DC380}\.be\VC_redist.x64.exe N/A
Token: SeLockMemoryPrivilege N/A C:\Windows\Temp\{2C68D14F-954E-489A-A059-F5E59D4DC380}\.be\VC_redist.x64.exe N/A
Token: SeIncreaseQuotaPrivilege N/A C:\Windows\Temp\{2C68D14F-954E-489A-A059-F5E59D4DC380}\.be\VC_redist.x64.exe N/A
Token: SeMachineAccountPrivilege N/A C:\Windows\Temp\{2C68D14F-954E-489A-A059-F5E59D4DC380}\.be\VC_redist.x64.exe N/A
Token: SeTcbPrivilege N/A C:\Windows\Temp\{2C68D14F-954E-489A-A059-F5E59D4DC380}\.be\VC_redist.x64.exe N/A
Token: SeSecurityPrivilege N/A C:\Windows\Temp\{2C68D14F-954E-489A-A059-F5E59D4DC380}\.be\VC_redist.x64.exe N/A
Token: SeTakeOwnershipPrivilege N/A C:\Windows\Temp\{2C68D14F-954E-489A-A059-F5E59D4DC380}\.be\VC_redist.x64.exe N/A
Token: SeLoadDriverPrivilege N/A C:\Windows\Temp\{2C68D14F-954E-489A-A059-F5E59D4DC380}\.be\VC_redist.x64.exe N/A
Token: SeSystemProfilePrivilege N/A C:\Windows\Temp\{2C68D14F-954E-489A-A059-F5E59D4DC380}\.be\VC_redist.x64.exe N/A
Token: SeSystemtimePrivilege N/A C:\Windows\Temp\{2C68D14F-954E-489A-A059-F5E59D4DC380}\.be\VC_redist.x64.exe N/A
Token: SeProfSingleProcessPrivilege N/A C:\Windows\Temp\{2C68D14F-954E-489A-A059-F5E59D4DC380}\.be\VC_redist.x64.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\Temp\{2C68D14F-954E-489A-A059-F5E59D4DC380}\.be\VC_redist.x64.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Windows\Temp\{2C68D14F-954E-489A-A059-F5E59D4DC380}\.be\VC_redist.x64.exe N/A
Token: SeCreatePermanentPrivilege N/A C:\Windows\Temp\{2C68D14F-954E-489A-A059-F5E59D4DC380}\.be\VC_redist.x64.exe N/A
Token: SeBackupPrivilege N/A C:\Windows\Temp\{2C68D14F-954E-489A-A059-F5E59D4DC380}\.be\VC_redist.x64.exe N/A
Token: SeRestorePrivilege N/A C:\Windows\Temp\{2C68D14F-954E-489A-A059-F5E59D4DC380}\.be\VC_redist.x64.exe N/A
Token: SeShutdownPrivilege N/A C:\Windows\Temp\{2C68D14F-954E-489A-A059-F5E59D4DC380}\.be\VC_redist.x64.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\Temp\{2C68D14F-954E-489A-A059-F5E59D4DC380}\.be\VC_redist.x64.exe N/A
Token: SeAuditPrivilege N/A C:\Windows\Temp\{2C68D14F-954E-489A-A059-F5E59D4DC380}\.be\VC_redist.x64.exe N/A
Token: SeSystemEnvironmentPrivilege N/A C:\Windows\Temp\{2C68D14F-954E-489A-A059-F5E59D4DC380}\.be\VC_redist.x64.exe N/A
Token: SeChangeNotifyPrivilege N/A C:\Windows\Temp\{2C68D14F-954E-489A-A059-F5E59D4DC380}\.be\VC_redist.x64.exe N/A
Token: SeRemoteShutdownPrivilege N/A C:\Windows\Temp\{2C68D14F-954E-489A-A059-F5E59D4DC380}\.be\VC_redist.x64.exe N/A
Token: SeUndockPrivilege N/A C:\Windows\Temp\{2C68D14F-954E-489A-A059-F5E59D4DC380}\.be\VC_redist.x64.exe N/A
Token: SeSyncAgentPrivilege N/A C:\Windows\Temp\{2C68D14F-954E-489A-A059-F5E59D4DC380}\.be\VC_redist.x64.exe N/A
Token: SeEnableDelegationPrivilege N/A C:\Windows\Temp\{2C68D14F-954E-489A-A059-F5E59D4DC380}\.be\VC_redist.x64.exe N/A
Token: SeManageVolumePrivilege N/A C:\Windows\Temp\{2C68D14F-954E-489A-A059-F5E59D4DC380}\.be\VC_redist.x64.exe N/A
Token: SeImpersonatePrivilege N/A C:\Windows\Temp\{2C68D14F-954E-489A-A059-F5E59D4DC380}\.be\VC_redist.x64.exe N/A
Token: SeCreateGlobalPrivilege N/A C:\Windows\Temp\{2C68D14F-954E-489A-A059-F5E59D4DC380}\.be\VC_redist.x64.exe N/A
Token: SeRestorePrivilege N/A C:\Windows\system32\msiexec.exe N/A
Token: SeTakeOwnershipPrivilege N/A C:\Windows\system32\msiexec.exe N/A
Token: SeRestorePrivilege N/A C:\Windows\system32\msiexec.exe N/A
Token: SeTakeOwnershipPrivilege N/A C:\Windows\system32\msiexec.exe N/A
Token: SeRestorePrivilege N/A C:\Windows\system32\msiexec.exe N/A
Token: SeTakeOwnershipPrivilege N/A C:\Windows\system32\msiexec.exe N/A
Token: SeRestorePrivilege N/A C:\Windows\system32\msiexec.exe N/A
Token: SeTakeOwnershipPrivilege N/A C:\Windows\system32\msiexec.exe N/A
Token: SeRestorePrivilege N/A C:\Windows\system32\msiexec.exe N/A
Token: SeTakeOwnershipPrivilege N/A C:\Windows\system32\msiexec.exe N/A
Token: SeRestorePrivilege N/A C:\Windows\system32\msiexec.exe N/A
Token: SeTakeOwnershipPrivilege N/A C:\Windows\system32\msiexec.exe N/A
Token: SeRestorePrivilege N/A C:\Windows\system32\msiexec.exe N/A
Token: SeTakeOwnershipPrivilege N/A C:\Windows\system32\msiexec.exe N/A
Token: SeRestorePrivilege N/A C:\Windows\system32\msiexec.exe N/A
Token: SeTakeOwnershipPrivilege N/A C:\Windows\system32\msiexec.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4756 wrote to memory of 3608 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4756 wrote to memory of 3608 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4756 wrote to memory of 3608 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4756 wrote to memory of 3608 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4756 wrote to memory of 3608 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4756 wrote to memory of 3608 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4756 wrote to memory of 3608 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4756 wrote to memory of 3608 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4756 wrote to memory of 3608 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4756 wrote to memory of 3608 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4756 wrote to memory of 3608 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3608 wrote to memory of 3660 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3608 wrote to memory of 3660 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3608 wrote to memory of 3660 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3608 wrote to memory of 3660 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3608 wrote to memory of 3660 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3608 wrote to memory of 3660 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3608 wrote to memory of 3660 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3608 wrote to memory of 3660 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3608 wrote to memory of 3660 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3608 wrote to memory of 3660 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3608 wrote to memory of 3660 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3608 wrote to memory of 3660 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3608 wrote to memory of 3660 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3608 wrote to memory of 3660 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3608 wrote to memory of 3660 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3608 wrote to memory of 3660 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3608 wrote to memory of 3660 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3608 wrote to memory of 3660 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3608 wrote to memory of 3660 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3608 wrote to memory of 3660 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3608 wrote to memory of 3660 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3608 wrote to memory of 3660 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3608 wrote to memory of 3660 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3608 wrote to memory of 3660 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3608 wrote to memory of 3660 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3608 wrote to memory of 3660 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3608 wrote to memory of 3660 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3608 wrote to memory of 3660 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3608 wrote to memory of 3660 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3608 wrote to memory of 3660 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3608 wrote to memory of 3660 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3608 wrote to memory of 3660 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3608 wrote to memory of 3660 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3608 wrote to memory of 3660 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3608 wrote to memory of 3660 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3608 wrote to memory of 3660 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3608 wrote to memory of 3660 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3608 wrote to memory of 3660 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3608 wrote to memory of 3660 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3608 wrote to memory of 3660 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3608 wrote to memory of 3660 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3608 wrote to memory of 3660 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3608 wrote to memory of 3660 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3608 wrote to memory of 3660 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3608 wrote to memory of 3660 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3608 wrote to memory of 1124 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3608 wrote to memory of 1124 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3608 wrote to memory of 1124 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3608 wrote to memory of 1124 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3608 wrote to memory of 1124 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3608 wrote to memory of 1124 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3608 wrote to memory of 1124 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3608 wrote to memory of 1124 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe

Uses Task Scheduler COM API

persistence

Uses Volume Shadow Copy service COM API

ransomware

Processes

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "https://cdn.discordapp.com/attachments/1271767857734221844/1271767858141073459/lol.exe?ex=66bb2c9d&is=66b9db1d&hm=6ecb3a274001883d9565202be676f968730be8052a12527b2907a913acb6f806&"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url https://cdn.discordapp.com/attachments/1271767857734221844/1271767858141073459/lol.exe?ex=66bb2c9d&is=66b9db1d&hm=6ecb3a274001883d9565202be676f968730be8052a12527b2907a913acb6f806&

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=1964 -parentBuildID 20240401114208 -prefsHandle 1880 -prefMapHandle 1520 -prefsLen 23680 -prefMapSize 244658 -appDir "C:\Program Files\Mozilla Firefox\browser" - {4193aced-d12a-476b-a681-4a24dc37b77d} 3608 "\\.\pipe\gecko-crash-server-pipe.3608" gpu

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2400 -parentBuildID 20240401114208 -prefsHandle 2392 -prefMapHandle 2380 -prefsLen 24600 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {11794506-affd-455f-9f66-2f8476a9286b} 3608 "\\.\pipe\gecko-crash-server-pipe.3608" socket

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3184 -childID 1 -isForBrowser -prefsHandle 3176 -prefMapHandle 3172 -prefsLen 22652 -prefMapSize 244658 -jsInitHandle 1316 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {daecaafe-8086-4c68-b629-e22b04f1c665} 3608 "\\.\pipe\gecko-crash-server-pipe.3608" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3868 -childID 2 -isForBrowser -prefsHandle 3864 -prefMapHandle 3860 -prefsLen 29090 -prefMapSize 244658 -jsInitHandle 1316 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {6845ed1a-997d-4939-b734-1b1bf00c0d03} 3608 "\\.\pipe\gecko-crash-server-pipe.3608" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4164 -parentBuildID 20240401114208 -sandboxingKind 0 -prefsHandle 4744 -prefMapHandle 4204 -prefsLen 29090 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {1f2e34b9-3f5b-42fb-adc5-e4d1ccaf49a4} 3608 "\\.\pipe\gecko-crash-server-pipe.3608" utility

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5716 -childID 3 -isForBrowser -prefsHandle 5676 -prefMapHandle 5696 -prefsLen 27172 -prefMapSize 244658 -jsInitHandle 1316 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {60fa9e8f-bc01-45e1-a2d2-431bd3cbbfe6} 3608 "\\.\pipe\gecko-crash-server-pipe.3608" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5844 -childID 4 -isForBrowser -prefsHandle 5908 -prefMapHandle 5912 -prefsLen 27172 -prefMapSize 244658 -jsInitHandle 1316 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {663e44c9-9ebb-4eba-9751-fb917c508d33} 3608 "\\.\pipe\gecko-crash-server-pipe.3608" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6012 -childID 5 -isForBrowser -prefsHandle 5820 -prefMapHandle 5828 -prefsLen 27172 -prefMapSize 244658 -jsInitHandle 1316 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {0ee4081f-073c-4c00-8d9a-eb5c8af3952f} 3608 "\\.\pipe\gecko-crash-server-pipe.3608" tab

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Users\Admin\Downloads\lol.exe

"C:\Users\Admin\Downloads\lol.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=1960 -parentBuildID 20240401114208 -prefsHandle 1888 -prefMapHandle 1880 -prefsLen 23680 -prefMapSize 244694 -appDir "C:\Program Files\Mozilla Firefox\browser" - {fad00e61-1e50-465f-9ff8-d390c996b14f} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" gpu

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2296 -parentBuildID 20240401114208 -prefsHandle 2288 -prefMapHandle 2284 -prefsLen 23680 -prefMapSize 244694 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {859a33c0-bf99-4838-a679-b137350dc4c7} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" socket

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3136 -childID 1 -isForBrowser -prefsHandle 3328 -prefMapHandle 3128 -prefsLen 24179 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {144a6169-d921-485c-b986-5d4e884d08d3} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2556 -childID 2 -isForBrowser -prefsHandle 2920 -prefMapHandle 3704 -prefsLen 29412 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f3d00bbe-871e-4bed-9f80-bdc8b373d490} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2784 -parentBuildID 20240401114208 -sandboxingKind 0 -prefsHandle 4688 -prefMapHandle 4668 -prefsLen 29466 -prefMapSize 244694 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {49a71aa0-f3ae-4cf6-ba77-5f2a78f93428} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" utility

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5152 -childID 3 -isForBrowser -prefsHandle 5144 -prefMapHandle 5128 -prefsLen 27320 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {cd141dfe-6936-472b-86ae-cff5dd6a25c0} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5372 -childID 4 -isForBrowser -prefsHandle 5292 -prefMapHandle 5296 -prefsLen 27320 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {6dc6abc4-0bb5-4705-8f34-455f665673f9} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5508 -childID 5 -isForBrowser -prefsHandle 5520 -prefMapHandle 5464 -prefsLen 27320 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f9c68800-7120-4b7a-a6eb-9b4159d806f3} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5936 -childID 6 -isForBrowser -prefsHandle 5180 -prefMapHandle 5800 -prefsLen 27320 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ba9253b9-dfba-482d-a780-4d9fa6471ef8} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3916 -childID 7 -isForBrowser -prefsHandle 6124 -prefMapHandle 6120 -prefsLen 27460 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {65aafd50-7142-4142-bbc7-7f2b3a423420} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6284 -childID 8 -isForBrowser -prefsHandle 6260 -prefMapHandle 4600 -prefsLen 27869 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {94f1244c-a59f-4d0d-a50b-2743c495ee70} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6668 -childID 9 -isForBrowser -prefsHandle 6560 -prefMapHandle 6412 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b8aef107-2c94-4ba7-a268-7c338fd94dd4} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6840 -childID 10 -isForBrowser -prefsHandle 6780 -prefMapHandle 6784 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {08d90e81-6cc6-438c-ab83-66785f466e42} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6976 -childID 11 -isForBrowser -prefsHandle 4388 -prefMapHandle 4384 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7ee5f301-b38e-45f0-aaaf-84e3298bc802} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7044 -childID 12 -isForBrowser -prefsHandle 7156 -prefMapHandle 7160 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {55296f64-cf4c-42bc-a3cb-894f581fda11} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7160 -childID 13 -isForBrowser -prefsHandle 2884 -prefMapHandle 7276 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7cbea75a-473b-487d-b718-80eda981870d} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7316 -childID 14 -isForBrowser -prefsHandle 7324 -prefMapHandle 7328 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {0a18adeb-5d24-4a88-91b8-809668e816bb} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7300 -childID 15 -isForBrowser -prefsHandle 7304 -prefMapHandle 7308 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2e256442-a652-4c8b-ac89-c68143d854fa} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8024 -parentBuildID 20240401114208 -prefsHandle 7756 -prefMapHandle 7988 -prefsLen 30782 -prefMapSize 244694 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1d02d7c5-79c1-4038-8fe2-3d66cf3adfbc} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" rdd

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8000 -parentBuildID 20240401114208 -sandboxingKind 1 -prefsHandle 7752 -prefMapHandle 7760 -prefsLen 30782 -prefMapSize 244694 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f000928c-2044-4266-932c-f179e8c6771e} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" utility

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7892 -childID 16 -isForBrowser -prefsHandle 7828 -prefMapHandle 7752 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {626944d0-a275-4dac-b15b-49a207bf7f7d} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8408 -childID 17 -isForBrowser -prefsHandle 8348 -prefMapHandle 8328 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {8c62c17e-8570-494e-a79b-a4bdcf4ca6ec} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8576 -childID 18 -isForBrowser -prefsHandle 8660 -prefMapHandle 8656 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {dcdf840a-918c-489f-a76d-2bba0be93724} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8840 -childID 19 -isForBrowser -prefsHandle 8848 -prefMapHandle 8860 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e1f88d5d-a2e0-4c83-8e42-d755d9a07ed8} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8976 -childID 20 -isForBrowser -prefsHandle 8968 -prefMapHandle 8964 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {222eff27-2866-45f9-97f0-0c65ebc125eb} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=9104 -childID 21 -isForBrowser -prefsHandle 8328 -prefMapHandle 8348 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5dd60dad-9c02-4213-b500-bc365f88a2ed} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=9280 -childID 22 -isForBrowser -prefsHandle 9288 -prefMapHandle 9292 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {37d32181-b53e-41e1-9bbd-2a5fc997ed34} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4996 -childID 23 -isForBrowser -prefsHandle 4660 -prefMapHandle 3932 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b3a22b0b-cf26-41dc-a9a0-5283eedec9bb} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8904 -childID 24 -isForBrowser -prefsHandle 9644 -prefMapHandle 9640 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e988a27b-006b-44e2-982f-96af6567406d} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=9912 -childID 25 -isForBrowser -prefsHandle 9944 -prefMapHandle 9900 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c15c009f-4a49-4cf5-8ad4-d28231a0bf17} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7580 -childID 26 -isForBrowser -prefsHandle 10104 -prefMapHandle 10112 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ad670eff-ea0a-4af2-9189-94174a7a4eeb} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6964 -childID 27 -isForBrowser -prefsHandle 4344 -prefMapHandle 9164 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {34f837a5-c42d-4c73-815a-6b9bfb0f2be4} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=10236 -childID 28 -isForBrowser -prefsHandle 7952 -prefMapHandle 7964 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {dade3335-2b62-4d81-a573-156043f0ba22} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=9968 -childID 29 -isForBrowser -prefsHandle 9944 -prefMapHandle 9756 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {8c4ac84f-72c5-4158-b91b-4bec3f447f13} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5372 -childID 30 -isForBrowser -prefsHandle 8908 -prefMapHandle 5300 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {0c36a410-74c0-4b35-8db5-7d1d134ab0a1} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6272 -childID 31 -isForBrowser -prefsHandle 6676 -prefMapHandle 6520 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f616f8c4-2337-49b0-91fe-9a3168dd7308} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6424 -childID 32 -isForBrowser -prefsHandle 5232 -prefMapHandle 5260 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5c76bca0-2c70-4f31-a0fd-ebee14776caf} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=10012 -childID 33 -isForBrowser -prefsHandle 8888 -prefMapHandle 9992 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {fcad0d8d-2b1c-443b-99fb-a566bcc70e0e} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8836 -childID 34 -isForBrowser -prefsHandle 9084 -prefMapHandle 9060 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {dc0859f7-e8fa-4a99-9aee-8a180f5949b9} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7628 -childID 35 -isForBrowser -prefsHandle 7660 -prefMapHandle 7656 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {0f2777cb-628b-4d8c-9d10-3c2f7d7ce1ee} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=10072 -childID 36 -isForBrowser -prefsHandle 8908 -prefMapHandle 8588 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7040d97a-0a91-4389-be40-1a1b7a3b1f6b} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6816 -childID 37 -isForBrowser -prefsHandle 10436 -prefMapHandle 6424 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3f2d0256-4efa-4f2f-92e1-398e3f9fa0f5} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=9312 -childID 38 -isForBrowser -prefsHandle 5188 -prefMapHandle 10120 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {4791df42-8844-4699-b048-5035a52f40e6} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=10092 -childID 39 -isForBrowser -prefsHandle 9296 -prefMapHandle 5244 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d5fd3bb0-a81a-4995-9645-ab9cef3e4796} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=9024 -childID 40 -isForBrowser -prefsHandle 7388 -prefMapHandle 7464 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {4c95c959-508d-4899-945b-20180684bd78} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=9684 -childID 41 -isForBrowser -prefsHandle 7388 -prefMapHandle 7464 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {bb315fea-6aa1-4ab5-a27e-f8a4254d5357} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7316 -childID 42 -isForBrowser -prefsHandle 8012 -prefMapHandle 9868 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {81971299-5969-4e92-8b97-6bcdb2e09859} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5616 -childID 43 -isForBrowser -prefsHandle 5640 -prefMapHandle 5496 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {77f5ab77-8338-4976-b6aa-98efb2184e50} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6464 -childID 44 -isForBrowser -prefsHandle 7312 -prefMapHandle 2648 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5f235284-54f8-4f6d-aa8a-e8f3bfbac78e} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5508 -childID 45 -isForBrowser -prefsHandle 10024 -prefMapHandle 9992 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {47f55437-bddc-459a-bef1-7570c26baf1d} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7620 -childID 46 -isForBrowser -prefsHandle 6420 -prefMapHandle 6800 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3eb5b7a5-98b5-4e0d-a9eb-f95a5828e50e} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=10008 -childID 47 -isForBrowser -prefsHandle 7260 -prefMapHandle 10208 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {83e49a72-62e5-4cf8-ad52-1e93942b16a4} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=9728 -childID 48 -isForBrowser -prefsHandle 5284 -prefMapHandle 5280 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c28196dc-d2e0-4a9c-afab-af9b7d3d8914} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7500 -childID 49 -isForBrowser -prefsHandle 5668 -prefMapHandle 6624 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {9fe3d3ab-b31c-4e67-b805-a70114a7a2e4} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7956 -childID 50 -isForBrowser -prefsHandle 7516 -prefMapHandle 9940 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {aef45cbd-7113-461c-af19-b760d033401f} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5392 -childID 51 -isForBrowser -prefsHandle 5456 -prefMapHandle 5444 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {350299bb-e48c-4dee-9400-c5f393f6f5dc} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=10008 -childID 52 -isForBrowser -prefsHandle 8224 -prefMapHandle 7968 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {fe035293-1efb-47c5-a9cc-39e19df313e2} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7684 -childID 53 -isForBrowser -prefsHandle 8200 -prefMapHandle 8216 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {891415b5-f22d-4c7a-a448-bdd058999eda} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3724 -childID 54 -isForBrowser -prefsHandle 6560 -prefMapHandle 8320 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {54a52846-6e7a-43dd-bc84-b1075b3c528c} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7396 -childID 55 -isForBrowser -prefsHandle 6820 -prefMapHandle 10452 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7425433f-cbc7-42f6-887f-bee94e983056} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6644 -childID 56 -isForBrowser -prefsHandle 7008 -prefMapHandle 7012 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {725f6706-6f0a-4c02-803f-142f4f5c963c} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=10600 -childID 57 -isForBrowser -prefsHandle 6324 -prefMapHandle 10608 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {0aaf4aaa-4803-41b3-958a-e2a2dbadd617} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7092 -childID 58 -isForBrowser -prefsHandle 10728 -prefMapHandle 10624 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {4e598be4-a630-4fe9-b88f-39266d994ca4} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5268 -childID 59 -isForBrowser -prefsHandle 10852 -prefMapHandle 10848 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d90bb696-afbf-4623-a30a-ce09878b3319} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=10848 -childID 60 -isForBrowser -prefsHandle 9440 -prefMapHandle 6336 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {48c367be-c6bf-4470-a159-a3f82d0960bd} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5960 -childID 61 -isForBrowser -prefsHandle 3832 -prefMapHandle 7104 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c2195b8d-0c1c-41c9-9e4a-513d798f2e92} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Windows\system32\cmd.exe

"C:\Windows\system32\cmd.exe"

C:\Windows\system32\regsvr32.exe

regsvr32 libstdc++-6.dll

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6652 -childID 62 -isForBrowser -prefsHandle 4948 -prefMapHandle 9184 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {af1405a1-b838-4476-8993-c68dabec3f90} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7684 -childID 63 -isForBrowser -prefsHandle 7904 -prefMapHandle 8324 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f9e02b89-a400-44ae-b1a5-546e84b39a37} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8256 -childID 64 -isForBrowser -prefsHandle 8304 -prefMapHandle 8220 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {cefd92f4-f5d5-4c8b-a207-9ebfef8c7e32} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=9408 -childID 65 -isForBrowser -prefsHandle 9652 -prefMapHandle 9664 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d6966c25-f403-45df-8a8f-ccf0c9e69bf9} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=9368 -childID 66 -isForBrowser -prefsHandle 7856 -prefMapHandle 9060 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f05a76a4-7f4d-467c-8a46-0faac20e471b} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=9288 -childID 67 -isForBrowser -prefsHandle 9560 -prefMapHandle 6400 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {fec5b207-8266-4e53-965b-78f6562c334e} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Windows\system32\NOTEPAD.EXE

"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\AppData\Local\Temp\Temp1_libstdc++-6_x86-64.zip\dllme.txt

C:\Users\Admin\Desktop\lol.exe

"C:\Users\Admin\Desktop\lol.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=9472 -childID 68 -isForBrowser -prefsHandle 7540 -prefMapHandle 5708 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7887d17b-26ff-4468-8a53-507b61e030b5} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5768 -childID 69 -isForBrowser -prefsHandle 9668 -prefMapHandle 6816 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {8765aeb3-024b-4862-af4e-c1fc88f095a3} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=10844 -childID 70 -isForBrowser -prefsHandle 6668 -prefMapHandle 9516 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {9f34a9be-239a-47ee-879c-5f1ce2c7d041} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6700 -childID 71 -isForBrowser -prefsHandle 7412 -prefMapHandle 3704 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {bd89d14a-92d6-44ef-a4c4-65ab967a0d51} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=10748 -childID 72 -isForBrowser -prefsHandle 6644 -prefMapHandle 7944 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {6f71aecf-9794-4f15-95bc-cf82e5654aa8} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Users\Admin\Desktop\lol.exe

"C:\Users\Admin\Desktop\lol.exe"

C:\Users\Admin\Desktop\lol.exe

"C:\Users\Admin\Desktop\lol.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7888 -childID 73 -isForBrowser -prefsHandle 8240 -prefMapHandle 9108 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {cf2a8b29-1434-4675-8b3f-b120972bc72d} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8492 -childID 74 -isForBrowser -prefsHandle 8800 -prefMapHandle 7892 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {391a87ef-eb7d-4e1f-a8c7-18172be25087} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Users\Admin\Downloads\VC_redist.x64.exe

"C:\Users\Admin\Downloads\VC_redist.x64.exe"

C:\Windows\Temp\{27BA76C9-07D9-4C67-B8C1-92CE7E58FDCB}\.cr\VC_redist.x64.exe

"C:\Windows\Temp\{27BA76C9-07D9-4C67-B8C1-92CE7E58FDCB}\.cr\VC_redist.x64.exe" -burn.clean.room="C:\Users\Admin\Downloads\VC_redist.x64.exe" -burn.filehandle.attached=576 -burn.filehandle.self=564

C:\Windows\Temp\{2C68D14F-954E-489A-A059-F5E59D4DC380}\.be\VC_redist.x64.exe

"C:\Windows\Temp\{2C68D14F-954E-489A-A059-F5E59D4DC380}\.be\VC_redist.x64.exe" -q -burn.elevated BurnPipe.{0C675A38-49F8-473F-9B6D-2FCD885B0541} {C496F31B-64D2-41FB-8F27-F01A3DFC47CE} 164

C:\Windows\system32\vssvc.exe

C:\Windows\system32\vssvc.exe

C:\Windows\system32\msiexec.exe

C:\Windows\system32\msiexec.exe /V

C:\ProgramData\Package Cache\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}\VC_redist.x64.exe

"C:\ProgramData\Package Cache\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}\VC_redist.x64.exe" -uninstall -quiet -burn.related.upgrade -burn.ancestors={5af95fd8-a22e-458f-acee-c61bd787178e} -burn.filehandle.self=1436 -burn.embedded BurnPipe.{F5FF21B5-77A2-4DED-B8A9-982177B4049A} {707456C8-D229-417F-AA97-E8030035D954} 4764

C:\ProgramData\Package Cache\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}\VC_redist.x64.exe

"C:\ProgramData\Package Cache\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}\VC_redist.x64.exe" -burn.clean.room="C:\ProgramData\Package Cache\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}\VC_redist.x64.exe" -burn.filehandle.attached=544 -burn.filehandle.self=564 -uninstall -quiet -burn.related.upgrade -burn.ancestors={5af95fd8-a22e-458f-acee-c61bd787178e} -burn.filehandle.self=1436 -burn.embedded BurnPipe.{F5FF21B5-77A2-4DED-B8A9-982177B4049A} {707456C8-D229-417F-AA97-E8030035D954} 4764

C:\ProgramData\Package Cache\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}\VC_redist.x64.exe

"C:\ProgramData\Package Cache\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}\VC_redist.x64.exe" -q -burn.elevated BurnPipe.{0050B456-F9F2-4506-A61B-602F764B480D} {79D7DF41-004A-4DF4-B060-6E6FA30395E1} 1952

C:\Users\Admin\Desktop\lol.exe

"C:\Users\Admin\Desktop\lol.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8244 -childID 75 -isForBrowser -prefsHandle 9380 -prefMapHandle 9612 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {bec7fc77-f8ed-4281-b6a6-d1b4e35c496d} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7928 -childID 76 -isForBrowser -prefsHandle 6600 -prefMapHandle 9536 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5e1c2079-f248-437e-bc41-3e3aea977873} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=10256 -childID 77 -isForBrowser -prefsHandle 8588 -prefMapHandle 7308 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e89c5329-ed8a-4512-b559-9ac726be9e4c} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6756 -childID 78 -isForBrowser -prefsHandle 10356 -prefMapHandle 7180 -prefsLen 28247 -prefMapSize 244694 -jsInitHandle 1432 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {15936f73-77ed-454f-b6a6-eac4467eec1b} 4000 "\\.\pipe\gecko-crash-server-pipe.4000" tab

C:\Users\Admin\Desktop\lol.exe

"C:\Users\Admin\Desktop\lol.exe"

C:\Windows\system32\taskmgr.exe

"C:\Windows\system32\taskmgr.exe" /4

C:\Users\Admin\Desktop\lol.exe

"C:\Users\Admin\Desktop\lol.exe"

C:\Users\Admin\Desktop\lol.exe

"C:\Users\Admin\Desktop\lol.exe"

C:\Windows\system32\pcwrun.exe

C:\Windows\system32\pcwrun.exe "C:\Users\Admin\Desktop\lol.exe" ContextMenu

C:\Windows\System32\msdt.exe

C:\Windows\System32\msdt.exe -path C:\Windows\diagnostics\index\PCWDiagnostic.xml -af C:\Users\Admin\AppData\Local\Temp\PCW4020.xml /skip TRUE

C:\Windows\System32\sdiagnhost.exe

C:\Windows\System32\sdiagnhost.exe -Embedding

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe

"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\Admin\AppData\Local\Temp\mom3lkog\mom3lkog.cmdline"

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\Admin\AppData\Local\Temp\RES45AE.tmp" "c:\Users\Admin\AppData\Local\Temp\mom3lkog\CSC7360BBA23E7A48D1B4404EAE2A39E510.TMP"

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe

"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\Admin\AppData\Local\Temp\ji3qkcui\ji3qkcui.cmdline"

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\Admin\AppData\Local\Temp\RES45ED.tmp" "c:\Users\Admin\AppData\Local\Temp\ji3qkcui\CSC8ABFC21DAE334EC2AD949CC6C394C9B5.TMP"

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe

"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\Admin\AppData\Local\Temp\pehda1ga\pehda1ga.cmdline"

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\Admin\AppData\Local\Temp\RES4FEF.tmp" "c:\Users\Admin\AppData\Local\Temp\pehda1ga\CSC6440F2734FD64C278EC2142DBBBBE41C.TMP"

C:\Windows\system32\rundll32.exe

"C:\Windows\system32\rundll32.exe" C:\Windows\system32\pcwutl.dll,LaunchApplication "C:\Users\Admin\Desktop\lol.exe"

C:\Users\Admin\Desktop\lol.exe

"C:\Users\Admin\Desktop\lol.exe"

C:\Windows\system32\rundll32.exe

"C:\Windows\system32\rundll32.exe" C:\Windows\system32\pcwutl.dll,LaunchApplication "C:\Users\Admin\Desktop\lol.exe"

C:\Users\Admin\Desktop\lol.exe

"C:\Users\Admin\Desktop\lol.exe"

C:\Windows\system32\rundll32.exe

"C:\Windows\system32\rundll32.exe" C:\Windows\system32\pcwutl.dll,LaunchApplication "C:\Users\Admin\Desktop\lol.exe"

C:\Users\Admin\Desktop\lol.exe

"C:\Users\Admin\Desktop\lol.exe"

Network

Country Destination Domain Proto
N/A 127.0.0.1:53584 tcp
US 8.8.8.8:53 cdn.discordapp.com udp
US 8.8.8.8:53 spocs.getpocket.com udp
US 8.8.8.8:53 firefox-api-proxy.cdn.mozilla.net udp
US 162.159.130.233:443 cdn.discordapp.com tcp
US 162.159.130.233:443 cdn.discordapp.com tcp
US 8.8.8.8:53 cdn.discordapp.com udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 34.149.97.1:443 firefox-api-proxy.cdn.mozilla.net tcp
US 8.8.8.8:53 firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 cdn.discordapp.com udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 prod.ads.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 58.55.71.13.in-addr.arpa udp
US 8.8.8.8:53 73.144.22.2.in-addr.arpa udp
US 8.8.8.8:53 firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.ads.prod.webservices.mozgcp.net udp
US 162.159.130.233:443 cdn.discordapp.com udp
US 8.8.8.8:53 233.130.159.162.in-addr.arpa udp
US 8.8.8.8:53 161.99.165.35.in-addr.arpa udp
US 8.8.8.8:53 73.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 57.169.31.20.in-addr.arpa udp
US 8.8.8.8:53 13.86.106.20.in-addr.arpa udp
N/A 127.0.0.1:53594 tcp
N/A 127.0.0.1:53983 tcp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
N/A 127.0.0.1:53995 tcp
US 8.8.8.8:53 www.google.com udp
NL 142.250.179.196:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
NL 142.250.179.196:443 www.google.com udp
US 8.8.8.8:53 196.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 131.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 3.36.251.142.in-addr.arpa udp
US 8.8.8.8:53 103.169.127.40.in-addr.arpa udp
US 8.8.8.8:53 18.31.95.13.in-addr.arpa udp
US 8.8.8.8:53 240.221.184.93.in-addr.arpa udp
US 8.8.8.8:53 ac.duckduckgo.com udp
IE 52.142.124.215:443 ac.duckduckgo.com tcp
US 8.8.8.8:53 duckduckgo.com udp
US 8.8.8.8:53 duckduckgo.com udp
US 8.8.8.8:53 215.124.142.52.in-addr.arpa udp
US 8.8.8.8:53 duckduckgo.com udp
IE 52.142.124.215:443 duckduckgo.com tcp
IE 52.142.124.215:443 duckduckgo.com tcp
US 8.8.8.8:53 duckduckgo.com udp
US 8.8.8.8:53 links.duckduckgo.com udp
IE 20.223.54.233:443 links.duckduckgo.com tcp
US 8.8.8.8:53 links.duckduckgo.com udp
IE 20.223.54.233:443 links.duckduckgo.com tcp
US 8.8.8.8:53 links.duckduckgo.com udp
US 8.8.8.8:53 233.54.223.20.in-addr.arpa udp
US 8.8.8.8:53 external-content.duckduckgo.com udp
IE 52.142.125.222:443 external-content.duckduckgo.com tcp
IE 52.142.125.222:443 external-content.duckduckgo.com tcp
US 8.8.8.8:53 external-content.duckduckgo.com udp
IE 52.142.125.222:443 external-content.duckduckgo.com tcp
US 8.8.8.8:53 external-content.duckduckgo.com udp
IE 52.142.125.222:443 external-content.duckduckgo.com tcp
IE 52.142.125.222:443 external-content.duckduckgo.com tcp
IE 52.142.125.222:443 external-content.duckduckgo.com tcp
US 8.8.8.8:53 222.125.142.52.in-addr.arpa udp
US 8.8.8.8:53 improving.duckduckgo.com udp
IE 52.142.124.215:443 improving.duckduckgo.com tcp
IE 52.142.124.215:443 improving.duckduckgo.com tcp
IE 52.142.124.215:443 improving.duckduckgo.com tcp
IE 52.142.124.215:443 improving.duckduckgo.com tcp
IE 52.142.124.215:443 improving.duckduckgo.com tcp
IE 52.142.124.215:443 improving.duckduckgo.com tcp
US 8.8.8.8:53 www.dll-files.com udp
GB 143.244.38.136:443 www.dll-files.com tcp
US 8.8.8.8:53 nextdllfiles.b-cdn.net udp
US 8.8.8.8:53 nextdllfiles.b-cdn.net udp
GB 143.244.38.136:443 nextdllfiles.b-cdn.net tcp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 location.services.mozilla.com udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 maxcdn.bootstrapcdn.com udp
US 8.8.8.8:53 c.pubguru.net udp
US 8.8.8.8:53 tg1.aniview.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
US 35.190.72.216:443 location.services.mozilla.com udp
US 8.8.8.8:53 prod.classify-client.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 prod.classify-client.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 maxcdn.bootstrapcdn.com udp
US 8.8.8.8:53 d3f4u3khr0ycep.cloudfront.net udp
US 8.8.8.8:53 e11385.dscd.akamaiedge.net udp
NL 142.251.39.106:443 ajax.googleapis.com tcp
NL 142.251.39.106:443 ajax.googleapis.com tcp
US 104.18.10.207:443 maxcdn.bootstrapcdn.com tcp
BE 18.239.208.55:443 d3f4u3khr0ycep.cloudfront.net tcp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 e11385.dscd.akamaiedge.net udp
US 8.8.8.8:53 d3f4u3khr0ycep.cloudfront.net udp
US 8.8.8.8:53 maxcdn.bootstrapcdn.com udp
NL 142.251.39.106:443 ajax.googleapis.com udp
US 104.18.10.207:443 maxcdn.bootstrapcdn.com udp
US 104.18.10.207:443 maxcdn.bootstrapcdn.com udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 a3.pubguru.net udp
US 8.8.8.8:53 ciscobinary.openh264.org udp
US 8.8.8.8:53 redirector.gvt1.com udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 a3.pubguru.net udp
DE 52.29.252.123:443 a3.pubguru.net tcp
US 8.8.8.8:53 a3.pubguru.net udp
NL 142.250.179.174:443 redirector.gvt1.com tcp
US 8.8.8.8:53 redirector.gvt1.com udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
GB 88.221.134.209:80 ciscobinary.openh264.org tcp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 136.38.244.143.in-addr.arpa udp
US 8.8.8.8:53 201.181.244.35.in-addr.arpa udp
US 8.8.8.8:53 216.72.190.35.in-addr.arpa udp
US 8.8.8.8:53 207.10.18.104.in-addr.arpa udp
US 8.8.8.8:53 106.39.251.142.in-addr.arpa udp
US 8.8.8.8:53 55.208.239.18.in-addr.arpa udp
GB 2.22.132.37:443 e11385.dscd.akamaiedge.net tcp
NL 142.250.179.162:443 securepubads.g.doubleclick.net tcp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 redirector.gvt1.com udp
NL 142.250.179.174:443 redirector.gvt1.com udp
US 8.8.8.8:53 r1---sn-5hne6nsk.gvt1.com udp
NL 142.250.179.162:443 securepubads.g.doubleclick.net udp
NL 172.217.132.38:443 r1---sn-5hne6nsk.gvt1.com tcp
US 8.8.8.8:53 r1.sn-5hne6nsk.gvt1.com udp
DE 52.29.252.123:443 a3.pubguru.net tcp
DE 52.29.252.123:443 a3.pubguru.net tcp
US 8.8.8.8:53 r1.sn-5hne6nsk.gvt1.com udp
US 8.8.8.8:53 track1.aniview.com udp
US 8.8.8.8:53 feed.avplayer.com udp
US 8.8.8.8:53 player.avplayer.com udp
NL 172.217.132.38:443 r1.sn-5hne6nsk.gvt1.com udp
US 8.8.8.8:53 track-sc-main-was.aniview.com udp
GB 23.200.147.114:443 feed.avplayer.com tcp
US 8.8.8.8:53 e16009.dscd.akamaiedge.net udp
GB 92.123.140.19:443 player.avplayer.com tcp
US 8.8.8.8:53 a1970.dscd.akamai.net udp
US 8.8.8.8:53 track-sc-main-was.aniview.com udp
US 8.8.8.8:53 e16009.dscd.akamaiedge.net udp
US 8.8.8.8:53 a1970.dscd.akamai.net udp
US 172.240.45.75:443 track-sc-main-was.aniview.com tcp
US 8.8.8.8:53 123.252.29.52.in-addr.arpa udp
US 8.8.8.8:53 174.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 209.134.221.88.in-addr.arpa udp
US 8.8.8.8:53 37.132.22.2.in-addr.arpa udp
US 8.8.8.8:53 162.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 46.36.251.142.in-addr.arpa udp
US 8.8.8.8:53 38.132.217.172.in-addr.arpa udp
US 8.8.8.8:53 114.147.200.23.in-addr.arpa udp
US 8.8.8.8:53 19.140.123.92.in-addr.arpa udp
US 172.240.45.75:443 track-sc-main-was.aniview.com udp
US 8.8.8.8:53 content1.avplayer.com udp
US 8.8.8.8:53 player.aniview.com udp
US 8.8.8.8:53 75.45.240.172.in-addr.arpa udp
US 8.8.8.8:53 168.179.250.142.in-addr.arpa udp
GB 92.123.143.216:443 player.aniview.com tcp
US 8.8.8.8:53 connect.facebook.net udp
US 8.8.8.8:53 fundingchoicesmessages.google.com udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 92.123.143.216:443 player.aniview.com udp
NL 142.250.179.174:443 fundingchoicesmessages.google.com tcp
US 8.8.8.8:53 www3.l.google.com udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 www.google.co.uk udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 www3.l.google.com udp
US 216.239.34.36:443 region1.analytics.google.com tcp
NL 172.217.168.195:443 www.google.co.uk tcp
US 8.8.8.8:53 www.google.co.uk udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 go1.aniview.com udp
US 8.8.8.8:53 www.google.co.uk udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 172.240.45.81:443 go1.aniview.com tcp
US 8.8.8.8:53 go1-sc-main-was.aniview.com udp
US 8.8.8.8:53 go1-sc-main-was.aniview.com udp
NL 142.250.179.174:443 www3.l.google.com udp
NL 172.217.168.195:443 www.google.co.uk udp
US 216.239.34.36:443 region1.analytics.google.com tcp
GB 92.123.140.19:443 player.aniview.com tcp
GB 92.123.140.19:443 player.aniview.com tcp
GB 92.123.140.19:443 player.aniview.com tcp
GB 92.123.140.19:443 player.aniview.com tcp
GB 92.123.140.19:443 player.aniview.com tcp
GB 92.123.140.19:443 player.aniview.com tcp
US 216.239.34.36:443 region1.analytics.google.com udp
US 172.240.45.81:443 go1-sc-main-was.aniview.com udp
NL 142.250.102.154:443 stats.g.doubleclick.net tcp
US 8.8.8.8:53 216.143.123.92.in-addr.arpa udp
GB 92.123.140.19:443 player.aniview.com tcp
GB 92.123.140.19:443 player.aniview.com tcp
GB 92.123.140.19:443 player.aniview.com tcp
GB 92.123.140.19:443 player.aniview.com tcp
GB 92.123.140.19:443 player.aniview.com tcp
GB 92.123.140.19:443 player.aniview.com tcp
US 8.8.8.8:53 195.168.217.172.in-addr.arpa udp
US 8.8.8.8:53 81.45.240.172.in-addr.arpa udp
US 8.8.8.8:53 36.34.239.216.in-addr.arpa udp
US 8.8.8.8:53 ads.pubmatic.com udp
US 8.8.8.8:53 secure.adnxs.com udp
US 8.8.8.8:53 ads.stickyadstv.com udp
US 8.8.8.8:53 u.openx.net udp
US 8.8.8.8:53 secure-assets.rubiconproject.com udp
GB 2.18.108.192:443 ads.pubmatic.com tcp
NL 185.89.211.84:443 secure.adnxs.com tcp
NL 142.250.102.154:443 stats.g.doubleclick.net udp
DE 157.240.210.14:443 scontent.xx.fbcdn.net tcp
GB 2.22.101.110:443 secure-assets.rubiconproject.com tcp
US 8.8.8.8:53 e6603.g.akamaiedge.net udp
FR 154.54.250.81:443 ads.stickyadstv.com tcp
FR 154.54.250.81:443 ads.stickyadstv.com tcp
US 8.8.8.8:53 ib.anycast.adnxs.com udp
US 8.8.8.8:53 e8960.e2.akamaiedge.net udp
US 34.98.64.218:443 u.openx.net tcp
US 8.8.8.8:53 eu-west-dual.ads.stickyadstv.com.akadns.net udp
US 8.8.8.8:53 u.openx.net udp
US 8.8.8.8:53 ssp.disqus.com udp
DE 157.240.210.14:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 ib.anycast.adnxs.com udp
US 8.8.8.8:53 e6603.g.akamaiedge.net udp
US 8.8.8.8:53 u.openx.net udp
US 34.98.64.218:443 u.openx.net udp
US 54.236.171.51:443 ssp.disqus.com tcp
US 8.8.8.8:53 zeta-ssp-385516103.us-east-1.elb.amazonaws.com udp
US 8.8.8.8:53 e8960.e2.akamaiedge.net udp
US 8.8.8.8:53 eu-west-dual.ads.stickyadstv.com.akadns.net udp
US 8.8.8.8:53 zeta-ssp-385516103.us-east-1.elb.amazonaws.com udp
US 8.8.8.8:53 154.102.250.142.in-addr.arpa udp
US 8.8.8.8:53 192.108.18.2.in-addr.arpa udp
US 8.8.8.8:53 84.211.89.185.in-addr.arpa udp
US 8.8.8.8:53 14.210.240.157.in-addr.arpa udp
US 8.8.8.8:53 110.101.22.2.in-addr.arpa udp
US 8.8.8.8:53 218.64.98.34.in-addr.arpa udp
US 8.8.8.8:53 81.250.54.154.in-addr.arpa udp
US 8.8.8.8:53 c.amazon-adsystem.com udp
US 8.8.8.8:53 sync.aniview.com udp
US 8.8.8.8:53 lh3.googleusercontent.com udp
US 172.240.45.78:443 sync.aniview.com tcp
US 8.8.8.8:53 sync-sc-main-was.aniview.com udp
GB 95.100.245.251:443 eus.rubiconproject.com tcp
US 8.8.8.8:53 e8960.b.akamaiedge.net udp
BE 18.239.212.129:443 c.amazon-adsystem.com tcp
US 8.8.8.8:53 d1ykf07e75w7ss.cloudfront.net udp
US 172.240.45.78:443 sync-sc-main-was.aniview.com tcp
NL 142.251.39.97:443 lh3.googleusercontent.com tcp
US 8.8.8.8:53 googlehosted.l.googleusercontent.com udp
US 8.8.8.8:53 sync-sc-main-was.aniview.com udp
US 8.8.8.8:53 e8960.b.akamaiedge.net udp
US 8.8.8.8:53 googlehosted.l.googleusercontent.com udp
US 8.8.8.8:53 d1ykf07e75w7ss.cloudfront.net udp
NL 142.251.39.97:443 googlehosted.l.googleusercontent.com udp
DE 157.240.210.14:443 scontent.xx.fbcdn.net udp
US 172.240.45.78:443 sync-sc-main-was.aniview.com udp
US 8.8.8.8:53 sync.go.sonobi.com udp
US 69.166.1.67:443 sync.go.sonobi.com tcp
US 8.8.8.8:53 iad-2-sync.go.sonobi.com udp
BE 18.239.212.129:443 d1ykf07e75w7ss.cloudfront.net tcp
US 8.8.8.8:53 iad-2-sync.go.sonobi.com udp
US 8.8.8.8:53 config.aps.amazon-adsystem.com udp
US 8.8.8.8:53 aax.amazon-adsystem.com udp
US 8.8.8.8:53 config.aps.amazon-adsystem.com udp
GB 18.154.87.148:443 aax.amazon-adsystem.com tcp
US 8.8.8.8:53 d1jvc9b8z3vcjs.cloudfront.net udp
US 8.8.8.8:53 config.aps.amazon-adsystem.com udp
US 8.8.8.8:53 secure.cdn.fastclick.net udp
US 8.8.8.8:53 d1jvc9b8z3vcjs.cloudfront.net udp
US 8.8.8.8:53 tags.crwdcntrl.net udp
US 8.8.8.8:53 cdn.id5-sync.com udp
US 8.8.8.8:53 cdn.hadronid.net udp
US 8.8.8.8:53 cdn.browsiprod.com udp
US 8.8.8.8:53 cdn.hadronid.net udp
US 8.8.8.8:53 cdn.browsiprod.com udp
US 8.8.8.8:53 e4536.g.akamaiedge.net udp
US 8.8.8.8:53 cdn.id5-sync.com udp
US 8.8.8.8:53 tags.crwdcntrl.net udp
US 8.8.8.8:53 51.171.236.54.in-addr.arpa udp
US 8.8.8.8:53 251.245.100.95.in-addr.arpa udp
US 8.8.8.8:53 42.36.251.142.in-addr.arpa udp
US 8.8.8.8:53 129.212.239.18.in-addr.arpa udp
US 8.8.8.8:53 97.39.251.142.in-addr.arpa udp
US 8.8.8.8:53 78.45.240.172.in-addr.arpa udp
US 8.8.8.8:53 67.1.166.69.in-addr.arpa udp
US 8.8.8.8:53 148.87.154.18.in-addr.arpa udp
US 8.8.8.8:53 e4536.g.akamaiedge.net udp
US 8.8.8.8:53 cdn.browsiprod.com udp
US 8.8.8.8:53 cdn.hadronid.net udp
US 8.8.8.8:53 cdn.id5-sync.com udp
US 8.8.8.8:53 tags.crwdcntrl.net udp
BE 18.239.208.31:443 config.aps.amazon-adsystem.com tcp
GB 23.49.161.153:443 e4536.g.akamaiedge.net tcp
GB 18.245.143.58:443 tags.crwdcntrl.net tcp
US 104.22.52.173:443 cdn.hadronid.net tcp
US 104.22.53.86:443 cdn.id5-sync.com tcp
BE 18.239.208.61:443 cdn.browsiprod.com tcp
GB 23.49.161.153:443 e4536.g.akamaiedge.net tcp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
DE 157.240.210.35:443 star-mini.c10r.facebook.com tcp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 imasdk.googleapis.com udp
US 8.8.8.8:53 id.hadron.ad.gt udp
NL 172.217.23.202:443 imasdk.googleapis.com tcp
US 8.8.8.8:53 imasdk.googleapis.com udp
US 8.8.8.8:53 token.rubiconproject.com udp
US 172.67.23.234:443 id.hadron.ad.gt tcp
US 172.67.23.234:443 id.hadron.ad.gt tcp
US 8.8.8.8:53 id.hadron.ad.gt.cdn.cloudflare.net udp
US 8.8.8.8:53 id.hadron.ad.gt.cdn.cloudflare.net udp
US 8.8.8.8:53 imasdk.googleapis.com udp
NL 69.173.156.149:443 token.rubiconproject.com tcp
US 8.8.8.8:53 pixel.rubiconproject.net.akadns.net udp
US 8.8.8.8:53 ce.lijit.com udp
US 8.8.8.8:53 events.browsiprod.com udp
US 8.8.8.8:53 pixel.rubiconproject.net.akadns.net udp
US 8.8.8.8:53 yield-manager.browsiprod.com udp
IE 54.74.174.198:443 ce.lijit.com tcp
US 8.8.8.8:53 raptor-prd-ew1-alb-2127381300.eu-west-1.elb.amazonaws.com udp
NL 172.217.23.202:443 imasdk.googleapis.com udp
US 54.187.187.230:443 events.browsiprod.com tcp
US 8.8.8.8:53 events.browsiprod.com udp
DE 157.240.210.35:443 star-mini.c10r.facebook.com udp
BE 18.239.208.14:443 yield-manager.browsiprod.com tcp
US 8.8.8.8:53 yield-manager.browsiprod.com udp
US 8.8.8.8:53 raptor-prd-ew1-alb-2127381300.eu-west-1.elb.amazonaws.com udp
US 8.8.8.8:53 events.browsiprod.com udp
US 8.8.8.8:53 yield-manager.browsiprod.com udp
US 8.8.8.8:53 s0.2mdn.net udp
NL 142.251.39.102:443 s0.2mdn.net tcp
NL 142.251.39.102:443 s0.2mdn.net tcp
US 8.8.8.8:53 s0.2mdn.net udp
NL 142.251.39.102:443 s0.2mdn.net tcp
NL 142.251.39.102:443 s0.2mdn.net tcp
NL 142.251.39.102:443 s0.2mdn.net tcp
US 8.8.8.8:53 a.ad.gt udp
US 8.8.8.8:53 86.53.22.104.in-addr.arpa udp
US 8.8.8.8:53 153.161.49.23.in-addr.arpa udp
US 8.8.8.8:53 173.52.22.104.in-addr.arpa udp
US 8.8.8.8:53 58.143.245.18.in-addr.arpa udp
US 8.8.8.8:53 31.208.239.18.in-addr.arpa udp
US 8.8.8.8:53 61.208.239.18.in-addr.arpa udp
US 8.8.8.8:53 35.210.240.157.in-addr.arpa udp
US 8.8.8.8:53 202.23.217.172.in-addr.arpa udp
US 8.8.8.8:53 234.23.67.172.in-addr.arpa udp
US 8.8.8.8:53 149.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 198.174.74.54.in-addr.arpa udp
US 8.8.8.8:53 14.208.239.18.in-addr.arpa udp
US 8.8.8.8:53 230.187.187.54.in-addr.arpa udp
US 172.67.23.234:443 a.ad.gt tcp
US 8.8.8.8:53 a.ad.gt.cdn.cloudflare.net udp
US 8.8.8.8:53 s0.2mdn.net udp
NL 142.251.39.102:443 s0.2mdn.net udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
DE 157.240.210.14:443 static.xx.fbcdn.net tcp
DE 157.240.210.14:443 static.xx.fbcdn.net udp
DE 157.240.210.14:443 static.xx.fbcdn.net udp
US 8.8.8.8:53 102.39.251.142.in-addr.arpa udp
US 8.8.8.8:53 34.36.251.142.in-addr.arpa udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 rtb.openx.net udp
US 8.8.8.8:53 ib.adnxs.com udp
US 8.8.8.8:53 bcp.crwdcntrl.net udp
DE 37.252.171.149:443 ib.adnxs.com tcp
US 35.186.253.211:443 rtb.openx.net tcp
US 8.8.8.8:53 rtb.openx.net udp
IE 52.215.64.44:443 bcp.crwdcntrl.net tcp
US 8.8.8.8:53 rtb.openx.net udp
US 8.8.8.8:53 bcp.crwdcntrl.net udp
US 35.186.253.211:443 rtb.openx.net udp
US 8.8.8.8:53 bcp.crwdcntrl.net udp
US 8.8.8.8:53 73640531b9620782288b33f24e3232c4.safeframe.googlesyndication.com udp
US 8.8.8.8:53 a3.pubguru.net udp
US 8.8.8.8:53 ids.ad.gt udp
DE 157.240.210.14:443 scontent.xx.fbcdn.net tcp
DE 157.240.210.14:443 scontent.xx.fbcdn.net tcp
US 8.8.8.8:53 match.adsrvr.org udp
NL 142.250.179.193:443 73640531b9620782288b33f24e3232c4.safeframe.googlesyndication.com tcp
US 8.8.8.8:53 pagead-googlehosted.l.google.com udp
US 8.8.8.8:53 ids.ad.gt udp
DE 157.240.210.14:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 pagead-googlehosted.l.google.com udp
US 8.8.8.8:53 ids.ad.gt udp
US 8.8.8.8:53 211.253.186.35.in-addr.arpa udp
US 8.8.8.8:53 149.171.252.37.in-addr.arpa udp
US 8.8.8.8:53 44.64.215.52.in-addr.arpa udp
US 8.8.8.8:53 image2.pubmatic.com udp
US 8.8.8.8:53 match.adsrvr.org udp
US 8.8.8.8:53 cm.g.doubleclick.net udp
US 8.8.8.8:53 onetag-sys.com udp
US 8.8.8.8:53 match.adsrvr.org udp
US 8.8.8.8:53 pug-ams-bc.pubmnet.com udp
US 8.8.8.8:53 dpm.demdex.net udp
US 8.8.8.8:53 p.ad.gt udp
US 8.8.8.8:53 proc.ad.cpe.dotomi.com udp
NL 142.250.179.193:443 pagead-googlehosted.l.google.com udp
US 8.8.8.8:53 pug-ams-bc.pubmnet.com udp
US 8.8.8.8:53 cm.g.doubleclick.net udp
NL 63.215.202.178:443 proc.ad.cpe.dotomi.com tcp
US 8.8.8.8:53 p.ad.gt.cdn.cloudflare.net udp
US 44.227.62.242:443 ids.ad.gt tcp
US 35.71.131.137:443 match.adsrvr.org tcp
NL 198.47.127.205:443 pug-ams-bc.pubmnet.com tcp
NL 216.58.214.2:443 cm.g.doubleclick.net tcp
US 44.227.62.242:443 ids.ad.gt tcp
US 8.8.8.8:53 onetag-sys.com udp
DE 51.89.9.252:443 onetag-sys.com tcp
US 69.166.1.67:443 iad-2-sync.go.sonobi.com tcp
IE 52.214.73.191:443 dpm.demdex.net tcp
US 172.67.23.234:443 p.ad.gt.cdn.cloudflare.net tcp
US 8.8.8.8:53 convex-rr.global.dual.dotomi.weighted.com.akadns.net udp
US 8.8.8.8:53 dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com udp
US 8.8.8.8:53 dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com udp
US 8.8.8.8:53 convex-rr.global.dual.dotomi.weighted.com.akadns.net udp
US 8.8.8.8:53 p.ad.gt.cdn.cloudflare.net udp
US 8.8.8.8:53 onetag-sys.com udp
US 8.8.8.8:53 track1.avplayer.com udp
US 172.240.45.76:443 track1.avplayer.com tcp
US 8.8.8.8:53 track-sc-main-was.avplayer.com udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
US 8.8.8.8:53 cdn.ampproject.org udp
US 8.8.8.8:53 id5-sync.com udp
US 8.8.8.8:53 lb.eu-1-id5-sync.com udp
US 8.8.8.8:53 track-sc-main-was.avplayer.com udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
DE 51.89.9.252:443 onetag-sys.com udp
DE 162.19.138.83:443 lb.eu-1-id5-sync.com tcp
DE 162.19.138.117:443 lb.eu-1-id5-sync.com tcp
NL 216.58.214.2:443 cm.g.doubleclick.net udp
US 8.8.8.8:53 id5-sync.com udp
NL 142.250.179.129:443 cdn.ampproject.org tcp
NL 142.250.179.129:443 cdn.ampproject.org tcp
NL 142.250.179.129:443 cdn.ampproject.org tcp
NL 142.250.179.129:443 cdn.ampproject.org tcp
NL 142.250.179.129:443 cdn.ampproject.org tcp
US 8.8.8.8:53 lb.eu-1-id5-sync.com udp
US 8.8.8.8:53 id5-sync.com udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
US 8.8.8.8:53 lb.eu-1-id5-sync.com udp
US 8.8.8.8:53 cdn-content.ampproject.org udp
US 172.240.45.76:443 track-sc-main-was.avplayer.com udp
US 8.8.8.8:53 cdn-content.ampproject.org udp
US 8.8.8.8:53 193.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 137.131.71.35.in-addr.arpa udp
US 8.8.8.8:53 178.202.215.63.in-addr.arpa udp
US 8.8.8.8:53 205.127.47.198.in-addr.arpa udp
US 8.8.8.8:53 2.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 191.73.214.52.in-addr.arpa udp
US 8.8.8.8:53 252.9.89.51.in-addr.arpa udp
US 8.8.8.8:53 242.62.227.44.in-addr.arpa udp
US 8.8.8.8:53 76.45.240.172.in-addr.arpa udp
US 8.8.8.8:53 117.138.19.162.in-addr.arpa udp
US 8.8.8.8:53 83.138.19.162.in-addr.arpa udp
US 8.8.8.8:53 129.179.250.142.in-addr.arpa udp
NL 142.250.179.129:443 cdn-content.ampproject.org udp
NL 142.251.39.97:443 tpc.googlesyndication.com tcp
NL 142.251.39.97:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 pubads.g.doubleclick.net udp
NL 216.58.208.98:443 pubads.g.doubleclick.net tcp
NL 216.58.208.98:443 pubads.g.doubleclick.net tcp
NL 216.58.208.98:443 pubads.g.doubleclick.net tcp
NL 216.58.208.98:443 pubads.g.doubleclick.net tcp
NL 216.58.208.98:443 pubads.g.doubleclick.net tcp
US 8.8.8.8:53 pubads.g.doubleclick.net udp
US 8.8.8.8:53 pubads.g.doubleclick.net udp
US 8.8.8.8:53 98.208.58.216.in-addr.arpa udp
US 104.18.10.207:443 maxcdn.bootstrapcdn.com tcp
BE 18.239.208.55:443 d3f4u3khr0ycep.cloudfront.net tcp
US 8.8.8.8:53 d3f4u3khr0ycep.cloudfront.net udp
NL 142.251.39.106:443 ajax.googleapis.com tcp
NL 216.58.208.98:443 pubads.g.doubleclick.net udp
NL 142.250.179.162:443 securepubads.g.doubleclick.net tcp
US 172.240.45.75:443 track-sc-main-was.aniview.com tcp
GB 92.123.140.19:443 player.aniview.com tcp
US 8.8.8.8:53 track-sc-main-was.aniview.com udp
GB 92.123.140.19:443 player.aniview.com tcp
NL 142.250.179.174:443 www3.l.google.com tcp
DE 157.240.210.14:443 scontent.xx.fbcdn.net tcp
NL 142.251.39.102:443 s0.2mdn.net tcp
DE 157.240.210.14:443 scontent.xx.fbcdn.net udp
NL 142.250.179.196:443 www.google.com tcp
US 8.8.8.8:53 pixels.ad.gt udp
US 8.8.8.8:53 csi.gstatic.com udp
NL 142.250.179.196:443 www.google.com udp
FR 172.217.20.163:443 csi.gstatic.com tcp
FR 172.217.20.163:443 csi.gstatic.com tcp
FR 172.217.20.163:443 csi.gstatic.com tcp
US 8.8.8.8:53 csi.gstatic.com udp
US 8.8.8.8:53 pixels.ad.gt.cdn.cloudflare.net udp
US 8.8.8.8:53 play.aniview.com udp
US 8.8.8.8:53 csi.gstatic.com udp
GB 2.22.132.37:443 play.aniview.com tcp
US 8.8.8.8:53 pixels.ad.gt.cdn.cloudflare.net udp
FR 172.217.20.163:443 csi.gstatic.com udp
US 104.22.5.69:443 pixels.ad.gt.cdn.cloudflare.net tcp
US 172.67.23.234:443 pixels.ad.gt.cdn.cloudflare.net tcp
DE 157.240.210.14:443 scontent.xx.fbcdn.net tcp
DE 157.240.210.14:443 scontent.xx.fbcdn.net tcp
US 8.8.8.8:53 98.58.20.217.in-addr.arpa udp
US 8.8.8.8:53 163.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 69.5.22.104.in-addr.arpa udp
US 8.8.8.8:53 e8d5af8877e1b684a62eecd0f6b3cd7c.safeframe.googlesyndication.com udp
NL 142.250.179.193:443 e8d5af8877e1b684a62eecd0f6b3cd7c.safeframe.googlesyndication.com tcp
NL 142.250.179.193:443 e8d5af8877e1b684a62eecd0f6b3cd7c.safeframe.googlesyndication.com udp
NL 142.251.39.97:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 prod.us-east-1.cxm-bcn.publisher-services.amazon.dev udp
US 54.82.185.231:443 prod.us-east-1.cxm-bcn.publisher-services.amazon.dev tcp
US 8.8.8.8:53 prod.us-east-1.cxm-bcn.publisher-services.amazon.dev udp
US 8.8.8.8:53 prod.us-east-1.cxm-bcn.publisher-services.amazon.dev udp
NL 142.251.39.97:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 aax-eu.amazon-adsystem.com udp
IE 52.95.115.196:443 aax-eu.amazon-adsystem.com tcp
US 8.8.8.8:53 aax-eu.amazon-adsystem.com udp
NL 142.250.179.193:443 e8d5af8877e1b684a62eecd0f6b3cd7c.safeframe.googlesyndication.com udp
US 8.8.8.8:53 aax-eu.amazon-adsystem.com udp
US 8.8.8.8:53 231.185.82.54.in-addr.arpa udp
US 8.8.8.8:53 196.115.95.52.in-addr.arpa udp
DE 157.240.210.14:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 events.browsiprod.com udp
DE 157.240.210.14:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 events.browsiprod.com udp
US 8.8.8.8:53 events.browsiprod.com udp
NL 142.251.39.97:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 a3.pubguru.net udp
DE 157.240.210.14:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 194.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 ad.360yield.com udp
US 8.8.8.8:53 sync.1rx.io udp
US 8.8.8.8:53 bh.contextweb.com udp
US 8.8.8.8:53 sync.smartadserver.com udp
US 8.8.8.8:53 acdn.adnxs.com udp
US 8.8.8.8:53 monetizemore-d.openx.net udp
FR 178.32.197.57:443 sync.smartadserver.com tcp
US 8.8.8.8:53 rtb-csync-euw2.smartadserver.com udp
US 34.98.64.218:443 monetizemore-d.openx.net tcp
US 34.98.64.218:443 monetizemore-d.openx.net udp
FR 91.134.110.137:443 rtb-csync-euw2.smartadserver.com tcp
US 8.8.8.8:53 monetizemore-d.openx.net udp
NL 46.228.174.117:443 sync.1rx.io tcp
US 151.101.193.108:443 acdn.adnxs.com tcp
US 8.8.8.8:53 sync.1rx.io udp
NL 208.93.169.131:443 bh.contextweb.com tcp
US 8.8.8.8:53 prod.appnexus.map.fastly.net udp
IE 52.31.201.175:443 ad.360yield.com tcp
US 8.8.8.8:53 am1-direct-bgp.contextweb.com udp
US 8.8.8.8:53 euw-ice.360yield.com udp
US 8.8.8.8:53 am1-direct-bgp.contextweb.com udp
US 8.8.8.8:53 prod.appnexus.map.fastly.net udp
US 8.8.8.8:53 sync.1rx.io udp
US 8.8.8.8:53 monetizemore-d.openx.net udp
US 8.8.8.8:53 57.197.32.178.in-addr.arpa udp
US 8.8.8.8:53 137.110.134.91.in-addr.arpa udp
US 8.8.8.8:53 108.193.101.151.in-addr.arpa udp
US 8.8.8.8:53 117.174.228.46.in-addr.arpa udp
US 8.8.8.8:53 131.169.93.208.in-addr.arpa udp
US 8.8.8.8:53 175.201.31.52.in-addr.arpa udp
US 8.8.8.8:53 tg1.aniview.com udp
US 8.8.8.8:53 a1970.dscd.akamai.net udp
US 8.8.8.8:53 d1ykf07e75w7ss.cloudfront.net udp
US 8.8.8.8:53 config.aps.amazon-adsystem.com udp
US 8.8.8.8:53 us-west1.prod.sumo.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 a1970.dscd.akamai.net udp
US 8.8.8.8:53 tags.crwdcntrl.net udp
US 8.8.8.8:53 e11385.dscd.akamaiedge.net udp
US 8.8.8.8:53 us-west1.prod.sumo.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 cdn.browsiprod.com udp
US 8.8.8.8:53 e11385.dscd.akamaiedge.net udp
US 172.240.45.75:443 track-sc-main-was.aniview.com tcp
GB 23.49.161.153:443 e4536.g.akamaiedge.net tcp
US 8.8.8.8:53 e4536.g.akamaiedge.net udp
US 104.22.52.173:443 cdn.hadronid.net tcp
US 44.227.62.242:443 ids.ad.gt tcp
NL 142.251.39.97:443 tpc.googlesyndication.com tcp
US 8.8.8.8:53 ids.ad.gt udp
US 8.8.8.8:53 feed.avplayer.com udp
US 8.8.8.8:53 player.avplayer.com udp
US 8.8.8.8:53 e16009.dscd.akamaiedge.net udp
US 8.8.8.8:53 e16009.dscd.akamaiedge.net udp
US 8.8.8.8:53 9dcda943eaf2047155a14c959e2de9d7.safeframe.googlesyndication.com udp
NL 142.250.179.193:443 9dcda943eaf2047155a14c959e2de9d7.safeframe.googlesyndication.com tcp
NL 142.250.179.193:443 9dcda943eaf2047155a14c959e2de9d7.safeframe.googlesyndication.com udp
US 8.8.8.8:53 player.aniview.com udp
NL 142.251.39.97:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 events.browsiprod.com udp
US 8.8.8.8:53 ids.ad.gt udp
US 8.8.8.8:53 a3.pubguru.net udp
US 8.8.8.8:53 a.ad.gt udp
DE 157.240.210.14:443 scontent.xx.fbcdn.net udp
DE 157.240.210.14:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 servx.opamarketplace.com udp
US 172.240.45.73:443 servx.opamarketplace.com tcp
US 8.8.8.8:53 v2v-sc-main-was.adservrs.com udp
US 8.8.8.8:53 v2v-sc-main-was.adservrs.com udp
US 8.8.8.8:53 73.45.240.172.in-addr.arpa udp
US 172.240.45.73:443 v2v-sc-main-was.adservrs.com udp
US 8.8.8.8:53 track4.aniview.com udp
US 172.240.45.75:443 track4.aniview.com tcp
US 8.8.8.8:53 track-sc-main-was.aniview.com udp
US 172.240.45.75:443 track4.aniview.com udp
US 34.98.64.218:443 monetizemore-d.openx.net udp
US 172.240.45.75:443 track4.aniview.com tcp
NL 142.250.179.129:443 cdn-content.ampproject.org tcp
NL 142.251.39.106:443 ajax.googleapis.com udp
US 8.8.8.8:53 a3.pubguru.net udp
US 8.8.8.8:53 ed20c9f2047e1c67ac748fef3c0d8a44.safeframe.googlesyndication.com udp
NL 142.250.179.193:443 ed20c9f2047e1c67ac748fef3c0d8a44.safeframe.googlesyndication.com tcp
NL 142.250.179.193:443 ed20c9f2047e1c67ac748fef3c0d8a44.safeframe.googlesyndication.com udp
US 8.8.8.8:53 s2s.aniview.com udp
US 172.240.45.70:443 s2s.aniview.com tcp
US 8.8.8.8:53 s2s-sc-main-was.aniview.com udp
NL 142.251.39.97:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 s2s-sc-main-was.aniview.com udp
US 8.8.8.8:53 70.45.240.172.in-addr.arpa udp
US 8.8.8.8:53 secure.cdn.fastclick.net udp
US 8.8.8.8:53 e4536.g.akamaiedge.net udp
US 8.8.8.8:53 e4536.g.akamaiedge.net udp
US 8.8.8.8:53 events.browsiprod.com udp
US 172.240.45.70:443 s2s-sc-main-was.aniview.com udp
US 8.8.8.8:53 aax-eu.amazon-adsystem.com udp
US 8.8.8.8:53 aax-eu.amazon-adsystem.com udp
US 8.8.8.8:53 ids.ad.gt udp
US 8.8.8.8:53 ids.ad.gt udp
US 8.8.8.8:53 ids.ad.gt udp
DE 157.240.210.14:443 scontent.xx.fbcdn.net udp
DE 157.240.210.14:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 content1.avplayer.com udp
US 34.98.64.218:443 monetizemore-d.openx.net udp
IE 52.142.124.215:443 improving.duckduckgo.com tcp
IE 52.142.125.222:443 external-content.duckduckgo.com tcp
US 8.8.8.8:53 duckduckgo.com udp
US 8.8.8.8:53 external-content.duckduckgo.com udp
US 8.8.8.8:53 duckduckgo.com udp
US 8.8.8.8:53 external-content.duckduckgo.com udp
IE 20.223.54.233:443 links.duckduckgo.com tcp
US 8.8.8.8:53 links.duckduckgo.com udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 43.58.199.20.in-addr.arpa udp
US 8.8.8.8:53 10.27.171.150.in-addr.arpa udp
US 8.8.8.8:53 windowsreport.com udp
US 8.8.8.8:53 windowsreport.com udp
US 104.26.14.13:443 windowsreport.com tcp
US 8.8.8.8:53 13.14.26.104.in-addr.arpa udp
US 8.8.8.8:53 windowsreport.com udp
US 8.8.8.8:53 improving.duckduckgo.com udp
US 104.26.14.13:443 windowsreport.com tcp
IE 52.142.124.215:443 improving.duckduckgo.com tcp
US 8.8.8.8:53 duckduckgo.com udp
US 8.8.8.8:53 duckduckgo.com udp
US 104.26.14.13:443 windowsreport.com udp
US 8.8.8.8:53 cdn.windowsreport.com udp
US 104.26.15.13:443 cdn.windowsreport.com tcp
US 8.8.8.8:53 cdn.windowsreport.com udp
US 8.8.8.8:53 cdn.windowsreport.com udp
US 104.26.15.13:443 cdn.windowsreport.com udp
US 8.8.8.8:53 scripts.pubnation.com udp
US 8.8.8.8:53 a2.shared.global.fastly.net udp
US 151.101.193.132:443 a2.shared.global.fastly.net tcp
US 8.8.8.8:53 a2.shared.global.fastly.net udp
US 8.8.8.8:53 13.15.26.104.in-addr.arpa udp
US 8.8.8.8:53 132.193.101.151.in-addr.arpa udp
US 8.8.8.8:53 assets.mailerlite.com udp
US 172.64.150.190:443 assets.mailerlite.com tcp
US 8.8.8.8:53 assets.mailerlite.com udp
US 8.8.8.8:53 assets.mailerlite.com udp
US 8.8.8.8:53 privacy-center.fides.mediavine.com udp
US 172.64.150.190:443 assets.mailerlite.com udp
NL 142.250.179.162:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 p.ssl.global.fastly.net udp
US 8.8.8.8:53 p.ssl.global.fastly.net udp
US 8.8.8.8:53 exchange.pubnation.com udp
NL 142.250.179.162:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 keywords.pubnation.com udp
US 8.8.8.8:53 assets.mlcdn.com udp
US 8.8.8.8:53 groot.mailerlite.com udp
US 8.8.8.8:53 exchange.pubnation.com udp
DE 18.157.243.145:443 exchange.pubnation.com tcp
US 151.101.129.132:443 keywords.pubnation.com tcp
US 104.18.37.66:443 groot.mailerlite.com tcp
US 8.8.8.8:53 assets.mlcdn.com udp
US 8.8.8.8:53 groot.mailerlite.com udp
US 8.8.8.8:53 190.150.64.172.in-addr.arpa udp
US 104.22.6.203:443 assets.mlcdn.com tcp
US 8.8.8.8:53 cdn.confiant-integrations.net udp
US 8.8.8.8:53 groot.mailerlite.com udp
US 8.8.8.8:53 assets.mlcdn.com udp
US 104.18.37.66:443 groot.mailerlite.com udp
US 8.8.8.8:53 cdn.confiant-integrations.net udp
US 8.8.8.8:53 cdn.confiant-integrations.net udp
US 8.8.8.8:53 fonts.mailerlite.com udp
US 216.239.34.36:443 region1.analytics.google.com tcp
US 8.8.8.8:53 region1.analytics.google.com udp
US 172.64.150.190:443 fonts.mailerlite.com tcp
US 8.8.8.8:53 fonts.mailerlite.com udp
US 8.8.8.8:53 www.google.co.uk udp
US 8.8.8.8:53 faves.grow.me udp
NL 172.217.168.195:443 www.google.co.uk tcp
US 8.8.8.8:53 fonts.mailerlite.com udp
US 8.8.8.8:53 l2.shared.global.fastly.net udp
US 216.239.34.36:443 region1.analytics.google.com udp
US 8.8.8.8:53 l2.shared.global.fastly.net udp
US 172.64.150.190:443 fonts.mailerlite.com udp
US 8.8.8.8:53 btloader.com udp
US 8.8.8.8:53 btloader.com udp
US 8.8.8.8:53 btloader.com udp
NL 142.250.102.154:443 stats.g.doubleclick.net tcp
US 151.101.1.7:443 p.ssl.global.fastly.net tcp
US 104.18.20.97:443 cdn.confiant-integrations.net tcp
US 151.101.2.49:443 l2.shared.global.fastly.net tcp
US 104.22.74.216:443 btloader.com tcp
US 8.8.8.8:53 145.243.157.18.in-addr.arpa udp
US 8.8.8.8:53 66.37.18.104.in-addr.arpa udp
US 8.8.8.8:53 203.6.22.104.in-addr.arpa udp
US 8.8.8.8:53 132.129.101.151.in-addr.arpa udp
US 8.8.8.8:53 api.grow.me udp
US 104.18.20.97:443 cdn.confiant-integrations.net udp
NL 142.250.102.154:443 stats.g.doubleclick.net udp
US 8.8.8.8:53 ad-delivery.net udp
US 151.101.194.49:443 api.grow.me tcp
US 151.101.194.49:443 api.grow.me tcp
US 151.101.194.49:443 api.grow.me tcp
US 8.8.8.8:53 ad-delivery.net udp
US 8.8.8.8:53 ad-delivery.net udp
NL 172.217.168.195:443 www.google.co.uk udp
US 104.26.2.70:443 ad-delivery.net tcp
US 104.26.2.70:443 ad-delivery.net tcp
US 8.8.8.8:53 api.btloader.com udp
US 130.211.23.194:443 api.btloader.com tcp
US 8.8.8.8:53 api.btloader.com udp
US 8.8.8.8:53 api.btloader.com udp
US 130.211.23.194:443 api.btloader.com tcp
US 130.211.23.194:443 api.btloader.com udp
US 8.8.8.8:53 imp-dev.pubnation.com udp
US 151.101.1.132:443 imp-dev.pubnation.com tcp
US 8.8.8.8:53 api.rlcdn.com udp
US 8.8.8.8:53 match.adsrvr.org udp
US 8.8.8.8:53 gum.criteo.com udp
US 8.8.8.8:53 id5-sync.com udp
US 8.8.8.8:53 sda.fyi udp
US 8.8.8.8:53 exchange.mediavine.com udp
US 8.8.8.8:53 gum.nl3.vip.prod.criteo.com udp
US 8.8.8.8:53 api.rlcdn.com udp
US 172.67.164.44:443 sda.fyi tcp
US 8.8.8.8:53 sda.fyi udp
US 8.8.8.8:53 49.2.101.151.in-addr.arpa udp
US 8.8.8.8:53 97.20.18.104.in-addr.arpa udp
US 8.8.8.8:53 7.1.101.151.in-addr.arpa udp
DE 52.59.107.218:443 exchange.mediavine.com tcp
US 8.8.8.8:53 49.194.101.151.in-addr.arpa udp
US 8.8.8.8:53 216.74.22.104.in-addr.arpa udp
US 8.8.8.8:53 70.2.26.104.in-addr.arpa udp
US 8.8.8.8:53 134.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 194.23.211.130.in-addr.arpa udp
US 8.8.8.8:53 132.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 c.amazon-adsystem.com udp
US 8.8.8.8:53 gum.nl3.vip.prod.criteo.com udp
US 8.8.8.8:53 sb.scorecardresearch.com udp
US 8.8.8.8:53 oa.openxcdn.net udp
US 8.8.8.8:53 pghub.io udp
US 8.8.8.8:53 cdn.opecloud.com udp
US 8.8.8.8:53 api.rlcdn.com udp
US 8.8.8.8:53 sda.fyi udp
US 8.8.8.8:53 d1ykf07e75w7ss.cloudfront.net udp
US 8.8.8.8:53 oa.openxcdn.net udp
US 8.8.8.8:53 pghub.io udp
US 8.8.8.8:53 sb.scorecardresearch.com udp
US 8.8.8.8:53 exchange.mediavine.com udp
US 8.8.8.8:53 dta23xhexutk5.cloudfront.net udp
US 8.8.8.8:53 d1ykf07e75w7ss.cloudfront.net udp
US 8.8.8.8:53 oa.openxcdn.net udp
US 8.8.8.8:53 pghub.io udp
US 8.8.8.8:53 dta23xhexutk5.cloudfront.net udp
US 172.67.164.44:443 sda.fyi udp
US 34.120.133.55:443 api.rlcdn.com tcp
US 35.71.131.137:443 match.adsrvr.org tcp
NL 178.250.1.11:443 gum.nl3.vip.prod.criteo.com tcp
DE 162.19.138.83:443 lb.eu-1-id5-sync.com tcp
US 104.22.53.86:443 cdn.id5-sync.com tcp
BE 18.239.212.129:443 d1ykf07e75w7ss.cloudfront.net tcp
BE 18.239.208.99:443 sb.scorecardresearch.com tcp
US 34.102.146.192:443 oa.openxcdn.net tcp
US 35.241.45.217:443 pghub.io tcp
GB 99.86.114.12:443 cdn.opecloud.com tcp
NL 178.250.1.11:443 gum.nl3.vip.prod.criteo.com tcp
US 35.241.45.217:443 pghub.io udp
US 34.102.146.192:443 oa.openxcdn.net udp
US 34.120.133.55:443 api.rlcdn.com udp
DE 18.157.243.145:443 exchange.pubnation.com tcp
US 8.8.8.8:53 htlb.casalemedia.com udp
US 8.8.8.8:53 hbopenbid.pubmatic.com udp
US 8.8.8.8:53 prebid-server.rubiconproject.com udp
US 8.8.8.8:53 fastlane.rubiconproject.com udp
US 8.8.8.8:53 tlx.3lift.com udp
US 8.8.8.8:53 htlb.casalemedia.com udp
US 8.8.8.8:53 eu-tlx.3lift.com udp
US 8.8.8.8:53 prebid-server-perf-eu.rubiconproject.net.akadns.net udp
US 8.8.8.8:53 hbopenbid-ams.pubmnet.com udp
US 8.8.8.8:53 tagged-by.rubiconproject.net.akadns.net udp
US 8.8.8.8:53 static.criteo.net udp
US 8.8.8.8:53 cdn-ima.33across.com udp
US 8.8.8.8:53 htlb.casalemedia.com udp
US 8.8.8.8:53 eu-tlx.3lift.com udp
US 8.8.8.8:53 prebid-server-perf-eu.rubiconproject.net.akadns.net udp
US 8.8.8.8:53 some.growplow.events udp
US 8.8.8.8:53 static.nl3.vip.prod.criteo.net udp
US 8.8.8.8:53 hbopenbid-ams.pubmnet.com udp
US 8.8.8.8:53 tagged-by.rubiconproject.net.akadns.net udp
US 8.8.8.8:53 cdn-ima.33across.com.cdn.cloudflare.net udp
US 104.21.40.41:443 some.growplow.events tcp
US 104.21.40.41:443 some.growplow.events tcp
US 104.21.40.41:443 some.growplow.events tcp
US 8.8.8.8:53 some.growplow.events udp
US 104.21.40.41:443 some.growplow.events tcp
US 8.8.8.8:53 static.nl3.vip.prod.criteo.net udp
US 8.8.8.8:53 cdn-ima.33across.com.cdn.cloudflare.net udp
US 8.8.8.8:53 some.growplow.events udp
US 8.8.8.8:53 dnacdn.net udp
FR 178.250.7.13:443 dnacdn.net tcp
US 8.8.8.8:53 dnacdn.net udp
US 8.8.8.8:53 ads.pubmatic.com udp
US 8.8.8.8:53 secure.adnxs.com udp
US 8.8.8.8:53 acdn.adnxs.com udp
US 34.98.64.218:443 us-u.openx.net tcp
US 8.8.8.8:53 u.openx.net udp
US 104.21.40.41:443 some.growplow.events udp
US 151.101.1.108:443 acdn.adnxs.com tcp
GB 2.18.108.192:443 ads.pubmatic.com tcp
US 8.8.8.8:53 prod.appnexus.map.fastly.net udp
US 8.8.8.8:53 secure-assets.rubiconproject.com udp
US 8.8.8.8:53 e6603.g.akamaiedge.net udp
US 8.8.8.8:53 ib.anycast.adnxs.com udp
US 8.8.8.8:53 rtb.gumgum.com udp
US 8.8.8.8:53 ads.yieldmo.com udp
US 8.8.8.8:53 eu-eb2.3lift.com udp
US 8.8.8.8:53 x.bidswitch.net udp
US 8.8.8.8:53 prod.appnexus.map.fastly.net udp
US 8.8.8.8:53 ups.analytics.yahoo.com udp
US 8.8.8.8:53 ib.anycast.adnxs.com udp
GB 2.22.101.110:443 secure-assets.rubiconproject.com tcp
US 8.8.8.8:53 e8960.e2.akamaiedge.net udp
IE 54.76.183.106:443 rtb.gumgum.com tcp
US 8.8.8.8:53 rtb.gumgum.com udp
US 34.98.64.218:443 us-u.openx.net udp
US 8.8.8.8:53 e8960.e2.akamaiedge.net udp
US 8.8.8.8:53 rtb.gumgum.com udp
US 8.8.8.8:53 user-data-eu.bidswitch.net udp
IE 52.212.132.56:443 ads.yieldmo.com tcp
US 8.8.8.8:53 rw-yieldmo-com-tf-362867385.eu-west-1.elb.amazonaws.com udp
US 8.8.8.8:53 ats-eks.eu-central-1.dcs-online-targeting-prd.aws.oath.cloud udp
US 8.8.8.8:53 ice.360yield.com udp
US 76.223.111.18:443 eu-eb2.3lift.com tcp
US 8.8.8.8:53 e6603.g.akamaiedge.net udp
US 8.8.8.8:53 eu-eb2.3lift.com udp
US 8.8.8.8:53 ssum-sec.casalemedia.com udp
US 8.8.8.8:53 user-data-eu.bidswitch.net udp
US 104.18.36.155:443 ssum-sec.casalemedia.com tcp
US 8.8.8.8:53 euw-ice.360yield.com udp
US 8.8.8.8:53 eu-eb2.3lift.com udp
US 8.8.8.8:53 ats-eks.eu-central-1.dcs-online-targeting-prd.aws.oath.cloud udp
US 8.8.8.8:53 rw-yieldmo-com-tf-362867385.eu-west-1.elb.amazonaws.com udp
US 8.8.8.8:53 contextual.media.net udp
US 8.8.8.8:53 ssum-sec.casalemedia.com udp
US 8.8.8.8:53 euw-ice.360yield.com udp
GB 95.100.244.20:443 contextual.media.net tcp
US 8.8.8.8:53 44.164.67.172.in-addr.arpa udp
US 8.8.8.8:53 contextual.media.net udp
US 8.8.8.8:53 218.107.59.52.in-addr.arpa udp
US 8.8.8.8:53 55.133.120.34.in-addr.arpa udp
US 8.8.8.8:53 217.45.241.35.in-addr.arpa udp
US 8.8.8.8:53 192.146.102.34.in-addr.arpa udp
US 8.8.8.8:53 12.114.86.99.in-addr.arpa udp
US 8.8.8.8:53 11.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 99.208.239.18.in-addr.arpa udp
US 8.8.8.8:53 41.40.21.104.in-addr.arpa udp
US 8.8.8.8:53 13.7.250.178.in-addr.arpa udp
US 8.8.8.8:53 108.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 106.183.76.54.in-addr.arpa udp
US 8.8.8.8:53 18.111.223.76.in-addr.arpa udp
US 8.8.8.8:53 56.132.212.52.in-addr.arpa udp
US 8.8.8.8:53 155.36.18.104.in-addr.arpa udp
US 104.18.36.155:443 ssum-sec.casalemedia.com udp
US 8.8.8.8:53 crb.kargo.com udp
US 8.8.8.8:53 contextual.media.net udp
US 8.8.8.8:53 crb.kargo.com udp
GB 95.100.244.20:443 contextual.media.net udp
US 8.8.8.8:53 config.aps.amazon-adsystem.com udp
US 8.8.8.8:53 crb.kargo.com udp
US 8.8.8.8:53 config.aps.amazon-adsystem.com udp
US 8.8.8.8:53 config.aps.amazon-adsystem.com udp
US 8.8.8.8:53 aax.amazon-adsystem.com udp
US 8.8.8.8:53 eus.rubiconproject.com udp
US 8.8.8.8:53 us-u.openx.net udp
US 8.8.8.8:53 sync.srv.stackadapt.com udp
GB 95.100.245.251:443 eus.rubiconproject.com tcp
US 8.8.8.8:53 e8960.b.akamaiedge.net udp
US 8.8.8.8:53 pr-bh.ybp.yahoo.com udp
US 8.8.8.8:53 sync.srv.stackadapt.com udp
BE 18.239.207.196:443 aax.amazon-adsystem.com tcp
US 8.8.8.8:53 e8960.b.akamaiedge.net udp
US 8.8.8.8:53 sync.srv.stackadapt.com udp
US 8.8.8.8:53 d1jvc9b8z3vcjs.cloudfront.net udp
US 8.8.8.8:53 us-u.openx.net udp
US 8.8.8.8:53 ds-pr-bh.ybp.gysm.yahoodns.net udp
US 8.8.8.8:53 d1jvc9b8z3vcjs.cloudfront.net udp
US 8.8.8.8:53 ds-pr-bh.ybp.gysm.yahoodns.net udp
US 8.8.8.8:53 sync.ipredictive.com udp
US 8.8.8.8:53 sync.ipredictive.com udp
US 8.8.8.8:53 match.deepintent.com udp
US 172.64.151.101:443 ssum-sec.casalemedia.com tcp
US 172.64.151.101:443 ssum-sec.casalemedia.com tcp
NL 185.64.189.112:443 hbopenbid-ams.pubmnet.com tcp
NL 69.173.156.150:443 prebid-server-perf-eu.rubiconproject.net.akadns.net tcp
NL 69.173.156.139:443 tagged-by.rubiconproject.net.akadns.net tcp
DE 18.157.230.4:443 eu-tlx.3lift.com tcp
NL 178.250.1.3:443 static.nl3.vip.prod.criteo.net tcp
US 104.18.35.167:443 cdn-ima.33across.com.cdn.cloudflare.net tcp
NL 185.89.210.212:443 secure.adnxs.com tcp
NL 35.214.149.91:443 user-data-eu.bidswitch.net tcp
GB 52.84.90.40:443 config.aps.amazon-adsystem.com tcp
NL 35.214.149.91:443 user-data-eu.bidswitch.net tcp
DE 3.75.62.37:443 ats-eks.eu-central-1.dcs-online-targeting-prd.aws.oath.cloud tcp
US 8.8.8.8:53 b1sync.zemanta.com udp
US 8.8.8.8:53 sync.ipredictive.com udp
US 8.8.8.8:53 m.deepintent.com udp
IE 52.49.83.113:443 ice.360yield.com tcp
DE 3.126.77.184:443 crb.kargo.com tcp
US 8.8.8.8:53 m.deepintent.com udp
US 172.64.151.101:443 ssum-sec.casalemedia.com udp
US 8.8.8.8:53 nydc1.outbrain.org udp
NL 178.250.1.3:443 static.nl3.vip.prod.criteo.net tcp
US 8.8.8.8:53 nydc1.outbrain.org udp
US 8.8.8.8:53 am1-direct-bgp.contextweb.com udp
US 8.8.8.8:53 20.244.100.95.in-addr.arpa udp
US 8.8.8.8:53 196.207.239.18.in-addr.arpa udp
US 8.8.8.8:53 101.151.64.172.in-addr.arpa udp
US 8.8.8.8:53 112.189.64.185.in-addr.arpa udp
US 8.8.8.8:53 150.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 139.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 40.90.84.52.in-addr.arpa udp
US 8.8.8.8:53 167.35.18.104.in-addr.arpa udp
US 8.8.8.8:53 4.230.157.18.in-addr.arpa udp
US 8.8.8.8:53 212.210.89.185.in-addr.arpa udp
US 8.8.8.8:53 91.149.214.35.in-addr.arpa udp
US 8.8.8.8:53 113.83.49.52.in-addr.arpa udp
US 8.8.8.8:53 184.77.126.3.in-addr.arpa udp
US 8.8.8.8:53 ssbsync.smartadserver.com udp
US 8.8.8.8:53 c1.adform.net udp
NL 216.58.214.2:443 cm.g.doubleclick.net tcp
US 8.8.8.8:53 cm.g.doubleclick.net udp
US 8.8.8.8:53 tg.socdm.com udp
US 8.8.8.8:53 creativecdn.com udp
US 8.8.8.8:53 ib.adnxs.com udp
US 8.8.8.8:53 secure.cdn.fastclick.net udp
US 8.8.8.8:53 pdmp.dcapi.dmp.3lift.com udp
US 8.8.8.8:53 ssbsync-euw1.smartadserver.com udp
NL 185.184.8.90:443 creativecdn.com tcp
US 8.8.8.8:53 creativecdn.com udp
US 34.98.64.218:443 us-u.openx.net tcp
US 54.209.10.139:443 sync.srv.stackadapt.com tcp
IE 52.49.46.13:443 pr-bh.ybp.yahoo.com tcp
US 52.55.220.128:443 sync.ipredictive.com tcp
US 169.197.150.8:443 m.deepintent.com tcp
US 64.202.112.63:443 b1sync.zemanta.com tcp
NL 208.93.169.131:443 am1-direct-bgp.contextweb.com tcp
NL 89.149.193.117:443 ssbsync-euw1.smartadserver.com tcp
US 34.98.64.218:443 us-u.openx.net udp
US 8.8.8.8:53 pdmp.papi-public.eu-central-1.dmp.3lift.com udp
US 8.8.8.8:53 creativecdn.com udp
JP 124.146.153.169:443 tg.socdm.com tcp
US 8.8.8.8:53 pdmp.dcapi.dmp.3lift.com udp
US 8.8.8.8:53 ssbsync-euw1.smartadserver.com udp
US 8.8.8.8:53 tg.dr.socdm.com udp
DE 37.252.171.149:443 ib.adnxs.com tcp
DK 37.157.2.229:443 c1.adform.net tcp
US 8.8.8.8:53 e4536.g.akamaiedge.net udp
US 8.8.8.8:53 track.adformnet.akadns.net udp
NL 216.58.214.2:443 cm.g.doubleclick.net udp
US 8.8.8.8:53 track.adformnet.akadns.net udp
US 8.8.8.8:53 pdmp.dcapi.dmp.3lift.com udp
US 8.8.8.8:53 pdmp.papi-public.eu-central-1.dmp.3lift.com udp
US 8.8.8.8:53 tg.dr.socdm.com udp
US 8.8.8.8:53 e4536.g.akamaiedge.net udp
US 8.8.8.8:53 oajs.openx.net udp
US 8.8.8.8:53 oajs.openx.net udp
US 8.8.8.8:53 lb.eu-1-id5-sync.com udp
US 8.8.8.8:53 lexicon.33across.com udp
GB 95.100.245.251:443 e8960.b.akamaiedge.net tcp
US 8.8.8.8:53 usersync.gumgum.com udp
US 8.8.8.8:53 oajs.openx.net udp
US 35.244.193.51:443 lexicon.33across.com tcp
US 8.8.8.8:53 lexicon.33across.com udp
US 8.8.8.8:53 usersync.gumgum.com udp
IE 34.247.205.196:443 usersync.gumgum.com tcp
US 8.8.8.8:53 lexicon.33across.com udp
JP 124.146.153.169:443 tg.dr.socdm.com tcp
US 8.8.8.8:53 usersync.gumgum.com udp
IE 34.247.205.196:443 usersync.gumgum.com tcp
US 35.244.193.51:443 lexicon.33across.com udp
US 8.8.8.8:53 3.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 90.8.184.185.in-addr.arpa udp
US 8.8.8.8:53 117.193.149.89.in-addr.arpa udp
US 8.8.8.8:53 13.46.49.52.in-addr.arpa udp
US 8.8.8.8:53 63.112.202.64.in-addr.arpa udp
US 8.8.8.8:53 8.150.197.169.in-addr.arpa udp
US 8.8.8.8:53 139.10.209.54.in-addr.arpa udp
US 8.8.8.8:53 128.220.55.52.in-addr.arpa udp
US 8.8.8.8:53 229.2.157.37.in-addr.arpa udp
US 8.8.8.8:53 51.193.244.35.in-addr.arpa udp
US 8.8.8.8:53 196.205.247.34.in-addr.arpa udp
US 8.8.8.8:53 169.153.146.124.in-addr.arpa udp
NL 69.173.156.149:443 pixel.rubiconproject.net.akadns.net tcp
US 8.8.8.8:53 pixel.rubiconproject.net.akadns.net udp
US 104.26.15.13:443 cdn.windowsreport.com udp
US 8.8.8.8:53 qvdt3feo.com udp
US 8.8.8.8:53 428996ac223f0fcc64412ae6de1d4118.safeframe.googlesyndication.com udp
US 8.8.8.8:53 qvdt3feo.com udp
US 34.238.78.132:443 qvdt3feo.com tcp
NL 142.250.179.193:443 428996ac223f0fcc64412ae6de1d4118.safeframe.googlesyndication.com tcp
US 8.8.8.8:53 qvdt3feo.com udp
NL 142.250.179.193:443 428996ac223f0fcc64412ae6de1d4118.safeframe.googlesyndication.com udp
GB 23.49.161.153:443 e4536.g.akamaiedge.net tcp
US 44.195.132.85:443 pdmp.dcapi.dmp.3lift.com tcp
DE 3.122.42.63:443 pdmp.papi-public.eu-central-1.dmp.3lift.com tcp
US 34.120.135.53:443 oajs.openx.net tcp
US 172.64.151.101:443 ssum-sec.casalemedia.com udp
DE 162.19.138.117:443 lb.eu-1-id5-sync.com tcp
US 34.120.135.53:443 oajs.openx.net tcp
NL 142.251.39.97:443 tpc.googlesyndication.com tcp
US 34.120.135.53:443 oajs.openx.net udp
US 8.8.8.8:53 132.78.238.34.in-addr.arpa udp
US 8.8.8.8:53 53.135.120.34.in-addr.arpa udp
US 8.8.8.8:53 63.42.122.3.in-addr.arpa udp
US 8.8.8.8:53 85.132.195.44.in-addr.arpa udp
US 8.8.8.8:53 ag.gbc.criteo.com udp
US 8.8.8.8:53 gem.gbc.criteo.com udp
US 8.8.8.8:53 google-bidout-d.openx.net udp
US 8.8.8.8:53 gbc8.fr3.eu.criteo.com udp
FR 185.235.86.246:443 gbc8.fr3.eu.criteo.com tcp
NL 185.235.87.200:443 ag.gbc.criteo.com tcp
US 8.8.8.8:53 gbc7.nl3.eu.criteo.com udp
US 8.8.8.8:53 gbc8.fr3.eu.criteo.com udp
US 8.8.8.8:53 gbc7.nl3.eu.criteo.com udp
US 34.98.64.218:443 google-bidout-d.openx.net tcp
US 8.8.8.8:53 google-bidout-d.openx.net udp
US 34.98.64.218:443 google-bidout-d.openx.net udp
US 8.8.8.8:53 google-bidout-d.openx.net udp
FR 185.235.86.246:443 gbc8.fr3.eu.criteo.com tcp
NL 185.235.87.200:443 gbc7.nl3.eu.criteo.com tcp
US 8.8.8.8:53 id5-sync.com udp
NL 142.251.39.97:443 tpc.googlesyndication.com udp
NL 142.250.179.129:443 cdn-content.ampproject.org tcp
NL 142.250.179.129:443 cdn-content.ampproject.org tcp
NL 142.250.179.129:443 cdn-content.ampproject.org tcp
NL 142.250.179.129:443 cdn-content.ampproject.org tcp
NL 142.250.179.129:443 cdn-content.ampproject.org tcp
NL 142.250.179.129:443 cdn-content.ampproject.org tcp
NL 142.250.179.196:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
NL 142.250.179.129:443 cdn-content.ampproject.org udp
US 8.8.8.8:53 www.google.com udp
NL 142.250.179.196:443 www.google.com udp
US 8.8.8.8:53 eb2.3lift.com udp
US 76.223.111.18:443 eb2.3lift.com tcp
US 8.8.8.8:53 eu-eb2.3lift.com udp
US 8.8.8.8:53 res.cloudinary.com udp
US 8.8.8.8:53 resc.cloudinary.com.cdn.cloudflare.net udp
US 104.17.202.1:443 resc.cloudinary.com.cdn.cloudflare.net tcp
US 104.17.202.1:443 resc.cloudinary.com.cdn.cloudflare.net tcp
US 8.8.8.8:53 resc.cloudinary.com.cdn.cloudflare.net udp
US 8.8.8.8:53 1.202.17.104.in-addr.arpa udp
US 104.26.15.13:443 cdn.windowsreport.com udp
US 172.64.151.101:443 ssum-sec.casalemedia.com udp
US 8.8.8.8:53 htlb.casalemedia.com udp
US 8.8.8.8:53 htlb.casalemedia.com udp
US 104.26.15.13:443 cdn.windowsreport.com udp
US 172.64.151.101:443 htlb.casalemedia.com udp
NL 185.235.87.207:443 gbc7.nl3.eu.criteo.com tcp
FR 185.235.86.235:443 gbc8.fr3.eu.criteo.com tcp
FR 185.235.86.235:443 gbc8.fr3.eu.criteo.com tcp
NL 185.235.87.207:443 gbc7.nl3.eu.criteo.com tcp
US 172.64.151.101:443 htlb.casalemedia.com udp
NL 69.173.156.139:443 tagged-by.rubiconproject.net.akadns.net tcp
US 8.8.8.8:53 eu-tlx.3lift.com udp
US 8.8.8.8:53 eu-tlx.3lift.com udp
US 172.64.151.101:443 htlb.casalemedia.com udp
NL 69.173.156.150:443 prebid-server-perf-eu.rubiconproject.net.akadns.net tcp
US 8.8.8.8:53 imp-dev.pubnation.com udp
US 8.8.8.8:53 a2.shared.global.fastly.net udp
US 8.8.8.8:53 a2.shared.global.fastly.net udp
US 172.64.151.101:443 htlb.casalemedia.com udp
US 104.26.15.13:443 cdn.windowsreport.com udp
US 172.64.151.101:443 htlb.casalemedia.com udp
US 104.26.15.13:443 cdn.windowsreport.com udp
NL 185.235.87.199:443 gbc7.nl3.eu.criteo.com tcp
FR 185.235.86.239:443 gbc8.fr3.eu.criteo.com tcp
FR 185.235.86.239:443 gbc8.fr3.eu.criteo.com tcp
NL 185.235.87.199:443 gbc7.nl3.eu.criteo.com tcp
IE 52.142.124.215:443 duckduckgo.com tcp
US 8.8.8.8:53 duckduckgo.com udp
US 216.239.34.36:443 region1.analytics.google.com udp
US 104.21.40.41:443 some.growplow.events udp
US 104.21.40.41:443 some.growplow.events udp
US 8.8.8.8:53 csm.nl3.eu.criteo.net udp
US 8.8.8.8:53 csm.nl3.vip.prod.criteo.net udp
US 8.8.8.8:53 csm.nl3.vip.prod.criteo.net udp
NL 178.250.1.25:443 csm.nl3.vip.prod.criteo.net tcp
US 8.8.8.8:53 25.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 www.dllme.com udp
US 172.67.68.242:443 www.dllme.com tcp
US 8.8.8.8:53 www.dllme.com udp
US 172.67.68.242:443 www.dllme.com tcp
US 8.8.8.8:53 www.dllme.com udp
US 8.8.8.8:53 242.68.67.172.in-addr.arpa udp
US 216.239.34.36:443 region1.analytics.google.com tcp
NL 172.217.168.195:443 www.google.co.uk tcp
US 216.239.34.36:443 region1.analytics.google.com tcp
US 216.239.34.36:443 region1.analytics.google.com udp
NL 172.217.168.195:443 www.google.co.uk udp
NL 142.250.102.154:443 stats.g.doubleclick.net tcp
NL 142.250.102.154:443 stats.g.doubleclick.net udp
NL 142.250.179.174:443 www3.l.google.com tcp
NL 142.250.179.174:443 www3.l.google.com udp
NL 142.251.39.97:443 tpc.googlesyndication.com tcp
NL 142.251.39.97:443 tpc.googlesyndication.com tcp
NL 142.251.39.97:443 tpc.googlesyndication.com udp
NL 172.217.168.195:443 www.google.co.uk tcp
NL 142.250.179.174:443 www3.l.google.com tcp
NL 142.251.39.97:443 tpc.googlesyndication.com tcp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 js.hcaptcha.com udp
US 104.19.229.21:443 js.hcaptcha.com tcp
US 8.8.8.8:53 js.hcaptcha.com udp
US 8.8.8.8:53 21.229.19.104.in-addr.arpa udp
US 104.19.229.21:443 js.hcaptcha.com udp
US 8.8.8.8:53 newassets.hcaptcha.com udp
US 104.19.229.21:443 newassets.hcaptcha.com tcp
US 8.8.8.8:53 newassets.hcaptcha.com udp
US 104.19.229.21:443 newassets.hcaptcha.com tcp
US 8.8.8.8:53 newassets.hcaptcha.com udp
US 104.19.229.21:443 newassets.hcaptcha.com udp
US 8.8.8.8:53 api.hcaptcha.com udp
US 104.19.230.21:443 api.hcaptcha.com tcp
US 8.8.8.8:53 api.hcaptcha.com udp
US 8.8.8.8:53 api.hcaptcha.com udp
US 104.19.230.21:443 api.hcaptcha.com udp
US 8.8.8.8:53 21.230.19.104.in-addr.arpa udp
US 104.19.229.21:443 api.hcaptcha.com udp
US 8.8.8.8:53 imgs3.hcaptcha.com udp
US 104.19.229.21:443 imgs3.hcaptcha.com tcp
US 8.8.8.8:53 imgs3.hcaptcha.com udp
US 8.8.8.8:53 imgs3.hcaptcha.com udp
US 104.19.229.21:443 imgs3.hcaptcha.com tcp
US 104.19.229.21:443 imgs3.hcaptcha.com udp
US 104.19.229.21:443 imgs3.hcaptcha.com udp
US 104.19.230.21:443 imgs3.hcaptcha.com udp
US 8.8.8.8:53 api.hcaptcha.com udp
US 8.8.8.8:53 challenges.cloudflare.com udp
US 104.18.95.41:443 challenges.cloudflare.com tcp
US 8.8.8.8:53 challenges.cloudflare.com udp
US 8.8.8.8:53 challenges.cloudflare.com udp
US 104.18.95.41:443 challenges.cloudflare.com udp
US 8.8.8.8:53 41.95.18.104.in-addr.arpa udp
NL 142.250.179.174:443 www3.l.google.com udp
NL 172.217.168.195:443 www.google.co.uk udp
NL 142.251.39.97:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 123.10.44.20.in-addr.arpa udp
NL 142.250.179.196:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
NL 142.250.179.196:443 www.google.com udp
US 8.8.8.8:53 duckduckgo.com udp
US 8.8.8.8:53 duckduckgo.com udp
IE 52.142.124.215:443 duckduckgo.com tcp
US 8.8.8.8:53 improving.duckduckgo.com udp
US 8.8.8.8:53 external-content.duckduckgo.com udp
IE 52.142.125.222:443 external-content.duckduckgo.com tcp
US 8.8.8.8:53 external-content.duckduckgo.com udp
US 8.8.8.8:53 links.duckduckgo.com udp
US 8.8.8.8:53 external-content.duckduckgo.com udp
IE 20.223.54.233:443 links.duckduckgo.com tcp
US 8.8.8.8:53 links.duckduckgo.com udp
US 8.8.8.8:53 fundingchoicesmessages.google.com udp
US 8.8.8.8:53 www3.l.google.com udp
US 8.8.8.8:53 www3.l.google.com udp
US 8.8.8.8:53 www.google.co.uk udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 216.239.34.36:443 region1.analytics.google.com udp
NL 172.217.168.195:443 www.google.co.uk udp
US 8.8.8.8:53 www.google.co.uk udp
NL 142.250.179.174:443 www3.l.google.com udp
US 8.8.8.8:53 2.36.251.142.in-addr.arpa udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
NL 142.251.39.97:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
US 104.19.229.21:443 imgs3.hcaptcha.com udp
US 104.19.229.21:443 imgs3.hcaptcha.com udp
US 104.19.230.21:443 imgs3.hcaptcha.com udp
US 8.8.8.8:53 api.hcaptcha.com udp
US 104.19.229.21:443 imgs3.hcaptcha.com udp
US 8.8.8.8:53 api.hcaptcha.com udp
NL 172.217.168.195:443 www.google.co.uk udp
US 216.239.34.36:443 region1.analytics.google.com udp
NL 142.250.179.174:443 www3.l.google.com udp
NL 142.250.179.174:443 www3.l.google.com tcp
NL 142.250.179.174:443 www3.l.google.com tcp
US 8.8.8.8:53 fundingchoicesmessages.google.com udp
NL 142.251.39.97:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 fundingchoicesmessages.google.com udp
NL 142.250.179.174:443 fundingchoicesmessages.google.com tcp
US 8.8.8.8:53 csi.gstatic.com udp
DE 142.250.184.227:443 csi.gstatic.com tcp
US 8.8.8.8:53 csi.gstatic.com udp
US 8.8.8.8:53 csi.gstatic.com udp
DE 142.250.184.227:443 csi.gstatic.com udp
US 8.8.8.8:53 227.184.250.142.in-addr.arpa udp
US 104.19.229.21:443 imgs3.hcaptcha.com udp
US 104.19.229.21:443 imgs3.hcaptcha.com udp
US 8.8.8.8:53 api2.hcaptcha.com udp
US 104.19.230.21:443 api2.hcaptcha.com tcp
US 8.8.8.8:53 api2.hcaptcha.com udp
US 8.8.8.8:53 api2.hcaptcha.com udp
US 104.19.230.21:443 api2.hcaptcha.com udp
US 104.19.230.21:443 api2.hcaptcha.com udp
US 8.8.8.8:53 api.hcaptcha.com udp
US 104.19.230.21:443 api2.hcaptcha.com udp
US 104.19.230.21:443 api2.hcaptcha.com tcp
US 104.19.230.21:443 api2.hcaptcha.com tcp
US 104.19.229.21:443 api2.hcaptcha.com udp
US 104.19.229.21:443 api2.hcaptcha.com udp
US 8.8.8.8:53 api.hcaptcha.com udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 www.mozilla.org udp
BE 18.239.207.155:443 www.mozilla.org tcp
US 8.8.8.8:53 www.mozorg.moz.works udp
US 8.8.8.8:53 www.mozorg.moz.works udp
US 8.8.8.8:53 155.207.239.18.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
NL 142.250.179.196:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
NL 142.250.179.196:443 www.google.com udp
US 8.8.8.8:53 duckduckgo.com udp
IE 52.142.124.215:443 duckduckgo.com tcp
US 8.8.8.8:53 duckduckgo.com udp
US 8.8.8.8:53 external-content.duckduckgo.com udp
IE 52.142.125.222:443 external-content.duckduckgo.com tcp
US 8.8.8.8:53 external-content.duckduckgo.com udp
US 8.8.8.8:53 duckduckgo.com udp
US 8.8.8.8:53 links.duckduckgo.com udp
US 8.8.8.8:53 external-content.duckduckgo.com udp
IE 20.223.54.233:443 links.duckduckgo.com tcp
US 8.8.8.8:53 links.duckduckgo.com udp
IE 20.223.54.233:443 links.duckduckgo.com tcp
US 8.8.8.8:53 learn.microsoft.com udp
GB 95.100.246.21:443 learn.microsoft.com tcp
US 8.8.8.8:53 e13636.dscb.akamaiedge.net udp
GB 95.100.246.21:443 e13636.dscb.akamaiedge.net tcp
US 8.8.8.8:53 e13636.dscb.akamaiedge.net udp
US 8.8.8.8:53 21.246.100.95.in-addr.arpa udp
GB 95.100.246.21:443 e13636.dscb.akamaiedge.net tcp
US 8.8.8.8:53 wcpstatic.microsoft.com udp
US 8.8.8.8:53 js.monitor.azure.com udp
US 13.107.246.64:443 js.monitor.azure.com tcp
US 8.8.8.8:53 s-part-0036.t-0009.t-msedge.net udp
US 13.107.246.64:443 s-part-0036.t-0009.t-msedge.net tcp
US 8.8.8.8:53 s-part-0036.t-0009.t-msedge.net udp
US 8.8.8.8:53 64.246.107.13.in-addr.arpa udp
US 8.8.8.8:53 browser.events.data.microsoft.com udp
US 20.189.173.8:443 browser.events.data.microsoft.com tcp
US 20.189.173.8:443 browser.events.data.microsoft.com tcp
US 8.8.8.8:53 onedscolprdwus07.westus.cloudapp.azure.com udp
US 8.8.8.8:53 onedscolprdwus07.westus.cloudapp.azure.com udp
US 8.8.8.8:53 8.173.189.20.in-addr.arpa udp
US 8.8.8.8:53 browser.events.data.microsoft.com udp
US 8.8.8.8:53 onedscolprdcus21.centralus.cloudapp.azure.com udp
US 8.8.8.8:53 onedscolprdcus21.centralus.cloudapp.azure.com udp
US 8.8.8.8:53 aka.ms udp
GB 184.25.193.167:443 aka.ms tcp
US 8.8.8.8:53 aka.ms udp
US 8.8.8.8:53 aka.ms udp
GB 184.25.193.167:443 aka.ms tcp
US 8.8.8.8:53 download.visualstudio.microsoft.com udp
FR 68.232.34.200:443 download.visualstudio.microsoft.com tcp
US 8.8.8.8:53 cs10.wpc.v0cdn.net udp
US 8.8.8.8:53 cs10.wpc.v0cdn.net udp
US 8.8.8.8:53 167.193.25.184.in-addr.arpa udp
US 8.8.8.8:53 200.34.232.68.in-addr.arpa udp
US 8.8.8.8:53 onedscolprdcus21.centralus.cloudapp.azure.com udp
US 8.8.8.8:53 onedscolprdwus05.westus.cloudapp.azure.com udp
US 8.8.8.8:53 onedscolprdwus05.westus.cloudapp.azure.com udp
US 8.8.8.8:53 browser.events.data.microsoft.com udp
US 8.8.8.8:53 onedscolprdwus06.westus.cloudapp.azure.com udp
US 8.8.8.8:53 onedscolprdwus06.westus.cloudapp.azure.com udp
US 8.8.8.8:53 browser.events.data.microsoft.com udp
US 8.8.8.8:53 onedscolprdeus14.eastus.cloudapp.azure.com udp
US 8.8.8.8:53 onedscolprdeus14.eastus.cloudapp.azure.com udp
IE 52.142.124.215:443 duckduckgo.com tcp
IE 52.142.125.222:443 external-content.duckduckgo.com tcp
US 8.8.8.8:53 links.duckduckgo.com udp
IE 20.223.54.233:443 links.duckduckgo.com tcp
US 8.8.8.8:53 links.duckduckgo.com udp
US 8.8.8.8:53 www.dllme.com udp
US 8.8.8.8:53 www.dllme.com udp
US 8.8.8.8:53 www.dllme.com udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 216.239.34.36:443 region1.analytics.google.com udp
US 8.8.8.8:53 region1.analytics.google.com udp
NL 172.217.168.195:443 www.google.co.uk udp
US 8.8.8.8:53 www.google.co.uk udp
US 8.8.8.8:53 region1.analytics.google.com udp
NL 142.250.179.174:443 fundingchoicesmessages.google.com udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
NL 142.250.179.162:443 securepubads.g.doubleclick.net tcp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
NL 142.250.179.162:443 securepubads.g.doubleclick.net udp
DE 142.250.184.227:443 csi.gstatic.com udp
NL 142.251.39.97:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 js.hcaptcha.com udp
US 104.19.229.21:443 js.hcaptcha.com udp
US 8.8.8.8:53 js.hcaptcha.com udp
US 8.8.8.8:53 js.hcaptcha.com udp
US 8.8.8.8:53 newassets.hcaptcha.com udp
US 8.8.8.8:53 newassets.hcaptcha.com udp
US 104.19.229.21:443 newassets.hcaptcha.com udp
US 8.8.8.8:53 newassets.hcaptcha.com udp
US 8.8.8.8:53 api.hcaptcha.com udp
US 8.8.8.8:53 api.hcaptcha.com udp
US 104.19.230.21:443 api.hcaptcha.com udp
US 8.8.8.8:53 api.hcaptcha.com udp
US 104.19.230.21:443 api.hcaptcha.com udp
US 104.19.230.21:443 api.hcaptcha.com tcp
US 8.8.8.8:53 imgs3.hcaptcha.com udp
US 104.19.229.21:443 imgs3.hcaptcha.com udp
US 8.8.8.8:53 imgs3.hcaptcha.com udp
US 8.8.8.8:53 imgs3.hcaptcha.com udp
US 8.8.8.8:53 improving.duckduckgo.com udp
US 8.8.8.8:53 duckduckgo.com udp
IE 52.142.124.215:443 duckduckgo.com tcp
US 8.8.8.8:53 duckduckgo.com udp
US 8.8.8.8:53 stackoverflow.com udp
US 172.64.155.249:443 stackoverflow.com tcp
US 8.8.8.8:53 stackoverflow.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 code.jquery.com udp
US 8.8.8.8:53 cdn.sstatic.net udp
US 104.18.40.222:443 cdn.sstatic.net tcp
US 104.18.40.222:443 cdn.sstatic.net tcp
US 104.18.40.222:443 cdn.sstatic.net tcp
US 104.18.40.222:443 cdn.sstatic.net tcp
US 8.8.8.8:53 cdn.sstatic.net udp
US 104.18.40.222:443 cdn.sstatic.net tcp
NL 216.58.214.10:443 ajax.googleapis.com tcp
US 8.8.8.8:53 ajax.googleapis.com udp
US 151.101.130.137:443 code.jquery.com tcp
US 8.8.8.8:53 code.jquery.com udp
US 104.18.40.222:443 cdn.sstatic.net tcp
US 8.8.8.8:53 www.gravatar.com udp
US 8.8.8.8:53 i.sstatic.net udp
US 8.8.8.8:53 lh4.googleusercontent.com udp
US 8.8.8.8:53 lh3.googleusercontent.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 code.jquery.com udp
US 8.8.8.8:53 cdn.cookielaw.org udp
US 192.0.73.2:443 www.gravatar.com tcp
US 192.0.73.2:443 www.gravatar.com tcp
US 8.8.8.8:53 i.sstatic.net udp
US 8.8.8.8:53 googlehosted.l.googleusercontent.com udp
US 8.8.8.8:53 cdn.cookielaw.org udp
US 104.18.86.42:443 cdn.cookielaw.org tcp
NL 142.251.39.97:443 googlehosted.l.googleusercontent.com tcp
US 8.8.8.8:53 www.gravatar.com udp
US 8.8.8.8:53 googlehosted.l.googleusercontent.com udp
US 8.8.8.8:53 i.sstatic.net udp
US 8.8.8.8:53 cdn.cookielaw.org udp
NL 216.58.214.10:443 ajax.googleapis.com udp
US 192.0.73.2:443 www.gravatar.com udp
NL 142.251.39.97:443 googlehosted.l.googleusercontent.com tcp
US 104.18.41.33:443 i.sstatic.net tcp
US 104.18.41.33:443 i.sstatic.net tcp
US 104.18.41.33:443 i.sstatic.net tcp
US 104.18.41.33:443 i.sstatic.net tcp
US 104.18.41.33:443 i.sstatic.net tcp
US 104.18.41.33:443 i.sstatic.net tcp
NL 142.251.39.97:443 googlehosted.l.googleusercontent.com udp
US 104.18.86.42:443 cdn.cookielaw.org tcp
US 8.8.8.8:53 249.155.64.172.in-addr.arpa udp
US 8.8.8.8:53 222.40.18.104.in-addr.arpa udp
US 8.8.8.8:53 137.130.101.151.in-addr.arpa udp
US 8.8.8.8:53 2.73.0.192.in-addr.arpa udp
US 8.8.8.8:53 42.86.18.104.in-addr.arpa udp
US 8.8.8.8:53 33.41.18.104.in-addr.arpa udp
NL 142.251.39.97:443 googlehosted.l.googleusercontent.com udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.102.84:443 accounts.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 geolocation.onetrust.com udp
NL 142.250.102.84:443 accounts.google.com udp
US 104.18.29.127:443 geolocation.onetrust.com tcp
US 8.8.8.8:53 geolocation.onetrust.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.34.36:443 region1.google-analytics.com tcp
US 216.239.34.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 84.102.250.142.in-addr.arpa udp
US 8.8.8.8:53 127.29.18.104.in-addr.arpa udp
US 8.8.8.8:53 stackoverflow-privacy.my.onetrust.com udp
US 8.8.8.8:53 ee79e4075ae4320c02896ff24b895fe0.safeframe.googlesyndication.com udp
US 104.18.29.127:443 stackoverflow-privacy.my.onetrust.com tcp
US 104.18.29.127:443 stackoverflow-privacy.my.onetrust.com tcp
US 8.8.8.8:53 stackoverflow-privacy.my.onetrust.com udp
US 8.8.8.8:53 pagead-googlehosted.l.google.com udp
NL 142.250.179.193:443 pagead-googlehosted.l.google.com tcp
US 8.8.8.8:53 pagead-googlehosted.l.google.com udp
NL 142.250.179.193:443 pagead-googlehosted.l.google.com udp
NL 142.251.39.97:443 googlehosted.l.googleusercontent.com tcp
US 8.8.8.8:53 s0.2mdn.net udp
US 8.8.8.8:53 s0.2mdn.net udp
NL 142.251.39.97:443 googlehosted.l.googleusercontent.com udp
US 8.8.8.8:53 z.moatads.com udp
US 8.8.8.8:53 s0.2mdn.net udp
US 8.8.8.8:53 e13136.g.akamaiedge.net udp
US 8.8.8.8:53 e13136.g.akamaiedge.net udp
NL 142.251.36.6:443 s0.2mdn.net tcp
GB 2.18.109.123:443 e13136.g.akamaiedge.net tcp
NL 142.251.36.6:443 s0.2mdn.net tcp
GB 2.18.109.123:443 e13136.g.akamaiedge.net tcp
NL 142.251.36.6:443 s0.2mdn.net udp
US 8.8.8.8:53 mb.moatads.com udp
US 8.8.8.8:53 px.moatads.com udp
GB 132.226.214.62:443 mb.moatads.com tcp
US 8.8.8.8:53 nados-lb-lhr.moatads.com udp
GB 132.226.214.62:443 nados-lb-lhr.moatads.com tcp
GB 2.18.109.123:443 px.moatads.com tcp
GB 2.18.109.123:443 px.moatads.com tcp
US 8.8.8.8:53 nados-lb-lhr.moatads.com udp
US 8.8.8.8:53 123.109.18.2.in-addr.arpa udp
US 8.8.8.8:53 6.36.251.142.in-addr.arpa udp
US 8.8.8.8:53 62.214.226.132.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
NL 216.58.214.14:443 play.google.com tcp
NL 216.58.214.14:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
NL 216.58.214.14:443 play.google.com udp
US 8.8.8.8:53 14.214.58.216.in-addr.arpa udp
US 104.19.229.21:443 imgs3.hcaptcha.com udp
US 8.8.8.8:53 api.hcaptcha.com udp
US 104.19.230.21:443 imgs3.hcaptcha.com udp
US 104.19.230.21:443 imgs3.hcaptcha.com udp
NL 142.250.179.174:443 fundingchoicesmessages.google.com tcp
US 216.239.34.36:443 region1.google-analytics.com udp
NL 142.250.179.174:443 fundingchoicesmessages.google.com udp
NL 172.217.168.195:443 www.google.co.uk udp
NL 142.251.39.97:443 googlehosted.l.googleusercontent.com udp
US 8.8.8.8:53 e13136.g.akamaiedge.net udp
US 8.8.8.8:53 e13136.g.akamaiedge.net udp
US 8.8.8.8:53 px.moatads.com udp
US 8.8.8.8:53 e13136.g.akamaiedge.net udp
US 8.8.8.8:53 e13136.g.akamaiedge.net udp
US 8.8.8.8:53 98.39.251.142.in-addr.arpa udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
GB 184.26.57.221:443 e13136.g.akamaiedge.net tcp
US 8.8.8.8:53 px.moatads.com udp
US 8.8.8.8:53 e13136.g.akamaiedge.net udp
US 8.8.8.8:53 e13136.g.akamaiedge.net udp
US 8.8.8.8:53 221.57.26.184.in-addr.arpa udp

Files

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\datareporting\glean\pending_pings\aca5e9fc-3efa-4fe1-b8a3-f96ca6f6a54f

MD5 8940bc0f5611a0642880b57dd7eed721
SHA1 b4b16a1c27eda524a15bae81f87999b359c8b683
SHA256 1efe899886e5109bf06142318875f45b9fd72bd485cd7cf7daefca5e5089255f
SHA512 413edf337ae91aa55c6501f956d5b18fbfaa9875e8153b8d16de1ee0e9f3422cc74de80d87276cda2dffb8fc04a0673799d39a389e370909123ae3d80799ff30

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\datareporting\glean\pending_pings\3b90a3dc-7c57-4d1d-bdfa-1ca0aaf7f4e4

MD5 a3bb66fa9532bc2dfca855bbe0f545f5
SHA1 8f5c03b2ea21397092d0eb67b6901d1207a7d59d
SHA256 cb70794f048b27a825e1b7590a667f642e424402baa02afd7c49abb95d97459d
SHA512 1287a7efc0a6eff0f7a137261f608486d34d3de84dc9e89e8596bb6a1cb40c2574271079425244bdbbe70ae5f9a35660d306faf918c9516b62aab114d3167783

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\datareporting\glean\pending_pings\291fa70a-c69a-4fd5-8ce8-931e654c92de

MD5 39a3c3950acd3b448393557fa51a876b
SHA1 f23e9fb19d7c4c4a7388243b566a8d9da9469628
SHA256 6c88763fbe7484738b1ec99d58b3746d259fdf416c59e0aa04cb2faa3a1d25b5
SHA512 5af0dac9604fffe460bf69c223c8de648bcda407dd7f91825cc6e94b388af722c3ed8ac5a4a979a913a975f7abe8f2d7cbb7cec92d5fc46034743299ccc7c608

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\datareporting\glean\db\data.safe.tmp

MD5 4510c5ba9e80faafc73095015f3c9897
SHA1 0ebf116e035080a67dc53ee3a2f53cfd8c8d66fa
SHA256 917201174112aa13a73313b0c99c2ece8218e6f421fe0231426f56a61447ba03
SHA512 49b4f6e0be952b7553a12a461174a790fa0b2e7dd97b74729054c7e7978972985ff8d649f982dd92ed878d77b360467a03f4d92ad8a04c111cbae0006ac69f54

C:\Users\Admin\Downloads\lol.zltLcA7r.exe.part

MD5 12cba2756b81789edd8e4413724115a1
SHA1 f1439b494e6d14f2f188f35720ea98aa00166a58
SHA256 fcfbb2826e6a4000820fc0c13ec6ff1c91e5f61c713daeea8f8ec7c93842b6ef
SHA512 0d7bb0e1c4996a760203d9321248f3f2ad60f4e9ae84f4b4c5ce70e35a99d5fa09a43bc361bc181eea6c4d1d50b151262f1687a7a2aaa9e7e57c2689168dcd87

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\datareporting\glean\db\data.safe.tmp

MD5 706995b4ef7a81a1bf012b649a4dacb0
SHA1 7d48d0acde63b700d32fa0449ae0f3df9052a16c
SHA256 6a10fdac7327ee94700553660f4134aecf629984832a0622a8364677e4b156e6
SHA512 7da838dd3e22db9755f21de1e41848e62837c377de841a48517d3ad66904d95461ee0018cee92c84cce1f110c1419e1adecda74a8353dd63592c1591cbfe5bc2

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\activity-stream.discovery_stream.json

MD5 fba38696b939007fa8022ed0dbf6039e
SHA1 3b5626731d3a7570dcebd4e92fe0c87c659cd6c2
SHA256 982ec2d1069653faf0cad57b12aa35ea074d8ada111f0e2506bf902e856c0edb
SHA512 1795b58682b3d73fe52cb8e978f4bc5a60b3ed297d7ad498eb8ac7545aea523d84690d4c3b5e1baa4feda429f0fda6d83551cc2aa410a4a3aad92937a7a6e73a

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\prefs.js

MD5 b2e7aee8d22c4d8eb6ab3d75cb1ba0f3
SHA1 0b55c9ec1b0bd4a5d432387ece491ba52a95116a
SHA256 8564620a037a8ecd83b20413e0c3e572b67308f775d553dea87597498d3d85af
SHA512 d82d11154ac45df6d3d923d49bfc0a86b742ae717050db0703a698a5d8ddc5960ea183d39acd82e38adf117db93430ea7c53bcdf8f90c3d01bb1fdfffff66c2a

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\prefs.js

MD5 c87ee8fa72102834af1e8f96a3c597c5
SHA1 0fad9719bf8bba9867bd7de74d93ca9437a4744b
SHA256 dd45408f60ff766c6b1dfc62e7d89e76dd8807377006ecd9de2571e830a0c1aa
SHA512 406889b5c0a504c7fd0f7ba346d27413f0865e8c379b58e0454df23ba7bc59fdd960c40fe1f0f079bf2d3e4589cdfc0f469eb597990211151678fd3091d92e24

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\startupCache\scriptCache-child.bin

MD5 24d6c20c2371bb9028a30bf2a6c873cb
SHA1 0c3e9dd4ae0d70fa241ff9c9104bc8800a8e703c
SHA256 5531f258fd34995aad0248d4781fa9182332fdad29406e3dee6d99fc2b7205ee
SHA512 a06ec9cc88980c6a9c8f18f65a205599f49eb62071d5a06e0328853de9e888687eb6eba70d7f0e4bc8d403a5cff532d2f93defbeefa3d469986c0466d8e02dc9

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\startupCache\scriptCache.bin

MD5 c2cf00ab359ab5de77257a18b51bb2ae
SHA1 51bb5c3f0a85699823db72dc62182828daf2aef5
SHA256 a4e59ce375c3d8c980e34a7eeb901cb00b1128e6eed056cf02373765f33ee067
SHA512 5e5c88a13ecf8e82b771f898ef22ad0553c4dc7f047a51cd8aa0021b1585c42c47450e09451c129f6ddd4031cfaf03732a8bb077c7c4c5c18d2893934520fa3a

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\xulstore.json

MD5 3c7edbdeecdb47fba617e3d03c36b0d3
SHA1 53628ce8c5170810fabafab8e001bfd971d47825
SHA256 c3db6f2519b071b7441022f9ed508b0da5ba40295be0ee449a27bd6146595d04
SHA512 bbf56ea374114173f7de198cd71ac6e75276b0f30926c6690db512f45ac2e54d099d990c285578f702696494d2884d8550e5dddadeee01077933034ac3817842

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\startupCache\urlCache.bin

MD5 81932e678ad150699882a6877faf4129
SHA1 72c27e5109ac4a23625d13b04771ad7e12684e0a
SHA256 29a53d9a67cff26baab7571a60dd5798912dfae589e884a8f74bc04aa7f01c26
SHA512 2387742ab0ee9f0851be202082fdd7db7b88dbf0dc8baf39d41d3976ea48fecbb20ea39eb1e1061349de7d11aedbaef82f25b86a40aa3b98dd4bf7887389b006

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\prefs.js

MD5 accc88ed9910409c27c518735ae5cb54
SHA1 364341203e55910adaf991c3cfb0d718268c279e
SHA256 1a12e30da921b925258d65ed55a58134f53560d3c0a448d5c192515eaafe317b
SHA512 8c8e4c7aa1908d90df761c177a28347f0a43d6ccb8240285613196d82773aa47ffdf39c6aa40af25698fcbd935dc489963a37a938b44a6fd2d899bbfc23aebb6

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\cookies.sqlite

MD5 e97732d862307250546d703613778757
SHA1 6f18c6eb9764d94fd46249478d8956d7290cfe81
SHA256 d18b5ac9b4e5c944adc8de8f759ad982ccb26b3481e8eb05f057ee82a1a48598
SHA512 20550342622ca8a4b0782980e19c257935962829d6b549280aac8b16feb71ca9777c47fc3910472ddbb96b28754398004587447338b60b89435025331d1dc1e5

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\cookies.sqlite-wal

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\sessionstore.jsonlz4

MD5 625ecdc0d56cf1c2939d5e961253d58b
SHA1 f443dc0a4072081bbe90ae287272c4c41cc3f458
SHA256 49a01fbd79c6e07dc44fe96e213f644845d3f73bc94ee074eb806819455832ed
SHA512 d0320fe26d8162c40e06e7ae8708f3cc976342664980aaa70937ccfe8bd92fc340d0af3cd24809c7c1fc33e35a6cd8c5fadd6ee7a95f3ae86c17eea215291ba6

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\sessionCheckpoints.json.tmp

MD5 ea8b62857dfdbd3d0be7d7e4a954ec9a
SHA1 b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a
SHA256 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da
SHA512 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\sessionCheckpoints.json

MD5 e6c20f53d6714067f2b49d0e9ba8030e
SHA1 f516dc1084cdd8302b3e7f7167b905e603b6f04f
SHA256 50a670fb78ff2712aae2c16d9499e01c15fddf24e229330d02a69b0527a38092
SHA512 462415b8295c1cdcac0a7cb16bb8a027ef36ae2ce0b061071074ac3209332a7eae71de843af4b96bbbd6158ca8fd5c18147bf9a79b8a7768a9a35edce8b784bf

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\startupCache\webext.sc.lz4

MD5 791d52d1d5f66eb0aac19134b2ad64b9
SHA1 3071e50e6c4967d89dcda59c3b73a3814e816c7b
SHA256 cd74274d7ee7a85f84e0c9af8061ec78ef8eb0f7431ce84f27c13c585efee489
SHA512 e2a65f4276077544215a41187bc179f3ac67d90fc0f342acab5bc5f92a22debd5d7220eccaf02ad0df4d9ba4aca155b067c7a82bdb3f25b2caeceab128f45b67

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

MD5 c4a1fb152944c93d266f4aa16c03c875
SHA1 3f711ce69db96cb4025538db50014260cfc503e3
SHA256 ed8917a327635885a24acb127ad70953e7f79697d85a4714171541ba713c2925
SHA512 20ea0555121940cab45bfedd4b972dd61eb30c3fe30dfcbe282e83e5fcfb6842f3d6a9a45fc3ad38bb640600062a58e11345b4a5f19cec0029a076358c35b401

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\SiteSecurityServiceState.bin

MD5 2d08c100080eaf0e8c29080274a41463
SHA1 9d0c4c2512d8f555650e6fe4b39ed0eccdac4576
SHA256 92fe727ed8c39af548f2e145d35c89e6dbf2ea0528b9508b8f590369a966c015
SHA512 9899ef1e7ce3474553aaa153f909bfe68a96a16bee362889677b8f68ed941497c85be1f0aa6e6b23eecc0c239385cb9dbd2f83b97002b42d05281c5588376fc6

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\places.sqlite

MD5 a4ba3e25d0919ff011ee7a3a01b91b67
SHA1 d62c0a653bf4f6eabf396e5be45ee7836c2fd3fb
SHA256 8cb66a8375a61774a88295b4109e5d70bd41caa94f005ed141b5201a606b9ca6
SHA512 c152b8c2c8ed409ee1381a8e240bea4221e5b27f60c4d06c1bce864caae247779c2e468ce4cbad0464c985ff3e1aeefa74f71e2659531d9495694bd6e71b5514

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\6D89348819C8881868053197CA0754F36784BF5F

MD5 002bf6a0463d5a3ede06e6e5f4bc9573
SHA1 7963861db6d9155ad4fe7df812f270162cb16be2
SHA256 f230ddce75e47400b458a0e6bf9888f7eec8e31f4d7c9ae8a4368366ef1a84f1
SHA512 d2a903cc6913c69b2be0481237af3e055054b4e3efdc839d45c6951498b99cffaeaa66277c4bd9e73ad8d4499b5b765df5d204500c8a9a3a8dd30caf42d22a9b

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\datareporting\glean\db\data.safe.tmp

MD5 bc8a19d0514cd3a7cf8e8d87ce10fc72
SHA1 b7133dbbbe3d26fb451215ed73294410835f95fd
SHA256 be6aeb4e61ea935ffde80b91d6656cac2fcb429fdabfb2d58290c9ce5caaab2f
SHA512 c5f25b0dd761d07419111801c16a8af11e3ceb02bc3a4cae8f191bac16386b5d2df3e10c2f84a72a423b9b4aa5bab1d3682177b3a30830b707cc3033b8e4e8c0

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\datareporting\glean\pending_pings\60706d87-7472-4864-9136-449bd44690ff

MD5 f1b997dd3327bf79bea6ad16b4be46bb
SHA1 4b220808e1f8c7b4be847e34686152abf5f7181e
SHA256 c9318190ef34943b8625756896814eab62b99a87706b7f3290e065dce6c152a9
SHA512 192321111301a54bcd0b4d670281dd828d3e64062bdba632f6073f4acadcc73f28dfaf2ffd086c8ed8dedc5d6760dd0ac3c34889b60b5b9256f2b0782ce522a5

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\protections.sqlite

MD5 76786a4c0dd19d88d6d3ed95a293bf2f
SHA1 b0d6d676127a7694fc6e71ee57fcc2ffaa621ff7
SHA256 1a2564c1ba20b8038d35c2319258d94dc15d97914dcf753b31c48b79940dfd31
SHA512 8cd3298e2ebba763d3c80ac4b17e44af7eb63b46304967d0c6316d314baf8611c05f7b9979c2c5c329ac167aea0246e8c9f057ffbb272481c13fd5e4b4bcb2d0

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\254256B27E0C48CF9B80B695F0B3B8CA84610495

MD5 27b1898140ecdde373647e9173accdc6
SHA1 75308206a9a707db35fcc01d8b72ceaf7df925a3
SHA256 33ca19f5651d94f84ed8fc008d96d83905a4a7f13702f61437c2895a3aad8459
SHA512 d959b9836dcf6d1fabe377805e0f990b072aab98b426f04de3a5c2ba01034f2415ec10f6436acacb0f0ed5eed77017cb876732b7970d4dc65fb2d69a3c06f8e3

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\datareporting\glean\db\data.safe.tmp

MD5 edff2b5b7804b7c94af3f6604582dfe0
SHA1 52833036e30ddf288bf65ac73a62bebdec06b017
SHA256 78b4e97c2ed12adff981f16bd4b4dd08db2afa6621749ff9402aa35676d9d1af
SHA512 32fb4b6a491ac5e80b3ddd28a611a3bf9b126ac7b70df420781aece943ecf280605092510372732cbb3afa63902316ce52010fbda2766ead7f78f67d0524ab7a

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\datareporting\glean\pending_pings\1d34c8cd-4b53-4296-b36f-99ddd8992a6a

MD5 929bdf549f60ad87fee3e9b7b14ad8f5
SHA1 635daa2062ef7db6067e43b9d006caee30dcc15e
SHA256 ddfc7c08a3805a6df260521e03c136bccc8537ded73bc38a9b722106ccdf66bc
SHA512 bedebc3482faf3bef7dace617a65081bcc94aede0c9ad3172a33894f7a61eb6bcc7c7c261c0a32f73bcf301b28dedac84fdfcc836074bde9dec3cab1bf9fff0e

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\datareporting\glean\events\events

MD5 defbf00981795a992d85fe5a8925f8af
SHA1 796910412264ffafc35a3402f2fc1d24236a7752
SHA256 db353ec3ecd2bb41dfbe5ed16f68c12da844ff82762b386c8899601d1f61031d
SHA512 d01df9cab58abf22ff765736053f79f42e35153e6984c62a375eb4d184c52f233423bb759a52c8eed249a6625d5b984a575ca4d7bf3a0ed72fc447b547e4f20a

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\datareporting\glean\db\data.safe.bin

MD5 c977b50a1fe1d751223a857af12a582d
SHA1 37586352498216715c2fcc526735221dfe8733ad
SHA256 3b2d1d925ed2bb0a7e1c47567d08d9d9fa2fca8f4fa5ca9da7a7cec4df2b4664
SHA512 80e6c00f0c8ce81efbe1b14097c71b5b5211823d416fde1b7487fd9ef82b0c138ae86cde8dd10e59759d5fc5935fcbe7a57c618e9e64187043cd0a5c06d19761

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\8A2034D325DC0B5C9E11EDDA3FC70A54C8DC1C0D

MD5 5f9e25761dea8c9944f713d326ec9c8f
SHA1 81823495cd21bf1fcab27a5d7a53f62be30ff9e1
SHA256 e996e45bb4a724dc80ee3a37dfd0e1bc65d371dee226ef11a243a5709cda70ca
SHA512 5cae2952c62378beba697e44c1a126ab833acf87716481970083519971a631ce3e7efbce74eb53a4a7b629c5f068497a425eb00c3612b69491691a342d91be00

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\AlternateServices.bin

MD5 ad4bcce76625da69d8f7dfd3e55bb8f9
SHA1 dd8c0a789efb041a1ce64cce43aefa8d0a8e7326
SHA256 765698c8a1597c3ed020f5cbe33a7ed727b5eacccc4ae973a9b7d18988ae3763
SHA512 91538754520c5ca2421278927d7fc74cb98cf85a8081f27225a78fa1694926ddb130026431fb621f30e6879b19683a4b803212866a536313f780c576472bb23a

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\cert9.db

MD5 a57cce2d3c2e586b62d09515aad688a7
SHA1 6c3d56b5cacd3fd0363ead1c28ad0c22938bdb81
SHA256 2772e5e260644dff302109b4428d25309f10bd3d6b5932b77c74c89ac245d99e
SHA512 d19533c66ef6440f5d3bee137714703b781a58bb8bf3d574dc6f638978b8e8e240a883003b3ee799cab6c1128c484d491522e24bbb6732bbb8864e150d3bfa35

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite

MD5 0a80253fc2dd1fcdaa5c96baef7d869f
SHA1 d57cdbbc72487a64552a0b09c981d480918e1351
SHA256 da317d0636147222177a4a8b65d046b3f9a0b6180b206dc5c4ed27e9bf21133b
SHA512 db1a7cf16ad03f44a3529167cd1a8b54ad46a632f9c0c7f763cc56dc62d2ec5fc3cd1af972700992704c92eb69788b08c2cf5a24f8e5ee82907ebc78e4554ce3

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\sessionCheckpoints.json

MD5 c4ab2ee59ca41b6d6a6ea911f35bdc00
SHA1 5942cd6505fc8a9daba403b082067e1cdefdfbc4
SHA256 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2
SHA512 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\prefs-1.js

MD5 7591be9bd2624fdc8e3218a169673cc0
SHA1 551d2545d73f2c9f0d8a1d2e8421ec47f715dec8
SHA256 3c51c994729ba90a6566b8b763e8bd8b65e783b0dccfd579b7e2f3f1431bf7ef
SHA512 9ee1910a40c50c16f54ac1cb4ef6e62a5ecd6659ac2e933cdbfa3ac30af1ae9c805c6c21175df86d4c97efa41e45dfe4719bc3647ab1b42b93a2ac09884be3eb

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\AlternateServices.bin

MD5 f85a2b8657ef9476919c54d528e417d5
SHA1 5b752d66cf519cfc8eacc2f20be5c27a211cacca
SHA256 8da759ec728e60aa721fde4cc765ad306c34713e976cf2a90f37bd6dc31e927f
SHA512 5b2c0d34ce6ea4bf9f5d2cca928becb8b3dfc243b345de2fa8ea8230b97ad3e090d625f63c013636336d17caacf3399b394470a4066503113c6b57a8dd83caad

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\datareporting\glean\db\data.safe.tmp

MD5 af51d55d788ed09bc4991b338f4e9fc6
SHA1 2e9fdbe9448131e7798b628ee5f2a5217855f61f
SHA256 c39c4414bad4c05658517590ba3c5ff7b87f3222c2db1720cf6e8d8194b54b96
SHA512 656446020eecb1fad94603d032682ced80d10cfbc1204c5b8e993b18942c44a47c49efe1d81c906dfdbde19645f2b59ca1df3e3bd112d44acf0ab313309ada58

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\sessionstore-backups\recovery.baklz4

MD5 f0bd016185aa8a05b7893e3995a12c2e
SHA1 0e57eb98665e0cf7b88e009c9a5ea01c3aa71fca
SHA256 e3568350f72a0b3841f20b76e952483512cb7b1002c15d3e9c55478e2e0e95e5
SHA512 e6fb4ace0c604cbda5449031c4a50f0a1bad624d95211eb783162d48af70424f55dcca43a86b592532c7076b90881f54fa0ded683cd908b92d18b179f7ec067e

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\AlternateServices.bin

MD5 088a5afd29449e606d5f47ee376313f7
SHA1 aecfb3f8288b730da628b25254957bf7617861df
SHA256 dd0ca464a68df3c07a995007fd31d551a4bd12157d2af14693adadeffbbcaeab
SHA512 cb47fe352b6ac59106890ae4f990b1743280dbac54bcbbafb10d20217121e791090f5f342c40df65f68ea340da003423a8bd3051fc1ad14f80aa6e8a9c489176

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\prefs-1.js

MD5 1e81978b994478fce7092c9317c8aa33
SHA1 2c4610f5106680b1c8b470653ed9201c0b69130f
SHA256 d08e68108141b6edd35da5e371c414fd5f68414633a02e8494d197fcfb74c619
SHA512 cd002dd05f135452838cf977e9e9345f392d00534dbcdfe4058a9e1ae27ffcbf7f159258265b5a80642e283a8691a853a20d2fe39884f53e442da47cd7e7e957

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.info

MD5 2a461e9eb87fd1955cea740a3444ee7a
SHA1 b10755914c713f5a4677494dbe8a686ed458c3c5
SHA256 4107f76ba1d9424555f4e8ea0acef69357dfff89dfa5f0ec72aa4f2d489b17bc
SHA512 34f73f7bf69d7674907f190f257516e3956f825e35a2f03d58201a5a630310b45df393f2b39669f9369d1ac990505a4b6849a0d34e8c136e1402143b6cedf2d3

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.dll

MD5 842039753bf41fa5e11b3a1383061a87
SHA1 3e8fe1d7b3ad866b06dca6c7ef1e3c50c406e153
SHA256 d88dd3bfc4a558bb943f3caa2e376da3942e48a7948763bf9a38f707c2cd0c1c
SHA512 d3320f7ac46327b7b974e74320c4d853e569061cb89ca849cd5d1706330aca629abeb4a16435c541900d839f46ff72dfde04128c450f3e1ee63c025470c19157

C:\Users\Admin\AppData\Local\Temp\tmpaddon

MD5 09372174e83dbbf696ee732fd2e875bb
SHA1 ba360186ba650a769f9303f48b7200fb5eaccee1
SHA256 c32efac42faf4b9878fb8917c5e71d89ff40de580c4f52f62e11c6cfab55167f
SHA512 b667086ed49579592d435df2b486fe30ba1b62ddd169f19e700cd079239747dd3e20058c285fa9c10a533e34f22b5198ed9b1f92ae560a3067f3e3feacc724f1

C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

MD5 0a8747a2ac9ac08ae9508f36c6d75692
SHA1 b287a96fd6cc12433adb42193dfe06111c38eaf0
SHA256 32d544baf2facc893057a1d97db33207e642f0dacf235d8500a0b5eff934ce03
SHA512 59521f8c61236641b3299ab460c58c8f5f26fa67e828de853c2cf372f9614d58b9f541aae325b1600ec4f3a47953caacb8122b0dfce7481acfec81045735947d

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\gmp-widevinecdm\4.10.2710.0\manifest.json

MD5 bf957ad58b55f64219ab3f793e374316
SHA1 a11adc9d7f2c28e04d9b35e23b7616d0527118a1
SHA256 bbab6ca07edbed72a966835c7907b3e60c7aa3d48ddea847e5076bd05f4b1eda
SHA512 79c179b56e4893fb729b225818ab4b95a50b69666ac41d17aad0b37ab0ca8cd9f0848cbc3c5d9e69e4640a8b261d7ced592eae9bcb0e0b63c05a56e7c477f44e

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\gmp-widevinecdm\4.10.2710.0\widevinecdm.dll

MD5 daf7ef3acccab478aaa7d6dc1c60f865
SHA1 f8246162b97ce4a945feced27b6ea114366ff2ad
SHA256 bc40c7821dcd3fea9923c6912ab1183a942c11b7690cfd79ed148ded0228777e
SHA512 5840a45cfdb12c005e117608b1e5d946e1b2e76443ed39ba940d7f56de4babeab09bee7e64b903eb82bb37624c0a0ef19e9b59fbe2ce2f0e0b1c7a6015a63f75

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\958C5460C13AEFA1D0C9ED8F4AE5C4FE9A4E191C

MD5 e9e1d4e5ff6e57ea4ae565cb828fb490
SHA1 1b70fdad851c810b052c0d9374d96f61fd780e8c
SHA256 e53543278771fccce9a3fc34f71ac97f9516783e704af6f4ba5d3f17e638b643
SHA512 381259384c5edb1efcea3becd06fd9a9e948475e385c009d5024a7a61bf0fae87fff99ec22705d757bc077f96ee2880e0276a38bfab09d1b5f7c50b164441a10

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\D1FCA303EB63A9E8B29881B03F44862945374102

MD5 3d3ff2ccf6bcb05f162a05bfdbbbff62
SHA1 7a5b0e8b3bdd581aab960315ba4ae4b469ea7a19
SHA256 2694e4b2ae1ff6f992f264ab86104511bc8d1a4a1fa8354c002e5b4307423fc1
SHA512 0e50661acc6d88aa32a3a824788028aeca12d2db3991cc4c0b51b5c5abd5c296c3b73c27da644eaa466240f84ceb9706b74a11a49b98d3b0919c06478e4e08dd

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\26F1208FE3FFDEA622B5334FB5C27E69B0852C61

MD5 b5aa36ed7d1ec541d8e64c912e94cea3
SHA1 4d6d9d7bddf40e9b5856b67881f04debe6c2807d
SHA256 c39a57548e562632ca1e73c1fcb51815395bd2889b631c6bf76968a8f2c5b370
SHA512 c0f40069b96697da6d9539e84119eef6caeec543954afd2f2effa21391cefbd446896792a6753c35b6f0024cd1267bbeb20d178fff245a57682e3d4acd7fa052

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\AFD27FC4FCD07C83C029EF41C196DA265D0D29A4

MD5 3877ddfd4dd02bf845a22828f15332b2
SHA1 da15bc3a68d8bc291f247ddde26ba696cf25b559
SHA256 8b1c18a3dcbd7bf2adf0c04929b7ff218b20086957c7d86689d1b77268b79aae
SHA512 51252f36d399f6bee592fb3b843d7ec6011e223ae96301f25601d6e7c076465b591f447d750270be0f62115fffed6e37bf873f6d33b8cc01d02fe441692985a0

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\5BC1F9D56A03C51185F2AE2DC055433F3D374784

MD5 c0b44e72e0dc9cd4dbfe143b2470c104
SHA1 4a89c86fe5ec17d2985811ee810824332733bebe
SHA256 7dc103c5a61236f2f7d62dc786eadf96d1a6c022d5ebaadf4f321a814fc002e2
SHA512 2028fbd21a9a947db49c4cfd0e1eb347b6547fd8419599ea3e9002f238c1dface10bc24c48e6b67f78d7839ef6dc9f3fcf21dcf05011867f618d181aceb882d4

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\sessionstore-backups\recovery.baklz4

MD5 d42eda06eff0d27c6376b6196c634dc6
SHA1 3894af0267f4287858845f74e4748a69785605bb
SHA256 f9fe0b584baebc79ede288a0c39581f8887645d3b9afede5f1c52d9c454b963d
SHA512 eed45760fce77570f7d0d609a3334a9cdc51829e468fc677c4655a84569505a69f7e188f3ddb24a01123084ea5ff0bbcdc0a909b8020461a1cc52c3ca4ec46fc

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\BCA9D2967279E8ECE07318D3D9A2FD8A98421E5C

MD5 aa5e7c4a57b3b596ccbb8bffaa698a54
SHA1 4c34a69177677dac200cdf2300d306b1ee228bcf
SHA256 3e19dc4de41cf1be584caf4df8e5ebf30f29fde075ee2b736a9d80707c7eeaa8
SHA512 8fbd44be38a699a0ae4183b9836de5cce5ddbc1864873f9127f73879da6391755dd6e8d28de4ee922631da16a4661a1aab7cf96ff58d4751a7cfe2cfd435c4a4

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\7BFCF32544F467F973AF267DF4EB4842EDED0C1F

MD5 5a999c32d78c762fe5cabba951a861bb
SHA1 7a012ca7fea25f63f2e68a161386dd6a673d8b32
SHA256 d055f59bde745090942221337cf624fcfd04337dfd112ac8b23b8ad32efb78f4
SHA512 bf5ade509bf60624edc457c5b201a6a0d98ad576965c8bd202179784f515cf67fc4c4851de01f0d57d7532c0c85f427e81d76949829e2996febaff949c2bbf3f

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\16E7A505381EF18D5FC80A1BC3831706C75C6EC1

MD5 0cfc893d302afc8a70533f4c34e9e3f0
SHA1 3f12dc572d0eb6e5be4c7ac4f03511e05bb2a3b0
SHA256 6e20fad9a40c31978b254a279e6494d95e528ca86b084da5c3ca0fb45029d6c4
SHA512 272da4881aa2ee56a02c845e8798744d1692f4a172e5aeab48ece379b018a6faf7d015c774905d1c8c02ea33fbb09c0bb714270b0cbc99e646e909d7499ce69a

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\AB009D058FB46FCF3774AAA1283A2F029AD826E3

MD5 f0f743702036c1ac8aef1581a47c43a4
SHA1 311fa21a8799b50425792312e712efa17627dc99
SHA256 5c460273a7abef9578de580c86fc5dc02448adef55e6c0c748392704b669ddf7
SHA512 a63e69415f4b415b205fac29d16b0c9b3a1e9f4403f31ffad9e3b4cf1503a526a68793b7196a87555872c6a4edf7ea56f85fc87b9241478f7f08718d3f4e544d

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\29683B61FFDC77D1B51422991CE470D263C10625

MD5 6427e9ebca9871d6a6a202e6841721de
SHA1 ffc458fbced70a91360418fee9452bd25ae8dd4a
SHA256 34555eb009e3c4a8c85b644d078a7839670dd6975bcc451190eb44a607103d4b
SHA512 282e5c731e68c81ec2dd57f5547c7863c5853784e6a2ed93a2b28c81ac1907ecbab440b07e2f79c21e857165244e578dc58d9e675d78839412661cbb395923f2

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\86D341F9988F5E7D7736EEA429480AA07A813642

MD5 2a7096f578800887808cea1b17c6338f
SHA1 0f20896e22e287b4881b70ec3c60a63b8dc8987c
SHA256 0150621f436ba0e88b181f4d470789043e79c0db463b3a798039f3fab4d1d130
SHA512 d29d2c1cad0d9b1638ec5ddd7aa122e9c34291ae16445b4d9cc0333351cf54de7ed7b6a0937a4f601bd22ad81f1ff86c4e6ddeb1d8330fae7b1159ba1392487e

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\87A369EF36EC29B7CDE48D70779CA1799FC88538

MD5 09eefad29a79a10df70fa9dd5727fc04
SHA1 a5a7d2c25290e872eb15097bc9bbbe0af71d3a04
SHA256 3a14e9c10acdb87b82115afb83b56986dad0baa610c50d27b310f435f6a151cb
SHA512 4c65f617ef2aae7e211ceae963eb1b6cab5bbbd30bc79b89d5cbf5093f7711f98db6ae99ae1d461f4920dd1e5599ce0d85af12149750f0f1a6070a0486db5e72

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\29B5B076F049012B37667EA3E4223761F2EE6FB2

MD5 35dd50b46e0b92b858f6e99d85a42bda
SHA1 31965ffe9006ac0a6a77670d4f0c7cc7df121dcb
SHA256 383d6b3e480b15228c5e23621fd0e954298baf026ec7848eca17f1aac7c2a8da
SHA512 c40d0f3ad200b46b979c0a678cfe90630531f33c663cb87f8f13f3fceb59c83dee0241be6ecc123e75531bd976e332cf40e1896b832d2ee0a84693365e932c42

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\AB0D826CD3D04EE5148C4C68D885F2FB29DBA815

MD5 61de4a2b37a2afc23a1c5029ce4dae2a
SHA1 187fb8ba0c7fff7fbe93c482404a0d254941f116
SHA256 33a273485ab47b46b1ab94fbd242bba6fde728bded6bb485729f23275e78c9bc
SHA512 bd055dee08aef91f48d741db041c9781545135a479d16f3ad84b3f582886c5ba74894bf225818ae67e49b17c7852e3492063555ea786a8cdd87c6406cfd7ac84

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\FBF7CED54953E9B25A13CD56B31C793C1B48F88D

MD5 6b282285e4b2a504f9bb2b404355afdc
SHA1 24b9265bf9c76073cbe962e1b01a791d17a55745
SHA256 e4f72a9e6504bab0710e923fe1e612cc54f3f559f56aac05f6ad18985e32bb54
SHA512 47a1d1685b19aaa33468429279de3970c97b1bb753cfb0bc6f9ed101aeaa2f2b0204ea00e133d07f485b6f4d613fa159738b8d0962d368499414d9d9206bf7ae

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\DDA23E0601E54BB25C574289CFA9693E8E9060A2

MD5 3cffbdb10123b2f8a2186ab37b548b43
SHA1 fd429006b1c7c34212cae2e8b40ddf09f7b7d924
SHA256 8c8743d9b020e1653085efbda5e2a4c67f08fb0260d9f69d1a84528e76b626ba
SHA512 ee50290c27296084453debba37c7c1babfeede8ae701be6859d5f001695f4f9f3e416316dda3138836a5829c1ab2a97f11710178f69359d1b6272c7a7fa1d635

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\71DC288D7D8519CE10D2D332B7E19500A5772DAD

MD5 85f2e68c59bab2961f5ff8bccbbd92ae
SHA1 802206a9e35fb8932c091ec2cc737345d5ba033f
SHA256 0853e01dfe925d1ce201eda3bfbb726ef56a089a7609cae44c63e7d3f00c2c1a
SHA512 5172035de68693f88fac06994756de7202d6b5df1d29f6157b17216fb235f21434402e1c634508032810ed3459beae5a942a1ab9088b2352d378b325aadb86db

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\75777E4D4D71352EEDC834A9022A3A5E52563B25

MD5 09ddaad66ad1cee3257e367aefca7add
SHA1 465444faa99c0279ecc49186d2dae712f02e8afc
SHA256 c07da4ca2ad90b9d683345c8a43da40fa04e59b133729fbac1d0ef079afc1842
SHA512 3c9f189733742d6de85e1aba5afde5a58c2c7bd9086f9dd25e09d173c03e1414e20c3cf7ff8b56687745b6f1b2f3fa9be91c6db818b522ec49e0a13ac434a45a

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\sessionstore-backups\recovery.baklz4

MD5 d7066c585befb26f5759fcca47ca60bc
SHA1 e168df243cca965d93d8e453c445ec32126b3d51
SHA256 1243e76bc47fece24bb02e154b2e19bce369871e30087255db81ec9c27330163
SHA512 2164b033e800e2be54086f1b4fc20259baea185f968a69b83c24b23a06e6dece644e4ab5a9d04dd465fbfb5f6ab88cd330f4ffe43c2ca7bebfe9dc97a3bcc396

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\E97D69AF1D6132A7343C287B4F6B73FBA032B3DD

MD5 9c7dfde4db77d81ab193eeb4ab01ced4
SHA1 86b6d6f17fe57f257db259357865f855f2495e16
SHA256 16553725ca01783ff27c5500e851da42149d33b785b75e833c9370eda2758c45
SHA512 28b6ec5019fee25e17e86bcf97761545eedd0ae753a129e4685e53fc5cbdc9812360eebdaf757d00a5e7adb17cdb832ac9080d69aa0c9b5710dc579802f039c3

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\587CD4025CB1F7E562440191D4B731FB3FC44B63

MD5 663ed85dd6ff717e7a773b748991fb24
SHA1 cbb4c47f015dde11e742825fbb4fb06d0e607004
SHA256 08c9bcd78aed3d429ecff87723b7ad5cdedca06603a78f79d1002936f0bf7ba3
SHA512 e3c12b600d8840c0e172326c8fed0892ba23255ecf199ec29f463326d89f0fcfcb7e93e9ea102aad722301053d67814874cedd4a397fe745dea14d334e388837

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\F37AE6644984754AE42B4C0DFF191F777AE95B68

MD5 efd9f041e654fb1a80814784b7295707
SHA1 78e47ecb2015583af37d807bb6285a02d525126f
SHA256 926e058f10786d1176f1e34800923a143668146d57f9f21733429fde450d8b9a
SHA512 3eb157b0291b2b20a29973ead6cd0e51d521e67db683ca42dd2bc88be67f4dead04784c30382216fad9edca6a7acf957b76922a8999299ec388dc5e0cc1c0a05

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\D9C19F849B96AEB3004631B260D2309889FCAAFA

MD5 e01bbfd434c0d6e5febf9a3ad05cf31d
SHA1 d153f9767ea55d55582e673c87fa1e0e76ceb270
SHA256 c40f9a3f5e173e91170860d271434ce66fd54a95bfc0499aa8fd67457a76faff
SHA512 5523f0f8800295c56f354a57f0f8816b8b183baac386737c47d07642002101fa8d6a7ab7d367ee01023da83bd31f2dbfd8f3493f6f4cb71935456161d39a410c

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\5E91DB820402FB8254ED644375A42BB58FD1B368

MD5 30f0a751e5357354d70ed2b643bf3594
SHA1 b9a7e3ca2a8b8444af6173a0543f8ebad40b74cf
SHA256 0d866bbb6f8caee6abd701df9138ce09744436611da1d0770bfc3a33a973e8af
SHA512 928f4d4713c280e213ead1b5b87d27c811947478d5aac61214fe749d8fdbb91cd69344907d540034b4b44c197404dfe9e9f969f1c15fe98191fa498162c5d8ca

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\870E31CED65DD35867C606AFA4332864013C6ED7

MD5 aa795731889028ccef7f4c2005fb0cd2
SHA1 4aa403f487930c961f41410cd6a944caba930e36
SHA256 f81216ec3ab4ae61c5faa8e0e2a84766636ab91e3eb4ca513b6ae07aa5b713e4
SHA512 84e5193fe304073b3c13d7d94bc7457a188a393c23529af421cb5a2219a53e491fbac10b3cc1a82d6de13ed1ba766e3b78b06e3e7f984ad592d5c8db23f3f2a2

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\2295FD9466628B6A165D8248ABF16CB9C80C1BFD

MD5 d975f632d30e8939303e45f8da652a38
SHA1 26f0c49adcc32bae5d28ebdd8bab6632c803efc1
SHA256 d2d07041ad8b24aff8fe63a7507839215726766eb1c29008cea05c524c642279
SHA512 4cf04efdcb53e1f1a5321c4255a43cc63015ed59c7c805f6dfe3eb418f84565160ca9b3cb96ce88cb8c2f0efd213740db57c1442ef52b9fc1dc0143d11a59de6

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\A2EBC4F283C1C7E13CCF8F422546A8A854133C35

MD5 c66132f5cfe5ed791f029ad8394c032e
SHA1 fa9e4439af328545ffa074a93ceda8adf1d6ed4d
SHA256 47d60651c505166f8231fa7e33a8a657d5b6ef8efebecc2d13e56f6b1cb74cb9
SHA512 56e3bfdaa4646a4abcac3185621f149d98d90334b85ea7755179b6b9c5dd0c48bc220b3221acbb31321c7b945de243edd3a43b3d43a052866888d70b13d71a29

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\21D1E596AE14F24A279BD999A27DAC4DCCBB08E4

MD5 3288557c1db6c735a0637f0aaa3e658a
SHA1 fd985f3a2a34ff1a96d2f1ff413a3df902e7b613
SHA256 67f748931483143a5eeed3ae8745878c6222a7e0c0026b12b12143606c2bf90d
SHA512 229d7268d8883dc1ed77f73002e7c2f80be6cee87c51553bc2471c5c1aa5d2847f406243b07cb76dc992a0b02c90ae5d2e30eab9aea9a79aa41565434de077e3

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\3F99735EE8C279F8BBBB91D53FA6E3307DAD5DE5

MD5 867907a874eb02085c98c02bc76bb367
SHA1 3e3946a441c7ed7e6a8a915c462fec1ba53f91f4
SHA256 11228727539bb56b02d83065e86e79589df27c80326fc1ea96d1c7fb089ff175
SHA512 9e172ba62146bab87af25144dd919c9ab2b73575dc76f2ab287d847eb2c410234a9a0415b40c2015caf09130819bd7e6d361e5ae2db98c840f9b47a5505c46bd

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\1B9C5F6720A96D157ECCE750AA3084FE56A8959F

MD5 e059290918532fece6e866d94daec1d7
SHA1 48b8926cbda6f7c44f00999b6a3201f1c9fccc03
SHA256 4623f50511563cf3bd6cf74a4ee3aeea4f4ea5c89f53e206510557bec1fa969c
SHA512 24bb17a9e3d240da51e6b24d3b84e6dab7a36bf363ba5883d97b848aa7f5efb376d746b1995ee3fafe3ebdd6a0eac6ec932a490a48d7bdebb1a781b353f71376

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\2750BF1AE9B9DF18C116090393B65229231A56B4

MD5 836a78d2c0976659bdfad06163454746
SHA1 1824fbc4862c891e80a244b874fcddcfe31a864f
SHA256 dd792a6687cdd528d99f7f70247397186174f54ee874a0bb8570fffd5f52f5f4
SHA512 a06af31e23649a518c32543572feb319a9c706de3c065b2d8157578786a194acf47b69aa0786f70a25d2e1cfebbf526e799396dc787be2677f2112830a067223

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\2726A961EFCB09E16119F234573F58BF7A3ACCDF

MD5 f098a2b0214458ae19d3a7e20585999d
SHA1 2896df9d61cd9487eb2c345c422652f291558e54
SHA256 e8402999a819d12004568bd8f09d3a8f96021199193a7f02f3be28e4bbb42dda
SHA512 3a657a34f84111eb16f4081581b372c7df6fb94ed46bf75746eb91e5c9d55ddf8cbc4e4d9a2c14c4ae3f56751089baff8ffc34ce5e8c27cb1a2ba9270c4caaa2

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\960F010A01BB32D61C429F564142D1F457EAA7EF

MD5 fbcb541c12457833b87936e4391e0ab8
SHA1 a425cf1e6762ddc8c477a2edacbe51c6131c121b
SHA256 4d3efa04097517ab1ff131128ff396391f64b510f8b6d7e10c7d21d9b4b04c5b
SHA512 fd361ce9790b54df0329ccae3cc85bfb184ccaff6a7d1fa0dc8dda9403f2bd51dc4b1175728970c450dde534e42c225ab023eebf56df63d78d8fd5d13c09f5ec

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\6027532166E22B1866C0CC35C0B14802C2F394A5

MD5 da49a91db5cab495c166f1ab8e72ea94
SHA1 8247195f79f9674a3722c4aa34068e3dd297d2fa
SHA256 64eae6c41b6b1da474c4dbc6503b34dda75498e6cdd2cdc24be21204a7774e70
SHA512 ffebf05493f70fdef8c558496f763c234f015c51dff8622f1faaa4a847cf53be423edb363efd177b06a16c46982c396be2078ba3aadb5a55c4e3a0fa2d425a4d

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\7E652EB660F04394FA9E19E11FF021EAADB4A60A

MD5 a23932e108e512c62f57b92a2a45fbcb
SHA1 0bad77b45c37e6597507ee7ca59e301f2634fa47
SHA256 60870dc750c5fef48eea638296387577ca75e6262045952bdd325faf566aa31c
SHA512 8fff054b91d8aa885839603d4223e9b353b2d6db2817a8a1ae2533e68894c21c6dd1bb7e019f10a0a80085c87e512e99dd3724f369a4a423402e5bd4553a3916

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\C743C60585E5ED08BE17282AB0510FB0F267D5E9

MD5 c1d74a2f07aca35546e5fbf47507a2b9
SHA1 628a3a55ad5c98f2800118595870707eca76b72c
SHA256 d6d9098298f1ed189ff045e7341e9a0f8041102ed8be006cf8eb580bec375b8e
SHA512 cf32477d709ed0a149afea4136547ff776b9e7fb158f42762e4889b1f5f1df771ff3175fdc4a903c0bd8cfc59fa7133b384369ed1256e994fcbf7296a574ab37

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\B6E4FACF8C43D96BB7DBB2EF588F459908C0816D

MD5 cb4fe2e1267d73955506e1de9f544b9c
SHA1 2c0af30f2c6c316d1afd80205bdfa11bc0348b51
SHA256 e93b4270e31135e2320a915434552a1d2768e1c8830ce28577d80cfe3b02b6c0
SHA512 2a3928361774f477bbebbbdf7c0ba2278a8014bd795db89b9e8429c30aac476f7f539139236d1b5486383d3c4c2fe55dcf1bcca50986648e0a19d8a5320f9deb

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\9C742E6B6700D4095EB15664FD70BF6A71A6AE83

MD5 5526f62e4f76138389bc64a05280848b
SHA1 be59bde5ee3099da136c2b0164608b7ea56dd729
SHA256 ba639cf06481f0297cc3d9ab259412d9da8c5951ebba8f1fb50db621094b343e
SHA512 fed8eb197e7f1b7787fcd1c3ce148da6838baf48d40f6207444b097ddd44dd6e1e414939e602ab5306088cee60debcca7eff4c219bea5a1702d863947042988e

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\29909F8C18920512A7F21898C583E55648B16FDA

MD5 2d1e8cab15eb3affa6b1c404e3c8c3d5
SHA1 5e42e3510aa58a0b095b54e827cade6be6e0349b
SHA256 5396dac62b77a43d0b72a68e9e9c69f5c6af0093898aac5dbb8ebd9f1fed2b04
SHA512 5911a59888900f01912015316e04d2ec33075a5a08bf672a0c62a304b2640d4c14cc6d6ffae9d013e91ee1971a21e8650ba91f035a90d537f9ed360e0038c7a2

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\772DDFA058EBB2D15907F2587E6AA883CC697CE8

MD5 6a537d1e4c4783b7eaa8ef6b0833365d
SHA1 4016667571f19501c873b928a4528db9ce73b354
SHA256 57e86ccddae1d59d7465396cff31fd7089232f2bb17b56669221aac14bbc7368
SHA512 d384893fe5cfc8a6e469b5984f7d1d7fea89028169ee59d33babbad873c259a76b3e1f2c0c0818ee226826182d8e15cab2d81b14dc5a5826d0994a4642bb16bb

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\9051C3EDE19BEDDE916B33846DF1CD575D98C47F

MD5 1a905e369ab035a90beda5bb7f8069ab
SHA1 237ea9321526524db3d5ed0b35f12904b31d27c2
SHA256 5cbe00f7e9057c779ba6693922ad89ad8a37296132ca8e69b470ccc767e248da
SHA512 e43b28b041a4c49340f5b2fbe722d796893473d799d13a50eec39e20e86dbcd84ec7303dc12662a7738ee04e28b5afa98995e1a90e5bc913fe18cb7ec29d2a40

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\E916DDE8A8BB1A2AAA553B9C356352A3A576C829

MD5 eabb276c4e1dd92eebd4ae55391a1c89
SHA1 d0bc5a67d7e7723021f06287699cd28b8258457f
SHA256 a324347c56356880b8e2a1c180ab2d18b1cb602242b289562948ce8150679eed
SHA512 9adcac9fad3b1b30fea42319dd2af7fc169e5ba3133ada4bbd5eb92e9aad66ba66034ba585b47dd7bab0b2b5cbb356fc409ec0543b6236097d017f8c108c7ee0

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\D16F9D159933A05DFBB0C8ADFCE4FC6D69ED75C1

MD5 8f728ac6652c60a5d3d86e8f400d95b0
SHA1 a50df9fbbc33a57b3ee869733ed056d4446a9f39
SHA256 52ff9badd403c4e27fc7eb3b4810f0898f3dfe43e7bb66c6d43c0216109d7514
SHA512 f65020c32d5490910edff3e3aa347f21e8e9c04888de4bdd48c751e24297bbb4808cdfad81f4fb28a001acd1542f2ab6de3732bde63118958a13118c55a24440

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\132E1E906B92D27BA434C1603553F3FF8E08B62B

MD5 240da1ebd3491b5b0acac6c5fa1d8065
SHA1 5979026a31fbe5ebdb26a3fd65498845320684ab
SHA256 7c38305b9b8d7463f1be03d7b68aef7fce12c0dc9762f6439a984003ed8fb309
SHA512 72c9f93b9c4f6504a953af2ae88dcd34dc66e67330ad22904a114b64a150b57953785dada3c7c76472fb50276f2e7a0a2ea865ab3cd2a4fedd78e4e3c2a259be

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\7D4A04D5ED1B511C283E9297846B0D82CE7DDD57

MD5 8977df6643f70507d7aef6bc67216e59
SHA1 33c84e344c5906ce076b336448f1e52138ef6c87
SHA256 c66760dff23bdf601062bb48f645093ffabb0605653da49508436e8a386a91bf
SHA512 1e4e909b5509a00c5ced5da1df42408ff312026b659c6a93ab742e62316f86adfa03850aec5c495bcdbd06c1ff449e626f846eecc25206be17763372d5028e0d

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\6116D240FDC469B9356C68CCA142152C15C76D32

MD5 55eb528ddc59dd71fbc994442931e495
SHA1 879da299ac044f5e593222fa185e528d18376888
SHA256 be7d2456a0b9f8dab4b69d427bb838a4bc3fff6797c0e9b285534c17e37929b1
SHA512 b900271ac5d6e0b833dabbc6b60f2d54d3970172c09673eb7c75aa139bb68ecacf4d444ddcae2ccc624287efce12a23ec948b29ff343d7b79fa0b8bff1bc80f3

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\C492CE412B35C44963F50A599B552008E39904CE

MD5 11233f021765aa0b42cdf4208b0e7485
SHA1 eca11bc5dbb5f861519a6c7a5fd2eb7cef694a60
SHA256 85fc011951df06fedf41d012e871cef110a5ab420115cf537478d64c791e8dd7
SHA512 28c37768788b4e391ad94e986eb01bd06ed48e323eef125b90703cad8908ccc4820849a3c1f10eaf387a9775a2552a3d6dc90f750a54eb178383240bda48288b

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\EF7CC409846AB0A26038FBF1808C5A0BC942DEDB

MD5 3d09816581d4b6ba4b10d2ef4c58c5c8
SHA1 993682b98e20f60dd47e9a4ed09ba3ad9536686f
SHA256 c9bfa3891749a15829fcaead36fe0960419dc09d2b54aa451f37fb66bb3071cb
SHA512 52beab2cb81cc204538f0f26f8fc95803f4a891990480b65056bf7ee4eab29bb053babe2612c7b6723140c5147d6755e28e201b51595e15d536a5b7be4a04af7

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\847A90E996B110AB4BF68596517CAF6EA5050581

MD5 62bfe3e06dfbfbed576c3fdd13b43b02
SHA1 ebd49abf84f7ea77bebd663a3980c34f3a2518e0
SHA256 8e08842f142ced3869ca973a949001540cb97dc573bbfddfbaa978957635b4b8
SHA512 9ed84548b1abe2ccaaee7ef0d1b851425ed58e15e7b842e9895bf5ac6d36be23bdd2a24fc8483433e975ec6de806051d4ba62dae9ae045d91fd553aa1595a1f1

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\94D95069E853EBEC6EB65D8C73AAB36E1F92073F

MD5 338a3689d5e2e507cd6d70efce6afb5e
SHA1 69d8f3e5a9d29718e4d280edca7027a83814551c
SHA256 4cb801c734345bef4f764f3fd301ae5ae6fa25121fc38e3a474002f3aa1f103f
SHA512 64ab1750081721af9a6ed409930476e83257ba77e17e116489603d7f6f1a0158566cf8b5ba1356ed1dde300d64d1dcdca049546e4aea37ee18d461cf2054deec

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\D7E3BB06B68EFA78174426670C34A9847642CD2E

MD5 0325b368f1f1843db731c5fbe285bf0c
SHA1 5a7084cc9598e219e69fab9788a485ac230988fd
SHA256 f9d855899e8d0f9ce70b42d527556f95f272d81aa4cd96e8e6d79ca2e29fe713
SHA512 f9162597bd763c8109c7b451e16be11c4d6ee22156e7bbc96b78a21d745e70f7f5556835f20c7206696db041c4e82abcda10df52df00b03f9bc893e6fa6b8ba0

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\8AABB13FB7A2B09E3BC72A83009A2F087A60A8F5

MD5 4b29c6dc26808181f13fc9afe0f9ede8
SHA1 6ed369f7c851618b087e270be22723da1dad746e
SHA256 f05eb967c6a751ef9dd76da5fc291bf29230880bb6a0ecbe60edb0204a40388e
SHA512 fdb4881898d0e1dd04dcde43cba53a5766ba3959384b1e1c1df9e9c1f37911eaaac33b1882a3b242f3dac42ed3cbadd6934b6868bb7e4e9dc3c3b700458eba97

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\C97AEC8C43BF85EE97C76F780032338CBB6ECA2A

MD5 a180afecf32af2fbe21c937e8cb4a1fe
SHA1 5cd56b5d8efd017fd3df53a0c839952df1d7c31f
SHA256 bf47a8f37c2d3885e73212110e65b8a9fbd655fc46e25a30851b2ef62256c002
SHA512 f66b99f4dc7efd8a940ffaa136e936dc3605c2c6cd29fe02014d643b04d1353b3ae18f9e5e147fb2c4d582910cf83633d06e36207a8d55bef0782bca4b14d5c5

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\DA82D227F299C963E98250D1B7BF21BF1D7198FD

MD5 1f5d0a53347228b4f6d7cb3283a0aa91
SHA1 6e503e22f340bd2baaeea27c7448dda7f5b7e224
SHA256 9b65a1b4abdfbf4b1f0e383303847b5afc962aecf97b7e2cadb27d3370700b88
SHA512 2807470c5ca576b95f908c42936fee4afb29ffc974b6bc443580773ebbf2bdcff7ad04bdbf310fcc4d75566e20e51470c5cf41ed3d812b5c59048b15cf024563

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\C3C38D32C0E8CB40D188DFBC62995789CF7AD78B

MD5 552879c600672b3302bc6b98d714f71d
SHA1 aba6065b62d088e321fb1956784bf6cd71b19bc8
SHA256 b4e5456462384d74702f8a69a701435ebc4cba5e15d7c817bdd1c3bb7d4f2c99
SHA512 a952f6378aea6badb43e641d930bd7c5469d46335882fe2613363634ca69f0c785a2fe8d235e8fa66aa2574a23af0d0d72a267abf4567e3ef8983c84e535377e

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\sessionstore-backups\recovery.baklz4

MD5 a732707be1ad0d32c4bd4d6d27c62f5e
SHA1 80203f22cb86c20255d0fc1b75d94d7d74235da6
SHA256 16362cb4a06eb36b0ddade5c11e63d606401ca254dfc5ffa35ea794f296ddd09
SHA512 d0642fe99b3e4c898816a1340ae46508dfea8a5f141b2490a0fbfca03a78afb8caa7c23e5f9f0724901f47be6c52631c27d7ace5b1cd7e2fda0240e06f02b022

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\sessionstore-backups\recovery.baklz4

MD5 3fd3981c456635bcf6992ca3c3fd443c
SHA1 1b4c3aee9eb73b1b847a87a4bed1966b0894d469
SHA256 ee008255e43a65e9da6c637a0fc82d5017d86fe8474d954d212531baac239e80
SHA512 00f4718f843e00f604b0b13eb1a1cb806b7cf6fdf3e3869c98f1977f9ed564d37172724158dcfe62ba37c44fe714a664fbcb5fb4dfc34577004b8972343daa00

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\sessionstore-backups\recovery.baklz4

MD5 bf4de87c7d40c439222ea31ee09e69f4
SHA1 1fb5477663ba2f80d9d09197a193e9ba921681f7
SHA256 8974a0eea7d6909eb146aeacddbf7c2a9058c710f1d564b7a7b60ad5bf4b878f
SHA512 910f39b81f0c35c28bcea0cb835164ea7bc78f6bac319ba68087796d7d85c7470e61313e73af197f3aec505a07254dbe14cd5192993e5e29cc491e7d1c9f8b53

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\storage\default\https+++windowsreport.com\cache\morgue\70\{0f1ae6e7-4ca8-422c-a304-32c70724da46}.tmp

MD5 04879d48ac384623204e81a3ecaf43ac
SHA1 98ae82aa4dd6cc5ddd34574194fc3d5a1a5c1fdc
SHA256 a57d4cc8b71ef209bbefa647be3914c31b88b01b3cc9b91448e5e2af6b4cd5db
SHA512 8b41e9fc7a4f766567be42c3b6312744fbde5e3f951bbfbd8966b3e0f469f76fb0f7623aa9eeea1970597b60a3c9cd224db4978c4796d4744443b446fe8132c5

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\E06D8A1621E6C79726A1CF96BFFE054339E0F210

MD5 2a21ea49508ca9c186389b5ba6f7368e
SHA1 7e8c859adabb5c1945267e09937f66aa393b65e3
SHA256 b95095f086227525a1d72659916aee2ea8b08ff873a020394643ca7e26000d9e
SHA512 79d0b4d96adad014112df60c7c1e8e3b9e6eb63e64fab943aba837ecce93b7ad966e152f8e2359047968dfd54d5d8db1fe2daaf8ced1925600d7c16270ee1a56

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\1133B3B71FBB00E77B8DE6C3563A6090DF443AA6

MD5 194a5da97b977c5a89ae8babd95276f6
SHA1 4d62647a203dd2d27fabf75cc713be671fc27e45
SHA256 337d156ffbea36b5ef739c71b8696422875bed8491cb450f8f5f450ada0f2707
SHA512 0f8bad8122328c6fff652e035c8f2ff1d939bb1e527feba6f5d6ca47347cabbb6555bccc5768650bdd8ce53b445204b71114cc32d3d40313607d0f7b672e5fe0

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\C8E9139E762C1580CAD4EBCB729C1C22492FBAA7

MD5 9d9695c40f4982f125b0975b8989d137
SHA1 e9511f222b9d0ce673779fc547030a474d682e20
SHA256 d64f4c022eb89132c44df05659a4ec89eeed82878e3cc04365eca953e0a0061c
SHA512 e92329b8a81ec101fd543ebe77049ce1bff31caf426a5d1ac31168bdafcb0a0f47b6eb0f36049e9e163013dd3f69564ed98136f007b8ce6d42e5c3b4057659b1

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\0C18308FF53AE681C9D2DE12E42B6B8999D01C1B

MD5 0988e7412e2833095cb446c6ed06b37d
SHA1 2f8a8c03709bcb3a53dda81e95c5743bcb072bef
SHA256 0ed66ba104c4612a51799100a3216021895710ececac67c44f74eabf33d272de
SHA512 e9f5e504c579cc4b57e029cea3a7b0f7ea8a11be47f519258d3e32bc03cdc1405150cf3ee9371b99840b8c05a66ea19fe1bbca083f0dbcea0fb517e99b00fba8

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\044CD518EC93EFA5F603ABE0128EDB589CF4D594

MD5 c5fb041c6907ba9e0e1be6b36ee19e6e
SHA1 7970b1e7957b70ad53c7b7e7098034b7afb65860
SHA256 3b24689a2a19585647f3057c402e784626020caf5c1f043330f18c2c93d3b613
SHA512 2eceeca5bed754854eebf6a02693f8699c1652b39c6122d8d952efdd340f87d9bcabf3865c9ce2ba8c0de48ef2e75bd55c9268cea18288909b5cfb0a139c43dc

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\sessionstore-backups\recovery.baklz4

MD5 78291f150968beb560ee612b92969cd4
SHA1 6bdc5d7b84ea2331c657e7e751f29fc4d0410ee8
SHA256 da4d16c207b51eb938473c66a56e18dee88ea4273786afcc8e620226890c49dd
SHA512 145c9bc6b5cc7d93aa87182eec09f684a9ce6a20404b64656a3d9b2622b8ed4817ff751a5ebb5e33b4b9fedf72bf1dabd09885ee1aba3d9f7ae2e7e7c7443707

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\DBF203F4C73806A8C792FE65FFFAE520F8B3CAF6

MD5 880d8abfbd4e7747424f5942c2ab3cb3
SHA1 1ee62be2e4f19ca2c9e1dd3e37c8872fda28728f
SHA256 d64df04f3612b5232dda7e92972d7a8d634b2f1ae1d77b93e6478282e6dc97a0
SHA512 c963081a5e64103101bb686389e0b7f8334ed3f170333eb8119d837cd45f91304cf6fbdaafb633b5695af59162f6d8df8e406580e1a84e073854cfeb345d060b

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\sessionstore-backups\recovery.baklz4

MD5 4b78c91781fc080e269b7ef3cbe7a306
SHA1 ddcf7416d46c74ade4acb075ca4dc431a9f2317a
SHA256 62fe95d3cf51c91a6cc7a8e5d829e24b1f16c1928cc212ccd883250b936d6b93
SHA512 64b45c0f2d8794d8dce0baf374d357c4f89c2d17a7d0ecb41ec43d704e466205ad1f4988e3443d5acc5da4f5995509020f2f3757662028125c0f597cbdf83efa

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\D261061F3A76DCB3F715F0BB6F66F5814AB58983

MD5 ca35f3df5d20fc4266faa1d2040e1c05
SHA1 4155c0f73cc049d8e5f221c11f670b7cbdbb8ecc
SHA256 d0318b64a6ea265e5c119f6613c0f3025316cb1d971d831030a24d1546aa6930
SHA512 825f98e9118244bdb803b15d0eb46a6ab5a25843210aec7d47f09ec663c084717a9c6ea678a87bcd74552a6d3b4992b166e1753dd35fea4bb801d551e361cd0e

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\118F3DAC070F7340256220FE963FF78E12E8F4D6

MD5 ff9bf86271623800aae83af058ed4261
SHA1 286756fb7eedcb68284492770ad3b87d47b2d789
SHA256 b3b767f9ac013dca651d6f60d832b538c167180246dadbac84255d164b25776a
SHA512 7634f3d15632abce2c66ccb25cb40551c4a5da0abf37ceec38f827ce59d14cf272d1f3f04b7b4b87d8f98aa91dada20f75d10e877161165890a892efcded92e0

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\AF4D232B4233EC6989706B686B177F778BCC42CC

MD5 b2a4dad2c91701031771b03a6dc88d7f
SHA1 f2b726129a4d05e4a1a2af5659f81433d84beba4
SHA256 4a35b076389e13d9cdf0dd2c978a6873efefcb617f7b0c4783d819c8399e41b5
SHA512 2ce0767177f36bf63b1bf3b800ec226c6d2e9edacb5ae542cc52e46a243f3cbb0252b0c7e90b6830bb1ae40bfb12bab1d1ee6e5aa96ce3f0ff083d5d52a93b61

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\72A4F8CE439A9C235B33D1C0BD0174B1AA082BD5

MD5 540fac07b251a6049cba1c0a7386bc4c
SHA1 f6bf00d95a243b18162502c1567e37c92ab6b1ca
SHA256 0a68988985a8f48566abf09b47eb1839df747cec3fbcf09667a7cd7a11b6953c
SHA512 1dd3f777afad8402417f97462a21af50d9a60c10a65efa6b34a50bf88efeec96bbcfcb752647e54c1a2f42bf8104a8b1430265a401c09e6a118c2756717fa169

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\F7C2C7DC85304EEBC37EFE4883E07FFB20676024

MD5 3843860025c115270232558a8c39e25a
SHA1 9802d6ed3003912aa4fa9bc09009eceb5bc40f8a
SHA256 bac8fc2d38f802650b351b4015b7ac27754e8eb95692422c3da485b1b1b40566
SHA512 2076691957e73b20ed15e682df36eb6067d341ce86aea4124c153195b88379a7abfe7e766f68d0ffb0d48b49c111d9e26d0be3e4043f4bbcb7d4f0f8704cc64b

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\sessionstore-backups\recovery.baklz4

MD5 efe6b31fb3ef4dc3c9a974747cc294d9
SHA1 d34349d676066e8f774f860ccfdc93b1e846db59
SHA256 568f70aded9391bcd4516cf8b86d3dba3533f04e2d2b413562bc7053aaede290
SHA512 9a20c0e13dc6fda40e0ee1c43cf0d1469f8aea1398c101553731c4ada7f3d313adab0f5b78fee2c060b288daee634a2ecfaa5393c2710d8b55f80231f590c5a0

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms

MD5 d2f499519787cffc2b4b65171b62f3dc
SHA1 f8ef0fe84c91a0a6c5077c64e720cc9f4bd95229
SHA256 83eae9a590e1f39f77320b46b7f50b831daf9de81a595b3129ee151a6ecb1690
SHA512 397e54bef686f49c1b29300f1467d824c1e93f6b78095dd4eb199130b063fad4fb631df23f0fe7941a300219b9c56b9a92d638a1c184b10e0055677148d9d3b5

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms

MD5 b2c4be88074e2a895b105f921d533af8
SHA1 b0ddcadccf0d42a6d07c1b5a01fdaa6f7f01548f
SHA256 d346fc79c565bdf321037c14e1e3f5b4454b5355dbf661eb7fe8880d0f34e97d
SHA512 da29c9543bb4ad4b388401f4e6850dc787f5d0c8fe5bf1eb31e54795f9d1361c0591b0bc47131feda2bbef810b3d081f37f00b227415f0152c666d1ed56cb27d

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\724755CC434DD508A6298AA08B93D1BF55D400A5

MD5 23c13ecc341115097884c8b566749a8a
SHA1 059a307541d97a3d7f2ec4cfb45777457df9453a
SHA256 b43d6be4a1fa2dd5c5f20440ab30be2adadae37f5981c1337a9e794f8d64c6c9
SHA512 30125e2eaf5d7a265c935d07d574f1c3f7f19f0893c3961b79998cdc598cc280402e36cbb62a1ab3ea7afa60e7880a33b5866dd68c543bcaf779e68e3cdec232

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\59E8239EDDFAF4F0773571D4181D23B2C970B868

MD5 760772e13117c0cc5fca0b3714a138ea
SHA1 4a132c53b11c449292ddab54c76df9ac54003a91
SHA256 7c9f32f4a30137ef079b6da45eac1c1d6d26696f0ceef3aadf725a3f9eab05ec
SHA512 1fd6a20d13aee687bc88eadfa66bb250a0cc9a2655cd9cc30f7df6f9e793b789463bab9c48b49c640c2202fd867f03ea0e0a3b34028af6f940823365289032bd

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\5C97AFA6E2DD8B960B4A14A462F2775A0810DD2E

MD5 2aebb544cc196f0c0979dda98abf8e52
SHA1 5644415c4702efa0637c8b5694b00200c0b25a87
SHA256 c09fd7bf01cdf90f5187d8fdfec55ba553e68275ee1710b5d211f5464cc1e2a8
SHA512 0ede8c2694913429140823caa9935ee3da764a97b0c1173ffcb423776f94b0bca3db12c160573fa51e63dfb69a2b0d8afb40945ddc4d7a27729c2390a432733a

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\sessionstore-backups\recovery.baklz4

MD5 c6e5f86f8a86ff64c00b5927784a95ad
SHA1 b7f0b90d371da1f45b91189ff51aaeaa66a0f724
SHA256 fa33a91badb2e6ea5b8cc72f08e917ea407957d164f94c3696adf22e93042ad8
SHA512 7a835960fe4a400d7789481071354053cd6591f61856d2d66961042ceccde982a8e19742ce9cb489c1038c54df6af4690f01ab10684a607d73f69958960bb24a

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\sessionstore-backups\recovery.baklz4

MD5 e7049cffa142a9d76b9f0b78c427c255
SHA1 a147e70110a86b54af7f70211200ac57a00b3d35
SHA256 80eadead04dc995ede1bbb4de0aedf15edd2af9c824be777b22d4bca25baff36
SHA512 90e98df88b5b04b1c75d29aaa932e887aef70abbe1a591b844adf62501a415514a5a52f3f9242b84de1d9d5b6b82f6f02d127cfab5065df103e622d321c49705

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\CD478654E2726EA8692DDA561936170CFE5AE44C

MD5 902b8c92e3436ea193eb3f939e142b1f
SHA1 ababf382e41210ef581e3ab2f726741c9140d0b9
SHA256 46e28b449db909412ccd0fc71f7780892ee278b0c9f2fd1c43dad19f3a308cd6
SHA512 15dbefefd1972252b8f1918171b4ceaf7d9450ca067e75bbe8e8dc27efb1a392836add902409c580e9efd07145163cbd840a942c4dcab2fe0b3a71888c630177

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\A530C152F34409956B2E64F9EF69C84F4724850E

MD5 3b31d66abffb3df55260ee7d9d7a78b0
SHA1 03eb22db12a6a8559530877ffac49562e68290ce
SHA256 c39e21b826a8e78f557398d3a0460fc17750f867eef0b8a4a825fee6a912986c
SHA512 caab954d6bcf844fe704358237abab2158dca173af3cb9ccf52c5323a125796ba8fad3e92214066e8f6cf80def320ae5f3dc3f3580697a517c07e3f70eaeb9ee

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\576C069E0A59A9AC26C5A9202D2D02E399FDAE62

MD5 91c7d709e97020ffa9d0dffe092bb612
SHA1 bd129c927b82649062b9e9eed1bdf17e6eee8173
SHA256 5a6bd868cbe1bfb043650db1499c237f56bff759d0b77d6451efd2db3fc16e75
SHA512 4b65feb213e47f57ff2cdc2dfd1fc85968ef06d3c1a16c627045c7ff344d6193b0a00a06a6eea6cd1acea9cd6e51e9e78ba989b3ad3ce06dabb0c5cf82a01dfd

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\AD9F26EE821C271378E1CD86EF33F44E660A3BF4

MD5 d6dbcd79ecbd578fb4dc16241653a92c
SHA1 5684fc8d9d2a4801a0f8e05612dc60cfd647a037
SHA256 928e1480583d6fb0269af27e7c2acb126954a8bca6bd79941001befaba944c3e
SHA512 564251545126a8088ff58af639c8b3500b33084cbaae1be74665b3025bcb33d1016445ba45a01a265404f35789405fb176f837492e8f09a1e2dbd4ba67b4ba66

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\03B01377E737C3B26A0647A41435EBCCF4369835

MD5 995944a4aa71128866e3dddc0159708d
SHA1 a9fa5b1323604e2025b32e60ba33feb38c7a3710
SHA256 0bb0187cefed606a82ced9c4d11ea45bada7216e6bdde2668aef9a4e87194e33
SHA512 eb872cce08f448721b43bced78e50be1287c2ca5905df76d2d49420bebdfbc2a03f12178eb851bb7c6a6a7df09276f468269b4a6764c9d827a8f5b923f4c0d28

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\sessionstore-backups\recovery.baklz4

MD5 a2931786a0d2e9963d32840ef96ddd8a
SHA1 4ed6f9535d5eb5e979f1e0f69340e1ce283ebe2b
SHA256 98f4ccd6ea73e1d671a2fd5fbe56d4d5676721bc837d604387b4df9378a801ea
SHA512 f7256703c09b8b831314437a74dc9c50c0c5cdc28d3c794765da0ceef754805c382d5a5aadabeeea2636fe12996b66a8133d84729c894d009eeee8d93993ec40

C:\Users\Admin\Downloads\libstdc++-6_x86-64.K8dqvYNt.zip.part

MD5 e41a37a35106a93375b5a88459ff109b
SHA1 ae0b9edd53971294cf4c629aa5ba281aa0a5ae8f
SHA256 311104b9b62a7effafdf703a2d1d64db8d5f279ac39817907ba282afffd5f789
SHA512 e0e14c9e81a63bf070bd17e301a1ad4c5348f06d62d625a4d879942d55a54dc41521e69677222010021f0dbe0999a374ecbd8c31b7f98fb76a0270be74e92128

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\sessionstore-backups\recovery.baklz4

MD5 fa73052efec09072967a48310bc814d6
SHA1 83a334410c7d6bfdff9376d700c2ff52dcd9fc8c
SHA256 1e50c8b94904a202c3d4211cb8f6bbb56a4b8b4e837c0ad80a31e2acde8ac530
SHA512 29f53271f667443b2ab463b35de54606691406fea170d6438386da6f3c6d9b8d94e79ac53f60f98d23cf2ef93b5754157798dbc63ff8cc463998aab8e29ce381

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\datareporting\glean\db\data.safe.tmp

MD5 33978dc44c1cfeea2faf9459e4a4cea9
SHA1 68957d340722fa646e277f7728c7867e733c6cf4
SHA256 589070a41f1b728c87bca76cd7303c83611d11b6ef77b7222d60a06c3611a9c8
SHA512 952b26a8a0ee160fe7e1cf654acbc408480fe1816ca51be494d7d6e566282d2d7c76b6540f78fe4dd1ea591598391db7922de6c4514aba3964c8c07849056d7b

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\sessionstore-backups\recovery.baklz4

MD5 8f980b7766bafcca6a74734ab83f3dfa
SHA1 aaca3b2a0e50fb4798792e15fd1aa2b44460fb27
SHA256 99a1ebe26a3d740704de7b88f9854286ef544ea1b7087cec55a0b3e6d4c94f7a
SHA512 910411818ee34b3009b8672a2b7ea70a129974b3b28f6130b375b05cc58500e27c8356760bd38f121451dfaa316e93cb671692f5a91f54ac505d7a1cc3f18bad

memory/6932-3966-0x00007FF7CEDA0000-0x00007FF7CEDC3000-memory.dmp

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\8999BC8CB7B8114B87D8185D8CE1BBF1E6377016

MD5 f61a6afdc93e2a16508e125a4b7c5cd8
SHA1 3f7864b240b245828bbd9608ab01d2fe9c9f9bc1
SHA256 831e0ca8a43c6da5807a56e5f20c0701c1250c9370ce1395ad12f85285d9184f
SHA512 ed2759e70457e750916b456d0cdc2adb9f174bb4fb2817b6762968fe7da7dd5ff76a4a9476d7e21cb575f0e54468ae2943eedb8e9ba692c8da1e87f63af115e8

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\4597A4CA5C9923FC59F7B9C8FCD1A11A9AD28E6A

MD5 a025b0e54fcc88f4338f473a9441dcec
SHA1 df78c1695f4058d974cd5c6876f4200aafb1535b
SHA256 b73c4da30f4e5b5a7b3b774a095466d2979a95fcfca5299e2ab3deafbc79bc9c
SHA512 bc0ef6292505152029609db6dac8922fa04e9c2ec6255d163018ee70a69d340066d613aa81038baadbbbbb2d7f25c258b8a3152cc69e21b94e24df992cfd36a5

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\datareporting\glean\events\events

MD5 dea479c1a1f6087e24b5e9cc88844dd7
SHA1 cb608f9b2b7b9098e20dbcc48efd7b4cdd09bcf1
SHA256 62f83746a0a825aa029640755464fd10a8e6c8543f8d6292cf4207648f755f3e
SHA512 1f2dfb8dc45cc80b9ce4341c3e4ccedae7ca4cf548dafaba0f358597e9f36681942fba40409b47095c0591b76b4bf5a3324e40e4b9f3dca9e9f14fa5fc6fa13c

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\EC5C8B24ED7E6779887FC726D03EDF2E608B7D28

MD5 899a31cad0d7daf8d0bbcfe81f5bb121
SHA1 0d5de92f2d26516805bf7230ec5bb74c417061c4
SHA256 07bb12109b4e38eaa93d8bff50bb6deea8a58b32ce4ca7465c350bab97e235c4
SHA512 4296a88f258ed371a7063b945461f6168cf5323f92789bd739d1ba694449fef2f5e120c508a88ef9c4a0230e81723e491a5a17b44e72b07215da236da86d40cf

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\46363B5291B13C1C6CEF012861BF1D47DDE5359F

MD5 c03ba75f606bafc24cb56c713b269471
SHA1 722f61756a5f8ee18014b24c3dbba95fb78c8f91
SHA256 dbdf793cc1fb58489fd5aaee18ae05f0737c6753c9ce4aeef69a0bcd24407946
SHA512 a4bd8ed6c9fdca26e73392a5549165768944a87cf022652979a40b480bc207808b549c00511315510df5ce80c4ba471ea5dfd17bc24157a50f19dcb00e868bc3

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\sessionstore-backups\recovery.baklz4

MD5 07f2cb7ceb89dac453feffefd14f93b2
SHA1 da1b04f2797a7f9f0c9fcd808400228a673dda8b
SHA256 a09dc4af70da87c61c7509c77ad0bb956c6ef9bdc4e2dc89ffc6208781475d83
SHA512 f4bad1bcb662ba06a77cb1b624e47a996a83c1dd70be18cd9ffc1d22c69fc9f05877f38d304f160c0855ec2ab99a801fb4e0fabf81c89c29ad2e9ae9a9089cfd

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\7FB481302C447F57205906E08BEA847D0C2FBFAF

MD5 bf0c258aad60d67defe6ed2bb709ec82
SHA1 26b8708c3eecaa68d24fd734226dccb41e3ec5f8
SHA256 19e219f134c78296a3d602e4ce714abd0acb531e7366d152aefed1f5c61c9751
SHA512 2f9cd98eb9d329d305e5140ae38c2d8bbb32909e50e9434319caded4405d12988ee4e8b93269d485aa7eddf547f3b7c9b458c13be806d842a48f85fac8ec9a1e

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\640060FE4296B59C10E92C9C4D60C2A9C27FBC4C

MD5 6100f692e634fd7eec86cb853f579aea
SHA1 f91bb4e2786b9f3c7aaf6acdd53faf62dd8f99b4
SHA256 925cb8e617e0d25535dc7d9762a3fa13630239c5668efcfb33840d8c1c1a4ddc
SHA512 186ad8133e1356b6ced1ee8ede1dab87a501fc103eaf02a3e7d1068f5afeffddf40a83b25385aa0cd32c664b3b25ca528515e080086fddbbe39dea971ec18082

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\sessionstore-backups\recovery.baklz4

MD5 86846e4eab86da931fc34134de8d10d2
SHA1 baea27a89245f944eb4ce386893f6d2a69ceb8b1
SHA256 7da5a57e2d354fcd55a2d201150a32afa330f2b72b8b9465dcd385a2a490f7f4
SHA512 7240400b714dc208fa810aa1ef5004d938db839cd140495b9e7b83ff5cbeb096585d338d43d314a4cb30172f18c1b2e8285abb4d3cfe49bd05b89dd164049578

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms

MD5 d74c21dd5374bd6e3679e2e4a1e6042d
SHA1 049d2ce49c77da19956d3c1e25bc00cfc80995f5
SHA256 659ce1eecb4504181e935ba5fee7e35031f803ae79991540a8d77548aa406d78
SHA512 263a054a4f5fbd1f64bfd5f72afe67f1d0c9611b5384fb7c8d5ce3c4013aa11349870c1ce5fb661e40d886437075303b198cd754ce809965a5f7522a616249ae

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\jumpListCache\JayIz4gpg0yJgm_DXwuyAogk1DI+Bs12zM5qS6Fh9qs=.ico

MD5 3bf397c10df04478d5321eb8bccafe6f
SHA1 3be28148c59ae3ed79da4b4209be1fd72676acf6
SHA256 df95cd6df8a67389e293b203ec3eecabd5747abea81059299ceef62c175a392b
SHA512 0968d811c227f25ea9875059269fc9535212c9e971464faac6b4260b8f00caf90b8b9f513d4e5b17c74e76b4993548537fc8c4eb40827f8e2369a9d6c5f92de3

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\sessionstore-backups\recovery.baklz4

MD5 c0ef142d4c53844199dbbbe8f173b69b
SHA1 ca5e423d897b7c3a38df6cc2263b605196f444fc
SHA256 73e5f4cb623052d54e7538696bd9f928c681541bd6e7552402aa26a426938947
SHA512 1d693dbb9368de999c0d1f60a4115120a3008940f6257b016c180414438996cd7575ce9b8017023d1473cf0c26d67ea1daf5fefd5d6555dee69102a3846da84c

C:\Users\Admin\Downloads\rI6MZgAf.zip.part

MD5 8545141fb39a2751b183a18d6f0c7eca
SHA1 9b184c96015ea70ee2b0aff9762e370e499120a6
SHA256 df1c306f3e231314c18141c53aa60e4f70b711ff3071c7ba7772288518359760
SHA512 2d7e2dcb156015234a58cb1a0890566d9856bd169357d14a346599d8aaa4275dd69c9758201777c41d03f32a701d6bd0c9290d98e81b35d035dfccf43941337d

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\sessionstore-backups\recovery.baklz4

MD5 be0d2bfcf66649e3cb77ad5ecb5e07e3
SHA1 c0b70475704d236750358fecd3e89fea343e08de
SHA256 4970d104701cf6f7f1c09bf1c43075f608088bc37699c74451e2d4077bfee395
SHA512 292195df2342b220363e6cca54bf88e2a1f1baddc046aa7fa0bb3d166d61090c780caad35a7241155b1267b8788124a05a8770c053bf1d598c883a78c96c49b6

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\C729AC3061AB3F0562C00B7AA019D6C1EE9BBFEB

MD5 202defe70349bcfb0ce8d73fdf9690dc
SHA1 6a9530e72d03076b2453ae3e995eeda1cb3d1e88
SHA256 ae7fd3981ba1c4562478d445ac1dfbf42f287d9cc88e216aa8e5675f27cc828c
SHA512 00ba6c1f49a277775d4de2ef70726f2ded14e8dfb2d24b0c3d95b312fc3603a0d53aa78723a5c415bc08c73057d21786a50835bc532221dcf6c35b160a21c69e

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\sessionstore-backups\recovery.baklz4

MD5 10d0ee4f6867221e0a15339092ee2f80
SHA1 5cdf528fe5090083ac353980fff9566d384e9f7d
SHA256 0c695bcdb036d14d5837b7cd587a6d5def249e64fc11d885a2d2c09dc4575a2e
SHA512 7734fe594e1b12a999bcce42cb1c7b09ac674c35a0b4218a1083650689daf36037cf776726a900aa48cab24943cdf6b3aaac728b1f1c045911d5bf3f815e39d1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\sessionstore-backups\recovery.baklz4

MD5 fe4de3c010bf63c6836a4727fe43c193
SHA1 fe5fc57ca97cf3d8c15f149648fe8e4231a04c19
SHA256 08087d1100c7efb0444d1e5b791fdce45f75dfd357e11aa371abe6b5d7f20a09
SHA512 e01b54d009fca62545365b4a864ec81b925cdf845dd86877f7b3f5b30b4b1dc9ee62818fe69ad3514b7fca56e873446222506e5b24d97fadaf247bddcd991488

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\sessionstore-backups\recovery.baklz4

MD5 37e19cffb458db61d061dec6dd4ece98
SHA1 d08e62a8552adabe0558f02ea49625231d574dae
SHA256 74a7e489060cd41a36aa324323fe3ab5057d05685bc670e89b9a9d34182c7e41
SHA512 aa82a847040cac2520d8e8970ffbe4fe4d2bf7f2448286d4bc86ca9767b30e91675c399148e068d19f4b3ba0fdf4a37b9bdc02596d579763123f81782ddceef7

C:\Users\Admin\Downloads\libwinpthread_1_x86-64.vr1wadEJ.zip.part

MD5 5dbbcac49da5ef5a35501b94522fb722
SHA1 02d1c43b8e026d29fe446e0512e61342b06a9caa
SHA256 17ca031426b0bd9cace74a61e00db7cc2a042d1575ca58ae231ac367fea6e158
SHA512 cc911730ec5353e201d3486ba9fff6cb019600bcc1c73bc3615c573daf1ee78bd844482f115705a88d60cbdc45b6638b08e6d92169596015229095dceb57c4f9

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\sessionstore-backups\recovery.baklz4

MD5 cddae7e8b610e2aca0a5e20ebca04195
SHA1 be9e12dae824273275eeefd264ee19b65ff2a6e2
SHA256 9894200a574174ef9d0c9567580a039948d031d283a29bf9133b85344fb8b9fe
SHA512 5761b0ec758675afc4c8dc61c0058dd8d22d1958a04fe42e8043169896be451089a7adacd2c887f179264f1138cabac89bc444f5fabec179484b848e6b31f7f1

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms

MD5 6999002b13d38420868fe86ec28c74e6
SHA1 d5594e96b7c7c0691b1fa63c044efcbc83f786ff
SHA256 c6ae403af4a83e57a2230450cc21ed493bc0360b443e5ad023d747bf637bc937
SHA512 9a70c9aeb96f949fb9d7742dec78694c4ff2ba423198166015084a4c5da76f08033a0dda670a5880c069eed78e9785bef97593cb49b96ce1b6779b2c573a88d3

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\sessionstore-backups\recovery.baklz4

MD5 9f73ce7d8461aa9d00e452c593e67f5c
SHA1 0e8f5e0ed6169aa896a152d28380c5ada9712221
SHA256 dc23f3c7bd05c0f031b4afea5d44c7cbf1f29da38548ab24035160a2cc11169d
SHA512 0c7f7df7b7b86326f4194608e9145358fb2e1ae50375ae3768c10edcbfd1a198b8f46d6744e8565e9fe863abc51d9082378ff6c80f04837d26ac6d25ae2cba35

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\sessionstore-backups\recovery.baklz4

MD5 eb9f6eea274c3ee1fee839fdad106622
SHA1 081dd0f0074af4c59aaf65b397af79c0008276d6
SHA256 24baed15149ab09eb314d01fe1ac6f88ce0d71b74c49710e396b4c1e9f41bbe5
SHA512 a33b88c589f5c0c01dc8a57b008f73c6f11cf4b9571ba1fd2303f76249e540b570b37ac3ab6a6d4271661e699febc3fa5aecb4cb8bd600e3b83a9ed415e5aa11

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\97AFCCF25B7DC347C272084550D6D256B153C5C7

MD5 ce3ef31e7167495c87e091e8c459ecba
SHA1 21de2f1e80948e31890354eec8c2b5adbb238243
SHA256 d9a2cdf415abda4306057a55216b3d09679aa03026452cd4adb4fc426aea471c
SHA512 ddb7710a300c4f4d38bc6806eeccef43edb1b6629964f2ac12c258c16ad00039a9e95aa114174d66f5aacb0a49767be5b1027b190dcdade65eeec69fc03ed07f

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\3B6010BD9DB5450F15E0E1E21F7FC3CF09395079

MD5 bdd8a6e8203ecf9195af25580e2d00e3
SHA1 c062205e43a0fa2173523b2afd3d55e7ce13ab38
SHA256 1785753fc4f712e550c97533901d5531f7f4208dad7fe7531171c8749e8a3b23
SHA512 2f17db199b278b5d6fcc0b4b4cce9998de732e0cd399c0b753779c900f4d5e8f1c1af177fd951b233331d707f75e0778a725bfc4c4c9fce662e311b380ca751f

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\6C8C984D74C24C6CC0D290D60AE7FA6673083F08

MD5 1465329ae06a79da7b32001a3cfc0205
SHA1 37286d860e6c04ae588531b9f6ea72070f316739
SHA256 bed96e251d2a1f92f355819f4422b7946a92ac58f2bc6ee2ae4ae3b70edc4495
SHA512 f6ad5b7057d8707dfd72b1f672eed3776079124141bb5f134a72ddbecb6e230619f864442fe9048c15457a1f4dcd09f2c5816af56760246ee0f28cc05035c531

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\8995C254934855E52A9A08A692A99FD1B21F0029

MD5 eb8d8c33e55f60d1978960b8857911ea
SHA1 5e83ef1c87a02fcfcb42fb48ff8d2160f8ff11d5
SHA256 430ac8807384ab283515512e0e92ab0bb011611f08c7d6f08efcfb63bea29365
SHA512 203d641ac9803c299e47d3a88e8ca09d9e47a1e79e63cd8c087073a1a37a409989dda5f3bb5834f24b1b499a1635fbfca6521a2c5e709826902df4c9fde94c35

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\62AFE0B411DAC7BE7F6D8C88086C810CC71D9168

MD5 c509e5ad92fd11008d64129dfd21471f
SHA1 9c4d2af84b4618750c4481b4e5b0de0a19afd641
SHA256 5d58608427c4eb0b85fd31577e5730871dd52f45965d5121a90bd62473e74067
SHA512 a33bcdfc6e3a3a17f6f58e272b2e5bb2f6bde675a32c2ecfa5624d831f75d5bcbe0ccecbd9f534195b5582aa4b95a9009600af4a61f429b271d9fb8b893a23ad

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\C7F27F1B728D8DB7CFCCA0B5822E7997A8F337CE

MD5 f6555352a497d1135519172fa7bd423c
SHA1 47e4ecfdb6ba10c240d26b2d2a01c925b6a05966
SHA256 8a62b8506f151af199d79968075de0ec850b6af371f0c1c711705da161428b66
SHA512 845bce10dbee41991fe63474998a8a09b2bbb2fe6d0480873e840b2aff7772ea46a1ccd5ed6bec4cff8b561b7c413eac8d848e9c566d4f05e9c15cf7a3e4dfa4

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\646829319C67DD4727104CB4F8B6606414E30D3D

MD5 d8b546ff84ca45d800bb08799796eecc
SHA1 ce0ffbb03eb242bcfa3a94b547fa643f1431e92f
SHA256 fd1fb4fa6648c2f88b9199011f1c3b9d831ea54919c05a26918a6d8c74a15f28
SHA512 d1732ac98a6a5edafd53960985c459e065fcab2fae9f623416c012dfb7032970127f5a8e96b424852a8e350aaa2681125ea4c5b8e7ff90fa68e79a728ad16a41

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\sessionstore-backups\recovery.baklz4

MD5 fa4d1f3abeeeeb3d17e6dee0e432cae0
SHA1 cc34d5921ed23e77bd5fd7b3b1080559e74bb552
SHA256 6f608a739769b48eb203110594518d29be5d3c7d98553894eef206b3d3696374
SHA512 13390bee6e6253fa1804e4a94864442357348fbca4f0ab08af97874aff521b28e2b6a4f05af7d0789237a97481a74aa49a697157cbb81271f5433e564a0cb2f6

C:\Users\Admin\Downloads\VC_redist.BNeUdztR.x64.exe.part

MD5 1d545507009cc4ec7409c1bc6e93b17b
SHA1 84c61fadf8cd38016fb7632969b3ace9e54b763a
SHA256 3642e3f95d50cc193e4b5a0b0ffbf7fe2c08801517758b4c8aeb7105a091208a
SHA512 5935b69f5138ac3fbc33813c74da853269ba079f910936aefa95e230c6092b92f6225bffb594e5dd35ff29bf260e4b35f91adede90fdf5f062030d8666fd0104

C:\Windows\Temp\{27BA76C9-07D9-4C67-B8C1-92CE7E58FDCB}\.cr\VC_redist.x64.exe

MD5 ae0540106cfd901b091d3d241e5cb4b0
SHA1 97f93b6e00a5069155a52aa5551e381b6b4221eb
SHA256 8cd998a0318f07a27f78b75edb19479f44273590e300629eff237d47643c496c
SHA512 29bb486bfdd541ba6aed7a2543ff0eb66865af737a8fb79484fb77cb412c3b357c71c16addf232c759d3c20c5e18128df43c68d1cba23f1c363fd9e0b7188177

C:\Windows\Temp\{2C68D14F-954E-489A-A059-F5E59D4DC380}\.ba\wixstdba.dll

MD5 eab9caf4277829abdf6223ec1efa0edd
SHA1 74862ecf349a9bedd32699f2a7a4e00b4727543d
SHA256 a4efbdb2ce55788ffe92a244cb775efd475526ef5b61ad78de2bcdfaddac7041
SHA512 45b15ade68e0a90ea7300aeb6dca9bc9e347a63dba5ce72a635957564d1bdf0b1584a5e34191916498850fc7b3b7ecfbcbfcb246b39dbf59d47f66bc825c6fd2

C:\Windows\Temp\{2C68D14F-954E-489A-A059-F5E59D4DC380}\.ba\logo.png

MD5 d6bd210f227442b3362493d046cea233
SHA1 ff286ac8370fc655aea0ef35e9cf0bfcb6d698de
SHA256 335a256d4779ec5dcf283d007fb56fd8211bbcaf47dcd70fe60ded6a112744ef
SHA512 464aaab9e08de610ad34b97d4076e92dc04c2cdc6669f60bfc50f0f9ce5d71c31b8943bd84cee1a04fb9ab5bbed3442bd41d9cb21a0dd170ea97c463e1ce2b5b

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\sessionstore-backups\recovery.baklz4

MD5 9f506e565f7dcced2fcdea76e033d197
SHA1 18c1d79630edc798a5e5c64a31476be7910fb49e
SHA256 d75c5fcc9f41fb8d85734e6237287b6fd4bd1b89b1cd39ee7e8d1992e8f6a852
SHA512 6e4afc8fbc95493129f6ef5062edf92f4294263b4da07c38cf5a5f1cac31042edc0998cf94e344b695106450326ddb45eb0c0f85f56e52db284370872de8377f

C:\Windows\Temp\{2C68D14F-954E-489A-A059-F5E59D4DC380}\vcRuntimeMinimum_x64

MD5 0d00edf7e9ad7cfa74f32a524a54f117
SHA1 eea03c0439475a8e4e8e9a9b271faaa554539e18
SHA256 e55a6c147daab01c66aed5e6be0c990bbed0cb78f1c0898373713343ef8556cd
SHA512 0b6730fa8d484466a1ee2a9594572fa40fb8eea4ec70b5d67f5910436ee1d07c80a029cf1f8e488a251439ac1121fd0a76a726836e4cb72dd0fe531ce9692f6a

C:\Windows\Temp\{2C68D14F-954E-489A-A059-F5E59D4DC380}\cab5046A8AB272BF37297BB7928664C9503

MD5 8eccd85b6c4273a28a54b0687feb6a96
SHA1 be791128af5713d407df2f7436ea8de1a80ca725
SHA256 8fafd6d0754ee53125902df1b67ef2db86eb7af4c097522f2fb58443501fecdd
SHA512 9fdcb359a5748d0d920e1e12cf31de42fa224840fd11e5878f7caff7c4495b4facacf1a58cdaf0caadd0d9a3af871870b755245d2c1af33f07f3229b85101da0

C:\Windows\Temp\{2C68D14F-954E-489A-A059-F5E59D4DC380}\cab2C04DDC374BD96EB5C8EB8208F2C7C92

MD5 d5a3fd8ad806f66d33d652d5913a95b3
SHA1 7b1bb6cdbe700acc2434dc52c40cdd96a6462a17
SHA256 cc001c20f85e16015e0d23eb0c3a9bc3c3cdcc1adda53f88ac77dd29705ba01a
SHA512 594d710133f44049546c62c3c89614415ad776c24f3ada0a8d1724e6daf27f941eba43a05a096d90cdf51ad51c02462edd6308e2aa393cb8325fde256ed77037

C:\Windows\Temp\{2C68D14F-954E-489A-A059-F5E59D4DC380}\vcRuntimeAdditional_x64

MD5 5fc68510b7425822a9d0928567ffbd1b
SHA1 f506d97ceac3c435ce6bafda7c47d9a35fc57714
SHA256 7489cdde6a0c8aadb3253f22c460c2dc8099ba677f42d46b277f7040327c9b28
SHA512 4dd4d99ace30eb1add9ae225f159f68636d42d1899acb50f616717f05045e402a2bbb76e4d86569a08ae74bb161b3911a73910fcc7044429da34159cf6b9f473

C:\Users\Admin\AppData\Local\Temp\dd_vcredist_amd64_20240812191736_000_vcRuntimeMinimum_x64.log

MD5 6d383a9a68f6d7dad865ebcfb5c942c0
SHA1 bc05557b9653253dc11876ba2cacd118469d5e8f
SHA256 afa3818a212c89726a98f496ccb81ce4036dbb2262db00f4a0aaf1a8af24b501
SHA512 f2ed67bc31512ece014b593dbd48877510468c7b30b6ce0d7005c48ea39cde6f95efe27c1d9034c4135f28af72625747494651d2c39d4379633c180c005690d4

C:\Config.Msi\e601036.rbs

MD5 97f9cd261661df2db4f5f968f4287b0c
SHA1 669fc16972c28d7c3f580953bf440e601c0b5f0a
SHA256 fecc9a344b2d3effe6b9a542faa4aec87af87c5dec3ebaa4993911cdd03ef992
SHA512 883a29079eea6309a4c2564bbbbed5c30320caaefbebd560efa38d265e5f8e5783c59b2a1719782c607049a6b120487c5602d36131ae9196193df864c6446e5c

C:\Config.Msi\e601042.rbs

MD5 02591fc6a2eddcceb18a5b75f02e712b
SHA1 49f4700c6895c6ce19e739c07bde91f8733c0280
SHA256 813d3542fd45d8ab65153bf923462a9d6c853644f9cc72722f3adf56420705cb
SHA512 d5664be0fa8dfb2599071b8d41e3e15a1a3d25a5d99f2469dce51eebb9d6e4fddd1d675ebef1bd0426eb320907fb1e5a0f48247a46b5a4743a69147f6fc8c677

C:\Users\Admin\AppData\Local\Temp\dd_vcredist_amd64_20240812191736_001_vcRuntimeAdditional_x64.log

MD5 bed74a57a9a88bf6ba61a861811ed902
SHA1 4fd0817711499307d2bd35389b3f61d2fe73142b
SHA256 eff55ba988acfb5c4988f7e84309af9aedc8311e6a770c2c543a715f1e0cc012
SHA512 c40cf91661b28b24262e024ee91d15db6c837ffe6f82eeb0e77da1706348c606b07d74e929afae17a7e58cfc37d024d0fcb40d4a3331dbdb84e5b997f834f728

C:\Config.Msi\e601049.rbs

MD5 a4777372a5f99ba074b89d3b3abd670c
SHA1 52526ec8907bead27b14e5115eb56a7eaedd5b0b
SHA256 0d4a6f616631213c91c4a1834fa5c3e49fb65aecaa7d617c13648ff50e3a50b1
SHA512 20044ea31c466b986546055339cac8eb333800e1b83dfce94641ae0f9cc3ff826160a004e51161b498321e556b530c12f49e2b23228ab1663bc5031f0d61be11

C:\Config.Msi\e601058.rbs

MD5 3c3f73cdedfb8a2313e48120a2856a7b
SHA1 7819dd927e2c968403d844724ba700a9bc2b58f8
SHA256 68532e392d01cb29cf90e4f78497c62df1b4b7e6913ff2328fa16ef7249c7221
SHA512 a6ccee8d8a80a38cc0d5771c46b5d196c4971ae4f3c766149ab365056b8eb8b18c28873c1359785881135db3a529a6405a4be1fa510c6611d5397ff789d86911

memory/5428-5643-0x00000000009F0000-0x0000000000A67000-memory.dmp

memory/1952-5680-0x00000000009F0000-0x0000000000A67000-memory.dmp

memory/7052-5681-0x00000000009F0000-0x0000000000A67000-memory.dmp

C:\Users\Admin\Desktop\libwinpthread_1.dll

MD5 8191803ba5f7d68d8eba1d9514c90055
SHA1 620a9fe420aa0f0302db7e055fa592d502924b07
SHA256 581c6f19a7945a6c71981bf3f791cd2ec153691a6a3129bf213115b0dfeaf841
SHA512 42451c362d3b18b3017f0c364f6cb32ebd2b6f949bc20280f824b25f31a5fc11f602e5b174bc88bb314a37cb4c88bff28d8e251d111fbcc824f925415ba0c1a8

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\sessionstore-backups\recovery.baklz4

MD5 3ddd249104c24c403f2f5013bdc36af0
SHA1 85643a3d17676584594ad3fd00ae7c0ef659a08d
SHA256 9d673b99a5e384be624fbf57f10cd54d4a92803376f677173212dd8869b18d47
SHA512 c59d1dd4890f398a5d04d7786dd624ce2a40666896af0336462230ac35f7b83c568125d1a7a6a7c7e0eb4f0946b343d487f79bee2854df76233ca9c1673ae6d1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\storage\default\https+++www.google.com\ls\data.sqlite

MD5 18a67f1eca821207c974fc11379cac7a
SHA1 0e59f675915d7633eaae92f65b1c46bd59529e73
SHA256 296f6aad660ac0228b02e3382d449575e973e21915063b7a02ce6d2076566ddc
SHA512 51e371d28872f9b7d575ff2e6bce030a576018785268fc712d853e21942a6201af1501a94da3aafe0193546a30078545bb55c9a8c35f56655aadf46f580bfd43

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\73EAA0767ECF1BFF6C0396D2598362046273B2CE

MD5 a7660e53b76440310f4f016f6db76b8d
SHA1 5cb1f106fa7a8496694d139f16df1a2162a07287
SHA256 dc1a42e9707323ae6bca8267b6f319ab26a6014e8ca429e59b425c27bc1fe83e
SHA512 f11b9389aea45d166b4362d8650e082e79395b9d1bd3bc6135fe9d7741b443d26ff154ead75f5f9fe9c6400c4d00a1e279ab4ddff914d296a239711c4e363a0f

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\BA30A8866A8313A16394DA2599448520494928BB

MD5 8978ac8d40b3ffc6c18c24f1324b9918
SHA1 eace9fb9836b93d1e74628e945731d11b2908b05
SHA256 909335da318ca5cbe7bdff572657ea467df29e355d14eef2a93271f8ae8be1df
SHA512 33ad84149138d63669b23da0270149b198c0f3b418f8e3b6808865a8f65d0f91f9ab5549073d98a36dd79e81107f32498ca6b214cde7d8e31a9dfe85cb517318

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\datareporting\glean\events\pageload

MD5 a18ad485fa4292d5f4452b39fefa43a2
SHA1 c35f706c2c956ce6875976ae4d3b4e0e306798ba
SHA256 a5d5303b2b75094c1ea61c6a3de0332b0bf7dc2ce2cfb1857a4e90c8d9917d51
SHA512 3e687aa8a8650cf344c74ba564e5c044aee29ab650b8b17289f0dc4883d2a9434c1ce9f1e6c3dc66a9424ec0480ecdc67dcb912ab5a8f34c10de80cfe35bb6c5

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\518A8DF41FB8AC7269467A30332FB6424A8607FA

MD5 f003cff3af9278645ce14a5525ce4971
SHA1 29827b4209e82032d40c52ac31ee242949c3a30d
SHA256 bc95fa4fc6a6657b9ab62d99f7f16ecfcf8ce5436acc068376b900d29c044a5e
SHA512 ec33140e96d17cc1eb678ae2637c1c9eecd1e253f3cc602e658cabd357435de0c1c39c631e0a27b011de91be2cbcf8482cfd69833535be1d7f542321ee6f7bed

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\25C0578F51293B541B26F7EA28C79FAA281F8EC0

MD5 05c25d477d21309098206972e2d32086
SHA1 995d730c67050028f7d932605f6332ccaf091736
SHA256 355b0ad29baff7fa65487e8b027793930c2b5b0e72fb72f5c9f936d2031c188e
SHA512 62c5e98b5e0661a4147ff8a5f82d1d0255e3cd31ab10390bddb1338a7ad09d179f1f66bc3db2827e1e8ea0a33f850042271fa89e34343572384da58d10d60df1

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\EFF861CFA48D1D98307D799789BC295C5FBD1BD7

MD5 9f69f9486fa487251dc2b2b596dc3e82
SHA1 1f6e16b6d90d7b461d88c6b2a15babbe06ade9e7
SHA256 2a7c722a8d9fd072929c97457162e873b5ef5bc7a169f29ad7facfccf087da18
SHA512 767dfe7f17276fd0302417f01638a15c5e0bb69e171c8407fd71a2e7e1057010bb2d5a568545db41d9cfc2387ded06bfdb12f43899059e81fce96d6a9fd801da

C:\Windows\System32\vcruntime140_1.dll

MD5 2bd576cbc5cb712935eb1b10e4d312f5
SHA1 dfa7a46012483837f47d8c870973a2dea786d9ff
SHA256 7dd9aa02e271c68ca6d5f18d651d23a15d7259715af43326578f7dde27f37637
SHA512 abbd3eb628d5b7809f49ae08e2436af3d1b69f8a38de71ede3d0cb6e771c7758e35986a0dc0743b763ad91fd8190084ee5a5fbe1ac6159eb03690ccc14c64542

C:\Windows\System32\vcruntime140.dll

MD5 caf9edded91c1f6c0022b278c16679aa
SHA1 4812da5eb86a93fb0adc5bb60a4980ee8b0ad33a
SHA256 02c6aa0e6e624411a9f19b0360a7865ab15908e26024510e5c38a9c08362c35a
SHA512 32ac84642a9656609c45a6b649b222829be572b5fdeb6d5d93acea203e02816cf6c06063334470e8106871bdc9f2f3c7f0d1d3e554da1832ba1490f644e18362

C:\Windows\System32\msvcp140.dll

MD5 72f3d84384e888bf0d38852eb863026b
SHA1 8e6a0257591eb913ae7d0e975c56306b3f680b3f
SHA256 a4c2229bdc2a2a630acdc095b4d86008e5c3e3bc7773174354f3da4f5beb9cde
SHA512 6d53634bc51bd383358e0d55988d70aee6ed3897bc6ae5e0d2413bed27ecff4c8092020682cd089859023b02d9a1858ac42e64d59c38ba90fbaf89b656c539a6

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\sessionstore-backups\recovery.baklz4

MD5 05e217314101e91f96ed4d462898e27e
SHA1 f9cdd3ed55b72a41a81f3f9ef3ff4a235fdddeb8
SHA256 adebe747bada7d9dfce803fddd0ea51dddb61e8f998f86436e32ff76ad949e0f
SHA512 12b65412acaa8b490837e66ef69d7ea48d62841ddd0b3e682e357c279e72163223cf90feac7a9889adf483b05bb0190e5bb30198ce9a4df00b029177929077fd

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\doomed\14069

MD5 dd9ab07fc6f36969613798ce554bfc6f
SHA1 170865b780955d2a764a99f1f27e551b005a2203
SHA256 4c3cd1511d8f02de22e55ad38de48f3c92ac6ae4969bd289f0331002293788ab
SHA512 a8612409102fd877cfe8f6698b9871da8cd72aa7a5ae83673affde30630951b049d3fbe10e22e685e8fedbcf9bf8b4f68580166ce4fa94ce2ba39ceb07c90077

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\D331113F5DF5BA8685D28B8D26AF1A3398830EAE

MD5 66f99afe42216879fe36fcac1526fdab
SHA1 465d365c903763fbf156cdb7b3fe121ca445ba14
SHA256 8dc0872c4b016a348387987cac1a60a067ffeb7387f50f857f4e056547e4ad2e
SHA512 6d8c3f98f253b9280ed821e3d8b2c98b119930f44011cdd8a1e8f27004bb46e2c2f488b3319570dfa6e465c5e74e8e32371a7b661e219130e27961c391cf9fb5

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\doomed\12028

MD5 10b53ce65badca97a51c7c1cd1094f97
SHA1 6bb8382f4b67940fb0be4cef126b9f113fecfa91
SHA256 1b2b56f2f47283441f0cd9498936364c0f1b0a6d635e7f06d579976a9c756f81
SHA512 beb2f088acfa14769fc68569c05344b88e92eb7e3ca938f61206fb5675808faaa8cc404005301a730596a122715d7dcde6cd02964c2723d85626528ef231bb5a

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\3B91B85D53EC0595116B751A1F670CADA9C2E4B6

MD5 92ab6f364972fa680cd537a65cdae541
SHA1 59accfd589d60b1664fed28089a9c653beccc705
SHA256 ac7bf6d57e4e8a1566d2f98b86bfa88dc23e39517af342f88d93e7558f676b0a
SHA512 f422f3e6c482f522fe1d24084a74c3106dba73e39556f18f600acb5160833e927fb747f36211c9b06ded51c16db535653c9b663ee4249201adc6c132e620a8dd

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\sessionstore-backups\recovery.baklz4

MD5 618cd28ec9a8a39bcc3e48d335721f98
SHA1 0032b6c428c728257593b4364bf492cb1302546f
SHA256 536784b87896f1d6f834edee9ce2d8bb7ff0199f5d704b1abdc0a1e07d5787f9
SHA512 d1d1e7a5ecc695c157275063378e947c1a31be59620ccd704328536e5b9412ad435732f7ea504e640bdce6ef3854d4e96290a35020b07346327366dea15caf96

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\entries\13CBFE810FEB77967E9E604BF64BF6B62F07D6D4

MD5 3e723fb3213c05eca128063abc22c57d
SHA1 12b735fa28c6385aa9cb1b260f0baaf2f63472e4
SHA256 daacb102f108f4d28ea5eaa78b53a4b5b53c1675456f26ec0d979d2ea1ad8bd7
SHA512 acc7a68c1fe2537e374a3f6a8a9a68d41af653e5532a73018827a7586f7adcef19a353af89d57d12aac71f7590d04425f3743164b185a6f394b7bd5323cb8568

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bxumog7h.default-release\cache2\doomed\11426

MD5 325472601571f31e1bf00674c368d335
SHA1 2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
SHA256 b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
SHA512 717ea0ff7f3f624c268eccb244e24ec1305ab21557abb3d6f1a7e183ff68a2d28f13d1d2af926c9ef6d1fb16dd8cbe34cd98cacf79091dddc7874dcee21ecfdc

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\sessionstore-backups\recovery.baklz4

MD5 5931636d8ba0ffaf3ecb9d8b8fe7afbe
SHA1 eee40349b3dc7694554317f02ef7b29fa206a0b9
SHA256 78b5db926fb3d25e99418cf99232f87b5887c65367b424d82733c475368edd42
SHA512 73637803bab4b4c935260543af560765a8e79a3007badb0364bd37fa455d16c1f15366ed17f41681bb9174b4c70e188e1b9b1e974e6b763e8e88cedcfd20137f

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms

MD5 6dd8e46f5b8873251809acc7d6f4dce1
SHA1 8bc81f9e82f2d6181e654db56cedbacd34c4f264
SHA256 ff210702551517908bcf43ac55dd5ee39b7fe6d48b4a1c25e1c51e775d594edd
SHA512 72b16aca193c78e3d10dd9892c0a774f0e9aeb6ab059b631e4d522d14c5352775a81d6f0c701f9f2bf40362213152612555f818554b75dd0dfb77b8099b63c0b

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\sessionstore-backups\recovery.baklz4

MD5 3c5507e9cefc5432202974640fd95028
SHA1 3acaf6dfde33b982f36ac775f98d714cfc854b1d
SHA256 8a80157971b0b450b9513ebc32749a38c4cf747c5b89f2c53383e1c0a11221b7
SHA512 df698f5413ec8fcc22a8124c4b62485988fe424d35e873d29bf0632164b9e0e6d4dbbb9cd70f4c5adb890adb18274d0ceb2cc56d68a443d06c366139f3207c38

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\sessionstore-backups\recovery.baklz4

MD5 2c3a587c0c7a358bcb013dc683880a69
SHA1 c0508abc4db4bd163b6ffd743220449ee6d1e215
SHA256 f9203d7d67ffc6ce7607be8f5dded310d7e578baac11a8e66505d6466cc37107
SHA512 b5dc2fcf0915799e54dfe2d5cac4f68a5042aa647aceb179f8495eb6e4468a8f7cfd194bf2581cf1972fc9669b2ed9744e2544cb88a665198e4c85cd011765d3

C:\Users\Admin\Downloads\gMLA1AA6.zip.part

MD5 c07438278a6142e6368bd5dd1f5f95b3
SHA1 8252e622890781f71a1713d24be99a0336cbd92b
SHA256 11b371e391573f54714a11207de255d7eb792ca4985a348737cb07eaef72f73c
SHA512 49440066c8ebed79e4e7c745e24aafcc3285edd63faf4431b5934461dadc9526cde961ccdb8213967aca31d42d68c728c7bea929017c0fd5c623216bbdfb1bdf

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bxumog7h.default-release\sessionstore-backups\recovery.baklz4

MD5 b3e5ccf94f088a4fac4dcd319ed11010
SHA1 b5ecf9f7b40705b293e47a19e601d3ac572a4b42
SHA256 b00e09798091cce2addbef78614827e68904c053441253473843d15215f15e3e
SHA512 59ea5efeaa6b9844efb03ee386d41ac0ffcc66a81bbf04ccb806eba37cb8b116ff776bb3faa4d29db656b59f13b1be9312d7e08db60f23b646214ce467965ed3

memory/3964-6701-0x00007FF7CEDA0000-0x00007FF7CEDC3000-memory.dmp

memory/3964-6704-0x00007FF80CD30000-0x00007FF80CD46000-memory.dmp

memory/3964-6703-0x00007FF80D160000-0x00007FF80D17C000-memory.dmp

memory/3964-6702-0x000000006FC40000-0x000000006FDA1000-memory.dmp

memory/7532-6707-0x000001FF3CD10000-0x000001FF3CD11000-memory.dmp

memory/7532-6706-0x000001FF3CD10000-0x000001FF3CD11000-memory.dmp

memory/7532-6705-0x000001FF3CD10000-0x000001FF3CD11000-memory.dmp

memory/7532-6716-0x000001FF3CD10000-0x000001FF3CD11000-memory.dmp

memory/7532-6715-0x000001FF3CD10000-0x000001FF3CD11000-memory.dmp

memory/7532-6717-0x000001FF3CD10000-0x000001FF3CD11000-memory.dmp

memory/7532-6714-0x000001FF3CD10000-0x000001FF3CD11000-memory.dmp

memory/7532-6713-0x000001FF3CD10000-0x000001FF3CD11000-memory.dmp

memory/7532-6712-0x000001FF3CD10000-0x000001FF3CD11000-memory.dmp

memory/7532-6711-0x000001FF3CD10000-0x000001FF3CD11000-memory.dmp

memory/6836-6720-0x00007FF7CEDA0000-0x00007FF7CEDC3000-memory.dmp

memory/6836-6722-0x00007FF807DD0000-0x00007FF807DEC000-memory.dmp

memory/6836-6721-0x000000006FC40000-0x000000006FDA1000-memory.dmp

memory/6836-6723-0x00007FF807BF0000-0x00007FF807C06000-memory.dmp

memory/1844-6724-0x00007FF7CEDA0000-0x00007FF7CEDC3000-memory.dmp

memory/1844-6727-0x00007FF807BF0000-0x00007FF807C06000-memory.dmp

memory/1844-6725-0x000000006FC40000-0x000000006FDA1000-memory.dmp

memory/1844-6726-0x00007FF807DD0000-0x00007FF807DEC000-memory.dmp

C:\Windows\Temp\SDIAG_3a4dc101-321a-4254-9190-8bcaafb91b0e\en-US\DiagPackage.dll.mui

MD5 d7309f9b759ccb83b676420b4bde0182
SHA1 641ad24a420e2774a75168aaf1e990fca240e348
SHA256 51d06affd4db0e4b37d35d0e85b8209d5fab741904e8d03df1a27a0be102324f
SHA512 7284f2d48e1747bbc97a1dab91fb57ff659ed9a05b3fa78a7def733e809c15834c15912102f03a81019261431e9ed3c110fd96539c9628c55653e7ac21d8478d

C:\Windows\Temp\SDIAG_3a4dc101-321a-4254-9190-8bcaafb91b0e\DiagPackage.dll

MD5 79134a74dd0f019af67d9498192f5652
SHA1 90235b521e92e600d189d75f7f733c4bda02c027
SHA256 9d6e3ed51893661dfe5a98557f5e7e255bbe223e3403a42aa44ea563098c947e
SHA512 1627d3abe3a54478c131f664f43c8e91dc5d2f2f7ddc049bc30dfa065eee329ed93edd73c9b93cf07bed997f43d58842333b3678e61aceac391fbe171d8461a3

C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_nka0xjav.ke0.ps1

MD5 d17fe0a3f47be24a6453e9ef58c94641
SHA1 6ab83620379fc69f80c0242105ddffd7d98d5d9d
SHA256 96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7
SHA512 5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82

memory/4532-6869-0x0000022B67C50000-0x0000022B67C72000-memory.dmp

memory/4532-6877-0x0000022B67AE0000-0x0000022B67AE8000-memory.dmp

memory/4532-6886-0x0000022B67C80000-0x0000022B67C88000-memory.dmp

memory/4532-6895-0x0000022B67EF0000-0x0000022B67EF8000-memory.dmp

memory/7672-6916-0x00007FF7CEDA0000-0x00007FF7CEDC3000-memory.dmp

memory/7672-6919-0x00007FF80C580000-0x00007FF80C596000-memory.dmp

memory/7672-6918-0x00007FF80C5A0000-0x00007FF80C5BC000-memory.dmp

memory/7672-6917-0x000000006FC40000-0x000000006FDA1000-memory.dmp

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms

MD5 010f0c78290b32ab9be185f44979d161
SHA1 f9c43da3467e4b1047c960d8f9acb9efaeb974e5
SHA256 7c15e92bb384f1e7085fd3b0f918c89f8c8b684a16e50718126fb90f11d97c69
SHA512 81d0ed9394c11743a2ef20b089d71ffd96c73bfcc0c479719b6df7261391bfe56d5e817f25ad2a6400d1745016302dee0dddbe83ea0c50edfef7d51362177d35

memory/6252-6934-0x00007FF7CEDA0000-0x00007FF7CEDC3000-memory.dmp

memory/6252-6937-0x00007FF80C580000-0x00007FF80C596000-memory.dmp

memory/6252-6936-0x00007FF80C5A0000-0x00007FF80C5BC000-memory.dmp

memory/6252-6935-0x000000006FC40000-0x000000006FDA1000-memory.dmp

memory/7204-6941-0x00007FF80C5A0000-0x00007FF80C5BC000-memory.dmp

memory/7204-6940-0x00007FF80C580000-0x00007FF80C596000-memory.dmp

memory/7204-6939-0x000000006FC40000-0x000000006FDA1000-memory.dmp

memory/7204-6938-0x00007FF7CEDA0000-0x00007FF7CEDC3000-memory.dmp

C:\Users\Admin\AppData\Local\ElevatedDiagnostics\733862231\2024081219.000\results.xsl

MD5 310e1da2344ba6ca96666fb639840ea9
SHA1 e8694edf9ee68782aa1de05470b884cc1a0e1ded
SHA256 67401342192babc27e62d4c1e0940409cc3f2bd28f77399e71d245eae8d3f63c
SHA512 62ab361ffea1f0b6ff1cc76c74b8e20c2499d72f3eb0c010d47dba7e6d723f9948dba3397ea26241a1a995cffce2a68cd0aaa1bb8d917dd8f4c8f3729fa6d244

C:\Users\Admin\AppData\Local\ElevatedDiagnostics\733862231\2024081219.000\PCW.debugreport.xml

MD5 3016618fe261b650262ebee1c49f379c
SHA1 d690156608af48a8a84ee262de7cc8e580f15472
SHA256 8ffaf7b78951fcbdf25e53f1304831732bb48f9dfb246dc06c79ab9dcb74b406
SHA512 2c6714d33cfbfa048f68c9c7d147c453ee69059c40cd3d6e8c26c0e7cf742815879fed31a81f12ffbcce29db8044fc80b0835264696d31ada6ccb5223e76ec08