hxxps://igetintopc[.]com/stardock-start11-free-download/

Analysis

max time kernel
147s
max time network
151s
platform
windows11-21h2_x64
resource
win11-20240802-en
resource tags

arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
submitted
14/09/2024, 16:50

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

https://igetintopc.com/stardock-start11-free-download/

Score

1^/10

Malware Config

Signatures

Checks processor information in registry 2 TTPs 8 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	firefox.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings	firefox.exe

Suspicious use of AdjustPrivilegeToken 5 IoCs

description	pid	Process
Token: SeDebugPrivilege	1220	firefox.exe
Token: SeDebugPrivilege	1220	firefox.exe
Token: SeDebugPrivilege	1220	firefox.exe
Token: SeDebugPrivilege	1220	firefox.exe
Token: SeDebugPrivilege	1220	firefox.exe

Suspicious use of FindShellTrayWindow 21 IoCs

pid	Process
1220	firefox.exe
1220	firefox.exe
1220	firefox.exe
1220	firefox.exe
1220	firefox.exe
1220	firefox.exe
1220	firefox.exe
1220	firefox.exe
1220	firefox.exe
1220	firefox.exe
1220	firefox.exe
1220	firefox.exe
1220	firefox.exe
1220	firefox.exe
1220	firefox.exe
1220	firefox.exe
1220	firefox.exe
1220	firefox.exe
1220	firefox.exe
1220	firefox.exe
1220	firefox.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
1220	firefox.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 5088 wrote to memory of 1220	5088	firefox.exe	79
PID 5088 wrote to memory of 1220	5088	firefox.exe	79
PID 5088 wrote to memory of 1220	5088	firefox.exe	79
PID 5088 wrote to memory of 1220	5088	firefox.exe	79
PID 5088 wrote to memory of 1220	5088	firefox.exe	79
PID 5088 wrote to memory of 1220	5088	firefox.exe	79
PID 5088 wrote to memory of 1220	5088	firefox.exe	79
PID 5088 wrote to memory of 1220	5088	firefox.exe	79
PID 5088 wrote to memory of 1220	5088	firefox.exe	79
PID 5088 wrote to memory of 1220	5088	firefox.exe	79
PID 5088 wrote to memory of 1220	5088	firefox.exe	79
PID 1220 wrote to memory of 2340	1220	firefox.exe	80
PID 1220 wrote to memory of 2340	1220	firefox.exe	80
PID 1220 wrote to memory of 2340	1220	firefox.exe	80
PID 1220 wrote to memory of 2340	1220	firefox.exe	80
PID 1220 wrote to memory of 2340	1220	firefox.exe	80
PID 1220 wrote to memory of 2340	1220	firefox.exe	80
PID 1220 wrote to memory of 2340	1220	firefox.exe	80
PID 1220 wrote to memory of 2340	1220	firefox.exe	80
PID 1220 wrote to memory of 2340	1220	firefox.exe	80
PID 1220 wrote to memory of 2340	1220	firefox.exe	80
PID 1220 wrote to memory of 2340	1220	firefox.exe	80
PID 1220 wrote to memory of 2340	1220	firefox.exe	80
PID 1220 wrote to memory of 2340	1220	firefox.exe	80
PID 1220 wrote to memory of 2340	1220	firefox.exe	80
PID 1220 wrote to memory of 2340	1220	firefox.exe	80
PID 1220 wrote to memory of 2340	1220	firefox.exe	80
PID 1220 wrote to memory of 2340	1220	firefox.exe	80
PID 1220 wrote to memory of 2340	1220	firefox.exe	80
PID 1220 wrote to memory of 2340	1220	firefox.exe	80
PID 1220 wrote to memory of 2340	1220	firefox.exe	80
PID 1220 wrote to memory of 2340	1220	firefox.exe	80
PID 1220 wrote to memory of 2340	1220	firefox.exe	80
PID 1220 wrote to memory of 2340	1220	firefox.exe	80
PID 1220 wrote to memory of 2340	1220	firefox.exe	80
PID 1220 wrote to memory of 2340	1220	firefox.exe	80
PID 1220 wrote to memory of 2340	1220	firefox.exe	80
PID 1220 wrote to memory of 2340	1220	firefox.exe	80
PID 1220 wrote to memory of 2340	1220	firefox.exe	80
PID 1220 wrote to memory of 2340	1220	firefox.exe	80
PID 1220 wrote to memory of 2340	1220	firefox.exe	80
PID 1220 wrote to memory of 2340	1220	firefox.exe	80
PID 1220 wrote to memory of 2340	1220	firefox.exe	80
PID 1220 wrote to memory of 2340	1220	firefox.exe	80
PID 1220 wrote to memory of 2340	1220	firefox.exe	80
PID 1220 wrote to memory of 2340	1220	firefox.exe	80
PID 1220 wrote to memory of 2340	1220	firefox.exe	80
PID 1220 wrote to memory of 2340	1220	firefox.exe	80
PID 1220 wrote to memory of 2340	1220	firefox.exe	80
PID 1220 wrote to memory of 2340	1220	firefox.exe	80
PID 1220 wrote to memory of 2340	1220	firefox.exe	80
PID 1220 wrote to memory of 2340	1220	firefox.exe	80
PID 1220 wrote to memory of 2340	1220	firefox.exe	80
PID 1220 wrote to memory of 2340	1220	firefox.exe	80
PID 1220 wrote to memory of 2340	1220	firefox.exe	80
PID 1220 wrote to memory of 2340	1220	firefox.exe	80
PID 1220 wrote to memory of 1544	1220	firefox.exe	81
PID 1220 wrote to memory of 1544	1220	firefox.exe	81
PID 1220 wrote to memory of 1544	1220	firefox.exe	81
PID 1220 wrote to memory of 1544	1220	firefox.exe	81
PID 1220 wrote to memory of 1544	1220	firefox.exe	81
PID 1220 wrote to memory of 1544	1220	firefox.exe	81
PID 1220 wrote to memory of 1544	1220	firefox.exe	81
PID 1220 wrote to memory of 1544	1220	firefox.exe	81

Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
persistence

Query Registry
T1012

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "https://igetintopc.com/stardock-start11-free-download/"
1⤵
- Suspicious use of WriteProcessMemory
PID:5088
- C:\Program Files\Mozilla Firefox\firefox.exe
  "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url https://igetintopc.com/stardock-start11-free-download/
  2⤵
  - Checks processor information in registry
  - Modifies registry class
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SetWindowsHookEx
  - Suspicious use of WriteProcessMemory
  PID:1220
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=1944 -parentBuildID 20240401114208 -prefsHandle 1872 -prefMapHandle 1864 -prefsLen 23600 -prefMapSize 244628 -appDir "C:\Program Files\Mozilla Firefox\browser" - {9a3ed2b8-7bd6-46c7-918c-dc4889110a2d} 1220 "\\.\pipe\gecko-crash-server-pipe.1220" gpu
    3⤵
    PID:2340
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2368 -parentBuildID 20240401114208 -prefsHandle 2216 -prefMapHandle 2220 -prefsLen 24520 -prefMapSize 244628 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {bb354dee-32d2-4a9c-900d-6947b477ffb3} 1220 "\\.\pipe\gecko-crash-server-pipe.1220" socket
    3⤵
    PID:1544
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2644 -childID 1 -isForBrowser -prefsHandle 2728 -prefMapHandle 3208 -prefsLen 22590 -prefMapSize 244628 -jsInitHandle 936 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a606d931-6cde-42a2-8ef2-4f633bd12305} 1220 "\\.\pipe\gecko-crash-server-pipe.1220" tab
    3⤵
    PID:780
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3656 -childID 2 -isForBrowser -prefsHandle 3684 -prefMapHandle 3680 -prefsLen 29010 -prefMapSize 244628 -jsInitHandle 936 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {bbe5cf57-f253-4efd-a784-f646b167fef0} 1220 "\\.\pipe\gecko-crash-server-pipe.1220" tab
    3⤵
    PID:2128
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=912 -parentBuildID 20240401114208 -sandboxingKind 0 -prefsHandle 4412 -prefMapHandle 4312 -prefsLen 29010 -prefMapSize 244628 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3ad4e3bc-b524-4075-bc65-0caca96dbf6e} 1220 "\\.\pipe\gecko-crash-server-pipe.1220" utility
    3⤵
    - Checks processor information in registry
    PID:4276
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5380 -childID 3 -isForBrowser -prefsHandle 5372 -prefMapHandle 5368 -prefsLen 26989 -prefMapSize 244628 -jsInitHandle 936 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d52de023-90e9-4d27-a666-e3567635f106} 1220 "\\.\pipe\gecko-crash-server-pipe.1220" tab
    3⤵
    PID:4552
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5520 -childID 4 -isForBrowser -prefsHandle 5596 -prefMapHandle 5592 -prefsLen 26989 -prefMapSize 244628 -jsInitHandle 936 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d4ec3808-18f3-47dc-8d50-42af2dbfdc41} 1220 "\\.\pipe\gecko-crash-server-pipe.1220" tab
    3⤵
    PID:1156
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5784 -childID 5 -isForBrowser -prefsHandle 5776 -prefMapHandle 5772 -prefsLen 26989 -prefMapSize 244628 -jsInitHandle 936 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {84a8af24-4e4e-475f-a6ea-bd2d1e7bf786} 1220 "\\.\pipe\gecko-crash-server-pipe.1220" tab
    3⤵
    PID:4544
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5432 -childID 6 -isForBrowser -prefsHandle 5284 -prefMapHandle 5076 -prefsLen 26989 -prefMapSize 244628 -jsInitHandle 936 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b73351cd-2620-4feb-b2b8-d1b17b4daa1b} 1220 "\\.\pipe\gecko-crash-server-pipe.1220" tab
    3⤵
    PID:3828
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6352 -childID 7 -isForBrowser -prefsHandle 6360 -prefMapHandle 6364 -prefsLen 26989 -prefMapSize 244628 -jsInitHandle 936 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2fedb27a-5eca-4756-9d9a-3c4b231ff695} 1220 "\\.\pipe\gecko-crash-server-pipe.1220" tab
    3⤵
    PID:1856

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\5vinb3pw.default-release\cache2\entries\22386449CA13D8975B935875780066C6EF52CE37

Filesize
13KB

MD5
dae5e0c65fc659fd75c7df37139d3682

SHA1
6a2e9ec5671802a9f81f7e1f7526d500a193093e

SHA256
ce67921e7c4800832bbb12dcf2fe7391197a38d342be867b4029b3a51faab3c7

SHA512
c1af9567717ae63b5c5946a25157f7e6ab418c251932cf21a5608dc3349ce2a1e26dc9883bcfb42b7686761a081b72cee5bd69c2b7c7a468bea5726bd29878d0

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\5vinb3pw.default-release\cache2\entries\58EFA56DB4BFFECB0EDA547894BC9A057159E22F

Filesize
13KB

MD5
12b0af62f44af79dfabb966d0d3b89e0

SHA1
3a139078d44ef2bc3cb674670e5da08d570fac33

SHA256
8e3ff950a5922364f5860d5da882164a49a2fa6edbe4d56f9777ea30ee2584dc

SHA512
1e7ff9abb0a4541683f0167864944c0d94de089194589f0b989ae67677e92758413341a711ec01a512d55f918115dc4b6864332f9ee08e795111660dcf0d2034

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon

Filesize
479KB

MD5
09372174e83dbbf696ee732fd2e875bb

SHA1
ba360186ba650a769f9303f48b7200fb5eaccee1

SHA256
c32efac42faf4b9878fb8917c5e71d89ff40de580c4f52f62e11c6cfab55167f

SHA512
b667086ed49579592d435df2b486fe30ba1b62ddd169f19e700cd079239747dd3e20058c285fa9c10a533e34f22b5198ed9b1f92ae560a3067f3e3feacc724f1

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

Filesize
13.8MB

MD5
0a8747a2ac9ac08ae9508f36c6d75692

SHA1
b287a96fd6cc12433adb42193dfe06111c38eaf0

SHA256
32d544baf2facc893057a1d97db33207e642f0dacf235d8500a0b5eff934ce03

SHA512
59521f8c61236641b3299ab460c58c8f5f26fa67e828de853c2cf372f9614d58b9f541aae325b1600ec4f3a47953caacb8122b0dfce7481acfec81045735947d

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\AlternateServices.bin

Filesize
7KB

MD5
646679219f16e8a6969c9ab8ed1b7981

SHA1
4f613dff98c0bd7ad33ef3b653307e2b3b44a264

SHA256
2afa4dc76c7014f629eb85f7f37bc8650f51ebc65956a19597042093375af691

SHA512
e8cfed08153c18f5c9bf367cddbac16231543dc14008a6e7ca0f07c44029780b06a7d4c6ce28d8ac945eaa99e9ac35b8759dca506ef0e741fd6466f311c7f2b5

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\datareporting\glean\db\data.safe.tmp

Filesize
17KB

MD5
82b0a12b03e558ed9a06742c71a858a3

SHA1
1102cacefbacf29c4fa5126997b92b6ebe974ac2

SHA256
343f8fdbdf1f1b3faf8d300ad9d1cf9a4f1325e260d7ee98000a585a1aaa2afc

SHA512
d855379756ccfbb27e5ff97b809028f6da3688f932fc5dcaf7dc5fc03f970223693aaf92ed783f7cf7caac1743ac820c7ffe5a8aaee0e4bed2e4d95bb98d499b

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\datareporting\glean\db\data.safe.tmp

Filesize
5KB

MD5
8b1a761af0bdd61ea2a16dd754173408

SHA1
7f8f5ff298be8e13a343cfde62412aaa504fb7ea

SHA256
cfca42d22dcccbf34defd6a6d76093c5ed7b64814e220bdc62374bf0b7efb8af

SHA512
cc7b3d41fb288ff146e44bab52fd73d857b090cdd96c8f4807c4c7615b4df076404ea3d3e7d7a12edfce2867b0cac711ef31a847335b27c74e2b6ead4e118293

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\datareporting\glean\db\data.safe.tmp

Filesize
5KB

MD5
98f5ba120809aa6cbd8ac7bf9228bced

SHA1
b5f2622f63762d40320d9a201834934a9178a2b2

SHA256
e998ad9164d6338f100b1d31badcd48f8f50d35e55dd3034354ec02989ed740b

SHA512
717f3be4c8c11a14f9f6413b949fb30416b9bc8d841265152be8bd4fe2f0a99449947d1e05585815471d3c2643e9578ba99754a6987377a5a82a8c22a792cb72

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\datareporting\glean\db\data.safe.tmp

Filesize
6KB

MD5
66859864c724fc3f8142fe5e2aa29ea9

SHA1
7009d099f5f8c51787cdf7431744ea84b8e2a749

SHA256
fd7f5c56ebc0158694f78f45b3c8641ebd8427bd53a023d5613ff072d3a83c28

SHA512
b57ee1f0feefab4cecc19a65fcbd6e4baad0484002535c37b831cccb2c100878fbd57f1cb887e0798909a1ef9c65e72840fb7cae67e2398f99d948a6f1059c6d

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\datareporting\glean\db\data.safe.tmp

Filesize
6KB

MD5
ae79fefdd7c10f0c89697c1a00694c45

SHA1
2dfdc74639bdebb02a9417519426999f19136a2c

SHA256
906bb8f2f3d1fdbbcdf4a41041e6a1fa0ebbd9b9cbf9d008e1b39d0e5f03c605

SHA512
4f0437b591287aa716a77434a4944d4ebc1c65ee15ef9bfe660765004242ecf6c938c90dffeaec41273c136fb4f295dd6a2f85c82364069e02298a0994b77924

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\datareporting\glean\pending_pings\4253b743-e91d-4baa-bf0c-a5a992a7680f

Filesize
26KB

MD5
14ec59e9825977d95ccefae7d5f0f21d

SHA1
1c2303d920944bbf4e6dd5758523367d594a38c4

SHA256
74b3dcc6566abf2a620e5549a8b2acb99195fb2af20085e8f5157f28ece0dcf1

SHA512
a0ab18019cd7333c654ea5a7f2ea17dbb148448ff08eb9785b47af4cb00a85beb05a44698428e5198a833dd39eef0caa3b687175db3b16b391bdbd383c0df818

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\datareporting\glean\pending_pings\95e80e35-1cf0-4cc9-a119-2dc0dd554a2f

Filesize
982B

MD5
ed564c5714a8019d6478d15b2b20d230

SHA1
1c71ef9b325cf97577b86c87805e69c35283bdd9

SHA256
821f1d660a846c75c581ddc6f044f3b245447d783364425e126aa82a70a4ad02

SHA512
b1aadead6c84941fd8d47caadfe9db76108c6ed924a9679f91bb128a0caed76b811234ed0a970e96148f1a0a110c5e9ae3d29a18328f76cd534ef8f946b0721c

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\datareporting\glean\pending_pings\ef092200-e14c-4d39-820d-31c20922d561

Filesize
671B

MD5
232915d13d5d729f61a894c75e4e10f1

SHA1
3f9b083aada68073e26b5dfaff3bfe4da331fcf2

SHA256
afd5f466fb453c668362238d98f8ca506c574f1f2af1c6b31a893fff2ccc59d4

SHA512
e273cdf3eed6450799aa8cdd120562194ce78d35ce000a9b8cb6ade0729a591d227f90c172e204990ec9bad870875cba022b492e65ace770461fe3d282b22307

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.dll

Filesize
1.1MB

MD5
842039753bf41fa5e11b3a1383061a87

SHA1
3e8fe1d7b3ad866b06dca6c7ef1e3c50c406e153

SHA256
d88dd3bfc4a558bb943f3caa2e376da3942e48a7948763bf9a38f707c2cd0c1c

SHA512
d3320f7ac46327b7b974e74320c4d853e569061cb89ca849cd5d1706330aca629abeb4a16435c541900d839f46ff72dfde04128c450f3e1ee63c025470c19157

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.info

Filesize
116B

MD5
2a461e9eb87fd1955cea740a3444ee7a

SHA1
b10755914c713f5a4677494dbe8a686ed458c3c5

SHA256
4107f76ba1d9424555f4e8ea0acef69357dfff89dfa5f0ec72aa4f2d489b17bc

SHA512
34f73f7bf69d7674907f190f257516e3956f825e35a2f03d58201a5a630310b45df393f2b39669f9369d1ac990505a4b6849a0d34e8c136e1402143b6cedf2d3

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\gmp-widevinecdm\4.10.2710.0\manifest.json

Filesize
372B

MD5
bf957ad58b55f64219ab3f793e374316

SHA1
a11adc9d7f2c28e04d9b35e23b7616d0527118a1

SHA256
bbab6ca07edbed72a966835c7907b3e60c7aa3d48ddea847e5076bd05f4b1eda

SHA512
79c179b56e4893fb729b225818ab4b95a50b69666ac41d17aad0b37ab0ca8cd9f0848cbc3c5d9e69e4640a8b261d7ced592eae9bcb0e0b63c05a56e7c477f44e

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\gmp-widevinecdm\4.10.2710.0\widevinecdm.dll

Filesize
17.8MB

MD5
daf7ef3acccab478aaa7d6dc1c60f865

SHA1
f8246162b97ce4a945feced27b6ea114366ff2ad

SHA256
bc40c7821dcd3fea9923c6912ab1183a942c11b7690cfd79ed148ded0228777e

SHA512
5840a45cfdb12c005e117608b1e5d946e1b2e76443ed39ba940d7f56de4babeab09bee7e64b903eb82bb37624c0a0ef19e9b59fbe2ce2f0e0b1c7a6015a63f75

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\prefs-1.js

Filesize
15KB

MD5
7acf249fe2c12a1885c849e1b455ab6d

SHA1
5ebe7701d4eef8eefecbc5e4663bc19be1876e9a

SHA256
765917a5b4d612159c34c1efbbbff2e15172b27f965b616f6f418dc31b29cd14

SHA512
910f1067d2675c1951020773b837211258f5bacdfa3161f5fc132911468a776f12eb62d17b03a59cf63794c6867a0d58d25fb0ab4fde04301a9b101cca9a08d0

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\prefs-1.js

Filesize
15KB

MD5
e1347dae1390f55c6abef09993d528da

SHA1
539f64d28a7861828a600e9f0bd0d28893ccc17e

SHA256
50f3eff4a151aa9839b7461d7bcd8dccca6df58ef3339cb34c798e5d0eda1988

SHA512
efc196b11a85371221496d7a817f68f2d1771d885cc288b47649dfb54ed5ea97b2e7d522a13fc6bf9092837fb1b7e808377acc79d75a450a7cd8c73fa9b7c631

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\prefs.js

Filesize
11KB

MD5
55cf02375ff1bfa8ef357959ff180e20

SHA1
83ffb187888eff61df6ca9cefa354710c0b545ee

SHA256
ab4848e7d4de320cee3c734454acfd2bfe400662f880350e9e148fc9e0d4a014

SHA512
91a5d6f9270b275025a1d5f1f57f7a058e989fa8cbcd09b8148d85c8e0774d14e33ed0fcd99aca76876ab30233f35136c823d967f45344a980cbd9bbd6d793b5

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\prefs.js

Filesize
10KB

MD5
ffc85a3d93b786d787e842b4aca9e6e2

SHA1
301679789629f3af8db28cb0828b55acbab9bfd9

SHA256
9eeb04ba226deb8a0bff380262dfd59d8c7aae03e2c1bf773ec383405bfe5a80

SHA512
f666f077fb873d23afee114edba96ae2fbb596869085282a731eab73f2a0bf892f9b153e741603d406cc9a747f0aeb2a10887cc1a7b9f253e82227002b0f5bce

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\prefs.js

Filesize
10KB

MD5
f8951cd0d73e05851490058cbb961b12

SHA1
0bbfa8820e41be2b49eb43abd694514aadd27dbf

SHA256
03fa286286c0025198f0b6410b628bb8de7251d8900922f8cafdc4743beb2163

SHA512
abe84431f411ec7765de15928f2a8ed9fa5c44b3e1a553e8ad3c05dbb7cff0dbf2939043ee1e1de8e1f0edeba23590dcc931e187b1e04729ded151b8dd55c647

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\sessionstore-backups\recovery.baklz4

Filesize
2KB

MD5
ebc216957af6e4742c729f52e2d970ad

SHA1
fef82c25eb87f0d7d35d2bfee58d152cc1ae51db

SHA256
a0d100cc77262874fa093169d0c3f0b9c8b80bdbc82b1857280bf141996b1994

SHA512
020bce8628a07e5562cbb52f82489df69d3f3aa73da76cc9e0c4179eeb66c55edc497ad71f34e0fbfadfa651b2582d739ef7155dfc63491c560908e32d72c906

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

Filesize
2.3MB

MD5
a6bbf3fbb8bc0dad3aaaf43ead8fbedb

SHA1
692c8189283e1917fb67006c800c3d0f8ffda97c

SHA256
8adfa78eb4e1de66d02cc75135038074772004311258261d37728bcf9114ea5e

SHA512
fa385fa0c3b87053bc73e6518f44eaa6013eebc6423a7b2651026c6de8ec247d46fed3bd2c2abd92f33d99e52aa57fa4f91ddbd76c997ee6f3721545996bd668

Download Submit