bbd05de19aa2af1455c0494639215898a15286d9b05073b6c4817fe24b2c36fa

Analysis

max time kernel
300s
max time network
302s
platform
windows11-21h2_x64
resource
win11-20240802-en
resource tags

arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
submitted
23-09-2024 13:45

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

42.zip
Size

41KB
MD5

1df9a18b18332f153918030b7b516615
SHA1

6c42c62696616b72bbfc88a4be4ead57aa7bc503
SHA256

bbd05de19aa2af1455c0494639215898a15286d9b05073b6c4817fe24b2c36fa
SHA512

6382ca9c307d66ab7566acf78b1afd44b18b24d766253e1dc1cb3a3c0be96ecf1f2042d6bd3332d49078ffee571cf98869c1284c1d3e5c1c7dc3e4c64f71af80
SSDEEP

768:hzyVr8GSKL6O3QOXk/0u3wqOghrFCezL1VFJdbq2QTJTw02Q:hGx8DKXE//ZhhCirFi2cwK

Score

6^/10

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs 4 IoCs

Web Service

T1102

flow	ioc
2	raw.githubusercontent.com
11	raw.githubusercontent.com
30	raw.githubusercontent.com
91	raw.githubusercontent.com

Checks processor information in registry 2 TTPs 20 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	firefox.exe

Modifies registry class 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings	firefox.exe
Key created	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings	firefox.exe

NTFS ADS 1 IoCs

description	ioc	Process
File created	C:\Users\Admin\Downloads\42.zip:Zone.Identifier	firefox.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
5628	7zFM.exe

Suspicious use of AdjustPrivilegeToken 12 IoCs

description	pid	Process
Token: SeDebugPrivilege	3552	firefox.exe
Token: SeDebugPrivilege	3552	firefox.exe
Token: SeDebugPrivilege	5380	firefox.exe
Token: SeDebugPrivilege	5380	firefox.exe
Token: SeDebugPrivilege	5380	firefox.exe
Token: SeRestorePrivilege	5628	7zFM.exe
Token: 35	5628	7zFM.exe
Token: SeSecurityPrivilege	5628	7zFM.exe
Token: SeSecurityPrivilege	5628	7zFM.exe
Token: SeDebugPrivilege	5380	firefox.exe
Token: SeDebugPrivilege	5380	firefox.exe
Token: SeDebugPrivilege	5380	firefox.exe

Suspicious use of FindShellTrayWindow 61 IoCs

pid	Process
3552	firefox.exe
3552	firefox.exe
3552	firefox.exe
3552	firefox.exe
3552	firefox.exe
3552	firefox.exe
3552	firefox.exe
3552	firefox.exe
3552	firefox.exe
3552	firefox.exe
3552	firefox.exe
3552	firefox.exe
3552	firefox.exe
3552	firefox.exe
3552	firefox.exe
3552	firefox.exe
3552	firefox.exe
3552	firefox.exe
3552	firefox.exe
3552	firefox.exe
3552	firefox.exe
3552	firefox.exe
3552	firefox.exe
3552	firefox.exe
3552	firefox.exe
3552	firefox.exe
3552	firefox.exe
3552	firefox.exe
3552	firefox.exe
3552	firefox.exe
3552	firefox.exe
3552	firefox.exe
3552	firefox.exe
3552	firefox.exe
3552	firefox.exe
3552	firefox.exe
3552	firefox.exe
5380	firefox.exe
5380	firefox.exe
5380	firefox.exe
5380	firefox.exe
5380	firefox.exe
5380	firefox.exe
5380	firefox.exe
5380	firefox.exe
5380	firefox.exe
5380	firefox.exe
5380	firefox.exe
5380	firefox.exe
5380	firefox.exe
5380	firefox.exe
5380	firefox.exe
5380	firefox.exe
5380	firefox.exe
5380	firefox.exe
5380	firefox.exe
5380	firefox.exe
5380	firefox.exe
5628	7zFM.exe
5628	7zFM.exe
5628	7zFM.exe

Suspicious use of SendNotifyMessage 16 IoCs

pid	Process
3552	firefox.exe
3552	firefox.exe
3552	firefox.exe
3552	firefox.exe
3552	firefox.exe
3552	firefox.exe
3552	firefox.exe
3552	firefox.exe
3552	firefox.exe
3552	firefox.exe
3552	firefox.exe
3552	firefox.exe
3552	firefox.exe
3552	firefox.exe
3552	firefox.exe
3552	firefox.exe

Suspicious use of SetWindowsHookEx 5 IoCs

pid	Process
3552	firefox.exe
5380	firefox.exe
5380	firefox.exe
5380	firefox.exe
5380	firefox.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3708 wrote to memory of 3552	3708	firefox.exe	94
PID 3708 wrote to memory of 3552	3708	firefox.exe	94
PID 3708 wrote to memory of 3552	3708	firefox.exe	94
PID 3708 wrote to memory of 3552	3708	firefox.exe	94
PID 3708 wrote to memory of 3552	3708	firefox.exe	94
PID 3708 wrote to memory of 3552	3708	firefox.exe	94
PID 3708 wrote to memory of 3552	3708	firefox.exe	94
PID 3708 wrote to memory of 3552	3708	firefox.exe	94
PID 3708 wrote to memory of 3552	3708	firefox.exe	94
PID 3708 wrote to memory of 3552	3708	firefox.exe	94
PID 3708 wrote to memory of 3552	3708	firefox.exe	94
PID 3552 wrote to memory of 1784	3552	firefox.exe	95
PID 3552 wrote to memory of 1784	3552	firefox.exe	95
PID 3552 wrote to memory of 1784	3552	firefox.exe	95
PID 3552 wrote to memory of 1784	3552	firefox.exe	95
PID 3552 wrote to memory of 1784	3552	firefox.exe	95
PID 3552 wrote to memory of 1784	3552	firefox.exe	95
PID 3552 wrote to memory of 1784	3552	firefox.exe	95
PID 3552 wrote to memory of 1784	3552	firefox.exe	95
PID 3552 wrote to memory of 1784	3552	firefox.exe	95
PID 3552 wrote to memory of 1784	3552	firefox.exe	95
PID 3552 wrote to memory of 1784	3552	firefox.exe	95
PID 3552 wrote to memory of 1784	3552	firefox.exe	95
PID 3552 wrote to memory of 1784	3552	firefox.exe	95
PID 3552 wrote to memory of 1784	3552	firefox.exe	95
PID 3552 wrote to memory of 1784	3552	firefox.exe	95
PID 3552 wrote to memory of 1784	3552	firefox.exe	95
PID 3552 wrote to memory of 1784	3552	firefox.exe	95
PID 3552 wrote to memory of 1784	3552	firefox.exe	95
PID 3552 wrote to memory of 1784	3552	firefox.exe	95
PID 3552 wrote to memory of 1784	3552	firefox.exe	95
PID 3552 wrote to memory of 1784	3552	firefox.exe	95
PID 3552 wrote to memory of 1784	3552	firefox.exe	95
PID 3552 wrote to memory of 1784	3552	firefox.exe	95
PID 3552 wrote to memory of 1784	3552	firefox.exe	95
PID 3552 wrote to memory of 1784	3552	firefox.exe	95
PID 3552 wrote to memory of 1784	3552	firefox.exe	95
PID 3552 wrote to memory of 1784	3552	firefox.exe	95
PID 3552 wrote to memory of 1784	3552	firefox.exe	95
PID 3552 wrote to memory of 1784	3552	firefox.exe	95
PID 3552 wrote to memory of 1784	3552	firefox.exe	95
PID 3552 wrote to memory of 1784	3552	firefox.exe	95
PID 3552 wrote to memory of 1784	3552	firefox.exe	95
PID 3552 wrote to memory of 1784	3552	firefox.exe	95
PID 3552 wrote to memory of 1784	3552	firefox.exe	95
PID 3552 wrote to memory of 1784	3552	firefox.exe	95
PID 3552 wrote to memory of 1784	3552	firefox.exe	95
PID 3552 wrote to memory of 1784	3552	firefox.exe	95
PID 3552 wrote to memory of 1784	3552	firefox.exe	95
PID 3552 wrote to memory of 1784	3552	firefox.exe	95
PID 3552 wrote to memory of 1784	3552	firefox.exe	95
PID 3552 wrote to memory of 1784	3552	firefox.exe	95
PID 3552 wrote to memory of 1784	3552	firefox.exe	95
PID 3552 wrote to memory of 1784	3552	firefox.exe	95
PID 3552 wrote to memory of 1784	3552	firefox.exe	95
PID 3552 wrote to memory of 1784	3552	firefox.exe	95
PID 3552 wrote to memory of 4644	3552	firefox.exe	96
PID 3552 wrote to memory of 4644	3552	firefox.exe	96
PID 3552 wrote to memory of 4644	3552	firefox.exe	96
PID 3552 wrote to memory of 4644	3552	firefox.exe	96
PID 3552 wrote to memory of 4644	3552	firefox.exe	96
PID 3552 wrote to memory of 4644	3552	firefox.exe	96
PID 3552 wrote to memory of 4644	3552	firefox.exe	96
PID 3552 wrote to memory of 4644	3552	firefox.exe	96

Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
persistence

Query Registry
T1012

C:\Windows\Explorer.exe
C:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\42.zip
1⤵
PID:1956

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:4964

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc
1⤵
PID:4344

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:3708
- C:\Program Files\Mozilla Firefox\firefox.exe
  "C:\Program Files\Mozilla Firefox\firefox.exe"
  2⤵
  - Checks processor information in registry
  - Modifies registry class
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SendNotifyMessage
  - Suspicious use of SetWindowsHookEx
  - Suspicious use of WriteProcessMemory
  PID:3552
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=1976 -parentBuildID 20240401114208 -prefsHandle 1904 -prefMapHandle 1896 -prefsLen 23678 -prefMapSize 244658 -appDir "C:\Program Files\Mozilla Firefox\browser" - {5fbecd89-fb18-48a3-9a90-8c386a356b08} 3552 "\\.\pipe\gecko-crash-server-pipe.3552" gpu
    3⤵
    PID:1784
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2376 -parentBuildID 20240401114208 -prefsHandle 2368 -prefMapHandle 2364 -prefsLen 23714 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3bf77bb2-3af3-473f-a4c7-a0fd3e7500ed} 3552 "\\.\pipe\gecko-crash-server-pipe.3552" socket
    3⤵
    - Checks processor information in registry
    PID:4644
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2732 -childID 1 -isForBrowser -prefsHandle 2908 -prefMapHandle 3144 -prefsLen 23855 -prefMapSize 244658 -jsInitHandle 936 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b820abb8-e02c-4d66-8ef7-3bc9adfa55db} 3552 "\\.\pipe\gecko-crash-server-pipe.3552" tab
    3⤵
    PID:2776
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3700 -childID 2 -isForBrowser -prefsHandle 3468 -prefMapHandle 2880 -prefsLen 29088 -prefMapSize 244658 -jsInitHandle 936 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {8c92e201-1500-4eeb-b714-dee434fd4af0} 3552 "\\.\pipe\gecko-crash-server-pipe.3552" tab
    3⤵
    PID:4444
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4804 -parentBuildID 20240401114208 -sandboxingKind 0 -prefsHandle 4796 -prefMapHandle 4792 -prefsLen 29088 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {886b4691-0743-4111-969e-7135a28234d8} 3552 "\\.\pipe\gecko-crash-server-pipe.3552" utility
    3⤵
    - Checks processor information in registry
    PID:1380
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=1588 -childID 3 -isForBrowser -prefsHandle 5348 -prefMapHandle 5344 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 936 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {1bff6943-b45e-4c3c-8611-17f002430316} 3552 "\\.\pipe\gecko-crash-server-pipe.3552" tab
    3⤵
    PID:5860
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5480 -childID 4 -isForBrowser -prefsHandle 5488 -prefMapHandle 5492 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 936 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {8e80d7a7-56f8-4268-ad1e-cae1c1b273bd} 3552 "\\.\pipe\gecko-crash-server-pipe.3552" tab
    3⤵
    PID:5872
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5672 -childID 5 -isForBrowser -prefsHandle 5680 -prefMapHandle 5684 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 936 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {318aba28-c808-44c2-991f-09b2e7063cfa} 3552 "\\.\pipe\gecko-crash-server-pipe.3552" tab
    3⤵
    PID:5884
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6148 -childID 6 -isForBrowser -prefsHandle 5656 -prefMapHandle 5848 -prefsLen 27211 -prefMapSize 244658 -jsInitHandle 936 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {6d80f156-b944-4561-9c72-8e4a74811b1f} 3552 "\\.\pipe\gecko-crash-server-pipe.3552" tab
    3⤵
    PID:4452

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
1⤵
PID:2608
- C:\Program Files\Mozilla Firefox\firefox.exe
  "C:\Program Files\Mozilla Firefox\firefox.exe"
  2⤵
  - Checks processor information in registry
  - Modifies registry class
  - NTFS ADS
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SetWindowsHookEx
  PID:5380
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=1940 -parentBuildID 20240401114208 -prefsHandle 1856 -prefMapHandle 1848 -prefsLen 24528 -prefMapSize 244985 -appDir "C:\Program Files\Mozilla Firefox\browser" - {0dc5a1f0-2bf9-4ea7-8a36-88ce3b112c80} 5380 "\\.\pipe\gecko-crash-server-pipe.5380" gpu
    3⤵
    PID:5548
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2392 -parentBuildID 20240401114208 -prefsHandle 2368 -prefMapHandle 2364 -prefsLen 24564 -prefMapSize 244985 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {4fa913e6-1693-4cd0-9302-32599202efc6} 5380 "\\.\pipe\gecko-crash-server-pipe.5380" socket
    3⤵
    PID:5656
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2900 -childID 1 -isForBrowser -prefsHandle 2856 -prefMapHandle 3228 -prefsLen 24705 -prefMapSize 244985 -jsInitHandle 936 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {0f12f635-c987-46e8-be60-6103e4509d18} 5380 "\\.\pipe\gecko-crash-server-pipe.5380" tab
    3⤵
    PID:2436
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3696 -childID 2 -isForBrowser -prefsHandle 3600 -prefMapHandle 3596 -prefsLen 29938 -prefMapSize 244985 -jsInitHandle 936 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d28bd264-684a-4100-8e67-ddcb444c2107} 5380 "\\.\pipe\gecko-crash-server-pipe.5380" tab
    3⤵
    PID:4320
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4552 -parentBuildID 20240401114208 -sandboxingKind 0 -prefsHandle 4584 -prefMapHandle 4580 -prefsLen 29992 -prefMapSize 244985 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {89174a65-16e4-4ef0-b9c3-d76034657e50} 5380 "\\.\pipe\gecko-crash-server-pipe.5380" utility
    3⤵
    - Checks processor information in registry
    PID:4016
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5256 -childID 3 -isForBrowser -prefsHandle 5252 -prefMapHandle 5244 -prefsLen 27460 -prefMapSize 244985 -jsInitHandle 936 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c4e1717a-16c8-4147-9077-a5fed2a3b5a2} 5380 "\\.\pipe\gecko-crash-server-pipe.5380" tab
    3⤵
    PID:1468
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5396 -childID 4 -isForBrowser -prefsHandle 5404 -prefMapHandle 5408 -prefsLen 27460 -prefMapSize 244985 -jsInitHandle 936 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {74b9362d-e8e3-4f31-97df-567b46ae844a} 5380 "\\.\pipe\gecko-crash-server-pipe.5380" tab
    3⤵
    PID:5896
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5592 -childID 5 -isForBrowser -prefsHandle 5672 -prefMapHandle 5668 -prefsLen 27460 -prefMapSize 244985 -jsInitHandle 936 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {040d2dd5-5836-4e46-850a-7a802be28233} 5380 "\\.\pipe\gecko-crash-server-pipe.5380" tab
    3⤵
    PID:4820
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6128 -childID 6 -isForBrowser -prefsHandle 6120 -prefMapHandle 6112 -prefsLen 27510 -prefMapSize 244985 -jsInitHandle 936 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {835a18f2-f828-47fa-831b-2892a5aa01e6} 5380 "\\.\pipe\gecko-crash-server-pipe.5380" tab
    3⤵
    PID:3708
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6428 -childID 7 -isForBrowser -prefsHandle 6440 -prefMapHandle 6436 -prefsLen 27510 -prefMapSize 244985 -jsInitHandle 936 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a6e332fb-bce5-46f6-b9d1-93d978cff020} 5380 "\\.\pipe\gecko-crash-server-pipe.5380" tab
    3⤵
    PID:5508

C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\Downloads\42.zip"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
PID:5628

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\5vinb3pw.default-release\activity-stream.discovery_stream.json.tmp

Filesize
33KB

MD5
c975ffc95c7e177858fad8fd0c5444db

SHA1
be36df977be71013244447cd9acc6b45c635e7db

SHA256
cc7479c62e0e65c85a35c16ebee840b242eff01eada13e372776512e9c971562

SHA512
39a9408567f9924d456bb53cc4c0636373fa1ec276f1b656db83c677b28d259a4e5202b2ac85e0d9588fb3a7fb2b5ba1a7717b79d520528afa46a899d54a6cf4

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\5vinb3pw.default-release\cache2\entries\026EDC597E43D6D5BD4D3F6F7441AFA4CFF8738C

Filesize
13.8MB

MD5
2ff49935e88c3f284ca0d28c0ca1bd8d

SHA1
2e08b9995e0c440d0ac09da29c317de3b1d7da1c

SHA256
5b588d142c6c946c24b99ade7ea1b93df6e8473e1593de7add1ca737ac115637

SHA512
35bdd7c281f905a737df5b2b6babe228605025cec0ca3af72758a8a4cb52ed048fac418a2b619ba29c14a89f67951f9cc9f3620a4338b58795ce80c0c3edd561

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\5vinb3pw.default-release\cache2\entries\0654C350612307729377E7F10119D192D73DF797

Filesize
62KB

MD5
fedb77938ee193e1e733c6685e42f550

SHA1
e9b6ef0a2050162d7ae38eea4076c20ced3f2329

SHA256
61ca2e43b429ca7cce44c0027197063fd1de7101a12664afa21f507923d59e2e

SHA512
3f1384f070110ca738388b1c648f3d6c8daf461a302b53ffc6b6e7e3ea13287f9875a7c0c1ca0fc10404d2ce05d7b726d89bea47aff30cc27116be90fe2f37dc

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\5vinb3pw.default-release\cache2\entries\0EA2E1AC3653A248EDE38E975FF2A4ADDA308244

Filesize
480KB

MD5
d35428941e71b6fe52497d6803b02bd5

SHA1
d58cc104059ea767f68bd7cddf8b149c0fd5f140

SHA256
f6c7df82e17cd67e5ce7c18ac9155fa29e329d03e58cf26ee21d34c1c5c7a4f7

SHA512
61be9da04756ebaa777c5f4db296214909c1f6f6ca05ad574529c366dfd1d346c374b8d5673619b3c68809f579c984569087d4c574ffce3f3b8ae3cac467fe7d

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\5vinb3pw.default-release\cache2\entries\10A0222AFA26BA84074326BA5AAF691B1EB56EDC

Filesize
32KB

MD5
4e7d4940aef65ca66e7381dec81c19cd

SHA1
409f3a80ce16bce739daa00aff89b5acf7195188

SHA256
b01034cad78fc66bc8a31160eb5c51e64b104cd8c39c130ea075cda52533a370

SHA512
6e087f97a8f28394b2ea3140d6596b8ac6510688201e82fa04274b11d164beeafa642996de71b249e78ef58b5c50cf5e54e67bf7e9fe3ce830f72e4231f39604

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\5vinb3pw.default-release\cache2\entries\12D95EA4FE3DFA08D82A8E2808DC304B2AABE14E

Filesize
23KB

MD5
068f0c7d980b33959f512a49f77385ed

SHA1
7bb51ffe212dc13a502aa11d9cd1f6ad60aa0c09

SHA256
c11bc155ccccab658bb2954ee554336819f6e3b3fbb3a2f972cf017473fd2f57

SHA512
27578a757dc4eaf2eac02d6e502b852e5eb71d68bd50f28e859847194bac527d490a1ede75deba919dcd8874b854b5af012f184113a71d8d4081c090da7b3625

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\5vinb3pw.default-release\cache2\entries\21966D34794C5BA45BA2536B155C5260F9E34578

Filesize
38KB

MD5
7d46b17e4c7b6555dc34c2111fdb8778

SHA1
8899a9f3b2a4e2869239ae9aed41e3247e8df26f

SHA256
168cf24ed31ab31cbf9b7a73c9adcc518a8d1d2c1c3d3b9b1f8b86e961586c39

SHA512
44ae2012b46640b548503ce8f9197478e2d631fcd309c34016fbaf76470db4638d419edacfbdb560af30d5f31786b7f18976bb17012f5fa640256164b915a5f4

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\5vinb3pw.default-release\cache2\entries\2492994A253B970917AF5CDF605580B1C2DC16A0

Filesize
63KB

MD5
468d5540a68229656372912c6e8180b4

SHA1
b5e6d5fc6dddb624babaff1fb93e58b985989232

SHA256
4224911294d967a321708f462cfc2643b342b89f91d4c7c1296da7f2ae6bde3b

SHA512
9bdbaa9f5a731b0cd083774335e83c323024de2cbe38ec6398ba36a6226276fe40a8d8720e3dcc928e695115e6b0f67a4232918f39132153aef9fe57a3e68c1c

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\5vinb3pw.default-release\cache2\entries\254256B27E0C48CF9B80B695F0B3B8CA84610495

Filesize
9KB

MD5
b83302a9d3c8ec818574f7a97b311f28

SHA1
1c75de059c648309e29383f5c543b41052a337b8

SHA256
935ea9a2255d8639302ea6f34a9f4ece7aa166eef32d64cb4b46f052099ecda3

SHA512
349a886dece722b0c24efd5a967db619cea660d034d1f4394340d18c6c6bf4ae055971b52a8d70d806c566951161bf2e1a45e4a2817864bd6272b971ecb4e34c

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\5vinb3pw.default-release\cache2\entries\37988EFD2AC7109AD91DDE9D3F90CD4A8C9DEB9D

Filesize
44KB

MD5
2a41829e53cc3d1e458b31af87c16952

SHA1
6357d33a970a421e88ca6a14ac774b1863cc2b78

SHA256
9cb6dfb3691b6d4819e633b728f7d768b1a7bd95d0a8295ddb3bdfc11981dec9

SHA512
98cc2e87835dd813f119a34973fd35610cbd26b266c4ad155fb059c5bb9b0a3beca4ca6f4138c22d77d64d84084de86b6f96e409242d879f79e6e4b637a7d410

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\5vinb3pw.default-release\cache2\entries\3DDFB4216D6CCC11C465548384928E95410856E3

Filesize
57KB

MD5
24a389df120ca7d1a00f3e981e145af0

SHA1
039b09eea49411a889de8ec9856f21dd3085b3bb

SHA256
2210c7c5a674ff9a19ce8870900523c47e07cb57f0c8b81624970d9cc7f63de3

SHA512
59e7dbebbd82a9cd7132293d69bf5b18fcc0047e97f7fbbe9ad621b2c139efdbb8c3b747ecc929403642978b60a3105c08577d8e9643f8548235d713be3c839c

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\5vinb3pw.default-release\cache2\entries\4C5F0202DDDB6F0944432B4120C336BF682E8F23

Filesize
50KB

MD5
7afb0dbc99ea074d8bfeeae14e7bff83

SHA1
2302072dbac5ac29e453f762852e6aac2b7235cf

SHA256
52b77f14db0e39c9ece88968988e07b842246c2e546af8381a2ee47fc261ec61

SHA512
4acc18c99ac0acfbd9a1843becd35b2cbae3a076677260d03cb84c3aa3e3832800c4e93ddfd41f1cdbc43e62f2cc8826fe0d604c44383c036f4f048dffa5ba3b

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\5vinb3pw.default-release\cache2\entries\4C67DD9416957669509B0671E91F6A0255524108

Filesize
22KB

MD5
529d2709e6289e8e339b40eb8074de83

SHA1
05bd538e4ac6bffd12132db7a7b3aa51d65a0e56

SHA256
2ed8208103ca32a384045517e7739a1fb9de059161640d57b9554ca4449a0397

SHA512
bc63f52fd972d2f0204e6613a82b79f24374d6d7b549218fc1b36378fcc271f90fd0979ae737d40006e73d3ec1aa626d0e8be2a6fec49eea024e27647bba99e5

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\5vinb3pw.default-release\cache2\entries\5E3BB633D02E45AD629BF3A6BF5B9CAB8D6EF776

Filesize
124KB

MD5
b200bd5f105add73114173517fd0b478

SHA1
16f9a61608cd9ec71d81b6db21407598dd7af2db

SHA256
182203c18d6f390c9bf7c6e839a2f78fd4e808e31a9acf14917730be3ed2ea44

SHA512
e21e0fd95700caa51e968a653058bb8044123d39df554306d877b152a4e25be2adbdfe1560020bdf29a8b4ff475761d2bdcff7ae0c2cf9266731cc1c2d6d97b9

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\5vinb3pw.default-release\cache2\entries\60C18F0EEA47B3FF6D75172EAE219B53603D9001

Filesize
43KB

MD5
dcc605f6771222556023ddf04ef679dd

SHA1
b298f25fafd45955daa29e2e8fe6155d7c2209cd

SHA256
6230aa019923411c20585f94c36bdbfab06f8124fb7e7cfc12f6a903e301f525

SHA512
293dc5149a5eed7ca7cea1b384fc03a07f449fa245faa78abc5c93b454644565f8dedd29910e64ef3992ffcd84d32131d0e9cf98601f309e08e93cb01f7d6270

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\5vinb3pw.default-release\cache2\entries\60CF38545A505890F10C7430AAAE5029D396CDC2

Filesize
15KB

MD5
b20dec38627d936d415f55b7a0ace46f

SHA1
0ffca4ccbd9456b0f50c3b2201a8d29ae0988716

SHA256
c7c52132326a6fe819511074564e2f3b771f1ec4739b9b2bb271755f1ea953c6

SHA512
457ecb115f0290aee28a16e31e875314a27c94de3d7492af9be454444445160075aca5f063e272535f6443b2581509c68b9cd046da5e385d32ca358e80eeb5ce

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\5vinb3pw.default-release\cache2\entries\62C514A3D9BDF3FCB31C6A5B8A4FF2FC8BEF667E

Filesize
221KB

MD5
7135ab0aaf7a9a236ad2925bc889c30a

SHA1
442695595b7cddd83d568d5db18a62b7ee2af724

SHA256
382c1667f739e67b508850378ea7a1dc1693ec883d5336c4909d9771b8e33ade

SHA512
c59a4254773471aa9384420747621f603348191a8140bbced05c142c52e6f5513c76a446040cbd73c1f7ee4736fb5c380646a85995bf3f6bde0a72726ed40ba0

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\5vinb3pw.default-release\cache2\entries\6738ED417ABC15DD7993802EF2A4ED577E300AE2

Filesize
22KB

MD5
a2ee00e77fcb303a1d427c5c2989a6b5

SHA1
e51d56b2897550cbaf7ef134d761faebdfd5c736

SHA256
02c5e468d75955f6de115d5c3a53439804322473c070f50ebae3e89c3808e57a

SHA512
289a011f43c2319aab56dbf63c4df2b6c9fa0fc9ca91b8f8a77264b38f802ea32774ce999bd89cd2ae381337ab4aff08a24bc9e8ea0c877ea348e954b4ce9ed6

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\5vinb3pw.default-release\cache2\entries\6BCA079C00C641034650B763782BD8807BE04EE3

Filesize
63KB

MD5
813fb779f09b08fedfd374ac4afcd080

SHA1
d4f7c6d59485f03c8be4ee50334434eab411145a

SHA256
8d896eb01192e02570c98c79f410af367f8795403004d27846c39354378f4b5d

SHA512
86b65219e6639d73c8077910f3c8c4530e24de2aa797292d865d3e94a67f75b3f60d2647cf54296e820f05c1bedc81a4d0e3314e05cf32437c5c23fcd0e4cfed

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\5vinb3pw.default-release\cache2\entries\6D89348819C8881868053197CA0754F36784BF5F

Filesize
15KB

MD5
b698cbd8e27ff4fb31d6f6e333c64c46

SHA1
08a8d9ca2730ee9b75a3c3f8fe0ea800eca2ce99

SHA256
a9024e06cd29555e970fb0d4aaebdad7ab34c79163748d30c8acb413f25d02e1

SHA512
15bef4fc627be7b3fc9e49a11a7a5f2619e410b14220a7ec747f6371eac9980922937e3788d9d17d8de5b5b6fbcd639d3c97e23d3375536f7b433afd37bb1edb

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\5vinb3pw.default-release\cache2\entries\7794259D93A199C92D0C0E49CEC8625143329823

Filesize
51KB

MD5
96b9fa8a6855b244e481d2dbc26c6037

SHA1
a8a13da80146e5882165483a88cfc621753b7914

SHA256
1a2b652b6ab3ea8a69723ec0d0228fc103ef6dcec4b310e65487a5ae61b8f49c

SHA512
e8ded48c634dd71b27f37c83b4409dfee61a4697f2179d536436cd8a232ac62e3fd0e9e2a314e085948912adc6a951fb5b7ff89daf302d0ad2b4c483eb008f8e

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\5vinb3pw.default-release\cache2\entries\7943793AD6EF12CA229A1DF7A721B44C210BBC82

Filesize
38KB

MD5
c57cd9c9931235b16e84ac5338f39437

SHA1
3982e35fab27f55f5716b596f56b88ff0d9e64b5

SHA256
79a27cd0deb6ecb9c4dd8270804384abe52b23357b167291708e2f31e9118b7a

SHA512
b23528bf7f2efacdb7876ccc8fb23e466b3a50395db3d7fae60db48c5d4eb54698a2e1610f744bafdbf98c34d5e44bc3c717d6b85904cd2d38cccc4a8c053344

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\5vinb3pw.default-release\cache2\entries\7BFCF32544F467F973AF267DF4EB4842EDED0C1F

Filesize
16KB

MD5
3336f2543a6925b81a2e0bd333734e48

SHA1
5a5e748eacee1f93e2e6c4d9077d8b7b8dec2dc9

SHA256
912705b0d19b227aef0a26a94c12576f535f442fc4ce8685d4aad73ee7c1a97d

SHA512
81b08f14e4752c45fdb259bfdddfe975e6c64a9c79b26cc647415941b6dccc8e214d6048a83dce781b1b3282c1ee22cabbc3dca0946ebb1ae6c68c3a2c1f3683

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\5vinb3pw.default-release\cache2\entries\8540EC873F08CBAD5DF5121BD3BABF95624B4A14

Filesize
16KB

MD5
a840e9e890ce61a296a5b56cd907757d

SHA1
abf5c1dc08dc3ff959eccee27041afdf594b324e

SHA256
32a5da9bd974c22086a0408b56937ad9632d444ddf7374ea0a8ff08b06633f2a

SHA512
44a968edacd2f75778e13615d00dc6cb8b11407c02c9349f910b795bbad9019300fe52cadf06852d89b0a9e6b3551285ee2f3bd8cc24324610b5fcdd1a4b468c

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\5vinb3pw.default-release\cache2\entries\8A2034D325DC0B5C9E11EDDA3FC70A54C8DC1C0D

Filesize
13KB

MD5
e7f31d87afd4fb74092c0178a100e33f

SHA1
41797260a7c06a3d6365ea655aaf438fdddb8970

SHA256
1c551bf0a3c5b36e4b9791a86f20f640ec788d0e960503481fe6602d818b2ead

SHA512
6b4941284d3a8687d176458581d615fbc17bca28f0eacc23729c84336af524fdb8ecc391421f0e548c55c72af1d970620d353ba87d6848f17544a2994a1919c4

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\5vinb3pw.default-release\cache2\entries\94F72B6F2D0DC3ED340D601AFA278D214906FBC5

Filesize
9KB

MD5
64153bfb5249b07aa570bcf675157d01

SHA1
8cbdbbc08bf00a4b409bf973e9c98def650118fe

SHA256
0c12a4da823ce72000a09ebad9e256256aa10c36f3080ffe35e6e2ef8f6b6bbc

SHA512
62ceef8ac39a3bbb0a688713b4b7d081474112c73ebd8f051cf85dd2da4f67e78e55ff8834062518769e91c980f45befd5fc5ca3f93b44bf6201d8cac963aae5

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\5vinb3pw.default-release\cache2\entries\9FC8C85689D31525EACE26158B83B464F43A027B

Filesize
23KB

MD5
463f369794e9ca905d50b71d550843d9

SHA1
206b47d18a227bb9079a1a8c3b7db068537fad8b

SHA256
cfb1625ff49f6056d8217311ce328ac067650e8e06496a1f1c2d0af9356c5eae

SHA512
bda5ee46d35281502074640dad22b3a5edd4934de691abcc53c0edb910974cb6a688c25d3219f53a7cf5f445866305d9bab6b5799b80d8a40029c59efad742d8

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\5vinb3pw.default-release\cache2\entries\CDB21C981CC9D3BF2B4FAF854D59E2DFEA293406

Filesize
151KB

MD5
f1573cb061595e10fe253309e4c851e1

SHA1
6ab736c1a79785f123a60829c90bd1b1ffaa311d

SHA256
234684e56811ba309257de61f131bab9ddaad8c70f01894beb64a7df4555c61b

SHA512
782eb6dcdff4c5e32f484a2520786b1402f526ebadd9e93dcc722e47ee7b45781dfa61ea9b175b51508824ce2df7a9f847caa6c375c76021a48c42274ce14262

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\5vinb3pw.default-release\cache2\entries\D0F48A0632B6C451791F4257697E861961F06A6F

Filesize
144KB

MD5
2d549d194797cc13e76b392b05cba5b5

SHA1
943cb95d80c2359c25058c31004c6746d875264f

SHA256
8a290ca8ad4f857e8092e974dddb5233d6017a366d1f5b202be8edfa6778a8be

SHA512
58b523950f6ff46f387c352714fa2579b10264433987a7fca226dc15741c1fd54b388f6f078b453a093f169b2ae68efd3a936d85718bdb5dd8e96cd62a01297e

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\5vinb3pw.default-release\cache2\entries\EC5CDEA802488D76634E0C74E0CD71F8FEB2BE77

Filesize
47KB

MD5
d9b573e7531731073f12cdfe658f43f8

SHA1
d00e4a315ea474e961f80004b0a4bfc541e1b35c

SHA256
be684c1bb691e432c66aebb1a8ff3e7053da215f101ffe6ead1833f7563cf073

SHA512
1a7ba98ca7069b38a2f93b64ae5488af0d9f2e02ffba77bee0df61f80ac9a7ece8c10b3c8169ce44824d0126f5d49d116af162654c40df1e0c32cc534a7225e3

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\5vinb3pw.default-release\startupCache\scriptCache-child.bin

Filesize
705KB

MD5
19bcb67b36d0284fb32873aad9382b44

SHA1
c2ce4e7798ff2373b2b576ded609847b5a472a70

SHA256
df3d383cba8360899ab4f9799f60b21d13514f32d5c5676a94fa985b501377ff

SHA512
0c19153c37e4fbeda74b0e32786a6fe99b2fab6c9691843a569f8613095e72b9d8c5a1128dcdfbc6c236dce4e5a514dce3c96ec17f22d4643120c7e00723fd1b

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\5vinb3pw.default-release\startupCache\scriptCache.bin

Filesize
8.6MB

MD5
42ef850edbc139a84e7e3b20653f072a

SHA1
8f4865cac36ba29890d1d0bbec93d36393d545c4

SHA256
4770d7a9a2fb83641bca7ba915eadd15fd6349d4a0fe3e37627550453feb08e5

SHA512
aceaca216366d624744005c55acc2c11c065bdf54c309358973d9cec1fca7f9cd9b12573c2be7487dba3e5147ef8b01ccf9237492bf8086deb3799eceab217f6

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\5vinb3pw.default-release\startupCache\urlCache.bin

Filesize
2KB

MD5
9768e3a2006b99d4b5ad769fb0acc5f7

SHA1
ceef4226ceca60a87e6dc362687a6446421e76c9

SHA256
1b59452c7877f3f5428e356059b6e1b4a7e7f4410aed2d3d4bcdf8bd28ec9ac5

SHA512
e910ede6f36a8552d794cd9221764bd1b790de9df58f4f9ab4528346ba727461f55a441092c9494b5cbfad0b9f8e8c32ea96cffd4a12a459c674fda252c895e9

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\5vinb3pw.default-release\startupCache\webext.sc.lz4

Filesize
107KB

MD5
d15531f643f59d89ea626e4f138ae89a

SHA1
d65ae67d948a3d86f0985b41777c154d55ef1404

SHA256
7aa9b67d17d1178c8c86a8911ef22184c55a036beabeadad9aa0e3f098b70329

SHA512
8c20a2b2a4604a857727a63dfb15b846fc36d499e4edfd70d801f927b52fa1d526eab03130f6019aa2c0df732067c44d5148d91a7a96184e0c90206d7c50eff9

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon

Filesize
479KB

MD5
09372174e83dbbf696ee732fd2e875bb

SHA1
ba360186ba650a769f9303f48b7200fb5eaccee1

SHA256
c32efac42faf4b9878fb8917c5e71d89ff40de580c4f52f62e11c6cfab55167f

SHA512
b667086ed49579592d435df2b486fe30ba1b62ddd169f19e700cd079239747dd3e20058c285fa9c10a533e34f22b5198ed9b1f92ae560a3067f3e3feacc724f1

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

Filesize
13.8MB

MD5
0a8747a2ac9ac08ae9508f36c6d75692

SHA1
b287a96fd6cc12433adb42193dfe06111c38eaf0

SHA256
32d544baf2facc893057a1d97db33207e642f0dacf235d8500a0b5eff934ce03

SHA512
59521f8c61236641b3299ab460c58c8f5f26fa67e828de853c2cf372f9614d58b9f541aae325b1600ec4f3a47953caacb8122b0dfce7481acfec81045735947d

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\AlternateServices.bin

Filesize
6KB

MD5
8819853f630566ea4cebe1639dcdf9eb

SHA1
c551c3bff380dd63514ba17ffe68d9ee3ea21e64

SHA256
018b1cb52c69c7b7c4c837f81d60817adb6aa8af2620c2c89342bbfec0efa450

SHA512
731f605602011482cd03e3abb03dbc9f36ba27ab4ac1b5a2a916938a128bd239d93a9d1d5cfa5fa7b92f059271c451f79c847560b2f2ad261fbb6c5d162be915

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\AlternateServices.bin

Filesize
12KB

MD5
d4c88661468f2c1104fccceac3e5823c

SHA1
78e2222d8b95b425e1e75db64d7fc767f731085f

SHA256
10dfbce2ad75c7e0e1f5f96c5d957ce30fd996b5e82d76bf2bdb2bc2a00e14f6

SHA512
535adc01ba40f2a923c2b604b7d7d54feefafb9dbb7efcb5ce26f95b2ef73e0f63e1726039d0de0992485f7bb897dff201b11642cf4c51a2f9927995b63fb1b6

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\AlternateServices.bin

Filesize
12KB

MD5
993f2598826701ce2fe3653c9d399db3

SHA1
b322f2019b058dc30a13dcf9e99cce7e3f5b82da

SHA256
337c0272d60346e16c0ef1fec2489cfeaede4adb576b88d077695e2be0c8c604

SHA512
ea8a1b1232e3ac147180030401b7c7419c285fa4218939460b6affd096565f8cc8f66745cbd2a218248dd5b5c97115c6c378b01973551b858f287e66b911e9cb

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\SiteSecurityServiceState.bin

Filesize
1KB

MD5
89b1cc39e41ec01d336fdb97ac90951a

SHA1
f40265450c84e6cdca71274d69b4a44a7462ec17

SHA256
02d2987e7e9e5bdcbf8fd85861139d7d5dffbaf8f41866fe7cee7608abd0cbf3

SHA512
9d92353cfad8ae58093eea94ecf3c3616fca1f87a350213c503b8b8225e8097f6131b12323bd4b1199b74fa44aa871ccd91aa4eadaa31e183a28940fb19d46fe

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\cert9.db

Filesize
224KB

MD5
3bf3ace79c982197efa6a42e474651f6

SHA1
d9a84f95a5c54c778d16716dbe4b4feb93eecc74

SHA256
fe5e95cf674b43b2316131b7fe829bb6f99605ae618c0f7fd17cfaa9304ebdb0

SHA512
352e1152000808107211cbc046f89eabab282596bf982ae5055b3a1dd019c3519042b0cf1ef62f94c6fa1d91bdf1eff40a5e19c92d8ccc239ab893c55303f984

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\content-prefs.sqlite

Filesize
256KB

MD5
b41ed219e2c8dac47f2701562d092621

SHA1
90d507eae3ec943a121dbe5a080412e40470b54f

SHA256
cfed019635a1e14f74ae78f2c03fb96b40ac3da37b67489bd98c144afc200f1f

SHA512
5c6027ec701055efb3b6c055727af5ed261e8f1d5ba954e64e8a34e5c791679b1e4a6ef49896ab8089ec151fd758ba41efc7333611af42b851606a0544a9b947

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\cookies.sqlite

Filesize
512KB

MD5
e85270369177edb35b7172d58b56ffca

SHA1
3e4d6623eefa0b50f39d6d1499791148d07a3df7

SHA256
c9b7369353dd01753c614e095dddb59daad7c0a585459994d4b0a5b0c6f43085

SHA512
c49ef9c11c500476e9e71845586693ed012778ebbf7197d3b9c2483aab06e3ca5cc657150d261668e036acd9c60a113b363425968a862f137cb0db7c2de984fe

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\datareporting\glean\db\data.safe.tmp

Filesize
6KB

MD5
e0f5301de711dd43d573dd7453f2bf40

SHA1
358aabf4114632a9fbbefd486e5cdb6a0c61d87f

SHA256
5a85959637d5e279ef2507383912cbd0f4438b248125e33ea581b735db2f72ca

SHA512
aacbc6343de469ab0a27a7eadafea7baf0f5124de6b5aea95e1a29f259397a03b7b7198582b889ac69c216c0913e5f9f2faa7cd46c3cb0d424a8bff10e18efea

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\datareporting\glean\db\data.safe.tmp

Filesize
6KB

MD5
402b4aa8e3a33ad9bc3d0cb87d94016c

SHA1
1fa5d16a543638fc6f52ebad7c9b9fd9c70776fa

SHA256
386ab44a91c6543b43d2fbcd8708b73619cf0cb44a52793d3b6af8d74843bd1f

SHA512
d4e726586aaf71c5060dcd19dca184c240046f59267a110b447680d4c8b38a0a9e242b4b0a10c297effa54b6727bff1efc48ec9afc3fd09679ca7560b738532c

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\datareporting\glean\db\data.safe.tmp

Filesize
7KB

MD5
99d7b5b33e66e91013705d523e68056d

SHA1
79225e2d8ae3318bafdf7c90e4d2c45593993211

SHA256
fb35e59be70c9ac67329536519dae18256a80bf0fb0be126a1e650eb57733147

SHA512
4dfa2795e1287e02669adcfddce75aea80732191bf12c6a26ccf7cf56c24f2444cf093fb85dfef39510ba9dd70634480d9e1e93e91ae62bd86266661da3eb639

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\datareporting\glean\db\data.safe.tmp

Filesize
7KB

MD5
95747f0b724428ca4b22dacc585ec728

SHA1
3851dea1ea714c47c48f8bfa17ed6338e0e1e2fa

SHA256
50f9b6a2771e21d2870eaf46fe459aed9ff2c39bf49772224bc46bdbfffb0cc8

SHA512
ce395821f138f6da637b9c129cd8a6b454aa4bcf63fcac5c5f45c4fe8e981ee15690a9f5aee3ed3248d32b77eb9cffafcc6b79888a4b65eb18c91b61cd220611

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\datareporting\glean\db\data.safe.tmp

Filesize
6KB

MD5
cee3e4fe9cf199e9fd291903c7fcf75f

SHA1
ae9f4633f6a364cd395aefac1decc65defb4e463

SHA256
c9118ea30981a143ff53f12292fb001e34723bb55509bee70df40b5bf0646a5b

SHA512
7736d03aa4b1ae18715bde396d316578e3f428528d3c65878f024caf8dab5693ff50de0f23d5c4ae522d7189cb1d8a33b1ace3164fed0b8da537e0c3087b1d65

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\datareporting\glean\db\data.safe.tmp

Filesize
6KB

MD5
011c441ac0550ae0c296e7da7df17e77

SHA1
2ccd892c8d2d7e6246028b17b02e3f5a59ada21d

SHA256
ad5e2439806d8050351449b4d81e73815c10624dab76b9f5986c3458d1114b52

SHA512
aa5507bd27b0425dbc72718b7593c17f0483e060db7a94f721b1d0cd3b8da941da6f3aa24bae6869c423a1fe9ad57d511d10b6695bdcfb196ae82913e4c0f538

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\datareporting\glean\db\data.safe.tmp

Filesize
6KB

MD5
2039a5392b9ad9d8948571585382b2ce

SHA1
392c0411e1cc2b7b09662e8e945eb15488d1bd64

SHA256
b9ee67f122b4a2e409820474ff66f157eabd2876bebefea3574c2805371b1e49

SHA512
6322c3fa91b76fa91d54cde6e356fd9e015d17a551497f05494da6de6eea274dfa7a1b523ba90efc19cb0c0162172815459047c75576d600d9f0098e31a10234

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\datareporting\glean\db\data.safe.tmp

Filesize
5KB

MD5
d961f6196ab772c32e39a8dfe7e7db1c

SHA1
2e1ce5918fc28a76e20d5fcf8cca53c75af42f9a

SHA256
60dc4bf6224fe23969f64cd185a639ef03461e9aaf7e9622e1f926928bdbd90a

SHA512
055a9c2c1cab6f09962efea42f9870e62579c7e67dbbb286c53691635e571265d94bbf3ab627e802dab3b83e4274eb513715aeb0ef67827e866da78178d89456

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\datareporting\glean\events\events

Filesize
1KB

MD5
6989ab1cbf55f1cf073c8be2d67fa481

SHA1
4e2c18671a6e363dbb917eab282e32faf25a49bd

SHA256
aa7a4a998f3c1c291cfd2e7e2e6c5442e53ce96a53fab70046430ce54b461b4e

SHA512
ad114d87bc69e036dd7b7a6eaf6812ab6525340009c08fcef7f245453ca7734a476abb554fe4eb0429e82d132cc29110209520a080f9f24c91270bcbbc89b1af

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\datareporting\glean\events\pageload

Filesize
350B

MD5
a9e09eba8bbea7a2e1f8772cf68fa38b

SHA1
7a532f2a191c7d8b510340a861f429d3067c81c4

SHA256
baa23ca70c9f17224db24d7d5e74e63acadc16e9a494a6ca7ae1393df7103b4d

SHA512
c79d2e2607e9626e2955fc288202c2e46e70ae86f9b1d95f94a10543271f277584415637c93ad312e896ef5e37e644dc8821660cd3e4b1166fdf5613ebdfa77b

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\datareporting\glean\pending_pings\222b9c18-31f2-4ff1-9ab2-25ba81e315cd

Filesize
756B

MD5
03ff78477cb275aacc9dcb03874017e2

SHA1
55502d16deb21afb6f8088496c741855941b86e5

SHA256
018ce4109ae06a129750e38f40d712310156f9e5d27a90199f792a4f4fffb175

SHA512
b2ba4ac63c315069e76ace96c7c1a76e7a79b979a8348b05486559fe038fa73f37ce22572bd5b721cf6862d4c0a30f09f5e97e0ae838d686f461610f1caffc8b

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\datareporting\glean\pending_pings\80604f1d-8105-4598-86b0-6dc505e09034

Filesize
671B

MD5
f7b9ebe9aaf6d7a79bf6a2c305553608

SHA1
a7887ac47fae46201aba27c745a441ae41057450

SHA256
545434534522f2f4027f162239b490557e946ddbd24be4130f938b6e48938680

SHA512
f58b2fc18d8f6795f1315abe358a4c4cb4fd352fb265a3acf9185ee277748444a0c76865a69f8e55782b2abc2870c78a036dadea4cee3f4607534330fecfca36

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\datareporting\glean\pending_pings\9e443217-eb50-47ec-8719-7555d8681c7b

Filesize
661B

MD5
7c52535b5d2e41c9b3f7554d00adf0fc

SHA1
d4994f218fcb1fc957c1a3e6d1a59e908b7a48b9

SHA256
775469a520c32b79425f575bd90c1b33348283cbcf533be1cf7b3518ff842659

SHA512
415662e4aee1d30c19cbd7f26d7acbb7ac710c5a8254351a0c565f501d22d5c02cd35475d7ff2346c438738d2c3ca14e4d7d3892566de1478e6d82cfd5bc3935

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\datareporting\glean\pending_pings\b4d2f7a2-6ff0-411d-beb8-338c802f0d53

Filesize
26KB

MD5
bd9f7aa214c70bfffc4c5254dad1c981

SHA1
4b32d5562ebdceebb3bc30eedb117fba45644288

SHA256
dc5000fcc27f5b217173eaf051ca0b34282b2712ec25b11b0827ebc96d2b5870

SHA512
048278b685b90b2d3f0f080002f0409497b32d9931a8efc9f95cec4da347c55457afeaf3c74a8a8664ddf6d9143b5d99600f70fa364fa1d1f59f038eec45aa87

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\datareporting\glean\pending_pings\c1f36391-7e40-43ff-8cb2-b024ec41ccd0

Filesize
982B

MD5
fc89656bb6e39de940ab4b6b4ae739d3

SHA1
21e036f1d8557072fcbe194e5dbc22a67d1abad7

SHA256
3615e7d7715ba1a97efa7b9e393ae845928f3b95ed1e5e0609a5a8afdbadcbc4

SHA512
e279175b464e57358e9149db97b54be70a55a77e9de23abf9c85f4e1389b4ca9b4e0c8c8af3469718c601067ad6eacf67b5ce941f1e58452e35a187491d074a6

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\datareporting\glean\pending_pings\d622cce7-ea3e-4b42-be94-df948e67141c

Filesize
740B

MD5
308af2987aef0768e999fb4edb9baba7

SHA1
3f4925a3834c9e2f969dece0d8ce49c93e7e4565

SHA256
dc4bf436d2311b49f2a87b6cb5fb8e51f139f95e2bddf9da24d2777097d491c0

SHA512
39e30c15888b438d692045e072baabc560ab9e82418cecbf8830ad7ef87e1d787404a85c3b5a467c086f0e102181b8cdc99a8a9eae4e99a119c2cdab16378dab

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\datareporting\glean\pending_pings\e00ad840-9101-4d38-a85b-c6e6df054ae6

Filesize
2KB

MD5
c7d21fbbc9a1c83a0e54738bf5ad8a3f

SHA1
16a1627e6438e6614922d967af5283e96ac72edc

SHA256
e5461039e3aa154ec3043a482daca343095af0d21792e10ef3288a6c3f0c88bb

SHA512
31d964dffe5d254bcb9855fbaf2fca7c6a7e233e6926f0a98699b516a5243fbf9030f5bb027d705f033b6196bc76ddfb91acefad582f9c13bdb279de2fc165fa

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\datareporting\glean\pending_pings\fbc99cee-15fe-4dce-83b4-458d569db9e6

Filesize
653B

MD5
73488f1dfb4a6ca7066ce126ac9623b6

SHA1
cb7a8a4ed894cf57a346b70b59b744d64a62d145

SHA256
ca015e7ed84ec67d80a88fadfb01238e013feb0f6257ceabfc4e9fd4a4cc3116

SHA512
812c4b3ef723f77c6314f9ac4b4cecc6cfb4c31a6547302e05039cdfa789effae416e4c5077b119b56663a353ca17d8e5669da894fab748d8060f453b05a51f0

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\extensions.json

Filesize
37KB

MD5
846d525f0662b09aa67e97d8128a62ea

SHA1
98da6bdf7d0f90fe716bfc7d72e5ffb04f054466

SHA256
d96b1424aaa358e582a6382006fc5bf92524cf7b969aa21e61bf840b32ba74bc

SHA512
7c718e6c11b4717b2d77ebc293baa957ec4838c79f893c932c0aa1e688b7ef01450dffafa5e9544a71dda3eae4e3c3f7a83ad46399b9a7ed57d73eb6950d613c

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\favicons.sqlite

Filesize
5.0MB

MD5
e9612d045bc84cac47968ab925bf8d99

SHA1
7b04ec195c4202ac73ac71b67678110e06c4164d

SHA256
1021b7494a46205774a5e87b9e06d249ee8aeebd19ace612ebd3967f01c3688b

SHA512
fdf12aa37ec5573ce69b524589b0d944a6dc1bb7a8869b54b9d6f317fb8468ecadde916612da3b8e033f108af7f50fed90d96f0a325946e68283796f20c442be

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.dll

Filesize
1.1MB

MD5
842039753bf41fa5e11b3a1383061a87

SHA1
3e8fe1d7b3ad866b06dca6c7ef1e3c50c406e153

SHA256
d88dd3bfc4a558bb943f3caa2e376da3942e48a7948763bf9a38f707c2cd0c1c

SHA512
d3320f7ac46327b7b974e74320c4d853e569061cb89ca849cd5d1706330aca629abeb4a16435c541900d839f46ff72dfde04128c450f3e1ee63c025470c19157

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.info

Filesize
116B

MD5
2a461e9eb87fd1955cea740a3444ee7a

SHA1
b10755914c713f5a4677494dbe8a686ed458c3c5

SHA256
4107f76ba1d9424555f4e8ea0acef69357dfff89dfa5f0ec72aa4f2d489b17bc

SHA512
34f73f7bf69d7674907f190f257516e3956f825e35a2f03d58201a5a630310b45df393f2b39669f9369d1ac990505a4b6849a0d34e8c136e1402143b6cedf2d3

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\gmp-widevinecdm\4.10.2710.0\manifest.json

Filesize
372B

MD5
bf957ad58b55f64219ab3f793e374316

SHA1
a11adc9d7f2c28e04d9b35e23b7616d0527118a1

SHA256
bbab6ca07edbed72a966835c7907b3e60c7aa3d48ddea847e5076bd05f4b1eda

SHA512
79c179b56e4893fb729b225818ab4b95a50b69666ac41d17aad0b37ab0ca8cd9f0848cbc3c5d9e69e4640a8b261d7ced592eae9bcb0e0b63c05a56e7c477f44e

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\gmp-widevinecdm\4.10.2710.0\widevinecdm.dll

Filesize
17.8MB

MD5
daf7ef3acccab478aaa7d6dc1c60f865

SHA1
f8246162b97ce4a945feced27b6ea114366ff2ad

SHA256
bc40c7821dcd3fea9923c6912ab1183a942c11b7690cfd79ed148ded0228777e

SHA512
5840a45cfdb12c005e117608b1e5d946e1b2e76443ed39ba940d7f56de4babeab09bee7e64b903eb82bb37624c0a0ef19e9b59fbe2ce2f0e0b1c7a6015a63f75

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\permissions.sqlite

Filesize
96KB

MD5
037b0334dca568e1ce9d355a31243735

SHA1
334c272628d9dd0acb182dea63d450da3d9e5245

SHA256
0b8235bf15e4782a56b9bacf91785f6f539f1086228abc3731256efe4c53b9c5

SHA512
7893fc4bcf676f24121b298de609dd374dbfb7037d0cd56a0bfcb16f8fbe2c4a0b8f17d2d154093de834dd9c02ef646dbabaa49663fb53008e0c4bbfb7f07cbc

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\places.sqlite

Filesize
5.0MB

MD5
e953c086c7fb381d24c6d83a8a18bfbe

SHA1
879d317606cc5438eef65cde26ac58d0551fbc1f

SHA256
3c0cf7a5cb4ffee3898c9c26498437a02b690b49a9993821890c6d3e54b6d8bc

SHA512
a5c792c0f3be68b21bb4d15558c8cfe519e3c51a780fde95c3e31e11a757f5f55f88bdb587febccdcd239ffef2302e84b2cebfe64c2894d42c8578ba15a6c3bd

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\prefs-1.js

Filesize
11KB

MD5
ff8046b9e1b75ff338b5f23cc66342df

SHA1
d2e447c9dbb36664521f4c4310a4abac46db86fb

SHA256
ce89e7d5e49ac6003653fcfbad556ccfd7622057ab45ba478e8990a558b6e1c7

SHA512
16e35ea7701d45c7b6f1b7f920cdf215ba54698ca41761d2c5ea7ecfdeab7cd8b8c694e9ad20a533f78ccbd6cbc2569b5beb913326f5ee45e15c3e6b9b73f6c8

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\prefs-1.js

Filesize
12KB

MD5
7bbc7ddb3e84b2c263416b4673fdcac0

SHA1
baffe3a0b214ee8a6a8c2f0db0f47d0712e24638

SHA256
a1fe8aed1b89d468fa5d578922592e03089ba5d64c32f5cb2f290ed58fd9811a

SHA512
fec4c57babf0bbf69fa1722e31152750485282cf891b7490e22120b01a7b7ca68ca42b909e2ed58bf1f549f1c53980e15d05da2df877e19810f8df46dfcb47f3

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\prefs-1.js

Filesize
11KB

MD5
6cb85a31cd2c5cfe5b6900336ba2ca9a

SHA1
f1c6cb85021e8a63a5f06b539c4a653981e06e47

SHA256
0207d9e183a2bc5695aa6e025d1fb8fab6b5b599fc3b2b912850a66efe575000

SHA512
090cb338271af4e4a758b94e9ddaf43b521f785c38805f4ff92e1dbba3b3175029e551fec6de14c9ea8ade72ec7e52c83e1b3d0c6dbd3f87472b248f36d4ed44

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\prefs.js

Filesize
10KB

MD5
f8a9703f6dde2a80f9579012461ed793

SHA1
136cb815c00d5a770dc8a496344ce11d175211c7

SHA256
008a2c27b0c31f52dbacbb994be0f90aa1018adbbf03d36c8d32e46d86fceaf7

SHA512
81aad4631c036da656d55e060b132bd1427c243d94e6079d88dfe4c10c7bf4a51a02ab215111ef9ffe83768a137bc2548edeea764fa3069197716fe2dce549af

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\prefs.js

Filesize
12KB

MD5
8d858305b96d024dd56fa82e4d9def45

SHA1
4af3ef965bc3296130bd52f4eae7feefa6bcc336

SHA256
4c0df21a10b25eb199db562674ef7c48db9051618131c8f42522bf317abd39e6

SHA512
969a698162e60f020e42e46cffcad08670d6839591f28785310bfcc69c2d7b849fc53a5c80f79483fbb2bb836069b8b7e6d6de9892f1836d1e7252a6ca8497e2

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\prefs.js

Filesize
12KB

MD5
d30f2aa9aa3c889206902673c682d565

SHA1
a068de3ea96707c962e45cf6dbee24186baa3f1f

SHA256
fbccd5cfad5b546ea42e615a7e30cabdfee07b5c421121f544b5d6d44f785e0e

SHA512
ff29c06cc29e4b8daf302e1d4a4a7b4c55cfd6acbf3d24e6f7a1e4808de022ac8eed87f879896f188f4c4bd6ef8f8bc1045bdd4c1b25707b1e5fcaebb85c1d8a

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\protections.sqlite

Filesize
64KB

MD5
76786a4c0dd19d88d6d3ed95a293bf2f

SHA1
b0d6d676127a7694fc6e71ee57fcc2ffaa621ff7

SHA256
1a2564c1ba20b8038d35c2319258d94dc15d97914dcf753b31c48b79940dfd31

SHA512
8cd3298e2ebba763d3c80ac4b17e44af7eb63b46304967d0c6316d314baf8611c05f7b9979c2c5c329ac167aea0246e8c9f057ffbb272481c13fd5e4b4bcb2d0

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\sessionCheckpoints.json

Filesize
288B

MD5
948a7403e323297c6bb8a5c791b42866

SHA1
88a555717e8a4a33eccfb7d47a2a4aa31038f9c0

SHA256
2fca1f29b73dd5b4159fa1eb16e69276482f5224ba7d2219a547039129a51f0e

SHA512
17e2f65c33f47c8bb4beca31db2aff3d4bbb6c2d36924057f9f847e207bdcb85ffcbb32c80dd06862ffc9b7f0bd3f5e2e65b48bb1bc3363732751101d5596b1a

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\sessionCheckpoints.json

Filesize
53B

MD5
ea8b62857dfdbd3d0be7d7e4a954ec9a

SHA1
b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a

SHA256
792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da

SHA512
076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\sessionCheckpoints.json

Filesize
90B

MD5
c4ab2ee59ca41b6d6a6ea911f35bdc00

SHA1
5942cd6505fc8a9daba403b082067e1cdefdfbc4

SHA256
00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2

SHA512
71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\sessionCheckpoints.json.tmp

Filesize
259B

MD5
e6c20f53d6714067f2b49d0e9ba8030e

SHA1
f516dc1084cdd8302b3e7f7167b905e603b6f04f

SHA256
50a670fb78ff2712aae2c16d9499e01c15fddf24e229330d02a69b0527a38092

SHA512
462415b8295c1cdcac0a7cb16bb8a027ef36ae2ce0b061071074ac3209332a7eae71de843af4b96bbbd6158ca8fd5c18147bf9a79b8a7768a9a35edce8b784bf

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\sessionstore-backups\recovery.baklz4

Filesize
7KB

MD5
906c139a9a75d3caa618b38b280939b4

SHA1
80a68a26ad4ee6bdc6c034d023cd7a050ed379b4

SHA256
057dc4c4d41ff93cb4ce20629747f4b7c5c2b4245025246badc95745198f6bfc

SHA512
8b77f70eb85f91e19abcc3398b9d64e28241950fb71844c8b558bdcdb18b0935fbe2f55a1688234d17b8c73779c76e6c7f6b93e5efc5deb46ad4b9b1d3085b71

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\sessionstore-backups\recovery.baklz4

Filesize
3KB

MD5
f74110f448c292e8aee8e0e5d503d581

SHA1
97e9322f9d2479fe0ee1b9a500bdf26b0218e881

SHA256
a7bdbdb5815d3b31faddf67ca7e8e106da12a0a764f6f28b7d73918e85451f17

SHA512
ab585ee68142596e840327a84926bb1e7c5063328efbf793a61fb9f0ca005bff4f379ba184283c0e617bb36ea92a1a5aecee24ee87146c5ab0ff4c58b3ae023b

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\sessionstore-backups\recovery.baklz4

Filesize
9KB

MD5
d61f17c84dc370116d93468bdad61fe2

SHA1
d2de78f243dd86a9499c1ba11c0bf3cd65ed1eb2

SHA256
1ab5de6fb560d22500bb928cc43f9950b19890d8fb709bbee986f29491ace23b

SHA512
d125d14ff2e3e64b7800fc3f47271628b30d4946b8206708575fbc71c7711ef9384ae957a122e828abe2450fb5ac0c9110c60b17db8076d162f76338633af2bf

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\sessionstore-backups\recovery.baklz4

Filesize
9KB

MD5
87626fa7e65949f35f9833ebdf16f38e

SHA1
697c52f04ca8c1a8e06f2d2b43a8c6fe5688390b

SHA256
016cbe8f4a2993ce36f276bda81116018a1bcef961e98baa1682a494cb5f7dba

SHA512
4835439fb4ac1f663aeac16c5aa01eebe5da146ec3069a7a5ca46e2b9df5e941d4da7ba3f98c3bdbf1cc57feab605844be2033ded8be073962cce4329caa8607

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\sessionstore.jsonlz4

Filesize
4KB

MD5
4b4b88a82f662a8124dc47c1ee18fb7b

SHA1
22bb1afbe6a8225a0f2f2407c08b83ccd4af81dc

SHA256
77285e6aa974531615b8ae62f6b0e8d1861242693cdb4071762c7857efcb086e

SHA512
3ef2a31053e5c03874ed4ac8c2fbd0a035532f20c632dcbca1a4dd2dd1fe0c04f546c665adc0aad5723fbbc3fb8b863329445b0d59b017049318bd701596f365

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\storage.sqlite

Filesize
4KB

MD5
3b8146024b15fa42ca24fe49452a1780

SHA1
9201a541789b79851b0e051d2ef78dea6fcd6bba

SHA256
897a411914064cc27538a7347a17e85dc1fe897e4aa96e0a6c9f7c147a8d79ea

SHA512
fc9d625bc955becd3516e001b2a5c91e14f35e9d653e669ca3a0ad1a5ad4066708edc6875d677f8f3607fca9794297ec09809388cffb77d9f2212824783b16b1

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\storage\default\https+++www.google.com\.metadata-v2

Filesize
52B

MD5
b7befd2eecc626f445a671d791c4bc17

SHA1
de632bd629b0aed6bcd5648eea4b3effe5857785

SHA256
8da01dce8d2b4e1cc97946c9d283d4fcba8d74a9c80ecadf082050c6b1d6a2bf

SHA512
d5ff74c01c6dfe9e3b5b35664089e102af557c7f6483f6781c4d4d14e520e7903c24c9639a4410caebc065ccd87b53b6be8cfd042ef762463425ec048e4ba224

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\storage\default\https+++www.google.com\ls\usage

Filesize
12B

MD5
4c428e195a2fad0b912480f1aaa48bf3

SHA1
52a8ec75e9ebe26a80438cfa5b234ccd96f24621

SHA256
330e0baa0683f9a1187cfcee449c80c8d142c70ed58f6ed5bff634f23f399a8d

SHA512
795d309afb1c8bd2bb3ffa40ad5632fca3a1a8926143a1592a051ec8667bddcb21d0540fd33a898e4f28bfd65e13ae96693d96b11c13adcae09ff1f415a13ef2

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite

Filesize
48KB

MD5
3808b6621485a5c4739cee4f9cc2c59a

SHA1
3f20d847697f20f910ac8350d4a2da8d19a39be0

SHA256
adf1cd48ee192ea8adcfcfe7ba7b5a4c7523481c88e227cb6f9aec03065f7274

SHA512
72f827be07485ea03aff78af5e8601c1e7623374daa483843615ede816250b219fbcaf4ea85061e432936e5a05cc71c27bb337f9e22841740b3959d03ba2f0a9

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

Filesize
368KB

MD5
0481f4840f6f16ecc538e077e172d448

SHA1
fa05d4b6f8470eefb676a09f9b3a5edcc56f0f15

SHA256
bf0a91593fd0524d121037981ab51a011fae641037fcc8a2815d0b66cc9e29cd

SHA512
2181685d0d7b258cd22d64e81ebc8ab5657e6898fda370d0c079bb7d041d760a4698f27eab9dba1d985db42d16f73dbfbbd78c52bc50462ad9d9053f7e30b73f

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

Filesize
576KB

MD5
7610421a9eb9b9c8ccfcee9dfc7a8569

SHA1
a43df725e8bc2ed0eb94464a3a5eceb63acd650e

SHA256
755771c1a5a8a1b7aae482f0c9e672736ef2abe732651523613e2df1cc041b09

SHA512
931f69b4468ec435b4cb78c43be60de150e94bcb521910e911a63423dd88bfa52d4284f9d2d5dbb51e10aaad080376e51ee8064f02f0f0709527d47290e6be97

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\xulstore.json

Filesize
120B

MD5
8d689c06cb844185099c0398a280537e

SHA1
57073c7526ec37e94bb9db44fedc6d50276f7a6b

SHA256
96729e9b38f216605ff10715f96f364be32f02e2de23ede7e74b78244605124d

SHA512
3c7df326c695143915df1068cb2c0f58e93e4881b2c4d94b33948b80e954fbd4cf944ae53b4d15002b79fcdb8e88f8e9cf4c89ca50f56b7cfd8a13ea7dd6fff8

Download Submit
C:\Users\Admin\Downloads\YcFeHFNL.zip.part

Filesize
41KB

MD5
1df9a18b18332f153918030b7b516615

SHA1
6c42c62696616b72bbfc88a4be4ead57aa7bc503

SHA256
bbd05de19aa2af1455c0494639215898a15286d9b05073b6c4817fe24b2c36fa

SHA512
6382ca9c307d66ab7566acf78b1afd44b18b24d766253e1dc1cb3a3c0be96ecf1f2042d6bd3332d49078ffee571cf98869c1284c1d3e5c1c7dc3e4c64f71af80

Download Submit
C:\Users\Admin\Downloads\lib 2.zip

Filesize
34KB

MD5
0a76bd3e26768bba68aca3d210997069

SHA1
753690994a18cf58ed0fe3749d16448b763047b8

SHA256
9056b87f079861d1b0f041317d6415927d9ffb6498ce2530ff90fda69fa64e78

SHA512
14408ea7f44bc365a58d7480fff9ea3b10fa21bfbd3363c6e30b74a4d4121677e20ce1108cce12c203f0760768aee1c1aa69b130e090c409f9a516ea02d70c49

Download Submit