94b6429e2354021dd910335067a7779a58e2ebc268046fac3871598a7601610a

Analysis

max time kernel
1870s
max time network
1877s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
13-10-2024 16:40

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

attachment.gif
Size

98KB
MD5

5d5f3766d517c2fdd2c173f6cc055f6a
SHA1

d9e968de7644bc197e3d04d87734c2e2a69458bd
SHA256

94b6429e2354021dd910335067a7779a58e2ebc268046fac3871598a7601610a
SHA512

f7a3ce0654f696c8fe008e96de72b280a0352900f45f446997f0dcd2d4351e14b6113db1a621760a3fc70f67684f9a160b4509c2aa848bc034dec1eb510b13cb
SSDEEP

3072:MXIAMeTi36iThoYIkGXt1jAXPaN1ZuI+4fOZ0:+W0MGXqP4P+uOG

Score

6^/10

discovery

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs 14 IoCs

Web Service

T1102

flow	ioc
139	camo.githubusercontent.com
140	camo.githubusercontent.com
359	raw.githubusercontent.com
123	camo.githubusercontent.com
137	camo.githubusercontent.com
141	raw.githubusercontent.com
244	raw.githubusercontent.com
124	raw.githubusercontent.com
138	camo.githubusercontent.com
180	raw.githubusercontent.com
243	raw.githubusercontent.com
136	camo.githubusercontent.com
142	raw.githubusercontent.com
242	raw.githubusercontent.com

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Checks processor information in registry 2 TTPs 32 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies Internet Explorer settings 1 TTPs 33 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Software\Microsoft\Internet Explorer\VersionManager	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateLowDateTime = "3125371718"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Software\Microsoft\Internet Explorer\MINIE	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\IESettingSync\SlowSettingTypesChanged = "2"	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000086445aa8a430244a91c2b800ab210a510000000002000000000010660000000100002000000093e0590e85517f2a9cbb65279ea0febd819b491723452ee8129b895b0c08ad8c000000000e800000000200002000000080e47a26619669c331970b90b240846f0ad71116e2663d2dd6ceb513ef05a0e220000000b053c31af8b56c9558375f2f88a0836046a2a2abfb7545b68bcaa3c6afb7969640000000ba7d4fa48e68258df961ccff31e33575ff14b5b428d412192a0173d25d1c25d40cd5cfbde77891d97c8762f6335a1217ce874f8a0adeb1d24817316dc22dd0fa	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = c00415bb8e1ddb01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000086445aa8a430244a91c2b800ab210a5100000000020000000000106600000001000020000000fc82ccff0974f2f918a69f2e510d261a5f3b7ef46b42bf75a2d2f3791f7350f0000000000e8000000002000020000000bcf43fe8b16fb91bbd5494bce24f5e2e1ed072397f4ccd02e7f2a7c493b97af72000000075557c1d7f83de6bf756c9d69c8a4977894aad8f158d6a16092eb2220888de564000000038cd9f7d8e323e01f5bc00250bdb36d4c2647361351453858a166ca525e1ca97ebab12b4f09aa248d6da22ad7338c64812ff22cf73bcd197e9b77262728ff994	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastUpdateLowDateTime = "3125371718"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\GPU\AdapterInfo = "vendorId=\"0x10de\",deviceID=\"0x8c\",subSysID=\"0x0\",revision=\"0x0\",version=\"10.0.19041.546\"hypervisor=\"No Hypervisor (No SLAT)\""	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\MINIE\TabBandWidth = "500"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastUpdateHighDateTime = "31137166"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\Recovery\AdminActive\{E5EEFBA2-8981-11EF-AEE2-DEEFF298442C} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Software\Microsoft\Internet Explorer\GPU	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastTTLLowDateTime = "1251635200"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateHighDateTime = "31137166"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Software\Microsoft\Internet Explorer\IESettingSync	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastTTLHighDateTime = "50"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 80860fbb8e1ddb01	iexplore.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133733112709063131"	chrome.exe

Modifies registry class 3 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\Local Settings	firefox.exe
Key created	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\Local Settings	firefox.exe
Key created	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\Local Settings	firefox.exe

NTFS ADS 5 IoCs

description	ioc	Process
File created	C:\Users\Admin\Downloads\README.md:Zone.Identifier	firefox.exe
File created	C:\Users\Admin\Downloads\Ransomware.WannaCry(1).zip:Zone.Identifier	firefox.exe
File created	C:\Users\Admin\Downloads\Ransomware.WannaCry(2).zip:Zone.Identifier	firefox.exe
File created	C:\Users\Admin\Downloads\Ransomware.WannaCry(3).zip:Zone.Identifier	firefox.exe
File created	C:\Users\Admin\Downloads\Ransomware.WannaCry.zip:Zone.Identifier	firefox.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
736	chrome.exe
736	chrome.exe

Suspicious behavior: LoadsDriver 10 IoCs

pid	Process
4	Process not Found
4	Process not Found
4	Process not Found
4	Process not Found
4	Process not Found
656	Process not Found
4	Process not Found
4	Process not Found
4	Process not Found
4	Process not Found

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 12 IoCs

pid	Process
736	chrome.exe
736	chrome.exe
736	chrome.exe
736	chrome.exe
736	chrome.exe
736	chrome.exe
736	chrome.exe
736	chrome.exe
736	chrome.exe
736	chrome.exe
736	chrome.exe
736	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	736	chrome.exe
Token: SeCreatePagefilePrivilege	736	chrome.exe
Token: SeShutdownPrivilege	736	chrome.exe
Token: SeCreatePagefilePrivilege	736	chrome.exe
Token: SeShutdownPrivilege	736	chrome.exe
Token: SeCreatePagefilePrivilege	736	chrome.exe
Token: SeShutdownPrivilege	736	chrome.exe
Token: SeCreatePagefilePrivilege	736	chrome.exe
Token: SeShutdownPrivilege	736	chrome.exe
Token: SeCreatePagefilePrivilege	736	chrome.exe
Token: SeShutdownPrivilege	736	chrome.exe
Token: SeCreatePagefilePrivilege	736	chrome.exe
Token: SeShutdownPrivilege	736	chrome.exe
Token: SeCreatePagefilePrivilege	736	chrome.exe
Token: SeShutdownPrivilege	736	chrome.exe
Token: SeCreatePagefilePrivilege	736	chrome.exe
Token: SeShutdownPrivilege	736	chrome.exe
Token: SeCreatePagefilePrivilege	736	chrome.exe
Token: SeShutdownPrivilege	736	chrome.exe
Token: SeCreatePagefilePrivilege	736	chrome.exe
Token: SeShutdownPrivilege	736	chrome.exe
Token: SeCreatePagefilePrivilege	736	chrome.exe
Token: SeShutdownPrivilege	736	chrome.exe
Token: SeCreatePagefilePrivilege	736	chrome.exe
Token: SeShutdownPrivilege	736	chrome.exe
Token: SeCreatePagefilePrivilege	736	chrome.exe
Token: SeShutdownPrivilege	736	chrome.exe
Token: SeCreatePagefilePrivilege	736	chrome.exe
Token: SeShutdownPrivilege	736	chrome.exe
Token: SeCreatePagefilePrivilege	736	chrome.exe
Token: SeShutdownPrivilege	736	chrome.exe
Token: SeCreatePagefilePrivilege	736	chrome.exe
Token: SeShutdownPrivilege	736	chrome.exe
Token: SeCreatePagefilePrivilege	736	chrome.exe
Token: SeShutdownPrivilege	736	chrome.exe
Token: SeCreatePagefilePrivilege	736	chrome.exe
Token: SeShutdownPrivilege	736	chrome.exe
Token: SeCreatePagefilePrivilege	736	chrome.exe
Token: SeShutdownPrivilege	736	chrome.exe
Token: SeCreatePagefilePrivilege	736	chrome.exe
Token: SeShutdownPrivilege	736	chrome.exe
Token: SeCreatePagefilePrivilege	736	chrome.exe
Token: SeShutdownPrivilege	736	chrome.exe
Token: SeCreatePagefilePrivilege	736	chrome.exe
Token: SeShutdownPrivilege	736	chrome.exe
Token: SeCreatePagefilePrivilege	736	chrome.exe
Token: SeShutdownPrivilege	736	chrome.exe
Token: SeCreatePagefilePrivilege	736	chrome.exe
Token: SeShutdownPrivilege	736	chrome.exe
Token: SeCreatePagefilePrivilege	736	chrome.exe
Token: SeShutdownPrivilege	736	chrome.exe
Token: SeCreatePagefilePrivilege	736	chrome.exe
Token: SeShutdownPrivilege	736	chrome.exe
Token: SeCreatePagefilePrivilege	736	chrome.exe
Token: SeShutdownPrivilege	736	chrome.exe
Token: SeCreatePagefilePrivilege	736	chrome.exe
Token: SeShutdownPrivilege	736	chrome.exe
Token: SeCreatePagefilePrivilege	736	chrome.exe
Token: SeShutdownPrivilege	736	chrome.exe
Token: SeCreatePagefilePrivilege	736	chrome.exe
Token: SeShutdownPrivilege	736	chrome.exe
Token: SeCreatePagefilePrivilege	736	chrome.exe
Token: SeShutdownPrivilege	736	chrome.exe
Token: SeCreatePagefilePrivilege	736	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
1416	iexplore.exe
736	chrome.exe
736	chrome.exe
736	chrome.exe
736	chrome.exe
736	chrome.exe
736	chrome.exe
736	chrome.exe
736	chrome.exe
736	chrome.exe
736	chrome.exe
736	chrome.exe
736	chrome.exe
736	chrome.exe
736	chrome.exe
736	chrome.exe
736	chrome.exe
736	chrome.exe
736	chrome.exe
736	chrome.exe
736	chrome.exe
736	chrome.exe
736	chrome.exe
736	chrome.exe
736	chrome.exe
736	chrome.exe
736	chrome.exe
736	chrome.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe

Suspicious use of SendNotifyMessage 64 IoCs

pid	Process
736	chrome.exe
736	chrome.exe
736	chrome.exe
736	chrome.exe
736	chrome.exe
736	chrome.exe
736	chrome.exe
736	chrome.exe
736	chrome.exe
736	chrome.exe
736	chrome.exe
736	chrome.exe
736	chrome.exe
736	chrome.exe
736	chrome.exe
736	chrome.exe
736	chrome.exe
736	chrome.exe
736	chrome.exe
736	chrome.exe
736	chrome.exe
736	chrome.exe
736	chrome.exe
736	chrome.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe

Suspicious use of SetWindowsHookEx 52 IoCs

pid	Process
1416	iexplore.exe
1416	iexplore.exe
3480	IEXPLORE.EXE
3480	IEXPLORE.EXE
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
2676	firefox.exe
1028	firefox.exe
1168	firefox.exe
1168	firefox.exe
1168	firefox.exe
1168	firefox.exe
1168	firefox.exe
1168	firefox.exe
1168	firefox.exe
1168	firefox.exe
1168	firefox.exe
1168	firefox.exe
1168	firefox.exe
1168	firefox.exe
1168	firefox.exe
1168	firefox.exe
1168	firefox.exe
1168	firefox.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1416 wrote to memory of 3480	1416	iexplore.exe	84
PID 1416 wrote to memory of 3480	1416	iexplore.exe	84
PID 1416 wrote to memory of 3480	1416	iexplore.exe	84
PID 736 wrote to memory of 1452	736	chrome.exe	92
PID 736 wrote to memory of 1452	736	chrome.exe	92
PID 736 wrote to memory of 3068	736	chrome.exe	93
PID 736 wrote to memory of 3068	736	chrome.exe	93
PID 736 wrote to memory of 3068	736	chrome.exe	93
PID 736 wrote to memory of 3068	736	chrome.exe	93
PID 736 wrote to memory of 3068	736	chrome.exe	93
PID 736 wrote to memory of 3068	736	chrome.exe	93
PID 736 wrote to memory of 3068	736	chrome.exe	93
PID 736 wrote to memory of 3068	736	chrome.exe	93
PID 736 wrote to memory of 3068	736	chrome.exe	93
PID 736 wrote to memory of 3068	736	chrome.exe	93
PID 736 wrote to memory of 3068	736	chrome.exe	93
PID 736 wrote to memory of 3068	736	chrome.exe	93
PID 736 wrote to memory of 3068	736	chrome.exe	93
PID 736 wrote to memory of 3068	736	chrome.exe	93
PID 736 wrote to memory of 3068	736	chrome.exe	93
PID 736 wrote to memory of 3068	736	chrome.exe	93
PID 736 wrote to memory of 3068	736	chrome.exe	93
PID 736 wrote to memory of 3068	736	chrome.exe	93
PID 736 wrote to memory of 3068	736	chrome.exe	93
PID 736 wrote to memory of 3068	736	chrome.exe	93
PID 736 wrote to memory of 3068	736	chrome.exe	93
PID 736 wrote to memory of 3068	736	chrome.exe	93
PID 736 wrote to memory of 3068	736	chrome.exe	93
PID 736 wrote to memory of 3068	736	chrome.exe	93
PID 736 wrote to memory of 3068	736	chrome.exe	93
PID 736 wrote to memory of 3068	736	chrome.exe	93
PID 736 wrote to memory of 3068	736	chrome.exe	93
PID 736 wrote to memory of 3068	736	chrome.exe	93
PID 736 wrote to memory of 3068	736	chrome.exe	93
PID 736 wrote to memory of 3068	736	chrome.exe	93
PID 736 wrote to memory of 4920	736	chrome.exe	94
PID 736 wrote to memory of 4920	736	chrome.exe	94
PID 736 wrote to memory of 4512	736	chrome.exe	95
PID 736 wrote to memory of 4512	736	chrome.exe	95
PID 736 wrote to memory of 4512	736	chrome.exe	95
PID 736 wrote to memory of 4512	736	chrome.exe	95
PID 736 wrote to memory of 4512	736	chrome.exe	95
PID 736 wrote to memory of 4512	736	chrome.exe	95
PID 736 wrote to memory of 4512	736	chrome.exe	95
PID 736 wrote to memory of 4512	736	chrome.exe	95
PID 736 wrote to memory of 4512	736	chrome.exe	95
PID 736 wrote to memory of 4512	736	chrome.exe	95
PID 736 wrote to memory of 4512	736	chrome.exe	95
PID 736 wrote to memory of 4512	736	chrome.exe	95
PID 736 wrote to memory of 4512	736	chrome.exe	95
PID 736 wrote to memory of 4512	736	chrome.exe	95
PID 736 wrote to memory of 4512	736	chrome.exe	95
PID 736 wrote to memory of 4512	736	chrome.exe	95
PID 736 wrote to memory of 4512	736	chrome.exe	95
PID 736 wrote to memory of 4512	736	chrome.exe	95
PID 736 wrote to memory of 4512	736	chrome.exe	95
PID 736 wrote to memory of 4512	736	chrome.exe	95
PID 736 wrote to memory of 4512	736	chrome.exe	95
PID 736 wrote to memory of 4512	736	chrome.exe	95
PID 736 wrote to memory of 4512	736	chrome.exe	95
PID 736 wrote to memory of 4512	736	chrome.exe	95
PID 736 wrote to memory of 4512	736	chrome.exe	95
PID 736 wrote to memory of 4512	736	chrome.exe	95
PID 736 wrote to memory of 4512	736	chrome.exe	95

Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
persistence

Query Registry
T1012

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\attachment.gif
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1416
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1416 CREDAT:17410 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:3480

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7fff7041cc40,0x7fff7041cc4c,0x7fff7041cc58
  2⤵
  PID:1452
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1920,i,13920166330090001937,11002368025810872342,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1896 /prefetch:2
  2⤵
  PID:3068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2100,i,13920166330090001937,11002368025810872342,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1776 /prefetch:3
  2⤵
  PID:4920
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2284,i,13920166330090001937,11002368025810872342,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2452 /prefetch:8
  2⤵
  PID:4512
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3148,i,13920166330090001937,11002368025810872342,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3164 /prefetch:1
  2⤵
  PID:2216
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3212,i,13920166330090001937,11002368025810872342,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3196 /prefetch:1
  2⤵
  PID:3908
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4524,i,13920166330090001937,11002368025810872342,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3700 /prefetch:1
  2⤵
  PID:5004
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3144,i,13920166330090001937,11002368025810872342,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4540 /prefetch:8
  2⤵
  PID:3200
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4824,i,13920166330090001937,11002368025810872342,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4836 /prefetch:8
  2⤵
  PID:2784
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4872,i,13920166330090001937,11002368025810872342,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4760 /prefetch:8
  2⤵
  PID:3264
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5056,i,13920166330090001937,11002368025810872342,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4400 /prefetch:8
  2⤵
  PID:1708
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5292,i,13920166330090001937,11002368025810872342,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5308 /prefetch:1
  2⤵
  PID:4048
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=3420,i,13920166330090001937,11002368025810872342,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3376 /prefetch:1
  2⤵
  PID:1712
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=4448,i,13920166330090001937,11002368025810872342,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4752 /prefetch:1
  2⤵
  PID:628
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4984,i,13920166330090001937,11002368025810872342,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3284 /prefetch:8
  2⤵
  PID:880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4704,i,13920166330090001937,11002368025810872342,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4988 /prefetch:8
  2⤵
  PID:348
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=4748,i,13920166330090001937,11002368025810872342,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3432 /prefetch:1
  2⤵
  PID:60
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=4968,i,13920166330090001937,11002368025810872342,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4496 /prefetch:1
  2⤵
  PID:4172
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=3476,i,13920166330090001937,11002368025810872342,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3304 /prefetch:1
  2⤵
  PID:892
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=5456,i,13920166330090001937,11002368025810872342,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5488 /prefetch:1
  2⤵
  PID:2096
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5576,i,13920166330090001937,11002368025810872342,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5596 /prefetch:8
  2⤵
  PID:2228
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5740,i,13920166330090001937,11002368025810872342,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5748 /prefetch:8
  2⤵
  PID:2544
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=5528,i,13920166330090001937,11002368025810872342,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5624 /prefetch:1
  2⤵
  PID:2244
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=5680,i,13920166330090001937,11002368025810872342,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5508 /prefetch:1
  2⤵
  PID:4480

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:3204

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:5032

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
1⤵
PID:3648
- C:\Program Files\Mozilla Firefox\firefox.exe
  "C:\Program Files\Mozilla Firefox\firefox.exe"
  2⤵
  - Checks processor information in registry
  - Modifies registry class
  - NTFS ADS
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SendNotifyMessage
  - Suspicious use of SetWindowsHookEx
  PID:2676
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2032 -parentBuildID 20240401114208 -prefsHandle 1948 -prefMapHandle 1940 -prefsLen 23680 -prefMapSize 244658 -appDir "C:\Program Files\Mozilla Firefox\browser" - {034536bf-1df2-4541-a240-b3d65490df71} 2676 "\\.\pipe\gecko-crash-server-pipe.2676" gpu
    3⤵
    PID:3676
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2440 -parentBuildID 20240401114208 -prefsHandle 2420 -prefMapHandle 2408 -prefsLen 23716 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a8c9c2ed-c40d-49ce-b6a5-406af8c21303} 2676 "\\.\pipe\gecko-crash-server-pipe.2676" socket
    3⤵
    - Checks processor information in registry
    PID:1616
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2988 -childID 1 -isForBrowser -prefsHandle 3248 -prefMapHandle 2968 -prefsLen 23857 -prefMapSize 244658 -jsInitHandle 1268 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {55f8be52-be52-434c-9c9f-e7aea2417470} 2676 "\\.\pipe\gecko-crash-server-pipe.2676" tab
    3⤵
    PID:2064
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3868 -childID 2 -isForBrowser -prefsHandle 3856 -prefMapHandle 3852 -prefsLen 29090 -prefMapSize 244658 -jsInitHandle 1268 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d0cf9e86-f68a-4b97-8c01-c9cdf24114a8} 2676 "\\.\pipe\gecko-crash-server-pipe.2676" tab
    3⤵
    PID:2528
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4580 -parentBuildID 20240401114208 -sandboxingKind 0 -prefsHandle 4636 -prefMapHandle 4576 -prefsLen 29090 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c0277c2d-7eef-4185-a5ef-b67520c19fc5} 2676 "\\.\pipe\gecko-crash-server-pipe.2676" utility
    3⤵
    - Checks processor information in registry
    PID:5020
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5272 -childID 3 -isForBrowser -prefsHandle 5264 -prefMapHandle 5240 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 1268 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {cab0f59c-7f18-4995-a9fa-6f5d8e0bd838} 2676 "\\.\pipe\gecko-crash-server-pipe.2676" tab
    3⤵
    PID:3004
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5408 -childID 4 -isForBrowser -prefsHandle 5484 -prefMapHandle 5480 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 1268 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {97294bc2-06a3-465e-ab8e-ed29659967dc} 2676 "\\.\pipe\gecko-crash-server-pipe.2676" tab
    3⤵
    PID:5004
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5636 -childID 5 -isForBrowser -prefsHandle 5300 -prefMapHandle 5288 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 1268 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2e6b851c-90e1-4022-aa00-c3c9559ec766} 2676 "\\.\pipe\gecko-crash-server-pipe.2676" tab
    3⤵
    PID:1476
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5864 -childID 6 -isForBrowser -prefsHandle 6128 -prefMapHandle 6124 -prefsLen 27211 -prefMapSize 244658 -jsInitHandle 1268 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {835a647e-8e62-49ab-bd61-213b66b88a4d} 2676 "\\.\pipe\gecko-crash-server-pipe.2676" tab
    3⤵
    PID:848

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:3028

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
1⤵
PID:2692
- C:\Program Files\Mozilla Firefox\firefox.exe
  "C:\Program Files\Mozilla Firefox\firefox.exe"
  2⤵
  - Checks processor information in registry
  - Modifies registry class
  - Suspicious use of SetWindowsHookEx
  PID:1028
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=1948 -parentBuildID 20240401114208 -prefsHandle 1864 -prefMapHandle 1856 -prefsLen 24530 -prefMapSize 245025 -appDir "C:\Program Files\Mozilla Firefox\browser" - {109cd34f-7454-41bc-90ef-e33600833cae} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" gpu
    3⤵
    PID:4692
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2284 -parentBuildID 20240401114208 -prefsHandle 2276 -prefMapHandle 2264 -prefsLen 24530 -prefMapSize 245025 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {774b8035-9e70-4ea0-8e08-f32105f60ce9} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" socket
    3⤵
    - Checks processor information in registry
    PID:1116
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3068 -childID 1 -isForBrowser -prefsHandle 3052 -prefMapHandle 3048 -prefsLen 25029 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {0189cffa-166f-47f1-adb7-97c6ed276a5a} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:2576
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2860 -childID 2 -isForBrowser -prefsHandle 3564 -prefMapHandle 3664 -prefsLen 30262 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {245b4650-a800-413f-9d5c-24850f5b1bea} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:2324
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4784 -parentBuildID 20240401114208 -sandboxingKind 0 -prefsHandle 4780 -prefMapHandle 4776 -prefsLen 30316 -prefMapSize 245025 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b2d23f15-bd51-4f30-bb1c-7f4075365dc6} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" utility
    3⤵
    - Checks processor information in registry
    PID:4736
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5064 -childID 3 -isForBrowser -prefsHandle 3728 -prefMapHandle 3656 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {36dfaee7-1f7b-47c1-a99d-a5c203c885e5} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:636
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5148 -childID 4 -isForBrowser -prefsHandle 5156 -prefMapHandle 5160 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {0dcc78e4-e630-4c42-a4b2-f8b4cfc6757e} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:4696
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5428 -childID 5 -isForBrowser -prefsHandle 5348 -prefMapHandle 5352 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {42f2e435-4534-4f7d-a104-f76e9f38986e} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:4112
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3836 -childID 6 -isForBrowser -prefsHandle 3796 -prefMapHandle 3812 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {0e7b725b-e6c3-4ebd-a8c4-28a8af297ec9} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:2476
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5688 -childID 7 -isForBrowser -prefsHandle 5324 -prefMapHandle 5328 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e263cee8-f405-4292-ada4-f1293f02599f} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:1492
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5832 -childID 8 -isForBrowser -prefsHandle 5840 -prefMapHandle 5848 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {81d25c68-80c5-48c7-b569-ec0694a011f1} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:2380
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6012 -childID 9 -isForBrowser -prefsHandle 6016 -prefMapHandle 6020 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a5bee3e6-4d5b-4204-9fc6-cad53f5b73ab} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:964
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3988 -childID 10 -isForBrowser -prefsHandle 3984 -prefMapHandle 6208 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {cf07316c-3c21-496a-b0ed-5414022053f1} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:4836
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6368 -childID 11 -isForBrowser -prefsHandle 6376 -prefMapHandle 6380 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {1a06c029-3830-46c3-a913-2f213531ec52} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:2184
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6560 -childID 12 -isForBrowser -prefsHandle 6568 -prefMapHandle 6572 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e17a651d-d405-4e7f-a648-4e35e1216cd8} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:1104
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6784 -childID 13 -isForBrowser -prefsHandle 6796 -prefMapHandle 6740 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2a6ce224-f357-41f9-aad3-b8621e30ca49} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:3616
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6944 -childID 14 -isForBrowser -prefsHandle 6952 -prefMapHandle 6956 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {78392376-0fd3-4a57-b878-2333f03f8aa3} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:2360
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7136 -childID 15 -isForBrowser -prefsHandle 7144 -prefMapHandle 7148 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a84a502a-4644-4635-84a4-386a5d62c7ee} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:3224
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7340 -childID 16 -isForBrowser -prefsHandle 7348 -prefMapHandle 7352 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {9bf1b8b8-95f1-45a4-a05a-574171720ba6} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:860
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7524 -childID 17 -isForBrowser -prefsHandle 7532 -prefMapHandle 7536 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {06140313-2bb0-4d91-b63e-8af81cd57d5c} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:3900
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7744 -childID 18 -isForBrowser -prefsHandle 7700 -prefMapHandle 7508 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {990cae35-5a52-44f6-8bfc-8b743f5667fe} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:2240
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7916 -childID 19 -isForBrowser -prefsHandle 7924 -prefMapHandle 7928 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {12ccf625-21fa-4c40-9e92-dd5364ab11bb} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:1900
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8160 -childID 20 -isForBrowser -prefsHandle 8168 -prefMapHandle 8172 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {79d960ea-d9da-4e54-a739-8ee4afdbe2a2} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:1588
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8356 -childID 21 -isForBrowser -prefsHandle 8364 -prefMapHandle 8368 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {30ce2801-27bd-4299-9b90-3c6a7dbd9295} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:4524
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8444 -childID 22 -isForBrowser -prefsHandle 8536 -prefMapHandle 8560 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {903329df-76bc-4fe7-a174-dda1efd683d0} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:2260
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8792 -childID 23 -isForBrowser -prefsHandle 8804 -prefMapHandle 8748 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {8a244458-5d65-4b5c-aced-48bfcc599d93} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:4332
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8952 -childID 24 -isForBrowser -prefsHandle 8960 -prefMapHandle 8964 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7e7658b0-93d0-46bb-9247-e2105b58263c} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:2620
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=9164 -childID 25 -isForBrowser -prefsHandle 9172 -prefMapHandle 9176 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {feed5dc8-5add-49de-9420-0db89f84c0db} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:2624
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=9360 -childID 26 -isForBrowser -prefsHandle 9368 -prefMapHandle 9372 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {03bb388f-bcd6-487b-bc05-813124bbb6c4} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:3328
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=9584 -childID 27 -isForBrowser -prefsHandle 9596 -prefMapHandle 9540 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {73d7b699-b49c-462b-b10c-5f0dc0d17547} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:544
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=9796 -childID 28 -isForBrowser -prefsHandle 9808 -prefMapHandle 9752 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {feeca408-ad94-4fed-bf27-371196cbf347} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:1600
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=9956 -childID 29 -isForBrowser -prefsHandle 9964 -prefMapHandle 9968 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f35b18e2-1610-4c74-9d41-e32a91823742} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:60
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=10148 -childID 30 -isForBrowser -prefsHandle 10156 -prefMapHandle 10160 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ea5140a2-d940-422c-a860-68e230c66947} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:3864
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=10388 -childID 31 -isForBrowser -prefsHandle 10464 -prefMapHandle 10460 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e082301b-9992-4f69-bfc9-6436fca0adcc} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:4172
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=10568 -childID 32 -isForBrowser -prefsHandle 10648 -prefMapHandle 10644 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {14c4c317-87af-45b0-a229-eaee1b3434d8} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:4576
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=10772 -childID 33 -isForBrowser -prefsHandle 10848 -prefMapHandle 10844 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {9ecb984a-8f48-4618-a7be-61b1ab2f1350} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:4952
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=10560 -childID 34 -isForBrowser -prefsHandle 11032 -prefMapHandle 11028 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {9aa0e518-d395-4a61-8f2a-8eb63d7bad03} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:3620
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=11172 -childID 35 -isForBrowser -prefsHandle 11252 -prefMapHandle 11248 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d86cd594-e452-49d7-b7e8-230fa04938f8} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:4804
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=11348 -childID 36 -isForBrowser -prefsHandle 11356 -prefMapHandle 11360 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {4cac4d14-7c3c-40af-b6bd-f0c7855ff49f} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:2056
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=11540 -childID 37 -isForBrowser -prefsHandle 11548 -prefMapHandle 11552 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c62884d6-0d39-4f40-aebc-f86d7e2cc3f4} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:2352
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=11784 -childID 38 -isForBrowser -prefsHandle 11644 -prefMapHandle 11656 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e5adceab-0a26-4f14-bb05-14dcd82537a8} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:2304
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=11976 -childID 39 -isForBrowser -prefsHandle 11988 -prefMapHandle 11932 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {34dcd203-1238-4a56-a869-ccd825dbff6d} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:3028
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=12136 -childID 40 -isForBrowser -prefsHandle 12144 -prefMapHandle 12148 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e663defc-c802-44c7-bd12-ddf3f84dd57f} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:624
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=12352 -childID 41 -isForBrowser -prefsHandle 12360 -prefMapHandle 12364 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e56899e5-cd11-45d6-939a-8f52982d1bdf} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:1084
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=12532 -childID 42 -isForBrowser -prefsHandle 12576 -prefMapHandle 12584 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c5a49a25-107b-4fde-adf8-29ea8ba0689a} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:4608
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=12744 -childID 43 -isForBrowser -prefsHandle 12752 -prefMapHandle 12756 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ef5d2a11-8444-45d1-9a41-256ae17b624e} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:1484
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=13068 -childID 44 -isForBrowser -prefsHandle 13060 -prefMapHandle 13056 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {0d1c863e-174c-40e1-8a13-33b387b76dcc} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:4232
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=13184 -childID 45 -isForBrowser -prefsHandle 13192 -prefMapHandle 13200 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {214b5f85-5d83-4dde-a5e0-bd700652cd78} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:4708
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=13380 -childID 46 -isForBrowser -prefsHandle 13456 -prefMapHandle 13452 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b06547a2-9efb-42c7-9f68-7140f975e5da} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:2932
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=13364 -childID 47 -isForBrowser -prefsHandle 13592 -prefMapHandle 13596 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {4cbe7232-288f-48bf-b956-e7bad36fbc38} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:2800
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=13756 -childID 48 -isForBrowser -prefsHandle 13764 -prefMapHandle 13768 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d4aa755a-6afe-4365-bdd2-36350448f352} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:2096
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=13920 -childID 49 -isForBrowser -prefsHandle 13964 -prefMapHandle 13972 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {1e5cff51-3d18-41dc-9718-ac0032bdfcfa} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:1488
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=14124 -childID 50 -isForBrowser -prefsHandle 14132 -prefMapHandle 14136 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b3c40281-7e8a-4000-bc7b-d30f395c9210} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:4036
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=14252 -childID 51 -isForBrowser -prefsHandle 14260 -prefMapHandle 14264 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f93d3ab2-23ee-4151-830a-a3abf5078289} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:4012
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=14496 -childID 52 -isForBrowser -prefsHandle 14576 -prefMapHandle 14572 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {00939475-ff84-4220-b880-0ba6e9113034} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:2092
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=14628 -childID 53 -isForBrowser -prefsHandle 14472 -prefMapHandle 14348 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e074b675-88b6-4d47-8148-0e8f17697cf7} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:64
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=14488 -childID 54 -isForBrowser -prefsHandle 14760 -prefMapHandle 14764 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {61eb1a88-f75f-446e-8077-16c91f3f9bf0} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:4104
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=15020 -childID 55 -isForBrowser -prefsHandle 14940 -prefMapHandle 14948 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {55d2acc5-aa0e-40ff-8672-ea6942fa27c4} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:2088
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=14908 -childID 56 -isForBrowser -prefsHandle 15216 -prefMapHandle 15212 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a30b4f20-ad5b-4cd9-8634-d80ddef8b5b1} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:1208
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=15328 -childID 57 -isForBrowser -prefsHandle 15336 -prefMapHandle 15340 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {59c2e831-6c21-4430-8824-27447c3ec507} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:2684
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=15524 -childID 58 -isForBrowser -prefsHandle 15532 -prefMapHandle 15536 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {38a3dec3-096c-4f6e-a14d-b3e3f1da48e8} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:5004
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=15736 -childID 59 -isForBrowser -prefsHandle 15744 -prefMapHandle 15748 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7256bc5c-7948-416b-8e77-a0a1f33de344} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:3668
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=15952 -childID 60 -isForBrowser -prefsHandle 15960 -prefMapHandle 15968 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e92cdbdd-0b61-41da-b7aa-22bc0021fefe} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:1148
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=16152 -childID 61 -isForBrowser -prefsHandle 16164 -prefMapHandle 16108 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {39832937-0ed3-4b47-91db-716911fb3640} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:4408
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=16348 -childID 62 -isForBrowser -prefsHandle 16356 -prefMapHandle 16360 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {bf8d251d-ba13-4775-bdb5-317033ea913c} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:4784
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=16484 -childID 63 -isForBrowser -prefsHandle 16492 -prefMapHandle 16500 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {80da8070-f849-4458-a608-0018cbf7a595} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:388
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=16660 -childID 64 -isForBrowser -prefsHandle 16668 -prefMapHandle 16672 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {332f24d4-4c65-4e1b-b033-e518744aca22} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:2792
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=16832 -childID 65 -isForBrowser -prefsHandle 16876 -prefMapHandle 16884 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {02aacf73-85eb-4608-a22c-5643b3181abf} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:4320
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=17044 -childID 66 -isForBrowser -prefsHandle 17052 -prefMapHandle 17056 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5554b4c2-bd46-4851-848f-e1e6948b8787} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:4424
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=17272 -childID 67 -isForBrowser -prefsHandle 17348 -prefMapHandle 17344 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {86739c2e-57a7-4b6c-b36c-bbb48f7690d1} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:4220
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=17468 -childID 68 -isForBrowser -prefsHandle 17544 -prefMapHandle 17540 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e6aa4bcb-1715-46bf-994f-9b0b8451f75f} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:4872
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=17660 -childID 69 -isForBrowser -prefsHandle 17736 -prefMapHandle 17732 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {8c8e5dd7-e1a3-4ac8-8a48-c3909c19ae4f} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:2232
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=17944 -childID 70 -isForBrowser -prefsHandle 17864 -prefMapHandle 17872 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {41184417-fe12-455a-8150-4f0808845ae3} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:4396
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=18068 -childID 71 -isForBrowser -prefsHandle 17988 -prefMapHandle 17996 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f7cbe62d-80ca-4ef5-b93f-01add0928582} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:2604
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=18188 -childID 72 -isForBrowser -prefsHandle 18264 -prefMapHandle 18260 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {527fca03-7383-46c1-a9eb-b01a4060dc27} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:4928
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=18152 -childID 73 -isForBrowser -prefsHandle 17984 -prefMapHandle 18068 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {62b4f8a7-4160-4d19-918c-a3d7c32c52f7} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:212
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=18604 -childID 74 -isForBrowser -prefsHandle 18616 -prefMapHandle 18560 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {73d5efad-b98c-4947-947a-7178c5d91af1} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:4756
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=18752 -childID 75 -isForBrowser -prefsHandle 18796 -prefMapHandle 18804 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7af96657-b64d-4bf8-8a2f-8ac23dc19533} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:1372
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=18944 -childID 76 -isForBrowser -prefsHandle 18988 -prefMapHandle 18996 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5d198441-2e8a-43a2-8890-6a6ffb3761d5} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:1912
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=19264 -childID 77 -isForBrowser -prefsHandle 19184 -prefMapHandle 19192 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7b017d45-71af-4993-beda-2fd8192693da} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:5132
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=19388 -childID 78 -isForBrowser -prefsHandle 19400 -prefMapHandle 19404 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2c946b6c-1026-41b3-9a7b-8c63486f86c3} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:5148
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=19504 -childID 79 -isForBrowser -prefsHandle 19512 -prefMapHandle 19388 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {1534584b-0148-41ec-9286-1380650ae72e} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:5160
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=19668 -childID 80 -isForBrowser -prefsHandle 19712 -prefMapHandle 19720 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ef816931-7ffc-4e6b-979f-42b5aa525d37} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:5172
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=19696 -childID 81 -isForBrowser -prefsHandle 19896 -prefMapHandle 19900 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {38b14dd8-2608-4d1c-9f1c-65bfec5a6271} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:5184
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=20180 -childID 82 -isForBrowser -prefsHandle 20100 -prefMapHandle 20108 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {cccecd2f-25a3-4db9-9fe7-8bf4ca50b3a8} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:5200
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=20308 -childID 83 -isForBrowser -prefsHandle 20260 -prefMapHandle 20084 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d2b9e329-c9bd-4f78-bd26-69338cdd6da9} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:5212
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=20300 -childID 84 -isForBrowser -prefsHandle 20488 -prefMapHandle 20492 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {20a633c5-1576-455c-836c-512088bf4920} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:5224
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=20716 -childID 85 -isForBrowser -prefsHandle 20792 -prefMapHandle 20788 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b141e98e-152f-453f-9d9f-a3e383139065} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:5244
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=20912 -childID 86 -isForBrowser -prefsHandle 20704 -prefMapHandle 20920 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {84c4b548-b5e8-433e-8dcd-0ed9c4126910} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:5256
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=21092 -childID 87 -isForBrowser -prefsHandle 21100 -prefMapHandle 21104 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {aeef0f35-57f3-47d7-8015-1eaf091fbd58} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:5276
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=21288 -childID 88 -isForBrowser -prefsHandle 6632 -prefMapHandle 6636 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d172ba59-0071-48c7-a494-286e8130fba4} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:5292
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=21444 -childID 89 -isForBrowser -prefsHandle 21452 -prefMapHandle 21460 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5685c749-2c23-49ee-b6ac-14f8bdc35b1e} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:5304
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=21632 -childID 90 -isForBrowser -prefsHandle 21708 -prefMapHandle 21704 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2ad54f01-8c9b-45db-9d44-180b01015a29} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:5316
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=21844 -childID 91 -isForBrowser -prefsHandle 21920 -prefMapHandle 21916 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {09e3858e-ef4a-453c-ade6-ff5ab628727f} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:5332
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=22120 -childID 92 -isForBrowser -prefsHandle 22112 -prefMapHandle 22108 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {27d7949e-7ea6-438e-8f13-9e761ce2053a} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:5344
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=21836 -childID 93 -isForBrowser -prefsHandle 22296 -prefMapHandle 22292 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e51646a3-c4a8-41a7-991c-5b02f353ea8a} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:5360
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=22432 -childID 94 -isForBrowser -prefsHandle 22440 -prefMapHandle 21948 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e6166a62-5b7d-4474-b308-70ae10719b1b} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:5376
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=22612 -childID 95 -isForBrowser -prefsHandle 22620 -prefMapHandle 22624 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {45f57046-64fd-4463-997b-b56dc5709758} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:5388
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=22900 -childID 96 -isForBrowser -prefsHandle 22820 -prefMapHandle 22828 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7c1bfd15-6796-421f-ab2a-05475a4ece55} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:5408
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=23048 -childID 97 -isForBrowser -prefsHandle 23060 -prefMapHandle 23004 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {422fd3a6-727b-4e40-b0b3-586a7ce969e5} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:5420
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=23240 -childID 98 -isForBrowser -prefsHandle 23252 -prefMapHandle 23196 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {926b573e-f52d-4b53-9525-4ad365b3db93} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:5436
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=23376 -childID 99 -isForBrowser -prefsHandle 23320 -prefMapHandle 23316 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f3224afc-5c6b-4fef-a21f-a65c4208b65f} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:5448
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=23540 -childID 100 -isForBrowser -prefsHandle 23548 -prefMapHandle 23344 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {fdacfab8-6cf7-4e5c-aeee-8fd41e999412} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:5460
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=23720 -childID 101 -isForBrowser -prefsHandle 23728 -prefMapHandle 23732 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3810971a-9929-443c-bf99-cee44bfd3246} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:5472
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=23956 -childID 102 -isForBrowser -prefsHandle 24032 -prefMapHandle 24028 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {309e6101-8dd5-45c9-a011-ead7e72727a0} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:5492
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=24148 -childID 103 -isForBrowser -prefsHandle 24156 -prefMapHandle 24164 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {13d95f83-7504-4732-a066-332443d123e1} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:5504
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=24348 -childID 104 -isForBrowser -prefsHandle 24360 -prefMapHandle 24304 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b4801f95-4840-4474-b475-778fc4dc9261} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:5524
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6984 -childID 105 -isForBrowser -prefsHandle 24536 -prefMapHandle 24544 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {67914ccd-4e10-4bd5-af7e-403552bf97d9} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:5540
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=24656 -childID 106 -isForBrowser -prefsHandle 24664 -prefMapHandle 24668 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {db61484a-469b-41c0-8535-4d3735cb5b56} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:5552
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=24880 -childID 107 -isForBrowser -prefsHandle 24892 -prefMapHandle 24836 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b4092f6c-6016-42d4-9f09-1336832e5eef} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:5572
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=25060 -childID 108 -isForBrowser -prefsHandle 25068 -prefMapHandle 25072 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {af7f700d-ab07-4999-a429-550738be41ae} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:5584
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=25272 -childID 109 -isForBrowser -prefsHandle 25280 -prefMapHandle 25284 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b5a719a9-def3-4fda-b506-079f6770688d} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:5608
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=25476 -childID 110 -isForBrowser -prefsHandle 25488 -prefMapHandle 24956 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {64436ad1-2493-4b99-8e43-c88b665ecaba} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:5620
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=25664 -childID 111 -isForBrowser -prefsHandle 25740 -prefMapHandle 25736 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f8fa3775-354b-4d0b-b56d-800b3ffcc80b} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:5632
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=25876 -childID 112 -isForBrowser -prefsHandle 25952 -prefMapHandle 25948 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {983e9089-3ef7-4925-bb98-2e6cd5aa765d} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:5648
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=26068 -childID 113 -isForBrowser -prefsHandle 26144 -prefMapHandle 26140 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f8906034-ca21-422a-8ab7-dcc7557419f0} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:5660
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=26332 -childID 114 -isForBrowser -prefsHandle 26252 -prefMapHandle 26260 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {8907020d-a02c-4bd0-a974-abf9bf4854c1} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:5672
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=26472 -childID 115 -isForBrowser -prefsHandle 26548 -prefMapHandle 26544 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {4fc9f843-12b9-4945-b505-662fef959627} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:5692
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=26656 -childID 116 -isForBrowser -prefsHandle 26736 -prefMapHandle 26732 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2785839d-32c9-4203-88df-5079ce5a434a} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:5704
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=26864 -childID 117 -isForBrowser -prefsHandle 26872 -prefMapHandle 26876 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d403e70e-1e3b-4ad9-9a08-a1d841800c7c} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:5724
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=26968 -childID 118 -isForBrowser -prefsHandle 27000 -prefMapHandle 27004 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c4d2875b-82b3-40a1-aaec-cae92b61c391} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:5736
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=27204 -childID 119 -isForBrowser -prefsHandle 27216 -prefMapHandle 27160 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {0c960a7a-8d2f-4502-bc12-21d119eb4807} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:5748
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=27352 -childID 120 -isForBrowser -prefsHandle 27396 -prefMapHandle 27404 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {034474c7-fbf3-4218-ac22-6d99ff407213} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:5760
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=27576 -childID 121 -isForBrowser -prefsHandle 27584 -prefMapHandle 27588 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {de0d1ee9-7b4d-44f2-ac23-6686110bea50} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:5776
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=27796 -childID 122 -isForBrowser -prefsHandle 27872 -prefMapHandle 27868 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2be8c1a5-517b-4cec-85a8-cfa3669ec960} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:5788
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=27380 -childID 123 -isForBrowser -prefsHandle 27900 -prefMapHandle 27988 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {bca91213-8185-463b-8cd4-f4e6711d752a} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:5800
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=27772 -childID 124 -isForBrowser -prefsHandle 28220 -prefMapHandle 28228 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {bfe9c0f4-777d-4bca-b743-6daa9e94620d} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:5820
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=28392 -childID 125 -isForBrowser -prefsHandle 28468 -prefMapHandle 28464 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {0df64a83-f5dd-49b6-a2c7-e5764ef1bbc1} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:5832
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=28572 -childID 126 -isForBrowser -prefsHandle 28652 -prefMapHandle 28648 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d0cc2964-50bf-4248-84c2-cd2baedba822} 1028 "\\.\pipe\gecko-crash-server-pipe.1028" tab
    3⤵
    PID:5852

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
1⤵
PID:9332
- C:\Program Files\Mozilla Firefox\firefox.exe
  "C:\Program Files\Mozilla Firefox\firefox.exe"
  2⤵
  - Checks processor information in registry
  - Modifies registry class
  - NTFS ADS
  - Suspicious use of SetWindowsHookEx
  PID:1168
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=1964 -parentBuildID 20240401114208 -prefsHandle 1880 -prefMapHandle 1872 -prefsLen 24587 -prefMapSize 245025 -appDir "C:\Program Files\Mozilla Firefox\browser" - {3f65fa48-fc44-4088-95f4-dc3d464b8767} 1168 "\\.\pipe\gecko-crash-server-pipe.1168" gpu
    3⤵
    PID:7792
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2316 -parentBuildID 20240401114208 -prefsHandle 2308 -prefMapHandle 2304 -prefsLen 24587 -prefMapSize 245025 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {34f0ac98-8044-4f24-9d4d-20bfe72f4a79} 1168 "\\.\pipe\gecko-crash-server-pipe.1168" socket
    3⤵
    PID:9504
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3340 -childID 1 -isForBrowser -prefsHandle 3180 -prefMapHandle 3176 -prefsLen 25127 -prefMapSize 245025 -jsInitHandle 1200 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {40159490-3546-462a-bc22-35df186f9085} 1168 "\\.\pipe\gecko-crash-server-pipe.1168" tab
    3⤵
    PID:9780
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4224 -childID 2 -isForBrowser -prefsHandle 4252 -prefMapHandle 4248 -prefsLen 29419 -prefMapSize 245025 -jsInitHandle 1200 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ed0ca693-83de-439f-a391-a240ff0b04c3} 1168 "\\.\pipe\gecko-crash-server-pipe.1168" tab
    3⤵
    PID:9040
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4824 -parentBuildID 20240401114208 -sandboxingKind 0 -prefsHandle 4832 -prefMapHandle 4764 -prefsLen 30357 -prefMapSize 245025 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2fcfba32-8669-4f15-a03a-c84f988487a6} 1168 "\\.\pipe\gecko-crash-server-pipe.1168" utility
    3⤵
    - Checks processor information in registry
    PID:4708
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5136 -childID 3 -isForBrowser -prefsHandle 5064 -prefMapHandle 5128 -prefsLen 27823 -prefMapSize 245025 -jsInitHandle 1200 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a38f51cc-7f64-481e-873f-52a4e40d1d18} 1168 "\\.\pipe\gecko-crash-server-pipe.1168" tab
    3⤵
    PID:6624
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5268 -childID 4 -isForBrowser -prefsHandle 5276 -prefMapHandle 5280 -prefsLen 27823 -prefMapSize 245025 -jsInitHandle 1200 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {73769ce2-a0ee-4afc-9cc2-53bbc2389db4} 1168 "\\.\pipe\gecko-crash-server-pipe.1168" tab
    3⤵
    PID:2948
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5460 -childID 5 -isForBrowser -prefsHandle 5468 -prefMapHandle 5472 -prefsLen 27823 -prefMapSize 245025 -jsInitHandle 1200 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7f2167da-dcfa-450f-83cf-172fe40c286f} 1168 "\\.\pipe\gecko-crash-server-pipe.1168" tab
    3⤵
    PID:6008
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6236 -childID 6 -isForBrowser -prefsHandle 6196 -prefMapHandle 6200 -prefsLen 27823 -prefMapSize 245025 -jsInitHandle 1200 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a4925bbc-59e0-4ef9-a225-8eabdc95b9ae} 1168 "\\.\pipe\gecko-crash-server-pipe.1168" tab
    3⤵
    PID:6920

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

Filesize
62KB

MD5
2a269f39d847da7bf9b5d6841726b888

SHA1
3e3fbcdcdff5d84a331c0ecb9106637137cd4847

SHA256
f9401bcef77841dc036b71ec058704f10dde85bcef9b7efc42a12fbd0d200515

SHA512
40e14c79501180e5d0a28099b6df83ebe37f8b043cdd9295bffef7c4a376a6226ff330f8a0a15189d361fef1ca2bc661907c0e7b141c72257dcfcecec22719c6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

Filesize
41KB

MD5
abda4d3a17526328b95aad4cfbf82980

SHA1
f0e1d7c57c6504d2712cec813bc6fd92446ec9e8

SHA256
ee22a58fa0825364628a7618894bcacb1df5a6a775cafcfb6dea146e56a7a476

SHA512
91769a876df0aea973129c758d9a36b319a9285374c95ea1b16e9712f9aa65a1be5acf996c8f53d8cae5faf68e4e5829cd379f523055f8bcfaa0deae0d729170

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

Filesize
24KB

MD5
87c2b09a983584b04a63f3ff44064d64

SHA1
8796d5ef1ad1196309ef582cecef3ab95db27043

SHA256
d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0

SHA512
df1f0d6f5f53306887b0b16364651bda9cdc28b8ea74b2d46b2530c6772a724422b33bbdcd7c33d724d2fd4a973e1e9dbc4b654c9c53981386c341620c337067

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

Filesize
70KB

MD5
a8bc992bad7bae98e96d1c839fc939e0

SHA1
83c183c786ee2952427db80c6e91de04d800b3de

SHA256
6e7da6e50ed27be4e94e33192e0cc7b6c71570a360054a35786b7a8c36f94567

SHA512
3cb4d5b9bffdf5a8471e278693ae9f5121cf976ed4e431f7f8fea5bfb7e783c44ad8f5309f986e3badacbefc1704cb2ef611da0ef06ebbe7d56fe74afea5597c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010

Filesize
422KB

MD5
7b48d11801da34d070a938ed08d2738f

SHA1
c93abbd538f145596088c0776e6269de13473ed8

SHA256
17d0e8c9934d9007c8bbe9590259390ba6c0e11b3e56d9a1a29eefa073781103

SHA512
e26b2f1d11483cc2eb1d471ab72ee0d4c5ccbd48ac6bff5bfa2025052196b710d3d1f77286e0948c75ca83adc9e2fef0224c10cfb473af320e93489951ec6bec

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

Filesize
23KB

MD5
c377a6cea80bdfd2b6d66d89732ff5a5

SHA1
4610cf407b7e485916ee518bca2ccc82874bc076

SHA256
d7de250b748c1abb06a62f53403290d0e57b3861c59daab1da6a9b5437b49b33

SHA512
c96aa121b2c19db707a9aa3709babfe9cc12f4ad3c313d56c02d76406916f444438b9a865a08134d72e40384b6766182a05cca7ea3869e846453f73494aa6f09

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\0869be55715990c0_0

Filesize
19KB

MD5
7e0c8e752e5974af9e400bfbdeeb43b5

SHA1
d9535b0f971a3e45ef95dad4888c2069ae6040f6

SHA256
e66f30928c3375ab7e6380059152a56c86ad6d19436c39204a1d91c6c8340333

SHA512
c43709fa49ef896a87b512d56888283ef3237dc3abe4055081339ad9758b098a8e93837b536d52343289664f2fbd98d330fca71247bba940a89a92b020de2769

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\0a0579eb962b8bc4_0

Filesize
347B

MD5
1632dfd1ceef2e7867fc858db9dacccb

SHA1
82f0b2b06627023ef654fa472343a743f496b996

SHA256
5b0879987928c8a7a1a6e13124d6610e1e4ef6501799e0a555be0ee159c945e4

SHA512
919f4f1213a0ad3037e76038263d41ebfdd030e959791090f46378806ecc55f1f7fb95791ea9b501210b2f33b03b262b19743991d464984b4943016e994d4f6b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\11448c48208acbcb_0

Filesize
280B

MD5
325466e1bde3424f453488dfc2145336

SHA1
c6a570d7a5b29c35e0a2602e5fcff796f6015fea

SHA256
4537f3967f9cd885831756ff4982e78f2dc0eae7791562cbcc3e27e945ec3896

SHA512
e45f18a7437f0c296ca05c6d629cacebd0499e7f5d025fb948d8155bd0de85e6e4648e19a56d1894c542eb456b10f7544c3017f7dba1ebdd72d006bf1c042a2f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d3b4b14c26435d40_0

Filesize
262KB

MD5
30a6a6d62706d79bb3148edfb6f14440

SHA1
a879792bb1fe95d82f9eba7a51092fe0b5dd0859

SHA256
78ab49f064e49f80d47d40e3b98996f95d246e16d6e80b8a1a44b4cb088eba7a

SHA512
b4d238852f44d56fa37559c876367b04ca89a48221469ea831ab62a1ee4b73f01bc2be3b04d3c40e50f521e3ef5cb43fd7f35a1f593e05d05ff94cd792280cf9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
54d8024f36d8e561a071b1b6360ab377

SHA1
bb18e10853e9e45446ba71d501b77211fd16bd90

SHA256
893adda6bf745960662b7035be370908b98676138b17c4451c885bf7cb4e7b93

SHA512
5e56d25c937e60f955a627488857d7806191b80724a5854ab8f19129e035cb6758d87b7ddbde4c4c4b81f6023b2040ab2c4982090d40ff9ced94f8e2e30e831e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
dedb1198d93bdfdb8a0522efb9300453

SHA1
8a45ca929d6b023aad66be9e1424a54fd4112553

SHA256
5f0b4136879d5e501bf0533be5225a4a72609f88660fcdadeef7dd58e31077dc

SHA512
ad5a836accc0338dfaa62ac9866f342a165f8e6cd4fd2e8c3f2addb3478602c4bd2b8c6c6e20158e15e524b03f067e93b85bafb96ebeefe41cc44a158cc96507

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1

Filesize
264KB

MD5
2442ae4db3189a571bf199c6f56b9c24

SHA1
a4d18b264a31a2cc811e20b74889d81a51bfd07e

SHA256
8b9b3c3c71cfc7f788877d357a9d67c68a11a12f30ec9d2499d4587e8232a18d

SHA512
9883828471e68a102a86ee87d86d3850beb26960cd9d0598179bb99a401e0fc16aecd4b9ef312868d7d233a5fe81bd7bdc30dfe4a1fef44999204121304c2f9f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
b39c85845ddcea99d0507275a5d0b2cc

SHA1
ab3ab1d4574411d2b3b9d1bf2d86083e2970da54

SHA256
caf73db3aa79456e4ab02928a76687e18aa569a92c0d4b130c3766b8ca5fe217

SHA512
0e61d25eb8f6b18a54efc331591af9b7ac775a467e10ba98dde39fee5604cc2b14874bd51b9e2af1e4d30b7557a0266dfd07f2006da7dc5aa67f2adc5184bb0a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
64cdc4155405231f83977c7b2f551e1d

SHA1
228632a67f130cb49ef5c68a7075df0e9b4d2386

SHA256
9384a8f87a0f189fb8b6192d3c364f15dc900fc6a4b8e06945b563a325c55adc

SHA512
10c0e9313387460920c4833bcd0538c72c1a8ef6592e101c04a75c8e1a46264e1b469d6d2bd684c552e03d502d6a963e8f1d6f9f668e596048492046f5983fce

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
b181395f9afc6711f6165faaf1a129ef

SHA1
1ee1323694fc7a77f5d8a00a8f60ea0cdd6f124d

SHA256
dff0f890c7cc8b8958fba97ab4d047f10fbe83d80f1c9283ee90fc785c8b4e67

SHA512
2d0f3cecc5d65c8237cf1ed6f8e7125ef3e0e11bbf98431cff23583733f7416803817a47fe85618ab84b60ce8b7c80d8867a753b9ce25c9fcd2203f25e00bbc2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
8b85fb134dccf600e74b174184e8187d

SHA1
3f0e796bf35ed376ae8c69a8479d6820a44b4915

SHA256
c7722fece4dc33fe818288faef0ee8d407e314b2864c1befda5af2c98b00488c

SHA512
8d102d0a2656aac04d0c508ea6fa87d2bc6b12741c972a3ce681c75e9500922850f6ae51e21451a541497b4aff808e6c761619c6abd682408b09e2324250ca1d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
a6b4651f412c3325a3c11c752b24a1c4

SHA1
7ba9839b45404cf16d05a7e19a5394af5d57ef41

SHA256
29c14649edc6c58c9278d6337acc0ee85862e52033c13028c6ffa3055e9bd909

SHA512
035810e7847679ed764efbf15238496f291e5aab5a70a233b764bc369b6f7af920ff7acd9039f3452fde2b0cdc893e634ec0f4c2cc81ad7772fca9e73f1556a7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
b3e5d2f894210841fc9a5f594e0057d3

SHA1
4be8ee00a229fec371768e1f2295488c8f72fd27

SHA256
646180558b4151f6879fdddfb31f14d1d352dbacceae3dcd247c5398119aa764

SHA512
66505fb93b7e02f0b2dd572fe5fb3259a06c8b19650c4a3dd46fb02cbabd9c0ae07f7206c4801a28cf014a77c4640700418fa14652b92c24950c145f7d5f0f2f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
19ba7f27468df2f16a89322019818bad

SHA1
5c8535d05fe6a5e87557a160f3b13d516467eb3c

SHA256
78cc0e4a57912e9ea27c7e7328df21539aeae57b3e98b925286a822f3d9d9187

SHA512
fb32b61a942382660256ddaa16c5ec71a6eb3b63eef77209fd99b592d77cddaf9f7659d5fc8d5b4006378e18d5bcce06cc38aa94802b940f3d86821caa6e9004

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
b72864f41ffbf2230c736ed258390862

SHA1
2a3a494ceb54bb7052d5b521df5ae6072aeabc34

SHA256
7645d90dcffc61b50b8833aa3df0270076eee57daa1aa336a6521462e5980a9e

SHA512
3e36debfa5511df9a7fcded8fde936d5a5ef8110f5830b351bb69e10801f2a34180b07dedc39f70c32fbaccc2f0b8b3512a8e15fdb3da164b0ac0abbe894c2ae

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
ba0f5444b48262f4f1512868eae03d93

SHA1
6b73aea7c278ebf542d796d23c155d9adf0e54b9

SHA256
1365d73abbec8fd3ebd24f80cd9ba6e48df7720e097411b1ae515601c0a1777f

SHA512
d558f2ed59f91187603be6db571053fa81f07c266c63f576f7acb328762a87e7c9187ef2af3af60ef386ee6977284a5af47a98febf33b845c659f412cd4cb52b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
8ef181f5390497d79d4fb0bb7f33c1d5

SHA1
cca6993eb5c297ae5907b95f135e418ead3bcf27

SHA256
412bd94cc874067ccd9e044a47a288820a7a14bb768d90cc79ddd935e4be1439

SHA512
655e4cc75c34b0608aeca90c712fdeaca9845d9e0ebfa7b4825097a5c7282fde404b760867b75d98d957e9346a69ae9522a65e774b1d5c58a159ffc7b9553338

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
68479306cb6acdaa2523065521ea4227

SHA1
3f65e9b93a2a81353ba2a275e210b3e993b9e849

SHA256
9ac41dcfd77500ab552be23009e74ba07f56a0745d2d0fe39f0a73ec8a9f346d

SHA512
b60942d0eb5b1b6aa006e7fc8fee2eb47db9691159d34b43d1ba94359e181f0f3050de6f0381f93f2545a2995d15744bddb43c3c005a601f8e2dfd811d6fee4d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
56205493d2fc213a44eef424ceda442c

SHA1
a6f05cc451fc27564b5767580982bb18db480d79

SHA256
8702ecedafb2e1446114773e3c097c2e7a7bde178752343dc279afb6951ab906

SHA512
81f46b7341d6ba86abfca172a6cbfee293f800558e09cc007503d50bfd85c2c322269e553a2f35d29f9cdb592999c1f2c69092160423f0caa268bb4360cf8b9a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
566cead7ad547b0a4a9c21db29d76edd

SHA1
74acf976b93e3ea2dbc289aafde4f634c9ca6cdb

SHA256
2b02b241074d77fa629e6226493177bff7ba75f226d014dcb2feef00ce6ece1e

SHA512
541a7dfecff649e8d18f85522cd16bfb3f7545ac950356b788098df424c97311fc0214d19660fe5f70e768b5d0ec0882d8c7d4c10b7bb7bd498868da5ed6acda

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
bc19fea58674df49f3f6b3148683b79c

SHA1
0248ab5804c741addc16cc3a9f4c213d567312d2

SHA256
1fd239bf1ea78ac6bde19e8dc2873f80658f1a243a4580ff3e3d81a239c734c6

SHA512
e97b2bf2bcd84e7594e4677627e82bfe152ed934ebe94341f6fe3d613a694366c11c5e0c9b637cb8a5ddb4caa0d3850425363c488456a6c5d604f658d57b302d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
2aae2536acca7f77d525826e8743682e

SHA1
c1b7762d248809e6bf9db793e0da90b41daed6e8

SHA256
fe6849fe4635f66303a9153d0b84b4389e7215bd4158e6dc948c61e733203ca5

SHA512
67986518fa0655342e1c1f91c95efcc05b92ebbd6eacfb15955a03dbbe08f925852223b56b0edd8c57596f2060c7495f35374cc794fe6ec424b7d8acf7f158cc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
b8c1e4af5a7b42d3fe7d714f325f77c8

SHA1
cdf46c7118bec3384f62085e8cdfb9095c33dde3

SHA256
940157cd984d4b9c6f90f8391cc0ea3398278055946d672424698e06ecf2d7eb

SHA512
3954cb4cec429d9adadeb6a7732e127b77e5ebd5d3bde24ae704d16703ca4f29e4af64f529d30c4409389d7ddefe350a75fdf90f9405a3c0151685ccd0ebeafa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
afdd494f2a22580eea881a3f45045457

SHA1
912acb3a0a0ca1a0514105ac3219d9cfd374d214

SHA256
fe55f7cd97ff6fe4af41bbb35347eff56bdc7f87269e433f639fb60c7b431897

SHA512
3e3aeddeaf89550b32451f95eace48cc185e805011c777a59e378c27405d03957905878adf19d08fa5007399c688c048e0a797bcf7636f591f25f43bd79769ae

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
c5964c88651852b35eddd30453b6328b

SHA1
e1bebb949063e6fd7c36bce5513abbe5d8777f05

SHA256
eeeae7fb36b2f63b7298305e6e355c6f775170371e5e443a492c8a2c5c02b5ab

SHA512
018480df7ee52fd55b82891fabd4433fa288221e52a5592d7006cfa44d82f53eb7e74cf39c67bd92c58fb4c8b0c198936208861249e4790cd58f0671af3916df

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
74e493817d9fbcfd050e3e7b6453ee2b

SHA1
ffec4cb00e995185f88b0f3e1487fbd435664db0

SHA256
9ae44854e914cf763f6c56f237ab58bae25427ad55e22b8703720418fc115422

SHA512
4fcbed6ac7025a03d618b0b9c627d53702ff56a17c54abecb0cdb6d4cf0dd7bc10def09a65e2c38d52c65b38107f8cf7d58e16c4039911c161b60b78ec5a42d1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\a559b0a2-92aa-43d2-a31f-683b7f4c7460.tmp

Filesize
10KB

MD5
55b9a47fbb5971892dacbb604cac9867

SHA1
9ffc6d416ced8c265ae5287b070304e49b821711

SHA256
d5eeec172f55a55c244de4a17738137cec025a9937b7192aed46341464d3dfba

SHA512
fd47f32dd92adbe19631cfe08a7b5b82d3bd9a152969bac73e1769b25e85ac194b15cedd618dba6764d6fb99c8feaec8e94bed028af2904e14b036562b5eb405

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
228KB

MD5
e3e8bc0754a353dc5c6cdd3000f46367

SHA1
676a16952bf851b3f45516e41120ba9733a322ea

SHA256
930c07513d29bafc0339ab417d77de4a20e17246eedcd35ff7a5c6a27cd4a6c4

SHA512
4dbde69bf11276f3f1da6b913df404deb9454595e27c8c26a51e526383e320a4aa4ac3ce2b7a350f3e27e8a57e13314e1e1aedb6314ac9b6882823fe769f0743

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
228KB

MD5
e03ca5ea666da788a952c50ca1004512

SHA1
89b67d09616d8315889c5ce69fea723e2dc9be4b

SHA256
39f01683861201fe6a212b114229f893933f8aec72874819e0dfd72ca6053297

SHA512
8b175d43c9d5c6c02a2dda507b2b7dab8aa9d85aa32a0b2fb63745f728bc1d79922cb95a2ca526ee72e9d36e86d39bf0fc1845ce612cac92e206af5ddc3c23e5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
228KB

MD5
00c2bd9912ba7e590a248bde93d2fa02

SHA1
57298140b5a582b0bfaaecb45cb61056fdc13a76

SHA256
e745b31e97269e55dbb8a1878c2e0617e79306d04820974fc113e8b9dc22fcf3

SHA512
18f9e50ed9744cd79fb3527dff637e104a405130cd3d13e566ea250a6017096a9b3bae473853793068f3145149f253291daab8feca6d34bb878bdf9907fc820b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
228KB

MD5
006658ea3644ae3fe1d6e49298e5b201

SHA1
65eb0265d7c69e82f8dd54e7e3f40807c393d808

SHA256
274838a2a9ec399a6281ecbce64c5c622b7466c842c1dc46c64f7d73c931cb92

SHA512
9ed7c5b111a148a71fcde54d7a457fe859cd335e7c570e17f34aeaba78ba00928e56231ccfd475c8e53309868f497e1fecc3b8269fdb6eb6a2bbcdc803387fd4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
228KB

MD5
9bdc139ab5ae7807ffe5fe0e7c5476ba

SHA1
6b3466beeeea3ec04fe56537d161fe70cbbfc910

SHA256
2055cf6ef7c8ca3d64907b27e662f3a6b40494b074ce976cc4e5e7fa83c3491f

SHA512
d0f046df5d54311695a5c1bc6f58713b64b7e8f0a0909b855319bf20f833fe6cb56c816db11abffe6635c7110d25811bcce335282a8dc6757adf7f24d0fa3264

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\activity-stream.discovery_stream.json.tmp

Filesize
19KB

MD5
e1af8a1769f2d516e4940b2609965384

SHA1
92207a40afd02135f7e0a9d05580a2f17780e506

SHA256
e03789c857c7b9bad52b190bed239760008099db6b462177a02192099f1a4344

SHA512
d5a2a5497007df3a87b3058fa615b41041a2046afb66c0f8210a76392717dd53b062136a82c77e910f3cbfd8662ca0602128733a8d063fd8fef1992288b00a37

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\activity-stream.discovery_stream.json.tmp

Filesize
18KB

MD5
39c9c4bd0b98dc8a05634eef80ffb07e

SHA1
635d96ab2a47386106198c981d268244b55af586

SHA256
97dab74a8603ad09cd1645d6ea7851954c5519363d050dca7d8508a909ecb940

SHA512
585e0533563213dd6a09c7deefb97f72b311563885b6ee3f056d5f96ec6c3d273b7c6767edd8c9994058d15bd05a5e9540eb798a1879bc8cd3b67aef9dd5df5d

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\cache2\doomed\17308

Filesize
15KB

MD5
2176b511c71460d3d6357fe6b9e44a8a

SHA1
45b664742800cf67290df056bfa6a5352fcfe423

SHA256
407bdc70c698572040bd3371810b33dd763b519c2ac296dac1cecbc0038b5328

SHA512
4640e941efbbc766a6efb5dc8c80c1a8fd85b908cc046e6461c28ee91fd3b32492cc2ed57b84e01bef1138f42891de617b7762705750f6551d2eee607769e58c

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\cache2\doomed\17466

Filesize
99KB

MD5
7d788a6b2f3ebfce6256f2e94f326865

SHA1
8e608bf005fd97b71a457a257da47075d9c270f2

SHA256
a861bfc4747ce2b9b962d2405f12a2e6ff9c1c92c5e7a1f89237bb4ad252591f

SHA512
d58d609117856c8d65213888f404d6fffb117fa14e5e743298c71bc90657b8fce27999fa3f83b2032348732a0bbf1de6a2cf59012ff6b77b3478efcd592df136

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\cache2\doomed\2154

Filesize
61KB

MD5
340d5eca970f9609b5ea9e45e221b786

SHA1
8cd41fba3db94a3c7f1910ee54750a56a3643433

SHA256
32274c5e060388a10041ec9bc94259b346b4636fbece5a8435b01bd41b00b38c

SHA512
5f8a6045136347f1b70f185e7de03c04e2317429a1fc79f0af454e9f167e3a289b0a50a37415f2ce6ec0d4f4e3e35bf266226b0e44fadca18e4cd4851d200e4c

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\cache2\entries\0305BF7FE660AF5F32B4319E4C7EF7A7B70257A3

Filesize
13KB

MD5
a748995c73a3732f0185dccb57d968f3

SHA1
740d2ca04554654d503dad6682363f053dbce77b

SHA256
886d51485f343675e98f5f36a3854318915bf03bdefa3c46ff3c155d31bc4515

SHA512
a58433827a6aa7d83ff1a6f2515b069b5d5d1c959739459a763648fedeff2bb30fa3f902cd9a18e58384c01ccf67bcad10e867819affc9968a1a43d710775c6d

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\cache2\entries\0305BF7FE660AF5F32B4319E4C7EF7A7B70257A3

Filesize
13KB

MD5
b0e07d1245a0bed42cafd19a94c1c260

SHA1
5799ffcd6950ec650f134a4d511131aa68f96eb1

SHA256
f6ab96ee2ee7aabf073afb189a6e7e2444b117cdc7f6c57449cc7d25cae7861f

SHA512
6e1b133af20650e2a84de59696bb6b21f5cc73f74ca7e478b0dddd90340157d077248f9a67926818e747e49dda85374e6870690700f6d349eb8a112d705d2d27

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\cache2\entries\1DF431202663B96214352B1DFE36A726B4137A2F

Filesize
47KB

MD5
e82d71b81ae16b2f1d72d5fe05cfaa5f

SHA1
867318fac9a34aa47fbcab382f4231bf50313a92

SHA256
16918fa30ef5da4c3ff2235f76ee747f7f810dcd9f2175d881c364aa03e18071

SHA512
6ac6e39009f19e084262a5a1d28e88d761d119fa2a5006cf5a5e9de033c46fa184904f1db5b118d9bca915e28501fcd38d9044fceac6115340da1ad5e4f68d42

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\cache2\entries\2492994A253B970917AF5CDF605580B1C2DC16A0

Filesize
63KB

MD5
546b521669ce46326ca58d6195c1c101

SHA1
59bebaddbaa2d8d2ed4faf9e3cd58da50b189bf7

SHA256
e7c0038806c45827f8a5c190543bb3bd63b44df104769ef1826b4256f14770e8

SHA512
e76f82ea80f46e2640b3535af858dc92c054e3e5448c2b08b5576be7688fcca59683e62ccf39489ea157b70a5c4922880672fc42283a726dbe41325edddeddb0

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\cache2\entries\254256B27E0C48CF9B80B695F0B3B8CA84610495

Filesize
9KB

MD5
d65f0f5f040253991a5e3037105152f5

SHA1
50a94feebd17f26ebaf79c174638cd50bead35ab

SHA256
af5270ebba27bfa6211d42257e00c6feb64438e3f94cb42b5eeec6eea1c72499

SHA512
1856ed179101e2fb4fd5a9616334d997e7258acf1abfd52144629d3ca2de4bcfcd975d4d06fd3971a7e3afd386e2a302efd55604ce1274beda916829ee678666

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\cache2\entries\44A812B5BECDA170D79381AA91D0961F29436101

Filesize
48KB

MD5
9b9f9a8cb6464f30da12caa1ef458349

SHA1
ce3d0b41e66bf8a1c887f662380cec5ba7b02a90

SHA256
d277ebc0e7223f2afeb63226ea800d3f11b2ae8f1d125bb4f14320b25a7798da

SHA512
faede7fa0c76e950812200fe9f17f2ad4f0365550b2cfaa54c454741cca76ffc1fe1e13150d953585e497a2f34cd740f578d17707db255c14a2b82c2bc63a7cd

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\cache2\entries\4A472A1677BC1843EF62A5E99F0318F11EF48A12

Filesize
30KB

MD5
09691ad9a53ef273732377311b395c0c

SHA1
3dfa7d5a61ac8efd757c9750bfee942ea2656f82

SHA256
6ccbd59063055d044a97179be048341f658e2b1cb735ee1473ddc9d09f625539

SHA512
723267e4bf9cf0377f3ab5236c1f48331fc2e5c708faf6d6ede4eb659c14b7fb01ca738b5a5a6072343165078b78fc44913ddfc71910f903be1cc877d893e00c

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\cache2\entries\5F4909CBE225CE96A9AB3579AE72E6ADA89428D9

Filesize
31KB

MD5
9bad4594e694e12a9ebc938e54cb7097

SHA1
a770501fbfa17e3cce3838b85fc652678261fd09

SHA256
6a330af3c41ed6a2ff317a0050c69cf8d051ca7c2c79d7da6f07e116eaf9c0e6

SHA512
d8d54b1d1235d82c2fe193f387cf681339a255c5a84b9453713d9acfbce8e82663c1b1c6d95a498b2846b875318fbaab9f81b12fc1b4c2b160b201a7a0e25fdd

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\cache2\entries\6D89348819C8881868053197CA0754F36784BF5F

Filesize
15KB

MD5
439bde4c2a14a126d1e0eb322bb78855

SHA1
9ce6127803f23dbd2239e426ca3d0cb2778b3638

SHA256
e8e80ce76a48ddb60681ba3c933ee1953ecaedff0f89b3d9604ad673b967359d

SHA512
63896ad89a3227030c5b642c835ec23b58a427b21695dc6bdb9d30a0efa71778494e1b1714bd45f5d97abda5786f953c6aeca28167c7ec2999e24025276f579d

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\cache2\entries\73A861CDE699EE431D74FE52208FA22781309C1D

Filesize
109KB

MD5
927a219b3ad113a64d41bafa9b6668f9

SHA1
4d618b2d1a0ba485f2008dc0517a1e661d2f9403

SHA256
4559190c655deeda728f13b19c98e63b8244facb7098256d66f9f40cf5a3403f

SHA512
5765ddaafe4be60b5a96edb8b744ec0e37b476d14794c43f58d8116c266261ddb58993f79c58fd4c55a6d91130e9d5ae65b6a2c03b6e968774117c8963f79ee0

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\cache2\entries\75E10B6CA912F3DD72B094B84BA83E8A0158EE6A

Filesize
30KB

MD5
becc58235ab002745893de5a96611c5d

SHA1
8528494ef48fa7761311c544e51e3fae1be66816

SHA256
61778be2e18d4c85a664044f62193e2f33d39d1bd68d96f04421f3503e871d17

SHA512
843ce17cc182c1915c289eece37f6037030d2ab2672a15bae086227bc0a5c6f67213225add564599480e6598eaa0ebee0acb8f191608ca489891b96fcab3d488

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\cache2\entries\AFA9B8322A34ADB148B30328FCEFDA4E33EAFE00

Filesize
69KB

MD5
33ed84d7d1e271af55500c4d81261d27

SHA1
ef3b5da9e280825a5204a145528ddef9e2f4ec2b

SHA256
a19532e1e43d7fda8b9eb10e5aeb375a53cd53e7fc01cbb3e83ff0e412774030

SHA512
a89f10876f2e285c58954f06a7bd7d1104360add368a4353bccf8334b45ad7409da243cc7ccb498652e3b75faf2d23e8c3d39fecfbf01bf562a6d81d0e28b375

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\cache2\entries\D0F48A0632B6C451791F4257697E861961F06A6F

Filesize
130KB

MD5
2a697fd64bc2fb7ae857f066ee2488f8

SHA1
b985cac01948f1002b961352f54063e5ad581492

SHA256
68a0907b2adef3efaf541f23594ba85f13aec4c901d6960b20d69269fe685d15

SHA512
0db19e4dd782013c016fe8a035be15d70cdad81425c3e2ec91a5e7bc8848aa78c03d8c4a0fd07c624a3ef4430a13482897da55c96e79add4162d0062723114ce

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\cache2\entries\D207CA89781848E7ECA4C658F22D4AEF1B168DD3

Filesize
28KB

MD5
47103c7085de573eef0bbe04a575f4e9

SHA1
61ad113feea45191a7d947d7bff4020ae5bea4b3

SHA256
7fc239635df5422255714a70b984a2107494db7520d64c4b9dc6fd281c80f5e5

SHA512
1215f46b2881bdcbe2b6907b153a7c8a55d977cc7b8d63df15e7b77b6a7a1fc487c5e40cab6864601190b2f267122b2169a02e64324f9308fcf0d67233a534fb

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\cache2\entries\D7EB97B69BE4CE4C6BB9083B4E08A4B504BFC2E3

Filesize
48KB

MD5
ad569f0b6fd87871078f632277ee72b5

SHA1
f23967f6e9fbd2b9082777232f8a0b23f839460a

SHA256
be818f350cfd9264314a5932b16294bfd394a37c76b893a9e7ae504cb68c08a6

SHA512
fd6a9846beba6b91f6b265343b068272f42db51a5b27fee6552706cd76a1452a2ebf9d4c43c8fb761a42be997ed845dbcc83ca44efd1afc3540d1cdee07c84b8

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\startupCache\scriptCache-child.bin

Filesize
705KB

MD5
19bcb67b36d0284fb32873aad9382b44

SHA1
c2ce4e7798ff2373b2b576ded609847b5a472a70

SHA256
df3d383cba8360899ab4f9799f60b21d13514f32d5c5676a94fa985b501377ff

SHA512
0c19153c37e4fbeda74b0e32786a6fe99b2fab6c9691843a569f8613095e72b9d8c5a1128dcdfbc6c236dce4e5a514dce3c96ec17f22d4643120c7e00723fd1b

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\startupCache\scriptCache-child.bin

Filesize
462KB

MD5
24d6c20c2371bb9028a30bf2a6c873cb

SHA1
0c3e9dd4ae0d70fa241ff9c9104bc8800a8e703c

SHA256
5531f258fd34995aad0248d4781fa9182332fdad29406e3dee6d99fc2b7205ee

SHA512
a06ec9cc88980c6a9c8f18f65a205599f49eb62071d5a06e0328853de9e888687eb6eba70d7f0e4bc8d403a5cff532d2f93defbeefa3d469986c0466d8e02dc9

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\startupCache\scriptCache.bin

Filesize
8.6MB

MD5
56f34995fd4fe60e20ab909aa4d6c0a2

SHA1
6026f189d04cb3d0f992fe6adbd71f1ffdd54a26

SHA256
efa3dd1947106f021660af7a914fb96c7e2e38c1ce1e89088113f2ea8296efd0

SHA512
0d00bc3dd35fdc502f4bede4948b9abdf618ecaff967d64b789f710968972d36b4896eaa8a6a395895cdd10ab6f4f9c01eb00c973fd0bb646f53d5e86eb91b04

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\startupCache\urlCache.bin

Filesize
2KB

MD5
92908bd457c8785835fd82ebf02c3a9e

SHA1
126ce3a9b92bfc5b6dfab6c148114cb55289f1c7

SHA256
5844863bf40c0c28f2e4df3ddccc4ab9a47452dadd6259df3420b3d933f0b6b1

SHA512
fdfab6975b89e1483b29989d54f32cb8a353fadacb753318666b77c617cb6e79f7ec24e8f2099ea149d15236e0d12df8a6f53dfef3d87135048d41f857a9b615

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\startupCache\urlCache.bin

Filesize
2KB

MD5
3773c38e583b818539568b6189268393

SHA1
e67d91f86ac9e0574e94bb2c7e23043f7ef96801

SHA256
68a275a9d929c2fd643b4652d528083b02eb38ce44db0edf5ade74af3e6f31d6

SHA512
691e99c385147d53890525e641670cfa947a557d59690575142c5ef08a31da41755f00121e7b12f9b201f3f8f3cf03b481d6b6b07e8c6746fff58db6c99f56fe

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\startupCache\webext.sc.lz4

Filesize
107KB

MD5
042df3dd695329e82498bbd06384ee1b

SHA1
86510e959e9559cb718a8246c3a2f316ba35c076

SHA256
1dca7d2aa577a8bce83296f3eac2d036c33c1410815e0bb2968ffdf51b5316a5

SHA512
3a98c9b383f364a0ea7ebb0c1ea05a9a33ffd3250019307315f94043b084ae56ce5c7239e7351c13231ca3baadab852a7cb6d91b695d508ef9eac3182e72e9c9

Download Submit
C:\Users\Admin\AppData\Local\Temp\mozilla-temp-files\mozilla-temp-41

Filesize
3.3MB

MD5
efe76bf09daba2c594d2bc173d9b5cf0

SHA1
ba5de52939cb809eae10fdbb7fac47095a9599a7

SHA256
707a9f323556179571bc832e34fa592066b1d5f2cac4a7426fe163597e3e618a

SHA512
4a1df71925cf2eb49c38f07c6a95bea17752b025f0114c6fd81bc0841c1d1f2965b5dda1469e454b9e8207c2e0dfd3df0959e57166620ccff86eeeb5cf855029

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon

Filesize
479KB

MD5
09372174e83dbbf696ee732fd2e875bb

SHA1
ba360186ba650a769f9303f48b7200fb5eaccee1

SHA256
c32efac42faf4b9878fb8917c5e71d89ff40de580c4f52f62e11c6cfab55167f

SHA512
b667086ed49579592d435df2b486fe30ba1b62ddd169f19e700cd079239747dd3e20058c285fa9c10a533e34f22b5198ed9b1f92ae560a3067f3e3feacc724f1

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

Filesize
13.8MB

MD5
0a8747a2ac9ac08ae9508f36c6d75692

SHA1
b287a96fd6cc12433adb42193dfe06111c38eaf0

SHA256
32d544baf2facc893057a1d97db33207e642f0dacf235d8500a0b5eff934ce03

SHA512
59521f8c61236641b3299ab460c58c8f5f26fa67e828de853c2cf372f9614d58b9f541aae325b1600ec4f3a47953caacb8122b0dfce7481acfec81045735947d

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\40371339ad31a7e6.customDestinations-ms

Filesize
5KB

MD5
80f3c9fe9e6bf872c30311a0eb9ef46e

SHA1
67e8ab269339f1f3fa60508b4f1943f1f96128ff

SHA256
757e8c34d6db23529fd12208fba96cbe0906e3c3b85c20e7a2ddd73fd69880b0

SHA512
38e4a67db0f2ddce66a688171d913334c1efc05a2b0cd408e6f33774e8ade29186804c60b73bd28132e88f10121caded691282b5fdc97871e487af0e55f8d7fe

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms

Filesize
10KB

MD5
8402f34ee9fd92a428a644bec6218d47

SHA1
df22413d4343a43bb6a45c08f9dd88261d29ff4d

SHA256
1cf4a462551c252cdd70e641272bf53a6f344935e5044aa21282386bc3eb2f69

SHA512
17195664649177bb4de52240b742fbe8c2a993e34954c7d84d5181256d4ecf48c4f627eb0b24e376d0c0b67ac1e2c7dff933e76786676fbc8336f6294afb3f87

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\AlternateServices.bin

Filesize
8KB

MD5
91ba093b1c95d5af4de8405216e6eb06

SHA1
ce43c73801a579c11d84a2c077b6dc7778eb36cd

SHA256
a9c1a54088380796d1e71976e87727bdc401ce78e6a5a449cb9fbd585722ffb3

SHA512
e95a926a637779af9bd2c54ce02ceca79b00b8ce5944bf188604b8393927e8805fbeb17aa0651ca16695870f20ccb2a460dcb321aacf7011d6ee8de48bbcca68

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\SiteSecurityServiceState.bin

Filesize
1KB

MD5
d5d40a237b2213457f33214472646e4e

SHA1
3cee3ea86b70118b5789928dcd55c26219ea89b2

SHA256
6302c3c7253dcc6cddd59f523be88b8135ebbd8d349302ba66322afeab4b097f

SHA512
3e504377b98b2b193e7d52ad2b904f4ab9e00984b8ca2d888782c074755157d00faba0d76e52f841f63ad8c6f326a78fd4b03d077523d569976ac4156bc7a892

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\bookmarkbackups\bookmarks-2024-10-13_11_at9c8Qmh-ynm3VahB8A2dQ==.jsonlz4

Filesize
1013B

MD5
15271c9e9c2c8e60d35578eb6977d772

SHA1
345d74c98febb2350ceda5ce64aa14a1184adfa8

SHA256
a0169f40953ee7d7a033040ec27def10df161871627a54522f94a1acd778b1ce

SHA512
d16b98728d5689f3fb26754113e6b6ead58fc1d3f56a19ff57f7c5d5b37ff57c015bede48e248576034642c67d01c32b44aa76945c7b5cda19958cf8ef424641

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\cert9.db

Filesize
224KB

MD5
3df72478db3f8b1c08b2b5e026d1783f

SHA1
026b29e0c5196e2b95b695096f0f09b5d8251eb6

SHA256
4de37f7776a4e99798322b8f9e3c703cb25b663a60a0722b5e6fe2bacf9b57b7

SHA512
9b3976966f6bc48ea597962c12ce15f9ea2f31c01b6809722927e0d6b1cba6b86329a09e02157cb16a82281b73f4a3e2637849e89e9f6a014ee453130249886f

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\content-prefs.sqlite

Filesize
256KB

MD5
b41ed219e2c8dac47f2701562d092621

SHA1
90d507eae3ec943a121dbe5a080412e40470b54f

SHA256
cfed019635a1e14f74ae78f2c03fb96b40ac3da37b67489bd98c144afc200f1f

SHA512
5c6027ec701055efb3b6c055727af5ed261e8f1d5ba954e64e8a34e5c791679b1e4a6ef49896ab8089ec151fd758ba41efc7333611af42b851606a0544a9b947

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\cookies.sqlite

Filesize
512KB

MD5
a4b1b877c79b276029dfa9442b6086c1

SHA1
663e57099f11cd11d95525ab609bdb881a99cd22

SHA256
da87fdad495a5ceb3fdf7a4e54d6143d5809a562da888a0c95263771378c5173

SHA512
6f4deb0839559b00fa40e57f39364160c87cddb838762c64cded83cd285ebe4a6299b036bfeb0b7ced8d0ca6ce85739b3f1dd5d4719d2144a881d8cc71f1b1b2

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\crashes\store.json.mozlz4

Filesize
66B

MD5
a6338865eb252d0ef8fcf11fa9af3f0d

SHA1
cecdd4c4dcae10c2ffc8eb938121b6231de48cd3

SHA256
078648c042b9b08483ce246b7f01371072541a2e90d1beb0c8009a6118cbd965

SHA512
d950227ac83f4e8246d73f9f35c19e88ce65d0ca5f1ef8ccbb02ed6efc66b1b7e683e2ba0200279d7ca4b49831fd8c3ceb0584265b10accff2611ec1ca8c0c6c

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\datareporting\glean\db\data.safe.bin

Filesize
48KB

MD5
15bb730f5dc078638eab268502315a6f

SHA1
3b9afd3ddf7894d075200b01a9a8a126dcffd57a

SHA256
688e3a280ce2b7316753100f43b0bc1cf550ec7ac30618a4cabcd6937b953e16

SHA512
3e14addba5635ee69a4f729ef9745484355a55b3ddfa4a5e9e85f1ee863ae127e055744381e44f6100e69088d6d1211a7e3ce6c33675e7e7e337069adffac72b

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\datareporting\glean\db\data.safe.tmp

Filesize
6KB

MD5
93f646ebdaa7c861c38e5fbd3d5d30e7

SHA1
0e2085a758a4a95642963dedc4ec33ec0f8414eb

SHA256
c5cff678f2485c6fbb061874e359e3e92ebe090bcde2736f74e5f213a43c0a8f

SHA512
acb42542d4e796877757b80f71405249c1d17f0c4ef8ca23ad32ce12346667c62325d57a6c1fa45bece991b2de4ea3da347e60e8561ebf86eb5251f68cc35dd7

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\datareporting\glean\db\data.safe.tmp

Filesize
7KB

MD5
202ff6e66bfcf06ec0bdb35ed6bab638

SHA1
379f7a2a86b605d2e80372aebb23a84688fd650f

SHA256
c123c130bb593d557829a82354244a991313557a44eff5f2b46a749ffcb9bd07

SHA512
aa6c6e47a7f33e7027619168187d3f3f54e3b195f1b46d0301e237a06db459bd72c6b6831e60debb7e0ab01269a99dfd24bf0b2cce35c4b67288a47113f78112

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\datareporting\glean\db\data.safe.tmp

Filesize
29KB

MD5
575a12215d29403c5d334316c29d7c86

SHA1
3cfdf0c1c4efd5e31df1b7e5763a851a2a7d559f

SHA256
b507570f105936dc54752806258a272a5204686b56bbe211d5807720d2cb9bfc

SHA512
88677c8cb9274cc48695acce1cd7fa65f493ea97e126c101b186c38a04815cd1342e63d439a77e51cd4572c4b248d5489894b1d65f593bcba24b41ae0451640c

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\datareporting\glean\db\data.safe.tmp

Filesize
27KB

MD5
822286526547386ac14aa5004ad66955

SHA1
3dfc6b32a03c11b6a60dea69214bc2cee598f7fa

SHA256
9000bfbd987a3b48d3d0fbbd07893abb251645c3028cec995642e27eba3538cc

SHA512
376a68977039c440e91c64b316afbbba22d011306dd3bf4ae63b21d283a110c2b749780d8ea93ee93541dae4c284190f32fd285cfb75d638182844ffa6fbff54

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\datareporting\glean\db\data.safe.tmp

Filesize
28KB

MD5
631bc17b1a962d35fd263795f0be3a1c

SHA1
8abfb23d8431f62bff9a86b177dc94ee62e5a800

SHA256
e74b05862389f086606895bf4a2e7f9cee332078031e9ebb5ac0d21b7b97b268

SHA512
8e6c2744a029f4a858380d68b1362a32e3c04908f25865ce130d6566170e71ec3914be531b41aa26f5b919df4d9ecaee2466b11f1732975e0802159b9d9b0391

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\datareporting\glean\db\data.safe.tmp

Filesize
46KB

MD5
bc7ae953fe1b09512e3a2af4765c0254

SHA1
20dd63bbb9a683753157eadc322bd8f79122c2c4

SHA256
255fdfbb80b904cafa8a4f1a17f4ca65290de801ef7fa75e4cc1dd01bf90ab74

SHA512
ff269a82727122ce8ff3cc812202deaa23784dbd7011426a42d651f3b9994f3c1dc13af21df33651832678363b2430692537eaee2a71284e6aa2cc44e07d305e

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\datareporting\glean\db\data.safe.tmp

Filesize
46KB

MD5
a8603ff1b62d4643a370c571fcf3e361

SHA1
0b005ce370ec3ea19224ac6b75d9ca79f99bbee0

SHA256
570cd73d86dc9ac0868fb94220761f8933116fda00d570a45727c45fa660d61e

SHA512
25ddfc955b8aa639459c9a6ff9e171454c1a122d2df73560bd92d8809962135df27930cdeed0957ebc44952e935cc818892e3ae741aa0ddaf92ece1f836818bd

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\datareporting\glean\db\data.safe.tmp

Filesize
27KB

MD5
7ba7adc9f357a56d2228adca877dde9c

SHA1
8a6b712db52f1b5efd3646d5d32d065b844686ee

SHA256
7292fe0e011fb6fd6787b7a54940732b20bec68da0b0865c0a18f8a755d6750a

SHA512
fd0acfad80b2c75a67952ccf54d8d4e14cfd26438bb49424d1c7a79861b13f0a1f19d79a848a2021c87f196ba5f874751e0c3af88f6545b62713a12433402b5e

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\datareporting\glean\db\data.safe.tmp

Filesize
5KB

MD5
5afe4579fbea8f51a09181ad0a823885

SHA1
2a59ef5db1fe8b096c3455110c39a8da1916df4a

SHA256
4915548c825845496ea0187b3c4632f1cac42b3d15777705202236d68aec2956

SHA512
eedfbecf1cfd51be4b732dad797b991abb4da7443b756159aa2e66c91c99143beb7995ad652aee9ea53d50e8d6709b92ef6a2d468c9b9883e1b9b57a640a8930

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\datareporting\glean\db\data.safe.tmp

Filesize
27KB

MD5
91c2ea5116fe581e1f1fba1eb2fe03ed

SHA1
facd707ca5c626c6133450a6e58d71289423c62d

SHA256
d836e48cafa11d2ed019cde26f2cb5581353d11baff4d944045fdb8b398bf043

SHA512
326d3ff829db9ba97278b41d2ba61b484023df7d2922f9d742884f35294c258f1f4e5defa20587dcdfecfdb949cdb28f08416dd61f145923a6608f21d24671b7

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\datareporting\glean\events\events

Filesize
1KB

MD5
5322f9a6ef4cd4cdf78ea0ff67df1889

SHA1
843b3d89225e4b3ef250a00469412a120b89343a

SHA256
359e86c1c870e1be3cfba32e8793945f0359c1c4ec853d845503d5a6e6adf290

SHA512
b64c55bdd185b094a6ac58ee085706ccbc6da8e77f2e2c95e370de78cc50d25173006c16d19d53434e7b1ece83b7311297f9a4bf44f79cafa7ccd56269f698e4

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\datareporting\glean\events\pageload

Filesize
333B

MD5
3053a01daaad49848fae602ead26b6aa

SHA1
65a5d91d403ee38248d7893e18650f4ffee468d7

SHA256
88a2c6672bf1ab410826b3dd74fbc2ba3af440e9b83d8d8522a32afdb26065f9

SHA512
2a8974493061084ba951ac1dcd749cc842172ce6144bbe4299492f6df2c316195e530e31b5e322776bcfa04426b4a680a6349cb3f81c9b54df79ac67101df1a1

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\datareporting\glean\pending_pings\0cf99cc5-0e63-4d86-950d-04d29cac719c

Filesize
671B

MD5
08f85510695d3ed9c3c7cbec1e8db52d

SHA1
047903d03301116c4cb9a056b7a1d47505f570f1

SHA256
e9d060920d25bad63291c235c48705068bd0671dd343ee1a07dca7293b1a14a7

SHA512
b9f30e262379b67857ce035913acc83f2cbfa4655dc69d9f5fdcc30a2b7217c44fca9d583679dc1bce910ac8ad99647bac8da0415318a1abea4ccc80af7c3737

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\datareporting\glean\pending_pings\2d3f2bb0-721b-489c-8ef1-8b8071ec41f1

Filesize
11KB

MD5
7a5253c6be93f5397ef7a475ccf64e2b

SHA1
f01b66ecab3d33ca4d74198492f6d8229032c960

SHA256
8da0a5b8a1922590c99b3b3a1cea9f4fd17621c023c636c83f0175f980cbce75

SHA512
b0445055124ff2baf8b041a296a70f820aa724ef5206b17321267b3c2328917a0e1db28e9ac8ca85b9689d01a3309177ffc605b4da993b0ab3835cea3085ecad

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\datareporting\glean\pending_pings\337f2058-0101-46da-9c46-0f3fb28ca7f8

Filesize
676B

MD5
be1d2b86a0eebd245813faeb7276d0cf

SHA1
9291297ded71b3354e35c9b3800765aaef9afef2

SHA256
1e62169796915e141c5228214b0dcd67d32dc22a7ab17152dbbecf1a5362de21

SHA512
9cddff999cd7d14c069323e69b9db6f896c0055a642ee8824f307c24aebc39e56cff9ecc32e5de0318343d6da24582d6d7fecf9db0186eadc7d41fa5656027c7

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\datareporting\glean\pending_pings\5b0a1d6d-eb6b-42b9-8fef-20284ffd5400

Filesize
905B

MD5
6d3f4183c2b04704b39b95225ba9b7ea

SHA1
63983e165d1db4028b0cf30e3c6a314917300508

SHA256
5208dfd000b42707c5db66ae6fe74d2c435faeefe57107db8c5e6b6dd0d8ca6d

SHA512
db5da57d18c81e93e0cbc61d46fb508a934228c5034241521c15bd2915d21d68dc14047948c636b6a5d108a95eb02527ddba431f5c7f2de3378040f466a4f93c

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\datareporting\glean\pending_pings\68ab3084-4887-472a-aa65-5718adf8fdc2

Filesize
723B

MD5
8d3eabac718b5d06ee2e953bca90c0a0

SHA1
d523ee438a8dc84ea2f0b738890f68ed2712f600

SHA256
57c8f7afd91cac6479e729f8d03e4d50f5731a90aade196a349f0336f1433fe3

SHA512
915d015be148afa008bdf6519d255184a8e58716492a5576fe50634df498efe3342ac4608bd73082f71f25912c5c802eb255382e2ad9441fe76e33008b63f9a9

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\datareporting\glean\pending_pings\bfe7a7d4-a4ba-4f40-b79a-248f1a5b0d25

Filesize
2KB

MD5
11447f52968bb18971c7a0f39edca2a5

SHA1
20e549ca9ad5732f3a122b7e412636a4cb064657

SHA256
36f78e61cce14aff7d54161a7fed9867db2767a7ca28ef07269c115e5182e277

SHA512
dd2d7a84d58c8053d4b74fc6b04d70856dc2a3243a37f2923113c51916b220236a143f9b74c7f5aaab6c2f2aa43c584f2ef9b99e51536775679e049c6ccc0859

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\datareporting\glean\pending_pings\c543d2cb-f62a-44ab-aa43-c514b2f18906

Filesize
23KB

MD5
07ada07a4ec7bf1d9ff29322e7595b0d

SHA1
abdaa2a89262b593ac796d9e95435dae8a112d78

SHA256
89f98cd02535991f28ac72c89182abe01a35ed04ed20818b6b9a8397e67bd195

SHA512
8cf1a16c55d0a1738fc6bddb1dd81252976b552f4de81d8d564f48c113675f5b53287068c61d1233c96f28814f8f669a783a172d7a5720aeaabd7b59bf52d310

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\datareporting\glean\pending_pings\d6bbe311-88bb-4c6c-977b-878990c789bf

Filesize
735B

MD5
35ae13a699ab5301b0694b010345944e

SHA1
9398132baedbf92cb07355162a029adf77db7353

SHA256
11d09033f29007d27faac363e8b8cd8632a789b7788c8300ebb609b89b767803

SHA512
8973778c572910509558c4edd7d3fdf745498b6d23338c6e1e4797fddb8e8ad64ef793a4690916f530bc1e54c23ec91a5c2a76addc28980dcff7cff09df436d5

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\datareporting\glean\pending_pings\e0f5458e-9cad-4128-90bb-a82c02057c50

Filesize
982B

MD5
df66ef1c7cc5d9aa9c5cb9756144cd2a

SHA1
ee5afaa93d1a2a8b8589efc9d9d9acae4aceec7b

SHA256
940186dce461c6704ff964a29f0e78869f42e4189381c1a845857625ab011f12

SHA512
d5a7611248fa0cf360562f6074092fba7d63a6730f48567402accecad585e4917310651606abd023b42a87eade3f871fedf2c8bcba913310d26db514216b5471

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\extensions.json

Filesize
37KB

MD5
fe6bd077c83c3b2f7309612116754d61

SHA1
9110bab8c9aaff0fe03d2c349eac4520ef269421

SHA256
41377103dc2c9527ce195aeeec6651de7e502fd7df7f8bd2d23735aed80a561d

SHA512
cd7d1f7a6db8d7ee48c9fa41af7f86ddfd181bf728a00847883eaada99da96b2c9242f30ea397a52abeb85b7c6a28690ca1a9b07bff5223d032d21160dc6cc82

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\favicons.sqlite

Filesize
5.0MB

MD5
56677885d2b0cc08037e07679fc012d0

SHA1
42c844def50e0f5f0506998e5dea34ff228e0c93

SHA256
35fc1e2351fc31bdc8a30a5d0c7332034e699d856c52d142c0738181e298ba9e

SHA512
f05b5d3bf6052577025cd25fb6fa40c53516b08f0b85ae97fd96473f22f79fe91ab91141ef7cd271394086213dea06ae61496bf0ddff2a104145c4f219aff281

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.dll

Filesize
1.1MB

MD5
842039753bf41fa5e11b3a1383061a87

SHA1
3e8fe1d7b3ad866b06dca6c7ef1e3c50c406e153

SHA256
d88dd3bfc4a558bb943f3caa2e376da3942e48a7948763bf9a38f707c2cd0c1c

SHA512
d3320f7ac46327b7b974e74320c4d853e569061cb89ca849cd5d1706330aca629abeb4a16435c541900d839f46ff72dfde04128c450f3e1ee63c025470c19157

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.info

Filesize
116B

MD5
2a461e9eb87fd1955cea740a3444ee7a

SHA1
b10755914c713f5a4677494dbe8a686ed458c3c5

SHA256
4107f76ba1d9424555f4e8ea0acef69357dfff89dfa5f0ec72aa4f2d489b17bc

SHA512
34f73f7bf69d7674907f190f257516e3956f825e35a2f03d58201a5a630310b45df393f2b39669f9369d1ac990505a4b6849a0d34e8c136e1402143b6cedf2d3

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\gmp-widevinecdm\4.10.2710.0\manifest.json

Filesize
372B

MD5
bf957ad58b55f64219ab3f793e374316

SHA1
a11adc9d7f2c28e04d9b35e23b7616d0527118a1

SHA256
bbab6ca07edbed72a966835c7907b3e60c7aa3d48ddea847e5076bd05f4b1eda

SHA512
79c179b56e4893fb729b225818ab4b95a50b69666ac41d17aad0b37ab0ca8cd9f0848cbc3c5d9e69e4640a8b261d7ced592eae9bcb0e0b63c05a56e7c477f44e

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\gmp-widevinecdm\4.10.2710.0\widevinecdm.dll

Filesize
17.8MB

MD5
daf7ef3acccab478aaa7d6dc1c60f865

SHA1
f8246162b97ce4a945feced27b6ea114366ff2ad

SHA256
bc40c7821dcd3fea9923c6912ab1183a942c11b7690cfd79ed148ded0228777e

SHA512
5840a45cfdb12c005e117608b1e5d946e1b2e76443ed39ba940d7f56de4babeab09bee7e64b903eb82bb37624c0a0ef19e9b59fbe2ce2f0e0b1c7a6015a63f75

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\permissions.sqlite

Filesize
96KB

MD5
22eca4adef4b2f1e87f645e3d2d7c192

SHA1
ddaa3ad1e26d19ac42f60d13558b91559a7c7b57

SHA256
3768ad20cb28fc12e6fcba68996b38e700909f472c6ed20c1732a0dd6c3e3e0f

SHA512
7f622737edd2e943b133f326030e97f43a9ac310abe41dcd11153bfbd7c20565ea1bfe555efe6a9c3378592dad7c5639f1dba714d6b29a5fb948218986f82d69

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\places.sqlite

Filesize
5.0MB

MD5
4b6e81ee98f7a46fa359692d3b2ab76c

SHA1
b509bacb548aa5470f9edcb6ce9d098b388b4d88

SHA256
7feb823380603e73c2b59ed422ed291e35432a4849d7cffee3163f36ef792bde

SHA512
9ede38385dfd22bb748ff22a4312ebb086d381b0d95b9531e49ebbd976483f9c8c6e24acefa1a8fa07207517207289c60cb43b78ced635a3fa3154af2b2bdf96

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\prefs-1.js

Filesize
13KB

MD5
b2793b5dd9cd63fe48e8f4ae4b9a40fc

SHA1
31fb5ee803bedbfe6745a76685531f96b68e7cee

SHA256
f2f5cfdef5fb3a04c8890a5afc4d575a1f5f27005f90c2b7f5ed130cd9e4fd4a

SHA512
37810a7ab6bff03d8092828d00fe071dec468e1e1065fa822e804d9c837e3d28fa13aa7a85a8742df1895a477a1c157689116e99840053e062a53d46cf1963bd

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\prefs-1.js

Filesize
12KB

MD5
fa9e57bb2bea7ab3b376f9423e24f68c

SHA1
8af5f1f4c206bd871275fc4c6375a2f844268a75

SHA256
e4cac93894d1125e400effe3a704e4aba623ae1c4fba655b9fef5d20d6b0e23f

SHA512
293590441cc3d1fb7913024446a823dcf253d72ed6055e8d78807b5152bcfb453a334cc37e9db021a651b9c4b98e1a0afa9ca1638e09ad4eb9b153a82e85749a

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\prefs-1.js

Filesize
12KB

MD5
fdad753395cb099c2bb0dd3ef6357dce

SHA1
2a08de32a2f124b075f217545147593fa6652688

SHA256
dad9973c1c45f6bb2d1a050c8022348f025b81ceebec78ee90ae9e5336e06da1

SHA512
275786a03e0a0ae6f0fa8c86dc56b06a8dece38e35738202ee0c74a5a80034989175f548fa19816609a34ec7c7c182f011c0e72fb498fcbad6024538641eba7a

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\prefs-1.js

Filesize
12KB

MD5
97ed4dba6f40fc0bb44a9d0cd0afa798

SHA1
b10a8135d356395d870d424c17da059fe6092802

SHA256
dc1804d9f1a77187829d2b087a13b5ca036b15973b301844a88d7d1d3cfdd9ea

SHA512
d5c0a2f98da90fc519b5aa50787ec5361db1397f685004722033c3b6c760162e9a7c4753fb8f7d006db8f0f550d14c51b3dcb56129a6c1045f029eb391403b38

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\prefs.js

Filesize
12KB

MD5
9f6ab334235350cdb0156f004efd294d

SHA1
944ec9edd898d5ad0c48c740ca8a35246b33d8f7

SHA256
f866c657773016d482acf76421b4e98be9c5075b5b97c0afdfa36e59de68617c

SHA512
34f0825fa682ffca26701989636da5b8c16a531714074ba72d331473d30e08ddff1a207a854e6e7aea219425ad5d77f5d59254f8ea631c4c2b4eceee06b41d26

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\prefs.js

Filesize
10KB

MD5
21c2c28db7acfb44b8049b796a924542

SHA1
db00331e7c38bc75033f571858446d81ca42c274

SHA256
3419cd49e0b3a03c21ceb52a3ef269c4fe491a9dadf0ff7a3820308c9da4e841

SHA512
05ba22ad435537372c69f86cb37bad9a42d48b4ae70b752bc366b872baa0909409419b950cbd247d411aeda5160ba37c825ddbfc6ff2c7e970e02f53160547e0

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\prefs.js

Filesize
11KB

MD5
074b5de3b734718bd690ba6248f97b95

SHA1
fd4210376c871cf0ed2856987ac1c1a5b50c90a0

SHA256
176fc79c609ada02c0c424b4121ed044f93fd62e4aeeb1dc547d9be865c337f0

SHA512
82576e7724acab4f74385be94cd33407d786ae16fba247f2d796d933b76074beb1d04de044dfa56c51509ea6da8150debffb86dcf500d2a92f25bd09e293538d

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\prefs.js

Filesize
12KB

MD5
ed27fae220006a12869b17160fc08a28

SHA1
33a3af7518bfe534f05e7ce48e687da222bcda05

SHA256
ef84f4081151b1a9ba23faaa6a4c32cf1087115a2ace97947faded105c6b47a4

SHA512
b1907bf3f5dd478f7882cf777e5bb59b1ece5ea906580666a9b3551c85ca83137fb4693db7d71d1b6b7ac1ee36772eeef4b1e170d1e59e78c49762526a78234a

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\protections.sqlite

Filesize
64KB

MD5
76786a4c0dd19d88d6d3ed95a293bf2f

SHA1
b0d6d676127a7694fc6e71ee57fcc2ffaa621ff7

SHA256
1a2564c1ba20b8038d35c2319258d94dc15d97914dcf753b31c48b79940dfd31

SHA512
8cd3298e2ebba763d3c80ac4b17e44af7eb63b46304967d0c6316d314baf8611c05f7b9979c2c5c329ac167aea0246e8c9f057ffbb272481c13fd5e4b4bcb2d0

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\sessionCheckpoints.json

Filesize
90B

MD5
c4ab2ee59ca41b6d6a6ea911f35bdc00

SHA1
5942cd6505fc8a9daba403b082067e1cdefdfbc4

SHA256
00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2

SHA512
71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\sessionCheckpoints.json

Filesize
146B

MD5
65690c43c42921410ec8043e34f09079

SHA1
362add4dbd0c978ae222a354a4e8d35563da14b4

SHA256
7343d5a46e2fca762305a4f85c45484a49c1607ede8e8c4bd12bedd2327edb8d

SHA512
c0208d51cf1586e75f22764b82c48ecbb42c1ff54aa412a85af13d686e0119b4e49e98450d25c70e3792d3b9c2cda0c5ab0c6931ebaf548693bb970a35ae62b9

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\sessionCheckpoints.json

Filesize
288B

MD5
948a7403e323297c6bb8a5c791b42866

SHA1
88a555717e8a4a33eccfb7d47a2a4aa31038f9c0

SHA256
2fca1f29b73dd5b4159fa1eb16e69276482f5224ba7d2219a547039129a51f0e

SHA512
17e2f65c33f47c8bb4beca31db2aff3d4bbb6c2d36924057f9f847e207bdcb85ffcbb32c80dd06862ffc9b7f0bd3f5e2e65b48bb1bc3363732751101d5596b1a

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\sessionCheckpoints.json

Filesize
122B

MD5
99601438ae1349b653fcd00278943f90

SHA1
8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9

SHA256
72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a

SHA512
ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\sessionCheckpoints.json.tmp

Filesize
53B

MD5
ea8b62857dfdbd3d0be7d7e4a954ec9a

SHA1
b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a

SHA256
792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da

SHA512
076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\sessionCheckpoints.json.tmp

Filesize
288B

MD5
6b77a9f779399e95d1cee931a2c8f8ff

SHA1
826efd4feb0d50fcce5696111af7c811b81adcd9

SHA256
3a0285c8233ef0324b269f7291094e19fd9b77259f9419861ad796f7e9c979f3

SHA512
ef537c75fab8e86483ac03cc0d2feaf41575e35f54b95669a26bf6dfbf58021dc9a5bbe54d9537b55da3fbb0e0262adf6c5efd4394faaec81a31604533afec4f

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\sessionstore-backups\recovery.baklz4

Filesize
2KB

MD5
3fced5bec0357b4f28158fce09e9d07b

SHA1
086630a6a5bde3c2441fd9474f97a97443971c4f

SHA256
47836a56d246fa6a728591e4a42e74e0d35b5f6cf4cb0f2ad1ec0d897430eeeb

SHA512
d32c9f2a4a05fb5a8eccde5682bd3a46b4b878b0c68a1fb23c404602e5fe05f919050564f82f47e821fb7f7852736b22aada09d577350f76f2cdebb6f31a1292

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\sessionstore-backups\recovery.baklz4

Filesize
3KB

MD5
c954c8516312aa6658f00ac9712d6642

SHA1
318bf2c65c0250d2f9a2aae85256541cf5ade3c7

SHA256
dbf00026db9a2cb553a80d2d1618c84f44123cfee9feddd294068002c319ed84

SHA512
a8f7d9311f9d829d92d946c913284a35877e9a675d03843ecab1abff63d6a0a93d069744e0ee4e79fed4803b33e6d1eaa3bf05ade122c1aeff43f6138375d7ac

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\sessionstore-backups\recovery.baklz4

Filesize
3KB

MD5
f0213382ba42e6427ada38d060c687cc

SHA1
fc0ed3faed6a8944103afce66617b5859f9a2af8

SHA256
c7695263cdfa1987773452e60f0a2281978fe15eaaec2dbb6ceca16c76c05806

SHA512
e3ea99dc9f3042a3bf82b8ba70924e1266189768539c3cb8200d7bb32788d74e921cca15815c07a34fc1af5e08aae55700f53a4a00dfe7f8eaa553dfda0d410b

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\sessionstore-backups\recovery.baklz4

Filesize
3KB

MD5
4a6213b113aac2a717728a296e023fb0

SHA1
cf58bd8055ecfe3d08999949b7ce2a0bcc325f10

SHA256
a517ee62fdd228c60689b2cf5d1399d584e93ec21ab00825c16c9d3338d66784

SHA512
8cbfd505a74ab6ad386ad748b69fc381dcf4ba731b4d07eec0c274ccf49f4fb4e4cd537f0b206f734a07c8a2b682c5e16ae25510036e22ca81caca6b2c6bd7a2

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\sessionstore-backups\recovery.baklz4

Filesize
3KB

MD5
b44263f5d9c348a1bfa7ea974341fbd4

SHA1
d7a406d6bdfb2a7cc82e921859dacb000c1d5083

SHA256
c759912c15a7c3a3590fa13501f6e1137997e439710e966ad34affbc82f600c8

SHA512
c6ede4e907ee9f48ae56fb6966742b8024522e27734eb92c22f2c1deaf60b659e981a5980f8bdefe182e5a1ddfde8d68f32cde7c67b31c475191ea04a4f5bdf6

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\sessionstore-backups\recovery.baklz4

Filesize
4KB

MD5
d29716e10d0d1bd0b009b3b7eab8f09f

SHA1
7fbbbf6561aebe77e983822ed73a7bb87e0bd5cc

SHA256
fd201f736d3d9931616802767f0d81b7e76155cddd3afbabce244fed57ecdc96

SHA512
502c64de59e5a16b3e2f77a09932bfb06391e39abf28d6aab3e9e2bf5d032e083709f990a582b9f6547627e86b10db303e5caa091dfe9060c74d3d943aeefd5a

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\sessionstore.jsonlz4

Filesize
4KB

MD5
0d1ca4fa56b89ecfb9ba14c1bf74c47a

SHA1
a35e72014827605ac33dbbda7c78911b6f6683b5

SHA256
672abcc199d480ccc6935213cb1b365d5f3bf9af2b34fc83846d30c14125a224

SHA512
b90bedc830c9e057da37a575cb4247109304bbd3c12a8fb1bdee10fc02b5fedd4acd9b3d8a46853cd64652485b84e43532818c7be4f32d63b199a824500ace30

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\storage.sqlite

Filesize
4KB

MD5
1459e2fe7e1a5bbd15e634b6eba926a0

SHA1
582667b0084bcfea640673c7133ed465612091c4

SHA256
4948c709ad563d4348e6f6c93e46624a44b3fcdff00f694c6a99fa0faa6b7bcf

SHA512
8dde0697dff8b44179d2dc254f79a0c9f656e4247694369f40ddc3dd15c98cfc8d65ca1bb4ec7a310ddc16329eef43db4fd5cf7019169592926f999f49107128

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite

Filesize
48KB

MD5
999c25fc040ea2b97be91004899a2533

SHA1
345ddf9c7f3cd7a84fd315928db7c3253454402b

SHA256
f96dafd1a41c922c7aab7f752caa7e025f53d6f99194f42d9501bb659bfdfcc6

SHA512
e81afec779a613e240b9c92a1f8c361587a6fa902f1e20827667f6ec57abe03c587806ec105e2c06ce3a650a064683ef17e06f615534dfae6e4b1e8466ad0f53

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

Filesize
584KB

MD5
6513828b275513f60edcb9649820a0b9

SHA1
bfa668e62a1c30c4ea050cc42c6e9bacd4e956ea

SHA256
9474840eeb4e7e642983d4fe6a79d8ab092ce81ffd6700909879c6e8b0592398

SHA512
d85ed2c0d2eb09844bf7dd66f76136aaf1682855629ea870faf23fc3b5566f7e24d129ca500d33ceac153e041c7e1df04eb757cc4b5886d4f9d3316bc5a20bfe

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\xulstore.json

Filesize
219B

MD5
7203fdbc2c9ef0c1d8d8632e039600c4

SHA1
e8e49012d8330e80a65ad42b66e44a201376235d

SHA256
46e19b8fdc59b22327129e4bd8365fcc7d4f4f7ddeef9605800a87bbe4c26956

SHA512
90b19fdce13fabd125220b642009ffd2bb99f10e17db3a6d1398cc73bb003d048d86bd07181af1f96e9ba1e53013ea7b013611f6d6ccf352d890e150f7644b32

Download Submit
C:\Users\Admin\Downloads\Ransomware.WannaCry(3).zip:Zone.Identifier

Filesize
50B

MD5
dce5191790621b5e424478ca69c47f55

SHA1
ae356a67d337afa5933e3e679e84854deeace048

SHA256
86a3e68762720abe870d1396794850220935115d3ccc8bb134ffa521244e3ef8

SHA512
a669e10b173fce667d5b369d230d5b1e89e366b05ba4e65919a7e67545dd0b1eca8bcb927f67b12fe47cbe22b0c54c54f1e03beed06379240b05b7b990c5a641

Download Submit
C:\Users\Admin\Downloads\gskFoiTl.txt.part

Filesize
70B

MD5
39148bc21924851d9082b687dc69e2dc

SHA1
5d1e5490476227aa8877b87aad184031e19dc33a

SHA256
76a94c98df32a1d37cc7f1e2b86bdc524eda3fedcdb35e57de0dd56bd976142f

SHA512
2415bb9de017c086abf8315e4288a04d5eb6048af2637e75843778f24de6834154b68365794b6cbc09ef5da0fe96d5bfce20227bf3656d23b7f148fb60988041

Download Submit