hxxp://is[.]gd/11ix7p

Analysis

max time kernel
618s
max time network
656s
platform
windows11-21h2_x64
resource
win11-20241007-en
resource tags

arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
submitted
27-10-2024 13:13

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://is.gd/11ix7p

Score

5^/10

steam discovery phishing

Malware Config

Signatures

Detected potential entity reuse from brand STEAM.
phishing steam
Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Checks processor information in registry 2 TTPs 8 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

Processes:

firefox.exefirefox.exe

description	ioc	process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe

Modifies registry class 1 IoCs

Processes:

firefox.exe

description ioc process

Key created \REGISTRY\USER\S-1-5-21-4018527317-446799424-2810249686-1000_Classes\Local Settings firefox.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-21-4018527317-446799424-2810249686-1000_Classes\Local Settings	firefox.exe

Suspicious use of AdjustPrivilegeToken 9 IoCs

Processes:

firefox.exe

description	pid	process
Token: SeDebugPrivilege	2696	firefox.exe
Token: SeDebugPrivilege	2696	firefox.exe
Token: SeDebugPrivilege	2696	firefox.exe
Token: SeDebugPrivilege	2696	firefox.exe
Token: SeDebugPrivilege	2696	firefox.exe
Token: SeDebugPrivilege	2696	firefox.exe
Token: SeDebugPrivilege	2696	firefox.exe
Token: SeDebugPrivilege	2696	firefox.exe
Token: SeDebugPrivilege	2696	firefox.exe

Suspicious use of FindShellTrayWindow 31 IoCs

Processes:

firefox.exe

pid	process
2696	firefox.exe
2696	firefox.exe
2696	firefox.exe
2696	firefox.exe
2696	firefox.exe
2696	firefox.exe
2696	firefox.exe
2696	firefox.exe
2696	firefox.exe
2696	firefox.exe
2696	firefox.exe
2696	firefox.exe
2696	firefox.exe
2696	firefox.exe
2696	firefox.exe
2696	firefox.exe
2696	firefox.exe
2696	firefox.exe
2696	firefox.exe
2696	firefox.exe
2696	firefox.exe
2696	firefox.exe
2696	firefox.exe
2696	firefox.exe
2696	firefox.exe
2696	firefox.exe
2696	firefox.exe
2696	firefox.exe
2696	firefox.exe
2696	firefox.exe
2696	firefox.exe

Suspicious use of SendNotifyMessage 2 IoCs

Processes:

firefox.exe

pid process

2696 firefox.exe
2696 firefox.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

firefox.exe

pid process

2696 firefox.exe
2696 firefox.exe
2696 firefox.exe
2696 firefox.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

firefox.exefirefox.exe

description	pid	process	target process
PID 2892 wrote to memory of 2696	2892	firefox.exe	firefox.exe
PID 2892 wrote to memory of 2696	2892	firefox.exe	firefox.exe
PID 2892 wrote to memory of 2696	2892	firefox.exe	firefox.exe
PID 2892 wrote to memory of 2696	2892	firefox.exe	firefox.exe
PID 2892 wrote to memory of 2696	2892	firefox.exe	firefox.exe
PID 2892 wrote to memory of 2696	2892	firefox.exe	firefox.exe
PID 2892 wrote to memory of 2696	2892	firefox.exe	firefox.exe
PID 2892 wrote to memory of 2696	2892	firefox.exe	firefox.exe
PID 2892 wrote to memory of 2696	2892	firefox.exe	firefox.exe
PID 2892 wrote to memory of 2696	2892	firefox.exe	firefox.exe
PID 2892 wrote to memory of 2696	2892	firefox.exe	firefox.exe
PID 2696 wrote to memory of 3052	2696	firefox.exe	firefox.exe
PID 2696 wrote to memory of 3052	2696	firefox.exe	firefox.exe
PID 2696 wrote to memory of 3052	2696	firefox.exe	firefox.exe
PID 2696 wrote to memory of 3052	2696	firefox.exe	firefox.exe
PID 2696 wrote to memory of 3052	2696	firefox.exe	firefox.exe
PID 2696 wrote to memory of 3052	2696	firefox.exe	firefox.exe
PID 2696 wrote to memory of 3052	2696	firefox.exe	firefox.exe
PID 2696 wrote to memory of 3052	2696	firefox.exe	firefox.exe
PID 2696 wrote to memory of 3052	2696	firefox.exe	firefox.exe
PID 2696 wrote to memory of 3052	2696	firefox.exe	firefox.exe
PID 2696 wrote to memory of 3052	2696	firefox.exe	firefox.exe
PID 2696 wrote to memory of 3052	2696	firefox.exe	firefox.exe
PID 2696 wrote to memory of 3052	2696	firefox.exe	firefox.exe
PID 2696 wrote to memory of 3052	2696	firefox.exe	firefox.exe
PID 2696 wrote to memory of 3052	2696	firefox.exe	firefox.exe
PID 2696 wrote to memory of 3052	2696	firefox.exe	firefox.exe
PID 2696 wrote to memory of 3052	2696	firefox.exe	firefox.exe
PID 2696 wrote to memory of 3052	2696	firefox.exe	firefox.exe
PID 2696 wrote to memory of 3052	2696	firefox.exe	firefox.exe
PID 2696 wrote to memory of 3052	2696	firefox.exe	firefox.exe
PID 2696 wrote to memory of 3052	2696	firefox.exe	firefox.exe
PID 2696 wrote to memory of 3052	2696	firefox.exe	firefox.exe
PID 2696 wrote to memory of 3052	2696	firefox.exe	firefox.exe
PID 2696 wrote to memory of 3052	2696	firefox.exe	firefox.exe
PID 2696 wrote to memory of 3052	2696	firefox.exe	firefox.exe
PID 2696 wrote to memory of 3052	2696	firefox.exe	firefox.exe
PID 2696 wrote to memory of 3052	2696	firefox.exe	firefox.exe
PID 2696 wrote to memory of 3052	2696	firefox.exe	firefox.exe
PID 2696 wrote to memory of 3052	2696	firefox.exe	firefox.exe
PID 2696 wrote to memory of 3052	2696	firefox.exe	firefox.exe
PID 2696 wrote to memory of 3052	2696	firefox.exe	firefox.exe
PID 2696 wrote to memory of 3052	2696	firefox.exe	firefox.exe
PID 2696 wrote to memory of 3052	2696	firefox.exe	firefox.exe
PID 2696 wrote to memory of 3052	2696	firefox.exe	firefox.exe
PID 2696 wrote to memory of 3052	2696	firefox.exe	firefox.exe
PID 2696 wrote to memory of 3052	2696	firefox.exe	firefox.exe
PID 2696 wrote to memory of 3052	2696	firefox.exe	firefox.exe
PID 2696 wrote to memory of 3052	2696	firefox.exe	firefox.exe
PID 2696 wrote to memory of 3052	2696	firefox.exe	firefox.exe
PID 2696 wrote to memory of 3052	2696	firefox.exe	firefox.exe
PID 2696 wrote to memory of 3052	2696	firefox.exe	firefox.exe
PID 2696 wrote to memory of 3052	2696	firefox.exe	firefox.exe
PID 2696 wrote to memory of 3052	2696	firefox.exe	firefox.exe
PID 2696 wrote to memory of 3052	2696	firefox.exe	firefox.exe
PID 2696 wrote to memory of 3052	2696	firefox.exe	firefox.exe
PID 2696 wrote to memory of 4792	2696	firefox.exe	firefox.exe
PID 2696 wrote to memory of 4792	2696	firefox.exe	firefox.exe
PID 2696 wrote to memory of 4792	2696	firefox.exe	firefox.exe
PID 2696 wrote to memory of 4792	2696	firefox.exe	firefox.exe
PID 2696 wrote to memory of 4792	2696	firefox.exe	firefox.exe
PID 2696 wrote to memory of 4792	2696	firefox.exe	firefox.exe
PID 2696 wrote to memory of 4792	2696	firefox.exe	firefox.exe
PID 2696 wrote to memory of 4792	2696	firefox.exe	firefox.exe

Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
persistence

Query Registry
T1012

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "http://is.gd/11ix7p"
1⤵
- Suspicious use of WriteProcessMemory
PID:2892

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url http://is.gd/11ix7p
2⤵
- Checks processor information in registry
- Modifies registry class
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2696

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2004 -parentBuildID 20240401114208 -prefsHandle 1920 -prefMapHandle 1912 -prefsLen 23678 -prefMapSize 244658 -appDir "C:\Program Files\Mozilla Firefox\browser" - {e807d9f1-837c-4ce6-b56f-fc75e97776f9} 2696 "\\.\pipe\gecko-crash-server-pipe.2696" gpu
3⤵
PID:3052

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2412 -parentBuildID 20240401114208 -prefsHandle 2404 -prefMapHandle 2392 -prefsLen 24598 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {70768c33-e61d-4ee1-8d7e-fabed726a32d} 2696 "\\.\pipe\gecko-crash-server-pipe.2696" socket
3⤵
PID:4792

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2920 -childID 1 -isForBrowser -prefsHandle 3412 -prefMapHandle 3408 -prefsLen 22652 -prefMapSize 244658 -jsInitHandle 1360 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e4cb046d-c9bd-4088-b6e4-4ec184bad147} 2696 "\\.\pipe\gecko-crash-server-pipe.2696" tab
3⤵
PID:3096

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3260 -childID 2 -isForBrowser -prefsHandle 3168 -prefMapHandle 2708 -prefsLen 29088 -prefMapSize 244658 -jsInitHandle 1360 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {786eda18-cd00-4574-9b53-a395a76f71c9} 2696 "\\.\pipe\gecko-crash-server-pipe.2696" tab
3⤵
PID:1040

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4344 -parentBuildID 20240401114208 -sandboxingKind 0 -prefsHandle 4356 -prefMapHandle 4352 -prefsLen 29088 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {0b59df06-e364-4f1e-b224-add189415daa} 2696 "\\.\pipe\gecko-crash-server-pipe.2696" utility
3⤵
- Checks processor information in registry
PID:2348

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5516 -childID 3 -isForBrowser -prefsHandle 5528 -prefMapHandle 5524 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 1360 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {0d62add6-ece8-4c38-9ccb-1474d57b0262} 2696 "\\.\pipe\gecko-crash-server-pipe.2696" tab
3⤵
PID:2100

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5536 -childID 4 -isForBrowser -prefsHandle 5404 -prefMapHandle 5356 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 1360 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {8be7ce91-5be7-4476-9c14-20f096cce447} 2696 "\\.\pipe\gecko-crash-server-pipe.2696" tab
3⤵
PID:1564

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5836 -childID 5 -isForBrowser -prefsHandle 5432 -prefMapHandle 5436 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 1360 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f5c60ed0-cbb3-4743-9770-2d81a7f4161d} 2696 "\\.\pipe\gecko-crash-server-pipe.2696" tab
3⤵
PID:3612

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6012 -childID 6 -isForBrowser -prefsHandle 6020 -prefMapHandle 5468 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 1360 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2a418882-2efd-42d5-8e19-6685bd529e85} 2696 "\\.\pipe\gecko-crash-server-pipe.2696" tab
3⤵
PID:2560

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6024 -childID 7 -isForBrowser -prefsHandle 3964 -prefMapHandle 3960 -prefsLen 29355 -prefMapSize 244658 -jsInitHandle 1360 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d958ceac-3b99-4880-8529-f8b67d66b58f} 2696 "\\.\pipe\gecko-crash-server-pipe.2696" tab
3⤵
PID:248

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6416 -childID 8 -isForBrowser -prefsHandle 6424 -prefMapHandle 6428 -prefsLen 27211 -prefMapSize 244658 -jsInitHandle 1360 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {878c8527-265b-48d5-bde9-141f381f32d9} 2696 "\\.\pipe\gecko-crash-server-pipe.2696" tab
3⤵
PID:2052

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5784 -childID 9 -isForBrowser -prefsHandle 5720 -prefMapHandle 5716 -prefsLen 27998 -prefMapSize 244658 -jsInitHandle 1360 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {94ba825d-2105-4d6c-82cf-571d097cae11} 2696 "\\.\pipe\gecko-crash-server-pipe.2696" tab
3⤵
PID:2000

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4112 -childID 10 -isForBrowser -prefsHandle 5172 -prefMapHandle 3160 -prefsLen 27998 -prefMapSize 244658 -jsInitHandle 1360 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {1e384b75-1da0-402f-acf7-fdb0f0575948} 2696 "\\.\pipe\gecko-crash-server-pipe.2696" tab
3⤵
PID:1304

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6004 -childID 11 -isForBrowser -prefsHandle 6168 -prefMapHandle 6040 -prefsLen 27998 -prefMapSize 244658 -jsInitHandle 1360 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b36a60b9-3c6f-451e-a96f-dc2357ef5ee8} 2696 "\\.\pipe\gecko-crash-server-pipe.2696" tab
3⤵
PID:1156

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6888 -childID 12 -isForBrowser -prefsHandle 6800 -prefMapHandle 6816 -prefsLen 27998 -prefMapSize 244658 -jsInitHandle 1360 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {6496e4d1-23af-42f0-aebc-f8d09065b873} 2696 "\\.\pipe\gecko-crash-server-pipe.2696" tab
3⤵
PID:2056

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7012 -childID 13 -isForBrowser -prefsHandle 6716 -prefMapHandle 7008 -prefsLen 27998 -prefMapSize 244658 -jsInitHandle 1360 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {fc7664b5-496f-4d52-8fed-9d884f4593aa} 2696 "\\.\pipe\gecko-crash-server-pipe.2696" tab
3⤵
PID:3476

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7252 -childID 14 -isForBrowser -prefsHandle 7268 -prefMapHandle 7264 -prefsLen 27998 -prefMapSize 244658 -jsInitHandle 1360 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c38d8de7-0d79-4b6b-a72a-eb944faa3e02} 2696 "\\.\pipe\gecko-crash-server-pipe.2696" tab
3⤵
PID:4900

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7372 -childID 15 -isForBrowser -prefsHandle 7292 -prefMapHandle 7296 -prefsLen 27998 -prefMapSize 244658 -jsInitHandle 1360 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {4136fd5a-ea36-4463-a470-bb3a4efc3c0f} 2696 "\\.\pipe\gecko-crash-server-pipe.2696" tab
3⤵
PID:2560

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6564 -childID 16 -isForBrowser -prefsHandle 2556 -prefMapHandle 7248 -prefsLen 29697 -prefMapSize 244658 -jsInitHandle 1360 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2a3f2f98-c749-4252-9950-401a53e7a13f} 2696 "\\.\pipe\gecko-crash-server-pipe.2696" tab
3⤵
PID:3880

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6924 -childID 17 -isForBrowser -prefsHandle 5188 -prefMapHandle 5056 -prefsLen 29697 -prefMapSize 244658 -jsInitHandle 1360 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c2428c6f-84e3-4169-b9d3-f66ee3da543f} 2696 "\\.\pipe\gecko-crash-server-pipe.2696" tab
3⤵
PID:4176

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5828 -parentBuildID 20240401114208 -prefsHandle 6556 -prefMapHandle 4108 -prefsLen 32343 -prefMapSize 244658 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1577ad69-d4fe-4983-b572-c8f2d61caf71} 2696 "\\.\pipe\gecko-crash-server-pipe.2696" rdd
3⤵
PID:2152

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7876 -childID 18 -isForBrowser -prefsHandle 7884 -prefMapHandle 7872 -prefsLen 29697 -prefMapSize 244658 -jsInitHandle 1360 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {eeb72cfd-7d14-418c-bb64-532c41c31cff} 2696 "\\.\pipe\gecko-crash-server-pipe.2696" tab
3⤵
PID:4116

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7084 -childID 19 -isForBrowser -prefsHandle 7132 -prefMapHandle 7780 -prefsLen 29697 -prefMapSize 244658 -jsInitHandle 1360 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {99d27b8f-2429-4d28-ae27-01aa780fbb98} 2696 "\\.\pipe\gecko-crash-server-pipe.2696" tab
3⤵
PID:3472

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6540 -childID 20 -isForBrowser -prefsHandle 6208 -prefMapHandle 8172 -prefsLen 29697 -prefMapSize 244658 -jsInitHandle 1360 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f4e06679-9afd-4d0f-b3ad-ce45e569c79c} 2696 "\\.\pipe\gecko-crash-server-pipe.2696" tab
3⤵
PID:3432

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4892 -childID 21 -isForBrowser -prefsHandle 6768 -prefMapHandle 7132 -prefsLen 29697 -prefMapSize 244658 -jsInitHandle 1360 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {9107f2d9-1a2d-4678-b500-e2c839c99da2} 2696 "\\.\pipe\gecko-crash-server-pipe.2696" tab
3⤵
PID:2528

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\74uts9gp.default-release\activity-stream.discovery_stream.json

Filesize
30KB

MD5
47caae7e3c1ea5734b6fdfe380897788

SHA1
6a9d850e82220258611d9bda6befd7a01f62b351

SHA256
be4f58fb61b87b7b6405b3d5913248890e3dc981d81e1e2dbb2484a27aac459e

SHA512
a778005e79661634380ac2ba2137a20fb8513236c5a78639979e36410667582a404a03bb5558c0a0b5c1a86fe6679883e84317f3426c447775c7af1abf0075ce

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\74uts9gp.default-release\cache2\doomed\21988

Filesize
129KB

MD5
90e1faa98a7f5c6169311e584ab62feb

SHA1
0d96f24e50d6ed11bb4acd9755a89b1e4d47a166

SHA256
c986ca22151f8b86d05be332483798c1b63dea97082a586620d056b91f74a63b

SHA512
c50449bcf8f9afbf00d71aee239041e1da83794f19aead43f633d09a7d27c9b2048b258587a892be8b8dbc1bdea434c233e4b06940a79f384e7756feeeb2a730

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\74uts9gp.default-release\cache2\entries\01E45DAB63BC6FEE18B1E08B21C59EC616938A33

Filesize
3.6MB

MD5
b27f17c5e4f86d0c50142592c7f4f5eb

SHA1
503529e32f2b7fc964b984bdf64504fcd8840bca

SHA256
bad0dbab2edb6212fb5270a09961c15eba4531b337c8fe91005f20fe285cfff3

SHA512
b9b0282d211a85805bd535b6de8a3a10961835c9c327ae578ae39587e8f718ed176ae95b4d6f70d8c420f847bb82275093557e6684bcabaa460fd35e92a4ba2d

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\74uts9gp.default-release\cache2\entries\0D23FE89D3D635814F07C32975932D50F49660D3

Filesize
693KB

MD5
8c8bda6b19e315373b045206508dfeeb

SHA1
320eb20ecb473a0b9cfd61856838d176d6abdadf

SHA256
e76f27ad931a2e590c75b32b42668f68d9c88be455fd2cd207c9879da8d9c43d

SHA512
b5fda7616cff693dc1a41877dc60bf1976189f2f5e6c75dd17311aeb9f6e8316d5e05e2fe1eb7985266eb3a270452809c0ac10e2fc1a0ec490568c683b462961

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\74uts9gp.default-release\cache2\entries\1D28A7285668B9F88E70AB922F997E58A419F487

Filesize
224KB

MD5
7f3b3cf5deb298134b10b2c6727337d1

SHA1
ddb715caa97248a3671e4dbfc51952f61fd1dc84

SHA256
2febeaf7c9a16b7292e65dae5c3730e502b27a9204bb0d1f15ba4c7cfff4b098

SHA512
014e1218de57e4d1a1a64a731baaa7cd5a4f46ca065c1723fe486200749edac0ad155df3c6b5aa05c57d588c62e1789e93e2533ba054e1534dd802be6c83c6bb

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\74uts9gp.default-release\cache2\entries\1D2C9A8DCAE697553253F5020C37C821F5553F61

Filesize
118KB

MD5
b659d8cf97073ec50a0375485d03b176

SHA1
eb63a1b1f398f857291d19bd4211616ebe2b7358

SHA256
ae1425d75ef58715153e579b370c53c5f2dcadfa6f1a278aa5a9a31df06dd451

SHA512
8fc2f968041a070c258e3860cfb673d36e01d38e2fce1dea39bbba5520b20488d87aac6f698ac46f3aba35ce83f54e3d3e60a933902e05714ebcd6bdd1dc3c25

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\74uts9gp.default-release\cache2\entries\2D8525BB345EEFD7EA77B17615BE7B8943800A8C

Filesize
11KB

MD5
6599b37c874b8e5040c252114e8fc46c

SHA1
d225c82b66cc83a958ff57cf9ff22456de621de3

SHA256
63471dc24530b0fe0fcbf1c0cb54cfad9d807a1a352af5de3f66ef193a4fee91

SHA512
3df0e4c63953e63142e0ed6ca5ed4b3b4e54e966bbd1732f34e8cfeb4bec0561bcd09a75e31901cf0d04cceba45ad5989e02dbddd513dd76d275982ea9a01c76

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\74uts9gp.default-release\cache2\entries\51493B0AD49E82494123261E227E79EAC73CFF6E

Filesize
13KB

MD5
bbc500aca42338d77252988058aebfd9

SHA1
ab8229524647d5bd19a3ccf479d867f7f888471f

SHA256
531c8a8fce56290b5e727d19fd3bc033b747ee2e75b6f9d223393d1e2094dcee

SHA512
9387fbecc79ee3489aca8dccc86b9b273063347e6e45a7dfb0d9db5283160872c0fa03138147017f5307ec3f370cbe7fee15a40b5045ee2353f6ee1ebffefbbd

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\74uts9gp.default-release\cache2\entries\51BF2A17466F95EB3790EAD8F438A66EBBCE5418

Filesize
25KB

MD5
a3d6e2669f40ae03195f2d868476445f

SHA1
98622a9edba2cae7a5994ee406f0e2f82153387b

SHA256
192a63d0e7561670215068a7a280052bd3175f27dd7071e92e94d9864a490c1b

SHA512
03a4908cc8775f717e00bf2a141d46a2aeb38105a7101fd9cecd228cd77e2f38e9481459698969caa3bb57b6c9ab7262603495dc9a1b8cecf3683f92d98dfcc3

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\74uts9gp.default-release\cache2\entries\51D35B08A3D6C341C818726CC8F32880E3FDE9F9

Filesize
83KB

MD5
f7761e91878c78eefbcacf299356184f

SHA1
bdd473ddfd979c010ee96077065e5a56945d01c2

SHA256
25501ec3b1d9e29e954e3b9db1b6891b60c97170b0e37ddb0656dfee58e1b754

SHA512
c0ecee0dadaa8a641ef09b28ad5fcdd7a6216265d3297ca2d48bd90d5e9fb19b3896d03240945a9fba9be3ddd58b0c38abdd5daa843444d7b1ec9487c3d250bc

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\74uts9gp.default-release\cache2\entries\59519A15B79081F4358838ECF0B5219E21C07E20

Filesize
62KB

MD5
806949f2fd7242009d7e06cbfda8e9e0

SHA1
358a022ea1f78127bb6843d3a4802db426c6539a

SHA256
e098be2a4baedc2eb9818b60ace9f4228f61ac19df9e83dbb3910b04848b2477

SHA512
0867a13c2ed8a656758000113a7ddb7622fe9a46eb7991bad5a2ae89f13852897a60cec36130c66e4626f72d6a4f4e2eb556808b2aacdcf7ef791403f17379d5

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\74uts9gp.default-release\cache2\entries\5AB2B5B5657D335B9A9BC7479CA42C4EDAE4F138

Filesize
18KB

MD5
a7a3aedd6004275401fe1d662d867b49

SHA1
f273a3e430cdedbfbb9562ba4fd7bf9e9a7914c6

SHA256
1554d947806af904b37b51475b1af054166b064432aa9d899b9ee7238d25edb9

SHA512
a275909890be0c1ca5beec06a7361c61b52e49a2f34a6b8097a428818dfb8b8bb9e179456013779bc9610c4321b33b4e200bccc690e7b18762283d0fcf2943b0

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\74uts9gp.default-release\cache2\entries\5B23235D54208C34AFF88FC6F18585FD8A8F8FAD

Filesize
32KB

MD5
ba45d4856ddf59b9201b2416bf496475

SHA1
fb102daf3bfb3c83698f0a77910b4f678e466538

SHA256
71733daa194ea0ec2f60b15058128075a8c210eff56e7774f2e447dde19001bd

SHA512
aff6cda33e09f702f125e62af02f798d4ddf4c102afd5175f014f2ccb6a911364ce47e7f92d8ccf833a45d117bf0f60bd3d0f9846d9cc6e383ee982d4cb71579

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\74uts9gp.default-release\cache2\entries\72486DBDEBF1D64101900CFD6B0C98DB58BA51D8

Filesize
58KB

MD5
a4b3d2e923feec6c4ccc00948bbbdef8

SHA1
9b409dfc135d858edd4beeb15d2984554c6c727e

SHA256
c61418e046d64b6fc104cf234e5a5442aee6cfed8ee8be64610300c99a162b0a

SHA512
5d31f9b55881fececcf9d908c6dd8fd5f0a8748cf3112eb89e0108a5b4cae4088cf82b63f330f9b44b9c4a22a4cbc9a0dcae0713d0c24713bc9d89da2c591054

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\74uts9gp.default-release\cache2\entries\86872C35A7B37D6E2142197601DE181F468519B8

Filesize
230KB

MD5
9bb8e2492b8e4a3ac8da3ec0e17fb306

SHA1
ee3652848ac45dffd0f49c6ff84cd17c8bdfa580

SHA256
f6fd961c367fbd9745be495dcf95a19f43a01b9263678fc8830d7a38fed248c9

SHA512
4200e9220a8ccc7310a9358594998a78c551f2db3dc1acdb0d3c1d6ad4dde4c97048cced4abcaddeced14b59216bd4f9f7dc732bac403c81db08ec49236b8c00

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\74uts9gp.default-release\cache2\entries\A16E28EC4379DEE4C85C9D277CC4D22180262236

Filesize
549KB

MD5
9162d20141bcf8ec4e60ec5ab46dbca4

SHA1
9bc18b7735452bfdc6f5bf5b9d773f0a3c9bb56a

SHA256
7b034746034f9bee83dac03551c08a18c3776c4c4a9a6293993463838d3da216

SHA512
9549b00f91d2be73183fff4d29fdca00c7e2635820dd2ea33e7fd094c551d78587174ef6fe86f1681a7b264c5c9b435919fd9fe144cdf1f06225431741e389ef

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\74uts9gp.default-release\cache2\entries\A178041D1CE56178B2DFA9E124BD9FBB4879D9C1

Filesize
246KB

MD5
51d75004bbf16e3a01563e2b52556de6

SHA1
bccf78f59e4e190fca5ec326aa38c4e1779d3951

SHA256
ca45d3d8f8e4ed8b695591a315b75658118aad83f28ee6794f83c840ffe2ddd4

SHA512
14eb66c3e0c64a58dc24b4b06ec73a2effdc4bbb9d32f638c8b60abdd5e899d05c583c9e95ab35130f7c5498e460484de686b2eba30b5a817531120c913cc5f4

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\74uts9gp.default-release\cache2\entries\A98287AF147D42F55A9870B9202170CBEB987338

Filesize
44KB

MD5
6efdd8eff3645e247271222c577c350b

SHA1
36c03534e259f196ff73c23fbfb1f7142bb7d6e3

SHA256
26ec2e890a4458818cfd2d921c8a6ecc2f582f6359661dd55eac0ea2bd8ec93a

SHA512
d5cba2623426142314d7ac5452b86445d617b32aabc048c258bf8bf99e12d8b3c681b281c506e5a74d0c2fdcaf4f688731764810272fd5dc468bb8ecb59dc1d9

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\74uts9gp.default-release\cache2\entries\BB64D88F4C22D7E7717D86B1B9B240357E2F5BBF

Filesize
40KB

MD5
4b69e7eb9549127cca14a3ed21f8a8a1

SHA1
ec550496decb86252c1ee993783968163dcee8b6

SHA256
2ac10aee448ef65c39e38160f5ab1592f95db65174809c9e38ff5b621f6d55a7

SHA512
7b44dd7d083feebd2df9207398ad6ebcc5d321c44169a646ca949f8af3390116373573c36dc28f2ece6b06f11c32d739c073717607fc65efffdde20b6a24e76e

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\74uts9gp.default-release\cache2\entries\BC0D8CAD764C92B5B52D3FCB1DB1F0CF41822E83

Filesize
992KB

MD5
c4905e39a018701fccc5f6f9d8231cd5

SHA1
6b988a39a4f4d8d4ac73f28d1bf6f328d2998b1c

SHA256
23215cead1ca1d5616e25cd9c8d6f646510e72d0cd674b5a9dc87e13d135cf99

SHA512
88028fc7e1325f94b69f59d2c67d4395b6ca47e3a2910f76c1edd7798879bbe35abed40c340663176fe0668263a757a083a52d1ac96b07db78e74fce8c9cdd35

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\74uts9gp.default-release\cache2\entries\BD671641B4A8CC81C5085DA23C078AB132DEC147

Filesize
34KB

MD5
fc0e8340ff1b80e71a4acf1c46d46c66

SHA1
67a06c376c1c4992e2b58521cf593aa2ddc2bc0c

SHA256
14471197257b639113a33c982a2c7de0bf596294dbce15eb169b13f74a656d80

SHA512
18ba382bfb42360763bbd567702d44e90cdf7afa3d35f8b676d843f56ffbe26ddc036ce60f17bbd9472ce1bf2345e0280d2c7c17b1e2cb46b2f027c6e9328e10

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\74uts9gp.default-release\cache2\entries\C254A8931CF98EEE08CB11F57844B01F486AADE9

Filesize
17KB

MD5
052fa203731f9eb918719603c827453a

SHA1
bc42ef8c2418ee4f806944110937b69da2fc53ed

SHA256
03a7fa0ff0840b13d2fb7571ce1f8cd49b12327374b85ccfd6d36b272f68106e

SHA512
59c1d31c2aa8da6f301ae0e661ffbeb59f16586a3512441eb1d9bea40087ab6d2facc88efa2a904f6419ed50b03f06e63f9a563674a784a0ef23b1d063654854

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\74uts9gp.default-release\cache2\entries\DF0F087B3B322D19A4DE0F953C1E5B5461B51731

Filesize
46KB

MD5
d8d2b842f2d9940fd0443e3c8627e7af

SHA1
909b9eedf275fd29773c880fb153e3374412747c

SHA256
e938ec4ab665a243b017f558d790f7c250ec16087fd0042ee62b12dc73ad2b41

SHA512
b782bf66280fbe4223c74ba6734c1f697dbb6cd42f8b476e753f527ff64ae6b1248bdc771f4ebb413c749d672fc48838d04f61b37caadcaaad295e45a1a85a28

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\74uts9gp.default-release\cache2\entries\F244C88998E0253EF50A0DD4939F75C0287E6A6D

Filesize
9.1MB

MD5
341829cc766632f29b91cb99cdd814dc

SHA1
3c849e95e0ab2b43ef80364a94b18c532f0f422d

SHA256
76860f63db6da6335ece3c63a1c8b462256ea93bb1f5767b1086148a00626154

SHA512
adf908a0ffaf81142bdb21e2dd8884d39ac2330531a6bda1b54ea999318c4d44205fc3a9ccd58a30541a631461d49a6740186f8b20dd63c9b12be1c02a5348cb

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon

Filesize
479KB

MD5
09372174e83dbbf696ee732fd2e875bb

SHA1
ba360186ba650a769f9303f48b7200fb5eaccee1

SHA256
c32efac42faf4b9878fb8917c5e71d89ff40de580c4f52f62e11c6cfab55167f

SHA512
b667086ed49579592d435df2b486fe30ba1b62ddd169f19e700cd079239747dd3e20058c285fa9c10a533e34f22b5198ed9b1f92ae560a3067f3e3feacc724f1

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

Filesize
13.8MB

MD5
0a8747a2ac9ac08ae9508f36c6d75692

SHA1
b287a96fd6cc12433adb42193dfe06111c38eaf0

SHA256
32d544baf2facc893057a1d97db33207e642f0dacf235d8500a0b5eff934ce03

SHA512
59521f8c61236641b3299ab460c58c8f5f26fa67e828de853c2cf372f9614d58b9f541aae325b1600ec4f3a47953caacb8122b0dfce7481acfec81045735947d

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\0JZRZYD6A8I5XBE1LXMG.temp

Filesize
20KB

MD5
f94a3b766909ef24bd79901499770e3b

SHA1
a05b9a9fa44c227e3546e3eafebaeddb270160fc

SHA256
39a9d8f2eb312e75bb9ad2329d4f442ab88b5b9d35dffe69791e57c1ac07041e

SHA512
3f73ea3e6578af3ce85289732560a84398138a0fe124d7571ff6afee88d42c3f8e819d26bdb96c3b156647d7f7f0431dfabd71b9d73314c485046bcd27056957

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms

Filesize
19KB

MD5
8a35bc66cde1bc786e2d716bc9b4ef65

SHA1
e8430518effc13771f7dd2ec4120b192185a314f

SHA256
fbd446657a9e2a5f532b59c938a1e107788ccc72c245afde5daec11987f909bc

SHA512
54ddab079629db7aeb75f36d62cafbddcafbb6f20f6f604751caff408b44e0fe684bf38f08ce417508f6ff3ed766cdca20a6239bcda09f005472db805d6c9ccb

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms

Filesize
20KB

MD5
f835e7751759dd6031216ff145a21d31

SHA1
5fc3c42dc22ef283183697d08b58923e59abd973

SHA256
2e2343a41cb6310604ad3b0b14caa1611969f2146c4b1b2ca0ccfc2e6aafd27a

SHA512
4de3b681ea5e63e9e938c84a4c131c48b6d4fe7b87316d871c2a10aeb2f3f1219dd45b7aa1d1c92b9f33f913ee52b19f1bfa1120b9caf441bca6652ad2dda36d

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\74uts9gp.default-release\AlternateServices.bin

Filesize
7KB

MD5
f09d657905f3c1f2fb49df694c742814

SHA1
722d17fb8843beba268dd78ec98149cff6b3d979

SHA256
6bb32d6d352bbd794da350e7a683c580844013332c87acdcb8bf1ed217fc0605

SHA512
55e15d6b982fd6d3532ca8f5259552771ac36158a6cdca3645451b91540edc38f6088bca3f4ef9b1cec131d67dc1bd6073564e6425bf0e19e6e437b86dcc2dd4

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\74uts9gp.default-release\AlternateServices.bin

Filesize
15KB

MD5
db220151eb37eb8b4cb027cb0352a2a8

SHA1
77bf1d92ee667f5e66dfa3c6fc7af73fa39f0378

SHA256
c3eaa0bb65de4efa9a58d78b5b45fcb09a2c7a7ddba794c3f1a1c03ebb15dcdf

SHA512
462a8f5dddcd207f869dac1915e6fb5f621138b86c08340998da319642b84325194560f10c2e7d4d838aa136c5935fff42b27422cccf1d0b61fc242365285623

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\74uts9gp.default-release\datareporting\glean\db\data.safe.tmp

Filesize
5KB

MD5
0723c557db38f297c609983b20954d5b

SHA1
3138adb6ae050883b0091d1c89f9b00ef51f62c1

SHA256
6660403e9b70bc0972e2d3576616a7f7f8f3788904ddc828dbffc60899fd80ca

SHA512
cac0f11f2f8ca73255a83675e017987f233664bb0b4568105e84fa193659e4939b4afce194be4bdc5a9a8de1dbdb3f9fce63a1e36e0fae198265326d62196ed1

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\74uts9gp.default-release\datareporting\glean\db\data.safe.tmp

Filesize
5KB

MD5
12fc00ae50bcf0bdbe8e33aa45438a1a

SHA1
4eaf79329a8326b668aec838162f2d221a8d1680

SHA256
843633b9ffe26a576f23afcc85784d1c1b482b3f61b859af9f1b39e7c4ef843e

SHA512
cc59015e2d109fb376edb8688cdf87a83ebbf564e72f53dae6fbda63c917dfa5df770e76cb9bec922022c1095e7390b112d6f684f14e7da50ea9c306fed9d2c0

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\74uts9gp.default-release\datareporting\glean\db\data.safe.tmp

Filesize
6KB

MD5
da81782bf1895ab0a10c85f4f45f4aa1

SHA1
c1b0df9efd4728bb930b8dd5c269327a6119bc8d

SHA256
2756f24aaba332f915098ed69110af0de5e86b297f74f36099b5c0c189c358d3

SHA512
0219ab78a0824a8bb06f3c5dae0b56764f427945bd7c2b1bf6f5fae0b4a069ca247be6b6141ed1928a9e3edf3a347f842b8d4b1bcdacb541722a86fd5cd45f97

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\74uts9gp.default-release\datareporting\glean\db\data.safe.tmp

Filesize
6KB

MD5
2ccf19f93e4ce8af8ec28ef5e3d1e054

SHA1
637eedb3328671ec96b835b679aea243d462ffa0

SHA256
1de4025d5c175f041c96334b2c1c562ac16c285b31a636214a58113ecb429950

SHA512
0985d427283d61adbb9713aae959b81160740538ddfab2d746b73543300108fef6a42633d27c91f74a6a8ef75bc9c3e34d54f7bf7ee1d3484a482435af49c3a7

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\74uts9gp.default-release\datareporting\glean\db\data.safe.tmp

Filesize
97KB

MD5
05160b9665241524940baa768ce9f387

SHA1
e242d62e0179591e02444f7d3b470ec86e346a10

SHA256
9c736f6924cc83ab0f17be2b4c772901f4b10202bee3e0c6c9f30b77bc3e26b7

SHA512
8fc7b4189fab6778fd5b95223d154c4480d12e361c6ef844b5ca5902f369cc84998e4144f4f6ec310ef133a8d599d6703c156a0cee6567c665895c68e7fc1c79

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\74uts9gp.default-release\datareporting\glean\db\data.safe.tmp

Filesize
6KB

MD5
fc9a67028c90198a726a572beb91fb51

SHA1
3b3a7be9b5f9b1a6bb7b22b547f296b062118238

SHA256
6a86407318b27801c69272ba98d7b98af8fce4d519b0e959d3d6e062afb3da26

SHA512
bb4ede26765b2244d2253649177bca6b0750bb7e9270dc19f016103d06c8742d0c732bbdb30d88a1b87df6009d98226e89d41ff497a1c77f42c4ba021368403f

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\74uts9gp.default-release\datareporting\glean\pending_pings\1a98ddd8-e254-43f7-bd23-333f7c41d89e

Filesize
26KB

MD5
98f0e54ec194a4c7d680899bf068308d

SHA1
43211a0d0fc2d015f6a0a06fad2ba23b6c3323f8

SHA256
b125752c7e1476e501acc8b3bc12497df4d1960aba0686e08fe8e8aaf8bb4676

SHA512
7f756b766b20cb1d34a3b953edad7757725184baef4296c752bdfc5bc642fd08a7baf5dec39fdade6c6312ead89a0a81c1d9175d92218d5c3ee4311d3611b79f

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\74uts9gp.default-release\datareporting\glean\pending_pings\3851765d-2d5c-454d-80c8-2dc8ad880a94

Filesize
2KB

MD5
c4b96bc9d3ca2154becc5f252b061022

SHA1
cafcd15f09df19ec4f5b2da35f65c2b1078a3861

SHA256
d27be8fa26fc58bd59a1214de931b27d56816fd557f6f6e79566165277bbc0fa

SHA512
07ba5f9244ea683c2053dd4146de61f35027598a9c4aaa9cb284a51d6c65332e6ddcd975a395fdf983b9669cab8fad44b32599809061893a195996709906fd2d

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\74uts9gp.default-release\datareporting\glean\pending_pings\69d99d64-c057-4a9e-b174-09cd77b91b14

Filesize
982B

MD5
41abc2837d958c3648768413821e5eab

SHA1
bf85caa8feda02fc9c309d06e23234c7e6caf715

SHA256
d5b592acedc48fc874bdbf1a8908071e8d609055aeba01d7bf0640a79d98bfb2

SHA512
f5cbb5077f78f8ab6c806ec5dd7be0163ffdda06bd6f29e55680022e95d04e894a6133277782609660a1c09a0ea45bee3cb7c3ab8f10e9511fe9dee663775b5f

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\74uts9gp.default-release\datareporting\glean\pending_pings\892dec9a-3c53-4acb-aa67-ac93ea342df7

Filesize
847B

MD5
b62238420d92067a5e3d9922a603f73d

SHA1
df50c2c26fee3974352d740b10547e6a144583fb

SHA256
6d28d496c8fe8761e4c8758014d16c5b6d36089bb5adb861eab36f9fec883617

SHA512
36c73c05876252fc665aceb6c33240786ba452b3e2747eb1c51335c68329dfc7038e6637a696ae3e49a07cdcb743d46072f5b8fb4a0b8bba5cbd1d6679c8b0df

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\74uts9gp.default-release\datareporting\glean\pending_pings\da8b3233-c34b-478d-ad4c-4197190e1fc3

Filesize
671B

MD5
41def2e423f65b6d8fb28fefe0ef1a07

SHA1
7bd54176bf647655978d5ec96f9a04d6a196d8d2

SHA256
a600602730dcf3815235966c3503499e1dfbb501ebfded39f596d70a5dee28a2

SHA512
9533ede6c1bb791796d9a467f10fabfac52ddf7fa22c70be748e597831d8e586fcbcac75e78fe6f422c00d683254eb0efe4f61b4fda50dee5b14ec01ee247b65

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\74uts9gp.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.dll

Filesize
1.1MB

MD5
842039753bf41fa5e11b3a1383061a87

SHA1
3e8fe1d7b3ad866b06dca6c7ef1e3c50c406e153

SHA256
d88dd3bfc4a558bb943f3caa2e376da3942e48a7948763bf9a38f707c2cd0c1c

SHA512
d3320f7ac46327b7b974e74320c4d853e569061cb89ca849cd5d1706330aca629abeb4a16435c541900d839f46ff72dfde04128c450f3e1ee63c025470c19157

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\74uts9gp.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.info

Filesize
116B

MD5
2a461e9eb87fd1955cea740a3444ee7a

SHA1
b10755914c713f5a4677494dbe8a686ed458c3c5

SHA256
4107f76ba1d9424555f4e8ea0acef69357dfff89dfa5f0ec72aa4f2d489b17bc

SHA512
34f73f7bf69d7674907f190f257516e3956f825e35a2f03d58201a5a630310b45df393f2b39669f9369d1ac990505a4b6849a0d34e8c136e1402143b6cedf2d3

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\74uts9gp.default-release\gmp-widevinecdm\4.10.2710.0\manifest.json

Filesize
372B

MD5
bf957ad58b55f64219ab3f793e374316

SHA1
a11adc9d7f2c28e04d9b35e23b7616d0527118a1

SHA256
bbab6ca07edbed72a966835c7907b3e60c7aa3d48ddea847e5076bd05f4b1eda

SHA512
79c179b56e4893fb729b225818ab4b95a50b69666ac41d17aad0b37ab0ca8cd9f0848cbc3c5d9e69e4640a8b261d7ced592eae9bcb0e0b63c05a56e7c477f44e

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\74uts9gp.default-release\gmp-widevinecdm\4.10.2710.0\widevinecdm.dll

Filesize
17.8MB

MD5
daf7ef3acccab478aaa7d6dc1c60f865

SHA1
f8246162b97ce4a945feced27b6ea114366ff2ad

SHA256
bc40c7821dcd3fea9923c6912ab1183a942c11b7690cfd79ed148ded0228777e

SHA512
5840a45cfdb12c005e117608b1e5d946e1b2e76443ed39ba940d7f56de4babeab09bee7e64b903eb82bb37624c0a0ef19e9b59fbe2ce2f0e0b1c7a6015a63f75

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\74uts9gp.default-release\prefs.js

Filesize
10KB

MD5
a29daf6f02fb02887975db6d9e5521d0

SHA1
147010c6f8e707df39a1fdd841fffa002c12ae92

SHA256
0411a927bc673eb5966afb385b4283375e93ba5d76cdfa13e71cea74d6fdfabb

SHA512
012b0d3bd7d4b350b3f108cd8b6fc4c9e299f4f4f17c2916fd98afae5e387aa2c6c1846fc34fd8ec48d34bf20ca0ecba2bfd582a4386fa4ffa7e85ffc20374b3

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\74uts9gp.default-release\prefs.js

Filesize
11KB

MD5
8f5cae778887ea0039711edd0f1ae42c

SHA1
a77d1045046756a4402646e5a50d97c4019291ba

SHA256
5c1464f53fa3019baf2447b42f0d622d0fd145b1a93f8fe5f4a2ce2437713df4

SHA512
d2fed2b6cc6b5e2937b0bbd1beffb55ab0183c34766a1ea2be23fc89f0118eb37c705018242baa85e5e89bcb2fb49bd238319621aea05bb721bfd91096e85bab

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\74uts9gp.default-release\prefs.js

Filesize
11KB

MD5
c949a3c639b0d3accd9b357150715977

SHA1
cc5467cb8dad1b0dc2c185fe50d0a96ea5f1f3b1

SHA256
9669059e749527da0b84abf6d8f5b590928792bac5926e3de0e36c9bf5191a59

SHA512
faef762b9e91a4d09d830d9c6ba6e27bcff9e79709785f40399c5acbe4ec68748e4632eb1a3cf2b1353e804f2f56d3df7ed8eb855a9357ad6155b6de2bf91268

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\74uts9gp.default-release\sessionstore-backups\recovery.baklz4

Filesize
40KB

MD5
b1625eb5eaf74214f31271cf7765db0c

SHA1
afc88ea051be5a9a1458a5daaf3e834b5a050e93

SHA256
798dedcd1b2a8af6e363a67eec0b7961a8fe7d1a180dbec6d35f47f6786c0a8d

SHA512
1a56f8f78bcd949599372fa33b60c7d50f06f06ea63dd926ea5f591ecba33cc25624bddb7ad6a8516b17fe4e9671d87ba2ad5f5b444e57d29942b3b6fe3b6e8c

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\74uts9gp.default-release\sessionstore-backups\recovery.baklz4

Filesize
46KB

MD5
976c030a4f72a5785f2fe9c93bc37f28

SHA1
1bda3530b77effaab57cdeccc30c47adf5d4967d

SHA256
362bd7ab836c8c51d543e66bdb010154c42805e4ef40983ada760b64cf1bc7c3

SHA512
7fb1d197ddb7e0c0b472227cf57091318f9616fa6f814ab29492ab44aee9c9b0861efc5d4af1a1cf918ffab0d74aa654274e1aa46c1d69fd65478b030a5aa3f0

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\74uts9gp.default-release\sessionstore-backups\recovery.baklz4

Filesize
56KB

MD5
9301a3a660e4a21d69748467e9d51119

SHA1
7bc34c91102c598a15e9c466156e2e34029af172

SHA256
ffe7faf7f082187e763b6ed0099305036b61c9569bd7b9b2d9446136b101f057

SHA512
964e2aacae49d7d05457557e2ba6fbeb931d86dabd438820a2c8c3af9604ef8a3839ea0237c84df25e5ab82f425e8f684f2e378fe293969d357ad22dc0fe4abd

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\74uts9gp.default-release\sessionstore-backups\recovery.baklz4

Filesize
56KB

MD5
5b8419afa2120ffef9c2bf57ae32e59e

SHA1
9a19df3c580ed76ec3c4dfb00e3eedf8ca1cc9c4

SHA256
2292e17aa48c03cc3bf09770018dee644e19ce5d1ef699f5b04a9eadc842a41b

SHA512
02e3dd58e1a99b547517bfbcc863a87088bef50408e2ad68b9ae199a609c7ded86ee57543d6c8381e0798a289f599d903771b3e9958b0ecd43135cf21dc342b7

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\74uts9gp.default-release\sessionstore-backups\recovery.baklz4

Filesize
56KB

MD5
80708518c22f39d592da3b6639076af0

SHA1
efceb21bf1b69301e40d070208313524993c4663

SHA256
ea3feaa809b07d488324c64d2f40937b4f9fa3ac3138c738a4598f133a1829c2

SHA512
8e466a411ecb1ee24aad51b0c449d5ccf382929b1793d5960b701cb973d3053b126502cdcdeb17a9354509a608f3934b4fdcd8965ba399dcb490e40fd93db383

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\74uts9gp.default-release\sessionstore-backups\recovery.baklz4

Filesize
57KB

MD5
ebe0816574a0875da87ac84fc1387425

SHA1
55cea11c54f0d580d54a075a364c1d82a5d6df3b

SHA256
aef3bb551eca2dda363a448d4de96b61801b579b2842d45f15cfef97e2f433ef

SHA512
1d1b4c93906aa516e3170721e0291079161909dd4e92758773db234a679a81430dbad75af7250dff7c629e1393d8e7b0168ff6a3530b7c44cd479c2b6326181e

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\74uts9gp.default-release\sessionstore-backups\recovery.baklz4

Filesize
61KB

MD5
9806b91a1502bc38f2a5e3724e4f0d19

SHA1
2da9f10e89d79126d29e0dd646b5374aca2d86eb

SHA256
4e2e14a1c1d669cc2fdbb1cc3f4ad6d892282de0bd7e31a28a30bedccd10ff7a

SHA512
f3dfbff855eaec4639641c05dcbc6e28a55c910d7e0fb9125afc927fd3a3382ac046ee66853947b99066c3f91878eb786d9f5914d24e877c1751e69e13a8933e

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\74uts9gp.default-release\sessionstore-backups\recovery.baklz4

Filesize
62KB

MD5
c6c5c8325ee9b092a170d7b9cb59084e

SHA1
0c284d00f97ff42fa20dcecdabe5ca3a1cd28c47

SHA256
31ee9dfd3fd868e678138c6c90c353137f8fdafe3a9499ae2eba864a14eb32e0

SHA512
bdaa0e7d781b307db2898a515a5181f1fca07ed5fc1c256265b93c9b003ec11ae0a753f02ba355e82bad8df3adaa0469ba6a4d7b9aff5dba825b6c3437240470

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\74uts9gp.default-release\sessionstore-backups\recovery.baklz4

Filesize
62KB

MD5
191cc8941881efd0ff0d688385574712

SHA1
0e069c2ee14f4e4b1bbf07127e55628b02339d08

SHA256
310b356e5d031f3dd0a0bb38da25084def022c7d01c2daa194933c2d6ce18814

SHA512
56a6e08edb0b9c8cdeba0342987e1915c9b6f7d8189b81a00d56a1b512b71a198bb03233647fac7f0ef8234e26caf33d2b3ca16031771af876aac96474256c2d

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\74uts9gp.default-release\sessionstore-backups\recovery.baklz4

Filesize
43KB

MD5
b37a65f45823b306f29a842c9c6752e5

SHA1
8978a736547f12c52318cd2ca5c55a98d384d7e2

SHA256
c8169a54e16fdb54453159eb86d9872ab77aa38755309a10731dbd06522da8d9

SHA512
246b2522e64493ad9e1c8439f0985ca5c6232a61ab319b7d4c2245736b878a99d85a37435d92e70567da3253840243873878d4777891767f85f9706113aaf259

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\74uts9gp.default-release\sessionstore-backups\recovery.baklz4

Filesize
55KB

MD5
a0d2fe11bcc73c3f6dea4802902f87c6

SHA1
708215c190fd9c64f15242e498cdaf65a4008a8d

SHA256
1b7755239919f98ccac94c9a91054a8bf090c15a1e1a33f982240f53a4b91a23

SHA512
568bf3c6e23e14004abaa8dba9dd028b70b2fe5e77a1c80decafe6519dedb9652d017db0b7cfb4819d2eb7efe4be5a102a7fd2acd86d7d629a57de8b10193aef

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\74uts9gp.default-release\sessionstore-backups\recovery.baklz4

Filesize
56KB

MD5
384a2a0235e3c457bca7aa0491d07e12

SHA1
58b2566981aa381b28fc47d93fe7770b081f7ce7

SHA256
d901cc5c066ba17642d92cc861d586481bc9678edda65f409762a8311dd1dff6

SHA512
f7e321e9d929c835674be074128eeb563dced5bbc75994d8b5a9448411e0430194909812078ea53bb820b3b57a6fcbe43fd34489ddf136f6f318dff99fbfa809

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\74uts9gp.default-release\sessionstore-backups\recovery.baklz4

Filesize
56KB

MD5
d17caace193bc9f0954ac4200d1f94d9

SHA1
a40b451ed23ee8a3d5c9b2e3b0abc647de0ceee5

SHA256
d194c228b0c2b10b4fee26a052bcc267a6248becec057a5c352f447869ab9fdc

SHA512
55a5875991ca207a5f6d6d98483112374f7ee8c6ba7c8731c06e549dc431840a59b6941462cbef5b809d139b587ff1ffc8e7eaec3ec214f68378a8688541d56b

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\74uts9gp.default-release\sessionstore-backups\recovery.baklz4

Filesize
56KB

MD5
7adb2df5b638fca06839a06b940cb5a9

SHA1
fe5060055474acd5807e954e7343299de692baa9

SHA256
72925d454d66403c0af58451cc5926b894eeb6bb28cf4831ca8674c6691ee260

SHA512
5f2233ec59eec91705dd1eb87c1ae9be18a306de569a113d74554161f490b3e208d4cb8bcc8df5974cf8a6ae8dc4e9f336c451a075490caab58e4109c49c1967

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\74uts9gp.default-release\sessionstore-backups\recovery.baklz4

Filesize
60KB

MD5
9cf11149e928e71e7db5d6500f376d75

SHA1
847cf361c521083673f7f1097aa0c514859cdd86

SHA256
f245e412939be6cf44a4925e658e5dff659b232d884dd2865ac1a36163e8ee1c

SHA512
5dda4c76e774e2d696f77087f83903e6cfa8cfc2a4ff4c89a7f0df30c7ac82f4961db74f8c9d51be2a56b4ab842520f5581addae1897e1ff5d4a9f164ecb4781

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\74uts9gp.default-release\sessionstore-backups\recovery.baklz4

Filesize
60KB

MD5
692a0e860ca74d67ecddac2b729fdb79

SHA1
8bfe2f2cc902998f84cd477d3d3381aed4ba7ade

SHA256
73047cc07643085cdfe50f193635d8b340ad89da3950ef1efbee40b87044a436

SHA512
534b0554ae70eaa2b35421fec7e61caefd7ccc7539e63571355779e69166a51df0b265d009e0ab159bdc9d50b48ad8a3a788396c40875c38dc5a8a0337e1e626

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\74uts9gp.default-release\sessionstore-backups\recovery.baklz4

Filesize
62KB

MD5
2e0909769aa74ac680034f046e904fe1

SHA1
0bde2ac2303b49221b76fceb280ad1230b570e53

SHA256
19eaf1983724947edefc8eabbcd78631f3d36efda7f8fd33c08a2c1176dc6427

SHA512
bc6b95081f40a2e7fc88a2122751e83bebd280d8778d1d0a830da6a4282a18f1ba12d551d4129a927a3e41b63517767a25275511b748a6f6781c896513600acd

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\74uts9gp.default-release\sessionstore-backups\recovery.baklz4

Filesize
62KB

MD5
0e23507b238ba6757cae61be074719db

SHA1
f08a20b74695a51b6c78b7f3f5efa70070390285

SHA256
d6bf8d8d9c0edf4de2d8680fc366e0c2de8c5a324a6e1fe06bb412a9332b7bc9

SHA512
548607ad6abdea8697b81f1868d44480b9abc1d4245a4f5fc6b8e0a1d9402a23cde266e673d806a60cbc157bbccae1a8fc55085d79a890ccbabc3bbeac72b86f

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\74uts9gp.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

Filesize
624KB

MD5
0fba316ce2e94f8ce7f43eefda0991d3

SHA1
ce8c03c3c91adb34f52ea193f72b0d79b90d22ba

SHA256
272301e9b8e151a530793d2092d0c6e05d64df03febe4e27e1b34f096cc384df

SHA512
c0fe2ca401cc24f2f42febe9f88e7751945d0068894b14bacf0cc23ee418ccfd884f8fbe24f5f262b9bb0c0692ea8cb422b8cdb6e7ea51e7a134214addbd44d9

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\74uts9gp.default-release\storage\permanent\indexeddb+++fx-devtools\idb\478967115deegvatroootlss--cans.sqlite

Filesize
48KB

MD5
227c5f9a0bf0b97b177b04a20dbeb45e

SHA1
090d7434136b9db9d3af692a699134d9ac7a9df7

SHA256
5c630ee4fec35ee7764e69ad5c23fa811e88b3d8c6c8045716fa9814267ab3c9

SHA512
7ce328e0a75376fab12859d1ac35c001909b1d760bfdfa5e2ae4535f80d96992f8136c0b6dbc5a67d6c64f86f2133bcd427e4f1bbf52638cdb39093d9a19d223

Download Submit