Analysis Overview
SHA256
d0096ae477363291c2bd6307776c5674dfd0d6f718f0b99647f4d77d1f58117e
Threat Level: Known bad
The file alkaline_trio___2_by_letsplaysuicide_d5l988-fullview.jpg was found to be: Known bad.
Malicious Activity Summary
Wannacry
Wannacry family
Deletes shadow copies
Modifies file permissions
Checks computer location settings
Loads dropped DLL
Drops startup file
Executes dropped EXE
Reads user/profile data of web browsers
Adds Run key to start application
File and Directory Permissions Modification: Windows File and Directory Permissions Modification
Sets desktop wallpaper using registry
Drops file in Windows directory
System Location Discovery: System Language Discovery
Browser Information Discovery
Enumerates physical storage devices
Modifies registry class
Enumerates system info in registry
Checks processor information in registry
Uses Volume Shadow Copy service COM API
Suspicious use of WriteProcessMemory
Modifies registry key
Suspicious use of FindShellTrayWindow
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of SetWindowsHookEx
Suspicious behavior: GetForegroundWindowSpam
Suspicious behavior: EnumeratesProcesses
Modifies data under HKEY_USERS
Suspicious use of AdjustPrivilegeToken
Suspicious use of SendNotifyMessage
Uses Task Scheduler COM API
NTFS ADS
Views/modifies file attributes
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2024-11-14 19:38
Signatures
Analysis: behavioral2
Detonation Overview
Submitted
2024-11-14 19:38
Reported
2024-11-14 19:40
Platform
win11-20241007-en
Max time kernel
102s
Max time network
103s
Command Line
Signatures
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\SystemTemp | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File opened for modification | C:\Windows\SystemTemp | C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe | N/A |
| File opened for modification | C:\Windows\SystemTemp\Crashpad\metadata | C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe | N/A |
| File opened for modification | C:\Windows\SystemTemp\Crashpad\settings.dat | C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133760867631954527" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\alkaline_trio___2_by_letsplaysuicide_d5l988-fullview.jpg
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffed539cc40,0x7ffed539cc4c,0x7ffed539cc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1776,i,6072196339742822276,1667322062459057334,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1764 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2056,i,6072196339742822276,1667322062459057334,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2116 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2188,i,6072196339742822276,1667322062459057334,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2212 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3100,i,6072196339742822276,1667322062459057334,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3252 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3144,i,6072196339742822276,1667322062459057334,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3300 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3536,i,6072196339742822276,1667322062459057334,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4456 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4792,i,6072196339742822276,1667322062459057334,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4800 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4828,i,6072196339742822276,1667322062459057334,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4824 /prefetch:8
C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe" --reenable-autoupdates --system-level
C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x244,0x248,0x24c,0x21c,0x250,0x7ff60e164698,0x7ff60e1646a4,0x7ff60e1646b0
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4748,i,6072196339742822276,1667322062459057334,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4572 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4816,i,6072196339742822276,1667322062459057334,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4812 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4808,i,6072196339742822276,1667322062459057334,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4820 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4880,i,6072196339742822276,1667322062459057334,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5060 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5356,i,6072196339742822276,1667322062459057334,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4800 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=3080,i,6072196339742822276,1667322062459057334,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5388 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| GB | 172.217.16.228:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 10.200.250.142.in-addr.arpa | udp |
| GB | 172.217.16.228:443 | www.google.com | udp |
| GB | 142.250.178.14:443 | clients2.google.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 216.58.201.97:443 | clients2.googleusercontent.com | tcp |
| GB | 172.217.169.10:443 | ogads-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | 10.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tunnel.googlezip.net | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 142.250.180.10:443 | ogads-pa.googleapis.com | udp |
| GB | 142.250.187.206:443 | play.google.com | tcp |
| GB | 142.250.187.206:443 | play.google.com | udp |
Files
\??\pipe\crashpad_4204_BYAMCJGGSIZIRDNC
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Temp\scoped_dir4204_644792834\b015488a-ec02-4041-b59b-33401896ed30.tmp
| MD5 | da75bb05d10acc967eecaac040d3d733 |
| SHA1 | 95c08e067df713af8992db113f7e9aec84f17181 |
| SHA256 | 33ae9b8f06dc777bb1a65a6ba6c3f2a01b25cd1afc291426b46d1df27ea6e7e2 |
| SHA512 | 56533de53872f023809a20d1ea8532cdc2260d40b05c5a7012c8e61576ff092f006a197f759c92c6b8c429eeec4bb542073b491ddcfd5b22cd4ecbe1a8a7c6ef |
C:\Users\Admin\AppData\Local\Temp\scoped_dir4204_644792834\CRX_INSTALL\_locales\en_CA\messages.json
| MD5 | 558659936250e03cc14b60ebf648aa09 |
| SHA1 | 32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825 |
| SHA256 | 2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b |
| SHA512 | 1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.83.1_0\dasherSettingSchema.json
| MD5 | 4ec1df2da46182103d2ffc3b92d20ca5 |
| SHA1 | fb9d1ba3710cf31a87165317c6edc110e98994ce |
| SHA256 | 6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6 |
| SHA512 | 939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.83.1_0\_locales\en_CA\messages.json
| MD5 | 07ffbe5f24ca348723ff8c6c488abfb8 |
| SHA1 | 6dc2851e39b2ee38f88cf5c35a90171dbea5b690 |
| SHA256 | 6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c |
| SHA512 | 7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | d081623f8a1c4ea5706763b44fcf002a |
| SHA1 | d6f5c55dd22430b0cff26deca2e64eef0c97dc46 |
| SHA256 | 1691a8e9a2f6fbf7f2d7b9d6cb67f31d12b7cdd72d1390cf7810a83d7f838b63 |
| SHA512 | e737556523b24b2c98cd682745f301ec2460bfcbf8e24e63f5fcec58be8c038fc0d080b267cc3cc8ffc61c940447c94a7a4d2949092c5586d12d4f536adc0353 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005
| MD5 | e579aca9a74ae76669750d8879e16bf3 |
| SHA1 | 0b8f462b46ec2b2dbaa728bea79d611411bae752 |
| SHA256 | 6e51c7866705bf0098febfaf05cf4652f96e69ac806c837bfb1199b6e21e6aaf |
| SHA512 | df22f1dff74631bc14433499d1f61609de71e425410067fd08ec193d100b70d98672228906081c309a06bcba03c097ace885240a3ce71e0da4fdb8a022fc9640 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | b46dad88479a5ff7456f0e11fb00c91c |
| SHA1 | 07ec0bf10da665f3485bb8b8573590e661409630 |
| SHA256 | bf4d9924150de7b788f6a3d8469aa666d4a87bbc5c7a58f7158483de6bb00a90 |
| SHA512 | ed3a078ecedf8b4520158a4376fc6f84db24f678a7e458a121d4028ceb270b5840ce619cc61e511cafccf973f56ddba8594ed6ec7ed8a18632fffdb16e533a97 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 731ee372cd5ade64cdce011854bbe344 |
| SHA1 | a2cb5e127173f5aa9670358004dfef9257631119 |
| SHA256 | 60ccfd4426120ba1274b99ae47177d394d94a3c9887f0a751c05baeff297063f |
| SHA512 | e29b8eeaf16638041f0af1e19125af4c092359c7f3f29da8e09df2949ab4920540b6dae8bca9627b901c0b01e238e4dad4b7fc2a8edfdf62e66ec5c6094f326a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 5dd57d70f915080ecf1fb79f09ec49b9 |
| SHA1 | d29d2290d3b8ac6c1d2ea0d28040afa395273525 |
| SHA256 | 47d6a1270fabc9d74ab762babffe5490c0dda33ec5d036db9e5d73d17f10f5b6 |
| SHA512 | 86b719a2a42f30403dab8fffa09933db83652d8c92497ff11dc79645e70b639015335fc999a52f5180a46ba0094fabf7e2f049409dbe7276c74c1af2de37cbed |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 9d7e4ef17054e122e3cd5a1bbe2ba058 |
| SHA1 | 153c1089295b2c2297d233ccf609d6848af73157 |
| SHA256 | af1fbec386bf9e8ba6886c3c433c5ba734d524095d1530a8625161a974ec663d |
| SHA512 | f6751c4556ceca442b61ad8566c5adf0a11ed53061f7ea5408a1ea203b935ba63708f4cdfc5e7ae3d2f29498a72127d163f806e0baf1b6d50f695c19524fa8d2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | 24d825137f840bfb300a39ff7ecde355 |
| SHA1 | f3a6cc81a1a1637975d6e7524f4db79ad1a81412 |
| SHA256 | ec40eeecd68bd991fb897a39efac58dad66162f2d44096baaddef116ab6be6bd |
| SHA512 | dd66d6c4825a52c3260b5afc428d842a7b6e1cf5f801660f3086cd726345a7e408fe70856498d48ff9eba0a90a194706c27751c4897d788d9f255e07d098c323 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 637139a61885d142de0f95748e991599 |
| SHA1 | 840429047d3970e2e97e5397d45f6f3294ebe2a6 |
| SHA256 | 538bb0aaf8b328d4883f6893e954f64aa4dd0dfe635a0f9ef2e0025f4b6a912c |
| SHA512 | 93232269b5c4c3e7710563c3c3994d2fa24b78813e18dfff1847f68c7924b014b531a2c587e6627f6d9cbb1ab8c2d563a122605fe8d80492b93db6812a4e7ab8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 21f9fda9eee64ef602a3337e571e9f3a |
| SHA1 | b4887ffb333848f8096ab7f917f7cf0547c2984b |
| SHA256 | 8a34788aa38e406ba55bdec286fe0dd262a361d089a43d22def40bb1b35eb369 |
| SHA512 | 6b1775817335a76334531e28e980490aaf49cc7a526d253c8424844fba25f0d51b07784d62255943fb061b579b19b5eae77b8e3b6d502615d21c1ee5c71f0c43 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 4bf2156f4031440211916308da5f019a |
| SHA1 | 62822b56f11c9983bea82091ede56cdc3b9839d7 |
| SHA256 | 5049a4b25c10946d00cd4d7f4e787f147253513b6d8e960cb640a46952ef9de5 |
| SHA512 | 9c2ad9e50ed0c5de58a634e5438c2c7e185a783a6af995113151f215e80d781a6070712b3decf64dbc1442d6db557945ada5a3c6d9fa96aba865f3cc489a32ee |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 77adb201181629e3e865d27643d29ef3 |
| SHA1 | 2e71daf66e7e5412d31feaa0536d11738382d1d6 |
| SHA256 | 9b17e686b970368344e5397ee43852891d5018b4a8d99ce4408c8dd0cc9ec176 |
| SHA512 | 3253410e5976d51cfdc38c6eff152d0e4b02533af9cb7de4028d821fecfa6fc25b91352010e86ed9a4d8b1eec069f0ccf8db7631a189b3bbc55b33e0a0e92238 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 0dbe8e17cc8f690a957b81cc8440e36d |
| SHA1 | 5f47560e298f5ad74f3cacb590d14b5f31d15ec5 |
| SHA256 | 135c78e7bb8ca96f0fc07946385d9ef02e5519e28f289db642f5851b4323caf8 |
| SHA512 | 699a85f17e52f24c664297be767f8ff70dc22965697e4f2328e30ab3727d3cf8930364bc649bfb379c002bea7479d9fb84d9722ceaee024e55b70d819993ccf0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8362450f1e107e9c81e9bbe93b5e0772 |
| SHA1 | e55a76c5c1d01763c476fca76a7bc3a41a3ad3bb |
| SHA256 | 29295cbc14ac938ab60974ef7b4b9a5cbfdbf7104bcd811a82c683df5e15eaf6 |
| SHA512 | 4eac84b73835e4172625343621031d62a5f9302153b4ae28d3fe1535379f85249f7f6012e18f38e3ab1a5c5e7f40f612b883b6f5e1f5c37b6caa6d981fa40434 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 407c58690fab78bee60dd6b554440ffa |
| SHA1 | 78fba8c6b6f5ada0a0efe1f187cf51e973faed95 |
| SHA256 | 9d4bb0ab6d7ef0cc281eaabef7aca1b284b050dcaf7414d7eb6b1a4ffdfe73da |
| SHA512 | 65879226dfa57e2a9d0a8f98dcd0959d397365df1b5e33c3ab0cb47ac2628cda7a213141396450338534a6726a83ae3ea8ffd1a4e346190665838439e3a74103 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | f42fb96f3ba1792fbbf6cd4aab31689e |
| SHA1 | 4e7c6cad87961faeff36e1e7ec84c356380574ee |
| SHA256 | 7ac1af14d22121e7172ffa3fe35acb68d635ef9347d1850f2febf50a2d21f5f5 |
| SHA512 | bf11c3f34544dee6c09861d1345784bbe7686c8c86467a9590cf503aed2b9cb4db4003d2409e2a9788dd8063cb396ced98b089c9ac401be7657a946e355ebea2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | e54ec9eb6e89214a727323386310dc5b |
| SHA1 | 18f809133c8dda1e4801b17a7f80909b970ef5db |
| SHA256 | e2c28d1cfaa94dd6d60100d2d17857f43ab40cac88478526a8bfbb420579dd27 |
| SHA512 | bc328f0c7a6532f04b756ae8c9f4e8bf383b8253050c19d4609c0814913882581cfe6d810235af263facdfc8d37676722a70bf782c23eb67b9c663385a29ab10 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e1b61c6def54b95aed8bf38c5e4899e5 |
| SHA1 | 189c6c96326d97c649da099061da0a78c5e1052e |
| SHA256 | 5c1565953d01afc5eaf8de7ef0f998fc8abe95bae617d1d70c914d36bd0e0f4d |
| SHA512 | cd8411e2cfdcc06ec7d9be73f10ac4581c2b46d2edba279cdf9e786767c966a26d14449ce0b9839096cb4db696f39735881581def63e6773b4ebc95bc7384d30 |
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-14 19:38
Reported
2024-11-14 19:56
Platform
win10ltsc2021-20241023-en
Max time kernel
1049s
Max time network
1038s
Command Line
Signatures
Wannacry
Wannacry family
Deletes shadow copies
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000\Control Panel\International\Geo\Nation | C:\Windows\system32\cmd.exe | N/A |
Drops startup file
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\AppData\Roaming\Microsoft\Word\STARTUP\~SD1D36.tmp | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\WannaCry.EXE | N/A |
| File opened for modification | C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\~SD1D1F.tmp | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\WannaCry.EXE | N/A |
Executes dropped EXE
Loads dropped DLL
Modifies file permissions
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
Reads user/profile data of web browsers
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\mbkyddqwyn919 = "\"C:\\Users\\Admin\\Downloads\\WannaCry-master\\WannaCry-master\\tasksche.exe\"" | C:\Windows\SysWOW64\reg.exe | N/A |
File and Directory Permissions Modification: Windows File and Directory Permissions Modification
Sets desktop wallpaper using registry
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000\Control Panel\Desktop\Wallpaper = "C:\\Users\\Admin\\Desktop\\@[email protected]" | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\WannaCry.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000\Control Panel\Desktop\Wallpaper = "C:\\Users\\Admin\\Desktop\\@[email protected]" | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected] | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\system32\mspaint.exe | N/A |
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskdl.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\TaskData\Tor\taskhsvc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskse.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskdl.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskdl.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\attrib.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskdl.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskse.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskse.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskdl.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskse.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskdl.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskse.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskse.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskdl.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskse.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskse.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cmd.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\Wbem\WMIC.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskse.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskse.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskse.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskdl.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\icacls.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskse.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskse.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskdl.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cscript.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\TrustlookWannaCryToolkit-master\TrustlookWannaCryToolkit-master\vaccine\tl_wannacry_no_console.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cmd.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cmd.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskdl.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskse.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\WannaCry.EXE | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskdl.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskse.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\TrustlookWannaCryToolkit-master\TrustlookWannaCryToolkit-master\vaccine\tl_wannacry_console.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskse.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskdl.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskdl.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskdl.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskse.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskdl.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskse.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings | C:\Windows\system32\cmd.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Modifies registry key
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\reg.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File created | C:\Users\Admin\Downloads\WannaCry-master.zip:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| File created | C:\Users\Admin\Downloads\TrustlookWannaCryToolkit-master.zip:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\mspaint.exe | N/A |
| N/A | N/A | C:\Windows\system32\mspaint.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\TaskData\Tor\taskhsvc.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\TaskData\Tor\taskhsvc.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\TaskData\Tor\taskhsvc.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\TaskData\Tor\taskhsvc.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\TaskData\Tor\taskhsvc.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\TaskData\Tor\taskhsvc.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\Wbem\WMIC.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\Wbem\WMIC.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\Wbem\WMIC.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\Wbem\WMIC.exe | N/A |
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected] | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Uses Volume Shadow Copy service COM API
Views/modifies file attributes
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\attrib.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\attrib.exe | N/A |
Processes
C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\alkaline_trio___2_by_letsplaysuicide_d5l988-fullview.jpg
C:\Windows\system32\mspaint.exe
"C:\Windows\system32\mspaint.exe" "C:\Users\Admin\AppData\Local\Temp\alkaline_trio___2_by_letsplaysuicide_d5l988-fullview.jpg"
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=1972 -parentBuildID 20240401114208 -prefsHandle 1900 -prefMapHandle 1892 -prefsLen 23681 -prefMapSize 244658 -appDir "C:\Program Files\Mozilla Firefox\browser" - {87a887c7-35d6-4f0f-9aff-0879076251af} 680 "\\.\pipe\gecko-crash-server-pipe.680" gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2380 -parentBuildID 20240401114208 -prefsHandle 2372 -prefMapHandle 2368 -prefsLen 23717 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2416f450-a793-4934-ace2-3379802d6bda} 680 "\\.\pipe\gecko-crash-server-pipe.680" socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3032 -childID 1 -isForBrowser -prefsHandle 3024 -prefMapHandle 3020 -prefsLen 23858 -prefMapSize 244658 -jsInitHandle 1260 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {dec6fd35-3269-44e3-a071-6008ac63fa05} 680 "\\.\pipe\gecko-crash-server-pipe.680" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4428 -childID 2 -isForBrowser -prefsHandle 4420 -prefMapHandle 4312 -prefsLen 29091 -prefMapSize 244658 -jsInitHandle 1260 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3d9673fe-a737-47cf-bd72-224829240c92} 680 "\\.\pipe\gecko-crash-server-pipe.680" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4896 -parentBuildID 20240401114208 -sandboxingKind 0 -prefsHandle 4876 -prefMapHandle 4924 -prefsLen 29091 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d4a48498-838e-48e3-b4c8-2f432f006e06} 680 "\\.\pipe\gecko-crash-server-pipe.680" utility
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5300 -childID 3 -isForBrowser -prefsHandle 5212 -prefMapHandle 5228 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 1260 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d5dffcbc-b56b-414c-b25c-0fa3b90102b7} 680 "\\.\pipe\gecko-crash-server-pipe.680" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5508 -childID 4 -isForBrowser -prefsHandle 5500 -prefMapHandle 5496 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 1260 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f85385b2-f9b2-4ddf-9d07-1eb9859aaf11} 680 "\\.\pipe\gecko-crash-server-pipe.680" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5684 -childID 5 -isForBrowser -prefsHandle 5424 -prefMapHandle 5608 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 1260 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {48db4e0f-3287-4d13-ae53-14868b284f2f} 680 "\\.\pipe\gecko-crash-server-pipe.680" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=1568 -childID 6 -isForBrowser -prefsHandle 6060 -prefMapHandle 6056 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1260 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f9409ca8-b9b2-4b5f-a5cb-893bfe77639a} 680 "\\.\pipe\gecko-crash-server-pipe.680" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6184 -childID 7 -isForBrowser -prefsHandle 6172 -prefMapHandle 6176 -prefsLen 27998 -prefMapSize 244658 -jsInitHandle 1260 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2bf81886-3702-46ff-9bc0-9ddf5eddd846} 680 "\\.\pipe\gecko-crash-server-pipe.680" tab
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\WannaCry.EXE
"C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\WannaCry.EXE"
C:\Windows\SysWOW64\attrib.exe
attrib +h .
C:\Windows\SysWOW64\icacls.exe
icacls . /grant Everyone:F /T /C /Q
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskdl.exe
taskdl.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c 79711731613387.bat
C:\Windows\SysWOW64\cscript.exe
cscript.exe //nologo m.vbs
C:\Windows\SysWOW64\attrib.exe
attrib +h +s F:\$RECYCLE
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
C:\Windows\SysWOW64\cmd.exe
cmd.exe /c start /b @[email protected] vs
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\TaskData\Tor\taskhsvc.exe
TaskData\Tor\taskhsvc.exe
C:\Windows\SysWOW64\cmd.exe
cmd.exe /c vssadmin delete shadows /all /quiet & wmic shadowcopy delete & bcdedit /set {default} bootstatuspolicy ignoreallfailures & bcdedit /set {default} recoveryenabled no & wbadmin delete catalog -quiet
C:\Windows\SysWOW64\Wbem\WMIC.exe
wmic shadowcopy delete
C:\Windows\system32\vssvc.exe
C:\Windows\system32\vssvc.exe
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskse.exe
taskse.exe C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
C:\Windows\SysWOW64\cmd.exe
cmd.exe /c reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v "mbkyddqwyn919" /t REG_SZ /d "\"C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\tasksche.exe\"" /f
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskdl.exe
taskdl.exe
C:\Windows\SysWOW64\reg.exe
reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v "mbkyddqwyn919" /t REG_SZ /d "\"C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\tasksche.exe\"" /f
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskdl.exe
taskdl.exe
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskse.exe
taskse.exe C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6684 -childID 8 -isForBrowser -prefsHandle 6908 -prefMapHandle 6860 -prefsLen 28038 -prefMapSize 244658 -jsInitHandle 1260 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e6cbd673-700a-4ba8-9353-d05ac61657a6} 680 "\\.\pipe\gecko-crash-server-pipe.680" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6872 -childID 9 -isForBrowser -prefsHandle 6876 -prefMapHandle 6956 -prefsLen 28038 -prefMapSize 244658 -jsInitHandle 1260 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5afe6e7a-dcaa-48b3-ab19-d9a63d768b16} 680 "\\.\pipe\gecko-crash-server-pipe.680" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7068 -childID 10 -isForBrowser -prefsHandle 7160 -prefMapHandle 6164 -prefsLen 28038 -prefMapSize 244658 -jsInitHandle 1260 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {749a150e-1689-4fc2-8ecc-946111465a77} 680 "\\.\pipe\gecko-crash-server-pipe.680" tab
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskse.exe
taskse.exe C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskdl.exe
taskdl.exe
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\TrustlookWannaCryToolkit-master\TrustlookWannaCryToolkit-master\scanner\requirements.txt
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskse.exe
taskse.exe C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskdl.exe
taskdl.exe
C:\Users\Admin\Downloads\TrustlookWannaCryToolkit-master\TrustlookWannaCryToolkit-master\vaccine\tl_wannacry_console.exe
"C:\Users\Admin\Downloads\TrustlookWannaCryToolkit-master\TrustlookWannaCryToolkit-master\vaccine\tl_wannacry_console.exe"
C:\Users\Admin\Downloads\TrustlookWannaCryToolkit-master\TrustlookWannaCryToolkit-master\vaccine\tl_wannacry_console.exe
"C:\Users\Admin\Downloads\TrustlookWannaCryToolkit-master\TrustlookWannaCryToolkit-master\vaccine\tl_wannacry_console.exe"
C:\Users\Admin\Downloads\TrustlookWannaCryToolkit-master\TrustlookWannaCryToolkit-master\vaccine\tl_wannacry_no_console.exe
"C:\Users\Admin\Downloads\TrustlookWannaCryToolkit-master\TrustlookWannaCryToolkit-master\vaccine\tl_wannacry_no_console.exe"
C:\Users\Admin\Downloads\TrustlookWannaCryToolkit-master\TrustlookWannaCryToolkit-master\vaccine\tl_wannacry_no_console.exe
"C:\Users\Admin\Downloads\TrustlookWannaCryToolkit-master\TrustlookWannaCryToolkit-master\vaccine\tl_wannacry_no_console.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7200 -childID 11 -isForBrowser -prefsHandle 6628 -prefMapHandle 7188 -prefsLen 28038 -prefMapSize 244658 -jsInitHandle 1260 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {92ebc4fb-90a2-426e-8907-1347bf10ce8c} 680 "\\.\pipe\gecko-crash-server-pipe.680" tab
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskse.exe
taskse.exe C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskdl.exe
taskdl.exe
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskse.exe
taskse.exe C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskdl.exe
taskdl.exe
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=1944 -parentBuildID 20240401114208 -prefsHandle 1872 -prefMapHandle 1864 -prefsLen 24531 -prefMapSize 245025 -appDir "C:\Program Files\Mozilla Firefox\browser" - {7f7de27a-3cfc-40b4-9e53-ab3eb147cced} 5188 "\\.\pipe\gecko-crash-server-pipe.5188" gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2296 -parentBuildID 20240401114208 -prefsHandle 2276 -prefMapHandle 2264 -prefsLen 24531 -prefMapSize 245025 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {aaf2f302-eb26-48e2-b9fb-b21558196fe5} 5188 "\\.\pipe\gecko-crash-server-pipe.5188" socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3132 -childID 1 -isForBrowser -prefsHandle 2908 -prefMapHandle 3120 -prefsLen 25030 -prefMapSize 245025 -jsInitHandle 1116 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {35a12db4-03e5-4053-b3e7-e4f71a6530d6} 5188 "\\.\pipe\gecko-crash-server-pipe.5188" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3980 -childID 2 -isForBrowser -prefsHandle 3972 -prefMapHandle 3968 -prefsLen 30263 -prefMapSize 245025 -jsInitHandle 1116 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a159556a-fe0b-4558-aa00-107ada5df3a1} 5188 "\\.\pipe\gecko-crash-server-pipe.5188" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4728 -parentBuildID 20240401114208 -sandboxingKind 0 -prefsHandle 4716 -prefMapHandle 4720 -prefsLen 30317 -prefMapSize 245025 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {730cbb9e-da34-4dcf-a03c-9c731aa6fd17} 5188 "\\.\pipe\gecko-crash-server-pipe.5188" utility
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5152 -childID 3 -isForBrowser -prefsHandle 5144 -prefMapHandle 5140 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1116 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {72c8049f-11c0-4f62-ae36-a75b3aae2040} 5188 "\\.\pipe\gecko-crash-server-pipe.5188" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5288 -childID 4 -isForBrowser -prefsHandle 5296 -prefMapHandle 5300 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1116 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {133ccd8e-eb08-465a-acb3-445662e7dcc6} 5188 "\\.\pipe\gecko-crash-server-pipe.5188" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5504 -childID 5 -isForBrowser -prefsHandle 5580 -prefMapHandle 5576 -prefsLen 27782 -prefMapSize 245025 -jsInitHandle 1116 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {496fef27-c188-4b76-8049-d14260afe4d7} 5188 "\\.\pipe\gecko-crash-server-pipe.5188" tab
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskse.exe
taskse.exe C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskdl.exe
taskdl.exe
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskse.exe
taskse.exe C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskdl.exe
taskdl.exe
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskse.exe
taskse.exe C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskdl.exe
taskdl.exe
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskse.exe
taskse.exe C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskdl.exe
taskdl.exe
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskse.exe
taskse.exe C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskdl.exe
taskdl.exe
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskse.exe
taskse.exe C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskdl.exe
taskdl.exe
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskse.exe
taskse.exe C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskdl.exe
taskdl.exe
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskse.exe
taskse.exe C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskdl.exe
taskdl.exe
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskse.exe
taskse.exe C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskdl.exe
taskdl.exe
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskse.exe
taskse.exe C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskdl.exe
taskdl.exe
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskse.exe
taskse.exe C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskdl.exe
taskdl.exe
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskse.exe
taskse.exe C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskdl.exe
taskdl.exe
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskse.exe
taskse.exe C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskdl.exe
taskdl.exe
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskse.exe
taskse.exe C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskdl.exe
taskdl.exe
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskse.exe
taskse.exe C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskdl.exe
taskdl.exe
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskse.exe
taskse.exe C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskdl.exe
taskdl.exe
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskse.exe
taskse.exe C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskdl.exe
taskdl.exe
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskse.exe
taskse.exe C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskdl.exe
taskdl.exe
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskse.exe
taskse.exe C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskdl.exe
taskdl.exe
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskse.exe
taskse.exe C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskdl.exe
taskdl.exe
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskse.exe
taskse.exe C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.205.72.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.144.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 57.110.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.249.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.163.245.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.42.69.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | checkappexec.microsoft.com | udp |
| GB | 13.87.96.169:443 | checkappexec.microsoft.com | tcp |
| US | 8.8.8.8:53 | 169.96.87.13.in-addr.arpa | udp |
| N/A | 127.0.0.1:49772 | tcp | |
| US | 8.8.8.8:53 | spocs.getpocket.com | udp |
| US | 8.8.8.8:53 | firefox-api-proxy.cdn.mozilla.net | udp |
| US | 34.149.97.1:443 | firefox-api-proxy.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.ads.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.ads.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | 149.234.200.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | firefox-settings-attachments.cdn.mozilla.net | udp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | www.mozilla.org | udp |
| US | 151.101.1.91:443 | www.mozilla.org | tcp |
| US | 8.8.8.8:53 | www-mozilla.fastly-edge.com | udp |
| US | 8.8.8.8:53 | www-mozilla.fastly-edge.com | udp |
| US | 8.8.8.8:53 | 91.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 172.217.16.228:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| N/A | 127.0.0.1:49784 | tcp | |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | 228.16.217.172.in-addr.arpa | udp |
| GB | 172.217.16.228:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 3.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | location.services.mozilla.com | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| US | 35.190.72.216:443 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 35.190.72.216:443 | prod.classify-client.prod.webservices.mozgcp.net | tcp |
| US | 8.8.8.8:53 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | 216.72.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 201.181.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ciscobinary.openh264.org | udp |
| NL | 2.18.121.79:80 | ciscobinary.openh264.org | tcp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| GB | 172.217.169.46:443 | redirector.gvt1.com | tcp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| GB | 172.217.169.46:443 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | r4---sn-aigzrnsz.gvt1.com | udp |
| GB | 74.125.175.169:443 | r4---sn-aigzrnsz.gvt1.com | tcp |
| US | 8.8.8.8:53 | r4.sn-aigzrnsz.gvt1.com | udp |
| US | 8.8.8.8:53 | r4.sn-aigzrnsz.gvt1.com | udp |
| GB | 74.125.175.169:443 | r4.sn-aigzrnsz.gvt1.com | udp |
| US | 8.8.8.8:53 | 79.121.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.175.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 16.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | csp.withgoogle.com | udp |
| GB | 142.250.200.49:443 | csp.withgoogle.com | tcp |
| US | 8.8.8.8:53 | csp.withgoogle.com | udp |
| US | 8.8.8.8:53 | csp.withgoogle.com | udp |
| US | 8.8.8.8:53 | 194.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| GB | 142.250.200.49:443 | csp.withgoogle.com | udp |
| GB | 142.250.180.10:443 | ogads-pa.googleapis.com | tcp |
| GB | 142.250.180.10:443 | ogads-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| GB | 142.250.180.10:443 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 10.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.187.206:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.187.206:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 206.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| GB | 142.250.180.14:443 | consent.google.com | tcp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| GB | 142.250.180.14:443 | consent.google.com | udp |
| US | 8.8.8.8:53 | 14.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| GB | 172.217.169.46:443 | encrypted-tbn0.gstatic.com | tcp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| GB | 172.217.169.46:443 | encrypted-tbn0.gstatic.com | udp |
| US | 8.8.8.8:53 | support.mozilla.org | udp |
| US | 8.8.8.8:53 | us-west1.prod.sumo.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | us-west1.prod.sumo.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | id.google.com | udp |
| GB | 142.250.200.49:443 | csp.withgoogle.com | udp |
| BR | 172.217.30.67:443 | id.google.com | tcp |
| US | 8.8.8.8:53 | id.google.com | udp |
| US | 8.8.8.8:53 | id.google.com | udp |
| GB | 142.250.180.10:443 | ogads-pa.googleapis.com | udp |
| BR | 172.217.30.67:443 | id.google.com | udp |
| US | 8.8.8.8:53 | 67.30.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | 215.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 185.199.110.133:443 | avatars.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 8.8.8.8:53 | 154.109.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.110.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 140.82.112.22:443 | collector.github.com | tcp |
| US | 140.82.112.22:443 | collector.github.com | tcp |
| US | 8.8.8.8:53 | glb-db52c2cf8be544.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 8.8.8.8:53 | glb-db52c2cf8be544.github.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 8.8.8.8:53 | 210.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.112.82.140.in-addr.arpa | udp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | desktop.github.com | udp |
| US | 185.199.111.153:443 | desktop.github.com | tcp |
| US | 8.8.8.8:53 | github.github.io | udp |
| US | 8.8.8.8:53 | github.github.io | udp |
| US | 8.8.8.8:53 | 153.111.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | images.ctfassets.net | udp |
| FR | 18.244.28.72:443 | images.ctfassets.net | tcp |
| FR | 18.244.28.72:443 | images.ctfassets.net | tcp |
| FR | 18.244.28.72:443 | images.ctfassets.net | tcp |
| FR | 18.244.28.72:443 | images.ctfassets.net | tcp |
| FR | 18.244.28.72:443 | images.ctfassets.net | tcp |
| FR | 18.244.28.72:443 | images.ctfassets.net | tcp |
| US | 8.8.8.8:53 | d3orhvfyxudxxq.cloudfront.net | udp |
| US | 8.8.8.8:53 | d3orhvfyxudxxq.cloudfront.net | udp |
| US | 8.8.8.8:53 | 72.28.244.18.in-addr.arpa | udp |
| FR | 18.244.28.72:443 | d3orhvfyxudxxq.cloudfront.net | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 8.8.8.8:53 | codeload.github.com | udp |
| GB | 20.26.156.216:443 | codeload.github.com | tcp |
| US | 8.8.8.8:53 | codeload.github.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 8.8.8.8:53 | codeload.github.com | udp |
| US | 8.8.8.8:53 | 216.156.26.20.in-addr.arpa | udp |
| CZ | 46.28.110.244:443 | tcp | |
| SE | 171.25.193.9:80 | tcp | |
| US | 8.8.8.8:53 | 9.193.25.171.in-addr.arpa | udp |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:52309 | tcp | |
| NL | 91.132.132.100:443 | tcp | |
| US | 8.8.8.8:53 | 100.132.132.91.in-addr.arpa | udp |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| GB | 172.217.16.228:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| BR | 172.217.30.67:443 | id.google.com | udp |
| GB | 142.250.200.49:443 | csp.withgoogle.com | udp |
| BR | 172.217.30.67:443 | id.google.com | tcp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| GB | 142.250.180.10:443 | ogads-pa.googleapis.com | udp |
| GB | 142.250.187.206:443 | play.google.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | images.ctfassets.net | udp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | d3orhvfyxudxxq.cloudfront.net | udp |
| US | 8.8.8.8:53 | d3orhvfyxudxxq.cloudfront.net | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 8.8.8.8:53 | glb-db52c2cf8be544.github.com | udp |
| US | 8.8.8.8:53 | glb-db52c2cf8be544.github.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | codeload.github.com | udp |
| US | 8.8.8.8:53 | codeload.github.com | udp |
| US | 8.8.8.8:53 | codeload.github.com | udp |
| N/A | 127.0.0.1:9050 | tcp | |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | images.ctfassets.net | udp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | d3orhvfyxudxxq.cloudfront.net | udp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | d3orhvfyxudxxq.cloudfront.net | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 8.8.8.8:53 | glb-db52c2cf8be544.github.com | udp |
| US | 8.8.8.8:53 | glb-db52c2cf8be544.github.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:53447 | tcp | |
| N/A | 127.0.0.1:53453 | tcp | |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| N/A | 127.0.0.1:9050 | tcp | |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | firefox-settings-attachments.cdn.mozilla.net | udp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 34.117.121.53:443 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | tcp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp |
Files
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7xr8dama.default-release\datareporting\glean\pending_pings\7c179c7a-d938-49a3-8a18-81cdb66cb20b
| MD5 | f3da9e55be0da6e74736bc88945041cc |
| SHA1 | 3121c01ae2aeb51b00221adae2e634fff6d34751 |
| SHA256 | e7e2ba6140889a72bc9afc3a52c6fc7b66854ad402b4a1f1278fb4c1a94c0d3d |
| SHA512 | f684cdd544d21381cb63666ef9cda1556db6a5f8878b78a9c090a7079912802a4dc35394939ee311ed5121d87c591690d093a6632fa82e950c66f9739c2cdfe4 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7xr8dama.default-release\datareporting\glean\pending_pings\50af83d7-7922-4cdc-add7-d02d41355ad2
| MD5 | 8ced2f1666016cd18bf0ad103400fe41 |
| SHA1 | 925233bb279eb04e85a52f062f52c787800a73a5 |
| SHA256 | 3d42f8d6276af5c6310e67e3a1dcf6e752395ad53e8f6f2cf19ccea00a85bf1e |
| SHA512 | f2a4f33b2124a26dc313eb964035a293e47b974feaa1a68a8e9e1f3a0504a74f7d4dcb10e676b5ab10f296747d4f7bc81d6d70460b7602f21dd7ff735ba64ad4 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7xr8dama.default-release\datareporting\glean\pending_pings\45784c78-a9bc-4560-93a5-55b394fb577f
| MD5 | 0974f7dfb4b133e0690d2b8b13dcf33d |
| SHA1 | 56ca5dc7e2352586fc46378532f3e7f82ba1a891 |
| SHA256 | eaf8d0562038c980a0f25b088551a8f1a4880d0c3234a94e7d4c04388875952b |
| SHA512 | f6d12cfb0d6bfe75cba9bb5e5a1ba6ed68fcd251ab99a4bfe6c433269f7358a9c503a36fd578df8b565be24933321022d4a9daf42aa53a23e280509ceda0612e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7xr8dama.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | 06d555c8b718ff3092e48775780c3fc9 |
| SHA1 | b7f06c01e70d2b61f2906939c135f2e8e4b80287 |
| SHA256 | 32758a5831185175f95691abe9a7c05e90efdf15bafd2f9a708adf1d3a44c281 |
| SHA512 | 182ca194fc51cf3461523f79cbc0d4e5e7621f4c2666b46553ece6fc480061f3f3aa8beff2fcea25c6989486021d6769203559512d51d991a9619e39cf62311c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\activity-stream.discovery_stream.json
| MD5 | 892c3d4a58e6e5b0e59e626a852f535e |
| SHA1 | ac62cf96cf295a4f684bdeb8f33f8e64674c2e00 |
| SHA256 | 60030a31dc58321fb501b47252b93011bca884e86ed224f607cb16803fdab512 |
| SHA512 | 3cf86656d16b75ebf2633450103d62567d77f0440d3bf58831a42a2a9dcf8ff87ff83d0c0d3dab43419572c55ae81c8f229055b73f2bcffed0539dc3e2003974 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7xr8dama.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | 67cef13fab4f2044022841bf24f002ad |
| SHA1 | 74ac5c34542045ea35f7eab30d2730a92de8e73d |
| SHA256 | b589583208b6f2a6856b86ab04f3ce53aabb369658f54f63f3a1ab7041357cb3 |
| SHA512 | cbc36c235497c7f6b4d3d3baf300315fc5659c638b498a750b2c57e78759b5f61a65d7f363a6c7157d5958911cd5147faf5ecdf74e8fb3a177729e0281cbe225 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7xr8dama.default-release\prefs.js
| MD5 | d3c3eded0aba4aae122ae8d9660147e3 |
| SHA1 | 1cc19a7257d6af64d51c1c1deb7e912638d3e32a |
| SHA256 | 2dd5261a0da9afb6d1f35131d99ed66d183af246acdb857c176191d6518bf736 |
| SHA512 | a15cb381c9ab201a5a7fe1e896037147a7e71db61e309980a5a703343e31c8f86de2b2735529c76296c8c360ac01884ef790f7076a53d71f9ace5aed289da136 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7xr8dama.default-release\AlternateServices.bin
| MD5 | 1f063525c00ee106f7cc0493184b6273 |
| SHA1 | 4e26c639267aec60c8ea3a31cecfa58cab949700 |
| SHA256 | 1c21127d1f6ad8d97996fc61d14d04f817c237fdf758bc2a277dd88a99e9f73c |
| SHA512 | f8a95fd7c56c2937229cf0151e8e9073795a92f58b60e2ed34ecc5b604ab9e4c659f74c5a6ff17690135a70f24d3eb3ee8250ec184b297158c76d1cf214959d4 |
C:\Users\Admin\AppData\Local\Temp\tmpaddon
| MD5 | 09372174e83dbbf696ee732fd2e875bb |
| SHA1 | ba360186ba650a769f9303f48b7200fb5eaccee1 |
| SHA256 | c32efac42faf4b9878fb8917c5e71d89ff40de580c4f52f62e11c6cfab55167f |
| SHA512 | b667086ed49579592d435df2b486fe30ba1b62ddd169f19e700cd079239747dd3e20058c285fa9c10a533e34f22b5198ed9b1f92ae560a3067f3e3feacc724f1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7xr8dama.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.info
| MD5 | 2a461e9eb87fd1955cea740a3444ee7a |
| SHA1 | b10755914c713f5a4677494dbe8a686ed458c3c5 |
| SHA256 | 4107f76ba1d9424555f4e8ea0acef69357dfff89dfa5f0ec72aa4f2d489b17bc |
| SHA512 | 34f73f7bf69d7674907f190f257516e3956f825e35a2f03d58201a5a630310b45df393f2b39669f9369d1ac990505a4b6849a0d34e8c136e1402143b6cedf2d3 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7xr8dama.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.dll
| MD5 | 842039753bf41fa5e11b3a1383061a87 |
| SHA1 | 3e8fe1d7b3ad866b06dca6c7ef1e3c50c406e153 |
| SHA256 | d88dd3bfc4a558bb943f3caa2e376da3942e48a7948763bf9a38f707c2cd0c1c |
| SHA512 | d3320f7ac46327b7b974e74320c4d853e569061cb89ca849cd5d1706330aca629abeb4a16435c541900d839f46ff72dfde04128c450f3e1ee63c025470c19157 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7xr8dama.default-release\prefs-1.js
| MD5 | 887c575c76666c2258babce07c2cbf6e |
| SHA1 | d0e5fbe1562cf44150ea5748039496a14c2727fe |
| SHA256 | 74a33dea32293ddccbec219238ee59e996d7c0ccccfbbaffaac3f478982691cb |
| SHA512 | 89aa8c6ca27e94a996251a9dd33c2efa7cf66c9f98bcb58b13be0939dbf1d9ec2829064b18f410e4287302b1388a51c343e4e8d144dd6bac099385b42e9ba351 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7xr8dama.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 24c43eb6ea5131390141fad059ec08c8 |
| SHA1 | 04225cada44fb1c6479b8475fa60bb8d06530e5e |
| SHA256 | ec9cc74b2348673d88003428f05703b1866b5936585e2d7b8ba89599effe04c4 |
| SHA512 | 66955fd90aa84bba95b5c637b4c23865cad5c2db7078eb67defdb362541bfae3f10ea859531212492fc9072ca3eeb3c6c8d3bad48eb40dac0fa0636479a6d939 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7xr8dama.default-release\AlternateServices.bin
| MD5 | 32ede46590e1ba876a6da72e07ac1714 |
| SHA1 | 00d648c4d4c371b9c99138036e7bd4c009bfedee |
| SHA256 | fdadde18c8a97834d71eea9e7b85a2c3deaec84a7407cec631417d84673f94aa |
| SHA512 | c3c092bfba6834a5f544eeb499e5d423ce071e5b3c24d81ad0693f639022671b02c3ae58d7ba40dc3bc3837fa7723b787611d72be7941c363016400dc03bb482 |
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1
| MD5 | 0a8747a2ac9ac08ae9508f36c6d75692 |
| SHA1 | b287a96fd6cc12433adb42193dfe06111c38eaf0 |
| SHA256 | 32d544baf2facc893057a1d97db33207e642f0dacf235d8500a0b5eff934ce03 |
| SHA512 | 59521f8c61236641b3299ab460c58c8f5f26fa67e828de853c2cf372f9614d58b9f541aae325b1600ec4f3a47953caacb8122b0dfce7481acfec81045735947d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7xr8dama.default-release\gmp-widevinecdm\4.10.2710.0\manifest.json
| MD5 | bf957ad58b55f64219ab3f793e374316 |
| SHA1 | a11adc9d7f2c28e04d9b35e23b7616d0527118a1 |
| SHA256 | bbab6ca07edbed72a966835c7907b3e60c7aa3d48ddea847e5076bd05f4b1eda |
| SHA512 | 79c179b56e4893fb729b225818ab4b95a50b69666ac41d17aad0b37ab0ca8cd9f0848cbc3c5d9e69e4640a8b261d7ced592eae9bcb0e0b63c05a56e7c477f44e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7xr8dama.default-release\gmp-widevinecdm\4.10.2710.0\widevinecdm.dll
| MD5 | daf7ef3acccab478aaa7d6dc1c60f865 |
| SHA1 | f8246162b97ce4a945feced27b6ea114366ff2ad |
| SHA256 | bc40c7821dcd3fea9923c6912ab1183a942c11b7690cfd79ed148ded0228777e |
| SHA512 | 5840a45cfdb12c005e117608b1e5d946e1b2e76443ed39ba940d7f56de4babeab09bee7e64b903eb82bb37624c0a0ef19e9b59fbe2ce2f0e0b1c7a6015a63f75 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7xr8dama.default-release\sessionstore-backups\recovery.baklz4
| MD5 | d63cdf78e7f1b8e92a8a9459d2d7a988 |
| SHA1 | 6159902a5d99680441381e4a07efee6322eb9e9f |
| SHA256 | b12cc5eb9fdf9ac13ac67b55edf17080d58ddae5481cd7bdf5d957b2a0be2c14 |
| SHA512 | ae41a5c92d32e05ee54eb499e8fd246183e18adcbe36da2d3a088fcb6ac3a59a5cf27aeb6a6d3a183b70488e7d2450f4ff46c69dc8320a977aad8868cab6a0ed |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7xr8dama.default-release\sessionstore-backups\recovery.baklz4
| MD5 | d7be792e4700fe9a74019294172d93f0 |
| SHA1 | a54e47b61bb766817e9c4f6ff76af175bf0ca47c |
| SHA256 | 7842ecb1b3ada473a264936160bcbb16401743d1d43d1877396513eab6772720 |
| SHA512 | be0a1a7a007bf12ed04bec2c879dda7be9a1aca64ad7919ba08a5f31a029fd5e0fe348b71f7006de768806e73f5b54ffa7787246b59666004ad99c7b2fe6f570 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7xr8dama.default-release\sessionstore-backups\recovery.baklz4
| MD5 | f667efb9bb110f9373b178b20b36853d |
| SHA1 | dc8c694a81991e48c1ce7481443a6b2b4edec77b |
| SHA256 | 63f44ac093d87fea17a7203a279eca925d4dfd92e0e7f883251ddd5a7a7fd002 |
| SHA512 | 91e3f455f84d073e876156430326c14b62925502f2561ac99f5217fe25f41300df315a335fbc9be6ab68f4b5962c23d93e5cb4d269e7a4b1223a0279f3fa9e55 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7xr8dama.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 1146ba4c8a2a475d4732e1bb9c63ab56 |
| SHA1 | 22dc2609e81f11847a0f3873d22e67014dffa8a6 |
| SHA256 | 8be97eccd97a14e95d3d531b3aae4393bc8e82289749cbf15c8955b970923824 |
| SHA512 | 7175c6944b55a93724cbed147af5d040fc38655ea054d17186b3c6164347098ffdb86e1c167f379b868dcf08c8ca867fb4f2dc23628fef1c9b4ebf125958ba8d |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\E8BD986722565A28F40356B72AB577075CED36B9
| MD5 | a67ebf5a778c5eff94f78791679fd8c6 |
| SHA1 | cb8fa838cb9efdd74f99b2e55a5ef2491e22d671 |
| SHA256 | 7f7a8103fd1aa77f62cfeeb275d973249032af285a42dfef6b37d982c0d6ed56 |
| SHA512 | 53687f1a80c1f0ac80ba69a3f83ef98178f50c80756e02b7ce5cd014e398a135c9b52e5cf750398c2f9330f2d53b6c85872048b42e3d11b6fc4373d97fedf4db |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\549C94847E35BE89DCE95DF86EA39378F22E5078
| MD5 | 264487f43b7bab0e1ead1c46452c647c |
| SHA1 | 02578596d207e5711df3f6cd31238d31f19a9fb2 |
| SHA256 | 9d850f38f573f2d546eb1e3abd0cdceea8eb682a4195b9a1629a66825fb29cba |
| SHA512 | 0882bd478dab62fb301a0bc18f5e1b4b97dc663225750a43b17116ece2f97a7d7294d0f1ac48cc87cd14d044dcf8db588253cb1ce3cd66f84580a66415b72cb7 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\8ADF0B8FE76015F32F4AD7D4AC02D58AE5922581
| MD5 | a303d66c9563c155125e28be70a51f24 |
| SHA1 | bf28a8db61fde7b62dd478f1fe804ac3299883d7 |
| SHA256 | 92e637cd132e645dc542baa498341ffd797418ca0ad620a375856ee5c0a1c771 |
| SHA512 | 0d7ccf7aada807bd5043a06f7f1578292b0769e6a7ea33c9bdbd71a10f9a03395e15649c94567f9552d417aaab583d116ca55a08667ef932b4d58fdb4210dfc4 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\2492994A253B970917AF5CDF605580B1C2DC16A0
| MD5 | 442533447673a01d23189d006f692fa6 |
| SHA1 | 264643098d087a550911b414d8dc3b7093f56c2e |
| SHA256 | 6d256e9be34d9e57b70e3b4e1df1fc5a3a6aa921d953088de653563b2003a683 |
| SHA512 | e80b5f26032736e0015c8df3c2f086a9658bbc09d4e182b7c36c88109ac6a9ebde68ca133dbe092d3bc671ca3827e7fbb476f31d514eb1e7901e5cb5f321b285 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\F7B6C486855E65BCC82EA80487D23FA0EF6FD246
| MD5 | f6d1456cf5554da2a8eaf8e9824fd357 |
| SHA1 | 614a61802aa5971c8c2e1d990e22acea64f220b1 |
| SHA256 | 4bbbf5d61a2ebb6e1cacf4a85e0f441970891da68b0c130075440f53ce80546e |
| SHA512 | 2e3c18b35165353685e188da6a77b795919fc59b0556f76bf2716af10b4620e7f577850ee78fdfa0dc12627eeec8eaa2057fce179fba4e94a6255607e85193cd |
C:\Users\Admin\Downloads\WannaCry-master.8QC4yMhV.zip.part
| MD5 | ea3091f9314b04b4247ec7e8d7b9a870 |
| SHA1 | 8c4196e007e6849d007c265f51682027a96de892 |
| SHA256 | 73160106225c66c2cbe4fa844479d857cf1410c7cdfdaccf486aed4645a7c1bd |
| SHA512 | d3d4e532e0d329476b8daa98b68b1c934a9ab538f5f348205e972e1aeaebfe4ea9e13f5900342294b11a51e98c957928ee1da70e8d82e3defdde24c9f846b15f |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7xr8dama.default-release\sessionstore-backups\recovery.baklz4
| MD5 | e85232ef10071f8cf8124df62cf0b261 |
| SHA1 | e398c8e46154d321586316b47ef415788d9f56bb |
| SHA256 | dd07279e4accd34d75f9fcf38e0c93f4de286e01d74b59eacdc8f638ef12c1b2 |
| SHA512 | 2d28974dd2b3d9ede8c0787967fb61b3ae6f3d51813a88dbfa71d3822ef950dd4e38b95553f4e5bae9c13dff25f15be2d1785cad135ad7c27c7813ff9639fbe1 |
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\msg\m_finnish.wnry
| MD5 | 35c2f97eea8819b1caebd23fee732d8f |
| SHA1 | e354d1cc43d6a39d9732adea5d3b0f57284255d2 |
| SHA256 | 1adfee058b98206cb4fbe1a46d3ed62a11e1dee2c7ff521c1eef7c706e6a700e |
| SHA512 | 908149a6f5238fcccd86f7c374986d486590a0991ef5243f0cd9e63cc8e208158a9a812665233b09c3a478233d30f21e3d355b94f36b83644795556f147345bf |
memory/1812-1215-0x0000000010000000-0x0000000010010000-memory.dmp
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\c.wnry
| MD5 | 8124a611153cd3aceb85a7ac58eaa25d |
| SHA1 | c1d5cd8774261d810dca9b6a8e478d01cd4995d6 |
| SHA256 | 0ceb451c1dbefaa8231eeb462e8ce639863eb5b8ae4fa63a353eb6e86173119e |
| SHA512 | b9c8dfb5d58c95628528cc729d2394367c5e205328645ca6ef78a3552d9ad9f824ae20611a43a6e01daaffeffdc9094f80d772620c731e4192eb0835b8ed0f17 |
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\msg\m_vietnamese.wnry
| MD5 | 8419be28a0dcec3f55823620922b00fa |
| SHA1 | 2e4791f9cdfca8abf345d606f313d22b36c46b92 |
| SHA256 | 1f21838b244c80f8bed6f6977aa8a557b419cf22ba35b1fd4bf0f98989c5bdf8 |
| SHA512 | 8fca77e54480aea3c0c7a705263ed8fb83c58974f5f0f62f12cc97c8e0506ba2cdb59b70e59e9a6c44dd7cde6adeeec35b494d31a6a146ff5ba7006136ab9386 |
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\u.wnry
| MD5 | 7bf2b57f2a205768755c07f238fb32cc |
| SHA1 | 45356a9dd616ed7161a3b9192e2f318d0ab5ad10 |
| SHA256 | b9c5d4339809e0ad9a00d4d3dd26fdf44a32819a54abf846bb9b560d81391c25 |
| SHA512 | 91a39e919296cb5c6eccba710b780519d90035175aa460ec6dbe631324e5e5753bd8d87f395b5481bcd7e1ad623b31a34382d81faae06bef60ec28b49c3122a9 |
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskse.exe
| MD5 | 8495400f199ac77853c53b5a3f278f3e |
| SHA1 | be5d6279874da315e3080b06083757aad9b32c23 |
| SHA256 | 2ca2d550e603d74dedda03156023135b38da3630cb014e3d00b1263358c5f00d |
| SHA512 | 0669c524a295a049fa4629b26f89788b2a74e1840bcdc50e093a0bd40830dd1279c9597937301c0072db6ece70adee4ace67c3c8a4fb2db6deafd8f1e887abe4 |
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\taskdl.exe
| MD5 | 4fef5e34143e646dbf9907c4374276f5 |
| SHA1 | 47a9ad4125b6bd7c55e4e7da251e23f089407b8f |
| SHA256 | 4a468603fdcb7a2eb5770705898cf9ef37aade532a7964642ecd705a74794b79 |
| SHA512 | 4550dd1787deb353ebd28363dd2cdccca861f6a5d9358120fa6aa23baa478b2a9eb43cef5e3f6426f708a0753491710ac05483fac4a046c26bec4234122434d5 |
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\t.wnry
| MD5 | 5dcaac857e695a65f5c3ef1441a73a8f |
| SHA1 | 7b10aaeee05e7a1efb43d9f837e9356ad55c07dd |
| SHA256 | 97ebce49b14c46bebc9ec2448d00e1e397123b256e2be9eba5140688e7bc0ae6 |
| SHA512 | 06eb5e49d19b71a99770d1b11a5bb64a54bf3352f36e39a153469e54205075c203b08128dc2317259db206ab5323bdd93aaa252a066f57fb5c52ff28deedb5e2 |
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\s.wnry
| MD5 | ad4c9de7c8c40813f200ba1c2fa33083 |
| SHA1 | d1af27518d455d432b62d73c6a1497d032f6120e |
| SHA256 | e18fdd912dfe5b45776e68d578c3af3547886cf1353d7086c8bee037436dff4b |
| SHA512 | 115733d08e5f1a514808a20b070db7ff453fd149865f49c04365a8c6502fa1e5c3a31da3e21f688ab040f583cf1224a544aea9708ffab21405dde1c57f98e617 |
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\r.wnry
| MD5 | 3e0020fc529b1c2a061016dd2469ba96 |
| SHA1 | c3a91c22b63f6fe709e7c29cafb29a2ee83e6ade |
| SHA256 | 402751fa49e0cb68fe052cb3db87b05e71c1d950984d339940cf6b29409f2a7c |
| SHA512 | 5ca3c134201ed39d96d72911c0498bae6f98701513fd7f1dc8512819b673f0ea580510fa94ed9413ccc73da18b39903772a7cbfa3478176181cee68c896e14cf |
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\msg\m_turkish.wnry
| MD5 | 531ba6b1a5460fc9446946f91cc8c94b |
| SHA1 | cc56978681bd546fd82d87926b5d9905c92a5803 |
| SHA256 | 6db650836d64350bbde2ab324407b8e474fc041098c41ecac6fd77d632a36415 |
| SHA512 | ef25c3cf4343df85954114f59933c7cc8107266c8bcac3b5ea7718eb74dbee8ca8a02da39057e6ef26b64f1dfccd720dd3bf473f5ae340ba56941e87d6b796c9 |
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\msg\m_swedish.wnry
| MD5 | c7a19984eb9f37198652eaf2fd1ee25c |
| SHA1 | 06eafed025cf8c4d76966bf382ab0c5e1bd6a0ae |
| SHA256 | 146f61db72297c9c0facffd560487f8d6a2846ecec92ecc7db19c8d618dbc3a4 |
| SHA512 | 43dd159f9c2eac147cbff1dda83f6a83dd0c59d2d7acac35ba8b407a04ec9a1110a6a8737535d060d100ede1cb75078cf742c383948c9d4037ef459d150f6020 |
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\msg\m_spanish.wnry
| MD5 | 8d61648d34cba8ae9d1e2a219019add1 |
| SHA1 | 2091e42fc17a0cc2f235650f7aad87abf8ba22c2 |
| SHA256 | 72f20024b2f69b45a1391f0a6474e9f6349625ce329f5444aec7401fe31f8de1 |
| SHA512 | 68489c33ba89edfe2e3aebaacf8ef848d2ea88dcbef9609c258662605e02d12cfa4ffdc1d266fc5878488e296d2848b2cb0bbd45f1e86ef959bab6162d284079 |
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\msg\m_slovak.wnry
| MD5 | c911aba4ab1da6c28cf86338ab2ab6cc |
| SHA1 | fee0fd58b8efe76077620d8abc7500dbfef7c5b0 |
| SHA256 | e64178e339c8e10eac17a236a67b892d0447eb67b1dcd149763dad6fd9f72729 |
| SHA512 | 3491ed285a091a123a1a6d61aafbb8d5621ccc9e045a237a2f9c2cf6049e7420eb96ef30fdcea856b50454436e2ec468770f8d585752d73fafd676c4ef5e800a |
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\msg\m_russian.wnry
| MD5 | 452615db2336d60af7e2057481e4cab5 |
| SHA1 | 442e31f6556b3d7de6eb85fbac3d2957b7f5eac6 |
| SHA256 | 02932052fafe97e6acaaf9f391738a3a826f5434b1a013abbfa7a6c1ade1e078 |
| SHA512 | 7613dc329abe7a3f32164c9a6b660f209a84b774ab9c008bf6503c76255b30ea9a743a6dc49a8de8df0bcb9aea5a33f7408ba27848d9562583ff51991910911f |
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\msg\m_romanian.wnry
| MD5 | 313e0ececd24f4fa1504118a11bc7986 |
| SHA1 | e1b9ae804c7fb1d27f39db18dc0647bb04e75e9d |
| SHA256 | 70c0f32ed379ae899e5ac975e20bbbacd295cf7cd50c36174d2602420c770ac1 |
| SHA512 | c7500363c61baf8b77fce796d750f8f5e6886ff0a10f81c3240ea3ad4e5f101b597490dea8ab6bd9193457d35d8fd579fce1b88a1c8d85ebe96c66d909630730 |
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\msg\m_portuguese.wnry
| MD5 | fa948f7d8dfb21ceddd6794f2d56b44f |
| SHA1 | ca915fbe020caa88dd776d89632d7866f660fc7a |
| SHA256 | bd9f4b3aedf4f81f37ec0a028aabcb0e9a900e6b4de04e9271c8db81432e2a66 |
| SHA512 | 0d211bfb0ae953081dca00cd07f8c908c174fd6c47a8001fadc614203f0e55d9fbb7fa9b87c735d57101341ab36af443918ee00737ed4c19ace0a2b85497f41a |
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\msg\m_polish.wnry
| MD5 | e79d7f2833a9c2e2553c7fe04a1b63f4 |
| SHA1 | 3d9f56d2381b8fe16042aa7c4feb1b33f2baebff |
| SHA256 | 519ad66009a6c127400c6c09e079903223bd82ecc18ad71b8e5cd79f5f9c053e |
| SHA512 | e0159c753491cac7606a7250f332e87bc6b14876bc7a1cf5625fa56ab4f09c485f7b231dd52e4ff0f5f3c29862afb1124c0efd0741613eb97a83cbe2668af5de |
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\msg\m_norwegian.wnry
| MD5 | ff70cc7c00951084175d12128ce02399 |
| SHA1 | 75ad3b1ad4fb14813882d88e952208c648f1fd18 |
| SHA256 | cb5da96b3dfcf4394713623dbf3831b2a0b8be63987f563e1c32edeb74cb6c3a |
| SHA512 | f01df3256d49325e5ec49fd265aa3f176020c8ffec60eb1d828c75a3fa18ff8634e1de824d77dfdd833768acff1f547303104620c70066a2708654a07ef22e19 |
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\msg\m_latvian.wnry
| MD5 | c33afb4ecc04ee1bcc6975bea49abe40 |
| SHA1 | fbea4f170507cde02b839527ef50b7ec74b4821f |
| SHA256 | a0356696877f2d94d645ae2df6ce6b370bd5c0d6db3d36def44e714525de0536 |
| SHA512 | 0d435f0836f61a5ff55b78c02fa47b191e5807a79d8a6e991f3115743df2141b3db42ba8bdad9ad259e12f5800828e9e72d7c94a6a5259312a447d669b03ec44 |
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\msg\m_korean.wnry
| MD5 | 6735cb43fe44832b061eeb3f5956b099 |
| SHA1 | d636daf64d524f81367ea92fdafa3726c909bee1 |
| SHA256 | 552aa0f82f37c9601114974228d4fc54f7434fe3ae7a276ef1ae98a0f608f1d0 |
| SHA512 | 60272801909dbba21578b22c49f6b0ba8cd0070f116476ff35b3ac8347b987790e4cc0334724244c4b13415a246e77a577230029e4561ae6f04a598c3f536c7e |
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\msg\m_japanese.wnry
| MD5 | b77e1221f7ecd0b5d696cb66cda1609e |
| SHA1 | 51eb7a254a33d05edf188ded653005dc82de8a46 |
| SHA256 | 7e491e7b48d6e34f916624c1cda9f024e86fcbec56acda35e27fa99d530d017e |
| SHA512 | f435fd67954787e6b87460db026759410fbd25b2f6ea758118749c113a50192446861a114358443a129be817020b50f21d27b1ebd3d22c7be62082e8b45223fc |
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\msg\m_italian.wnry
| MD5 | 30a200f78498990095b36f574b6e8690 |
| SHA1 | c4b1b3c087bd12b063e98bca464cd05f3f7b7882 |
| SHA256 | 49f2c739e7d9745c0834dc817a71bf6676ccc24a4c28dcddf8844093aab3df07 |
| SHA512 | c0da2aae82c397f6943a0a7b838f60eeef8f57192c5f498f2ecf05db824cfeb6d6ca830bf3715da7ee400aa8362bd64dc835298f3f0085ae7a744e6e6c690511 |
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\msg\m_indonesian.wnry
| MD5 | 3788f91c694dfc48e12417ce93356b0f |
| SHA1 | eb3b87f7f654b604daf3484da9e02ca6c4ea98b7 |
| SHA256 | 23e5e738aad10fb8ef89aa0285269aff728070080158fd3e7792fe9ed47c51f4 |
| SHA512 | b7dd9e6dc7c2d023ff958caf132f0544c76fae3b2d8e49753257676cc541735807b4befdf483bcae94c2dcde3c878c783b4a89dca0fecbc78f5bbf7c356f35cd |
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\msg\m_greek.wnry
| MD5 | fb4e8718fea95bb7479727fde80cb424 |
| SHA1 | 1088c7653cba385fe994e9ae34a6595898f20aeb |
| SHA256 | e13cc9b13aa5074dc45d50379eceb17ee39a0c2531ab617d93800fe236758ca9 |
| SHA512 | 24db377af1569e4e2b2ebccec42564cea95a30f1ff43bcaf25a692f99567e027bcef4aacef008ec5f64ea2eef0c04be88d2b30bcadabb3919b5f45a6633940cb |
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\msg\m_german.wnry
| MD5 | 3d59bbb5553fe03a89f817819540f469 |
| SHA1 | 26781d4b06ff704800b463d0f1fca3afd923a9fe |
| SHA256 | 2adc900fafa9938d85ce53cb793271f37af40cf499bcc454f44975db533f0b61 |
| SHA512 | 95719ae80589f71209bb3cb953276538040e7111b994d757b0a24283aefe27aadbbe9eef3f1f823ce4cabc1090946d4a2a558607ac6cac6faca5971529b34dac |
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\msg\m_french.wnry
| MD5 | 4e57113a6bf6b88fdd32782a4a381274 |
| SHA1 | 0fccbc91f0f94453d91670c6794f71348711061d |
| SHA256 | 9bd38110e6523547aed50617ddc77d0920d408faeed2b7a21ab163fda22177bc |
| SHA512 | 4f1918a12269c654d44e9d394bc209ef0bc32242be8833a2fba437b879125177e149f56f2fb0c302330dec328139b34982c04b3fefb045612b6cc9f83ec85aa9 |
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\msg\m_filipino.wnry
| MD5 | 08b9e69b57e4c9b966664f8e1c27ab09 |
| SHA1 | 2da1025bbbfb3cd308070765fc0893a48e5a85fa |
| SHA256 | d8489f8c16318e524b45de8b35d7e2c3cd8ed4821c136f12f5ef3c9fc3321324 |
| SHA512 | 966b5ed68be6b5ccd46e0de1fa868cfe5432d9bf82e1e2f6eb99b2aef3c92f88d96f4f4eec5e16381b9c6db80a68071e7124ca1474d664bdd77e1817ec600cb4 |
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\msg\m_english.wnry
| MD5 | fe68c2dc0d2419b38f44d83f2fcf232e |
| SHA1 | 6c6e49949957215aa2f3dfb72207d249adf36283 |
| SHA256 | 26fd072fda6e12f8c2d3292086ef0390785efa2c556e2a88bd4673102af703e5 |
| SHA512 | 941fa0a1f6a5756ed54260994db6158a7ebeb9e18b5c8ca2f6530c579bc4455918df0b38c609f501ca466b3cc067b40e4b861ad6513373b483b36338ae20a810 |
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\msg\m_dutch.wnry
| MD5 | 7a8d499407c6a647c03c4471a67eaad7 |
| SHA1 | d573b6ac8e7e04a05cbbd6b7f6a9842f371d343b |
| SHA256 | 2c95bef914da6c50d7bdedec601e589fbb4fda24c4863a7260f4f72bd025799c |
| SHA512 | 608ef3ff0a517fe1e70ff41aeb277821565c5a9bee5103aa5e45c68d4763fce507c2a34d810f4cd242d163181f8341d9a69e93fe32aded6fbc7f544c55743f12 |
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\msg\m_danish.wnry
| MD5 | 2c5a3b81d5c4715b7bea01033367fcb5 |
| SHA1 | b548b45da8463e17199daafd34c23591f94e82cd |
| SHA256 | a75bb44284b9db8d702692f84909a7e23f21141866adf3db888042e9109a1cb6 |
| SHA512 | 490c5a892fac801b853c348477b1140755d4c53ca05726ac19d3649af4285c93523393a3667e209c71c80ac06ffd809f62dd69ae65012dcb00445d032f1277b3 |
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\msg\m_czech.wnry
| MD5 | 537efeecdfa94cc421e58fd82a58ba9e |
| SHA1 | 3609456e16bc16ba447979f3aa69221290ec17d0 |
| SHA256 | 5afa4753afa048c6d6c39327ce674f27f5f6e5d3f2a060b7a8aed61725481150 |
| SHA512 | e007786ffa09ccd5a24e5c6504c8de444929a2faaafad3712367c05615b7e1b0fbf7fbfff7028ed3f832ce226957390d8bf54308870e9ed597948a838da1137b |
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\msg\m_croatian.wnry
| MD5 | 17194003fa70ce477326ce2f6deeb270 |
| SHA1 | e325988f68d327743926ea317abb9882f347fa73 |
| SHA256 | 3f33734b2d34cce83936ce99c3494cd845f1d2c02d7f6da31d42dfc1ca15a171 |
| SHA512 | dcf4ccf0b352a8b271827b3b8e181f7d6502ca0f8c9dda3dc6e53441bb4ae6e77b49c9c947cc3ede0bf323f09140a0c068a907f3c23ea2a8495d1ad96820051c |
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\msg\m_chinese (traditional).wnry
| MD5 | 2efc3690d67cd073a9406a25005f7cea |
| SHA1 | 52c07f98870eabace6ec370b7eb562751e8067e9 |
| SHA256 | 5c7f6ad1ec4bc2c8e2c9c126633215daba7de731ac8b12be10ca157417c97f3a |
| SHA512 | 0766c58e64d9cda5328e00b86f8482316e944aa2c26523a3c37289e22c34be4b70937033bebdb217f675e40db9fecdce0a0d516f9065a170e28286c2d218487c |
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\msg\m_chinese (simplified).wnry
| MD5 | 0252d45ca21c8e43c9742285c48e91ad |
| SHA1 | 5c14551d2736eef3a1c1970cc492206e531703c1 |
| SHA256 | 845d0e178aeebd6c7e2a2e9697b2bf6cf02028c50c288b3ba88fe2918ea2834a |
| SHA512 | 1bfcf6c0e7c977d777f12bd20ac347630999c4d99bd706b40de7ff8f2f52e02560d68093142cc93722095657807a1480ce3fb6a2e000c488550548c497998755 |
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\msg\m_bulgarian.wnry
| MD5 | 95673b0f968c0f55b32204361940d184 |
| SHA1 | 81e427d15a1a826b93e91c3d2fa65221c8ca9cff |
| SHA256 | 40b37e7b80cf678d7dd302aaf41b88135ade6ddf44d89bdba19cf171564444bd |
| SHA512 | 7601f1883edbb4150a9dc17084012323b3bfa66f6d19d3d0355cf82b6a1c9dce475d758da18b6d17a8b321bf6fca20915224dbaedcb3f4d16abfaf7a5fc21b92 |
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\b.wnry
| MD5 | c17170262312f3be7027bc2ca825bf0c |
| SHA1 | f19eceda82973239a1fdc5826bce7691e5dcb4fb |
| SHA256 | d5e0e8694ddc0548d8e6b87c83d50f4ab85c1debadb106d6a6a794c3e746f4fa |
| SHA512 | c6160fd03ad659c8dd9cf2a83f9fdcd34f2db4f8f27f33c5afd52aced49dfa9ce4909211c221a0479dbbb6e6c985385557c495fc04d3400ff21a0fbbae42ee7c |
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\79711731613387.bat
| MD5 | 40735aded2012028ec095d2292bed162 |
| SHA1 | 8a034cb1333ce5ffd142d179aa59f08e9871d29c |
| SHA256 | c6e6868173591a129bf6537b98bd5450310760898c8911cec5e93cf3b5c82f5a |
| SHA512 | d8c4747566cd4d2cdc850913551bc78a88ddf9f47886957aa2513d938e7ad9a118da140110a2e2c833ccf53f646051e5c2523329fc59e96a73560a3cb834b31d |
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\m.vbs
| MD5 | 536db04d157232cbab84184970aecc0e |
| SHA1 | 81f2ce8e24129a8faba05ca47363fae9850be3bf |
| SHA256 | f6db4faac7c4a9098dd0894b00d5f3801c5ad9bd064eaebaa107de014a781b21 |
| SHA512 | 2bf046412382055c3c89cba93d1c70dda8e4595975d77a4735f216911b9d977b296e1dd6df9f0d3d69a76bd29f31cb8e105d6eaac72df83113da572aa391783e |
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
| MD5 | 7a2726bb6e6a79fb1d092b7f2b688af0 |
| SHA1 | b3effadce8b76aee8cd6ce2eccbb8701797468a2 |
| SHA256 | 840ab19c411c918ea3e7526d0df4b9cb002de5ea15e854389285df0d1ea9a8e5 |
| SHA512 | 4e107f661e6be183659fdd265e131a64cce2112d842226305f6b111d00109a970fda0b5abfb1daa9f64428e445e3b472332392435707c9aebbfe94c480c72e54 |
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\@[email protected]
| MD5 | 6c32be96e0d412ca1e994110c4b4ad8d |
| SHA1 | af84a93b4f64bbdb3e3b747411748d5cb41da5cb |
| SHA256 | f4f4a928741a2873b77b085fc0697d0f076746d476a62338c9fcc56d7935185b |
| SHA512 | b7a6bf652b4ba17b36d8e7fdc7b6354d9444d78865c62248c7b114ab7d175b6fb3a918c4eb8f987fcdc796fcaca561f52a6819ee16ae3df287e2cdbfd5327471 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7xr8dama.default-release\prefs.js
| MD5 | 9ecde19c5a8b04715a07ec6f0d641349 |
| SHA1 | 879a087237247a6ced80587e601eedaadcdf9def |
| SHA256 | a7fe0c629b150e37f757d2f9b6cc07c19f967ee76029b95e556cfc6717684e19 |
| SHA512 | 6a4d0c355b064c651934a650a97b8070033f550f211b8e414d4c6a20011deff97dae6d25b1bf5c0c48f2dbfd79356d17f1bbce6b61be24bea7a8b72d367a3ad6 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7xr8dama.default-release\cert9.db
| MD5 | 57013a0b79fb907700353ba8f6ebe69d |
| SHA1 | a693a6a2d78379baa02efd18bfb5c4331f85c5ac |
| SHA256 | 9c49ab42656d71cb4be952fa63f381529323adb459827ec6c9ef02ae90ceced2 |
| SHA512 | b064e573addb997c208a4896e6a264731809f066aca7008952f98acdec4d33ab02751dbaafcb0faf77add30b263434c0d843cdc0d8ba409a1806e30cf4e76b73 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7xr8dama.default-release\gmp-widevinecdm\4.10.2710.0\LICENSE.txt
| MD5 | 49ddb419d96dceb9069018535fb2e2fc |
| SHA1 | 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6 |
| SHA256 | 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539 |
| SHA512 | 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2 |
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\00000000.res
| MD5 | ded114c76b139f0fb3398aaeffcf827c |
| SHA1 | 105674a0ba7ce3c98ff51a1f14328d3a48816242 |
| SHA256 | 06fb48b10b118b5a9c344b6ac613f51525820a5959e9aa73a2890b76ccd03695 |
| SHA512 | 958972ecaa65dca38eca374ef8bd7ae53c2e22def2acc2c66fbbd57b20486e2d71c1a214ee5951a650af92d2ccc9db0ea35ecb5b735cadc41c6c9f062b37cce3 |
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\TaskData\Tor\taskhsvc.exe
| MD5 | fe7eb54691ad6e6af77f8a9a0b6de26d |
| SHA1 | 53912d33bec3375153b7e4e68b78d66dab62671a |
| SHA256 | e48673680746fbe027e8982f62a83c298d6fb46ad9243de8e79b7e5a24dcd4eb |
| SHA512 | 8ac6dc5bb016afc869fcbb713f6a14d3692e866b94f4f1ee83b09a7506a8cb58768bd47e081cf6e97b2dacf9f9a6a8ca240d7d20d0b67dbd33238cc861deae8f |
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\TaskData\Tor\libevent-2-0-5.dll
| MD5 | 90f50a285efa5dd9c7fddce786bdef25 |
| SHA1 | 54213da21542e11d656bb65db724105afe8be688 |
| SHA256 | 77a250e81fdaf9a075b1244a9434c30bf449012c9b647b265fa81a7b0db2513f |
| SHA512 | 746422be51031cfa44dd9a6f3569306c34bbe8abf9d2bd1df139d9c938d0cba095c0e05222fd08c8b6deaebef5d3f87569b08fb3261a2d123d983517fb9f43ae |
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\TaskData\Tor\SSLEAY32.dll
| MD5 | a12c2040f6fddd34e7acb42f18dd6bdc |
| SHA1 | d7db49f1a9870a4f52e1f31812938fdea89e9444 |
| SHA256 | bd70ba598316980833f78b05f7eeaef3e0f811a7c64196bf80901d155cb647c1 |
| SHA512 | fbe0970bcdfaa23af624daad9917a030d8f0b10d38d3e9c7808a9fbc02912ee9daed293dbdea87aa90dc74470bc9b89cb6f2fe002393ecda7b565307ffb7ec00 |
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\TaskData\Tor\libeay32.dll
| MD5 | 6ed47014c3bb259874d673fb3eaedc85 |
| SHA1 | c9b29ba7e8a97729c46143cc59332d7a7e9c1ad8 |
| SHA256 | 58be53d5012b3f45c1ca6f4897bece4773efbe1ccbf0be460061c183ee14ca19 |
| SHA512 | 3bc462d21bc762f6eec3d23bb57e2baf532807ab8b46fab1fe38a841e5fde81ed446e5305a78ad0d513d85419e6ec8c4b54985da1d6b198acb793230aeecd93e |
memory/5748-2474-0x0000000000DD0000-0x00000000010CE000-memory.dmp
memory/5748-2473-0x0000000073A30000-0x0000000073A52000-memory.dmp
memory/5748-2472-0x0000000073A60000-0x0000000073AE2000-memory.dmp
memory/5748-2471-0x0000000073810000-0x0000000073A2C000-memory.dmp
memory/5748-2470-0x0000000073B90000-0x0000000073C12000-memory.dmp
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\TaskData\Tor\zlib1.dll
| MD5 | fb072e9f69afdb57179f59b512f828a4 |
| SHA1 | fe71b70173e46ee4e3796db9139f77dc32d2f846 |
| SHA256 | 66d653397cbb2dbb397eb8421218e2c126b359a3b0decc0f31e297df099e1383 |
| SHA512 | 9d157fece0dc18afe30097d9c4178ae147cc9d465a6f1d35778e1bff1efca4734dd096e95d35faea32da8d8b4560382338ba9c6c40f29047f1cc0954b27c64f8 |
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\TaskData\Tor\libgcc_s_sjlj-1.dll
| MD5 | 73d4823075762ee2837950726baa2af9 |
| SHA1 | ebce3532ed94ad1df43696632ab8cf8da8b9e221 |
| SHA256 | 9aeccf88253d4557a90793e22414868053caaab325842c0d7acb0365e88cd53b |
| SHA512 | 8f4a65bd35ed69f331769aaf7505f76dd3c64f3fa05cf01d83431ec93a7b1331f3c818ac7008e65b6f1278d7e365ed5940c8c6b8502e77595e112f1faca558b5 |
C:\Users\Admin\Downloads\WannaCry-master\WannaCry-master\TaskData\Tor\libssp-0.dll
| MD5 | 78581e243e2b41b17452da8d0b5b2a48 |
| SHA1 | eaefb59c31cf07e60a98af48c5348759586a61bb |
| SHA256 | f28caebe9bc6aa5a72635acb4f0e24500494e306d8e8b2279e7930981281683f |
| SHA512 | 332098113ce3f75cb20dc6e09f0d7ba03f13f5e26512d9f3bee3042c51fbb01a5e4426c5e9a5308f7f805b084efc94c28fc9426ce73ab8dfee16ab39b3efe02a |
memory/5748-2485-0x0000000000DD0000-0x00000000010CE000-memory.dmp
memory/5748-2490-0x0000000073A60000-0x0000000073AE2000-memory.dmp
memory/5748-2491-0x0000000073810000-0x0000000073A2C000-memory.dmp
memory/5748-2489-0x0000000073A30000-0x0000000073A52000-memory.dmp
memory/5748-2488-0x0000000073AF0000-0x0000000073B67000-memory.dmp
memory/5748-2487-0x0000000073B70000-0x0000000073B8C000-memory.dmp
memory/5748-2486-0x0000000073B90000-0x0000000073C12000-memory.dmp
C:\Users\Admin\AppData\Roaming\tor\cached-microdescs.new
| MD5 | 2a21717b9af412692d8d6416e21faa34 |
| SHA1 | ffa5325a3507b9e5ae462f0067f7aa5680e6f6d9 |
| SHA256 | 65724277cd2986436ff5febe9fde974b09e8f19ca94e6115e51fe7d357f2004e |
| SHA512 | 2f55bd208a15d176bd6c295f6544f26fc0d8bea28ab8cd8f1f4123d448a36fe17131ed732498969dad246e80dfd5d001aa7ed7a4c60aee1292a5851adcfe141c |
memory/5748-2514-0x0000000000DD0000-0x00000000010CE000-memory.dmp
memory/5748-2527-0x0000000000DD0000-0x00000000010CE000-memory.dmp
memory/5748-2539-0x0000000000DD0000-0x00000000010CE000-memory.dmp
memory/5748-2545-0x0000000073810000-0x0000000073A2C000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7xr8dama.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 51eb336327b15d160ea866e5eb8a323d |
| SHA1 | 3c9b4cf4131fec06601982fe816e48ad33e09943 |
| SHA256 | 45cf55fbe71a648fc48a230b84db077db39101355187746fd9d5d57b01d1778f |
| SHA512 | b3b254d6df004ea42532252ec1b3f14f2b5d731f49dcc6c22a6889356f4f0928adc332c4e4cb51596610781071f2412ff0f92d83a67a037b0a873e1a9418337f |
memory/5748-2587-0x0000000000DD0000-0x00000000010CE000-memory.dmp
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\5B23235D54208C34AFF88FC6F18585FD8A8F8FAD
| MD5 | ab48c8a395191c4d0fafe34a499d0c59 |
| SHA1 | 2fbee15beae0ef840efe5893b7f7e2810032c0d2 |
| SHA256 | 0d6317d8c4b28114d3e6899d4d339030351398323daf2a7efb85a9d9178be3c6 |
| SHA512 | 7fc92730c62b4c2a2ddf3a94bb1bcd463ce30b2160169eebff202581a767ec199f1bd9b3145b45c4a5429e2f28a058e17bc6ca8fe4bc307be8234358ae1604ba |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\E997951B63F7AE96DC51949D6F6D3F51CDACA903
| MD5 | 47554c4fb2c20c976986ca66eea3cb49 |
| SHA1 | 02402ca54ce3fcf33f4dd0899b316a6b8293775d |
| SHA256 | 15340c446d50867178b40619f52ccb8920567d0da446a9d385f594c712b12233 |
| SHA512 | b9bbb58f9d6a570e840643bba8340284468f9bc5ee16f03222a9fa911015156d06ad8fb5a1d91800f02d82c9aef654e7c8aa90a9f681870764f34e1e7d4e3fa1 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\51CE5584F1F0596549CA58775C68EA6DF1BADFFE
| MD5 | 0ed7edca2c4d1cbffa80e01489762a05 |
| SHA1 | b3c9472ef3f7243ec095e66bdfbed89dd298ed2b |
| SHA256 | 01a66de37b70aff2a977e62caa7e9583da1cbc6e79735ea849ad2086b8391801 |
| SHA512 | dcc5f9dd78a270b0387f93965504dc45b18d9cd8f6b097f25e362040eb2522a13b1ceb67a2682db6334473db7ab482d290a64af6287592f63fd4c946723f78e6 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\597211207C4B5E63FE3C83357258CFA46CFD23CB
| MD5 | e35a436bf439bc87603415ba581bc4cd |
| SHA1 | f0ab7fc8cffa5c73018fe4339ade32ca60045042 |
| SHA256 | e667616f5c1f154dd40bcf680f6168053c178109d2559160dd8052315f263bd2 |
| SHA512 | 531c9df8219e1e42b7a68ece66e322d1651d639702f2d440f8c407e58b0369e839fc45d5b6b7703bf505df2c947251477d16452c53908ed38af732c126858555 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\090C33A752B2CF29929CB40BE0A77866C92C2420
| MD5 | 5c56a4e961f84c300acdad46fedea000 |
| SHA1 | 94a537a3fedc481215325952bcd4645881420584 |
| SHA256 | c27a753b367dbeedc104009e65fb35f3bd7cbec9d6723f0596b2bf206e664bf2 |
| SHA512 | 4a7762b56724224b058dd1a4a29babc60a9d6c781e264e6d0abb1fc63c87f2c12e6767aa9ca54f37eb6255fc8d4c084470e48f89e42feba6c2014681b41ac881 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\EDD42E779146D7662580E5461828C119E694A3F0
| MD5 | b0095b93713525cb85be44b2eccb77ca |
| SHA1 | 9b40f8fd53a618e976fa0d54de94b1a96549ee15 |
| SHA256 | d7be6d876f88b6b086bfcde07781b3c5ac587845daa536372a078031f391a7f3 |
| SHA512 | 7dec1d4f22a627254a2534ee097d5356286600601b4a29c4fee740a9d4deff207075f827efa6350d6d95ec7c2e7c920626a6b1870107a6a5b93c6cccde0c8187 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\EB469AD047A8F9ACF947485E2259971BFA26CA5E
| MD5 | ec8ffeb9264343bf2d715b9f848bc9a0 |
| SHA1 | 44aa1e6e6df4ce79abc10dc16e52976bf30c6fb3 |
| SHA256 | 21e2a73e75f992eeee53f8b19bb6f3a45d02f7197219d54d466c40aec528a861 |
| SHA512 | 7c335442432d6d56794643a40749d3f8bf68e482c462fc2c967fbe0c9cf5815141c29dd6d07f055da070d568593c34b066a5be4fff2ca73214cea7064d4d1434 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\73BF63B0354EA0AF954F1D693D4AD46C3F9F1A28
| MD5 | 296bb484dac9341c472e2ccd1b2b1b2b |
| SHA1 | 9edd255bdf3fab5429131fa24c2af6b6ae346f09 |
| SHA256 | 37b476ab141799207e20e097cd27a79c90fae3c89711ca310d4832fbcbda60d5 |
| SHA512 | 4690ff6f4c846e7f9077498ffd7fbfc2a7a0c326f7e252e4f90a4b31df7c7e1a8762a339553a436021fc2eb0e26f22b977bccc99d127a404cfb2f3083e79d6ca |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\BEA4DD767DBD7BEF2D1146F1A7C7B6DBEC858F1D
| MD5 | 700f4eb6cd8db095fd670769486ca506 |
| SHA1 | e8052fbd54603ae86409fe0934f19faa5773c9f4 |
| SHA256 | 0363f2efee4583a0a8fac6ec7c78bdd52b202aced817a059b6a164d72f09bc43 |
| SHA512 | 259d79b2316fcf7a3abbd3066971b6786928432e70ffbf5e73b39220a29cff710cb6ae5b6bc3c5d9c0e4382e0d0ed8a43dba6af5c3fb1b6772351418a2922f57 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\C63D2277AFB9D33AF6C3CFCCB684D58B42F37D12
| MD5 | 40718bcc9a042e9c9da35e34e0ca4461 |
| SHA1 | 19075f4c6f4e48e6a2e59cc1d9946a8f0fba299b |
| SHA256 | 1bb6c1f1d9424e2471e80c027606256b2483edf1c3ea575d0a2645e1bbaea8fb |
| SHA512 | 344a1e4128f91d4b1e6fe66ffcaab6e3fafb169a9e5e0ad091dbda928fa66669d0cdeb82b858cd950583fe362690d880cc4f28e7c801de24d290e0970b98ba33 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\E6C22A3DFCD18E3C6145370266896FF76AE3F7EC
| MD5 | e2c9945d9716064a52ef4a0801e2b01a |
| SHA1 | 72e15054bdbbcbe1341fc57017b71e2361acb27a |
| SHA256 | e8e9eb4603845b4b433f96afc6a24454b10e5b1fbe06a3c3e33dffb1c180b4b0 |
| SHA512 | cfcf84548060efd4c17e7341c98ec55da07d5481405c31d46e8544cf8fd2468a5624ab73bf677fde0aca1f78edc189be0837e0de39c8ac096fbd32124a201a42 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\7195E941FCA64BD10F45300A01536208EE70B587
| MD5 | a02c95e18637b9ae7e0c9e3b5db1d6ce |
| SHA1 | 9e0b71fa3d71cf53cfb1e5be4a753e1cedff3c54 |
| SHA256 | 514b4057427719ecfc4dcb510d8aa87d0f9659956fd9f7e2682becae5d3a4054 |
| SHA512 | 32a920c26e6bc57ac892b37ac68ea6bc55004f40b8111bfea378100d804a2b1c78335de37cebb75e6f6166eacdba97e842a94abe481e41c8330f399b7096544f |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\51B7F3E61A4958EF2CD262BAEEBBC1CF8785743E
| MD5 | a88b2f75408b769fd4cb7df588df0bbc |
| SHA1 | 135612ed538cd25596decab9a769a21ea84a75a5 |
| SHA256 | a0e19e166d8318ec9d52299102f3d77e75b9ae8724b55c78db05055e4a739e03 |
| SHA512 | 172103f4caa4367b3219e6f1ca074d502ffec5d6744a645f7d53742960be470674012d4179079adad65a33fb724b9526daa7fb3a8295f61165f97d54af304561 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\D207CA89781848E7ECA4C658F22D4AEF1B168DD3
| MD5 | cfc8c266ae7db1fef11c747a08559f34 |
| SHA1 | 182b783a5f5034c083502454df65304e1d7c0e2b |
| SHA256 | 431253c00a6ab6791a93efcb5de6e211834a7a3ff8ae1e21a706e4b374b92087 |
| SHA512 | c1b2049b9d5e4f0716233daede29b7f78b4738bec96a0f212af340d4d071f7bb3b5e8d3167db841f2bdc791e9f10812e3aa43ebe59292feecdc9e8c34187c6c3 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\1D52868987624849DB6BBFD502AADC6A5B458D0B
| MD5 | a752eb3fbbc7569ea84086839d6a5b41 |
| SHA1 | 42f44fd782faa08e7d77336bce17be2c517e7c32 |
| SHA256 | bc28232c1b4a2297cd4302d6364790ddf1fe968287df74ff15c2c901c0c36112 |
| SHA512 | 9ac7b00397f0e72d155fa430aec466067c65e0f42dd75c2e046fef5481e90fa5f03a572fd05f327ca101e49d54bec37fa5c6950a4107d08572b150758bb1d529 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\AA760A3DBDC90071E7345327E1D0D2D023C9E436
| MD5 | ef77a8782e454e787a13bf2b78d7a327 |
| SHA1 | a046576b36e8e5989f6eb25a15f047ac747d5943 |
| SHA256 | 5b4268aa141b361c68b58432e3e1360466dbfabb319fa5af3a94eb8722623f51 |
| SHA512 | 80dbafb57a0743c2a1ff9b55699147b608ddb05eec5a3057ca5bb457db0ed29da11c822efcf4c2bc4dd22303bba7b40faae54657eb45daf6b79205c90babe18f |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\9F73202CCBC4D299254FA58CA5A84115CD3120AA
| MD5 | 06dab11e78f7aa9ef5e8cea71f107489 |
| SHA1 | 9b2dc3b9ce1c2f544476a5fb2658638e9459f2f1 |
| SHA256 | 549f8d12bd98890503db986e2fb97f50fd03b7db2f499a1de72040b7f3941272 |
| SHA512 | 9e6a6baf0bc123403a65c723080776fee93e4dc7d2f1dd2d81d105540e1b7b6f2f073d15c7962c6d841c8bdce1d23fff41e9d39733bbc9526aa63838fab6a1a4 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\0A7E7594E69C439CD52608F096A141AF3C4BD6DD
| MD5 | 4098cc9702edab7bddd6968cc083782f |
| SHA1 | dfb483f86142beae2a7800790acf6206636f4a78 |
| SHA256 | 268eefe010c1401d8b012dadeedcaa4ae2cf4f6bb2d212fe34ef4a897c69efda |
| SHA512 | f7cf3e4f466dfbbcc30f7f918558f4752d01e402657d40687a89fe278a73c22ac5a1d8f878c3b60fa438bb5c40250536144ee62029645063708484a7e6049973 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\3930490DF197F2E8AA8F589EC09C30B6CF1E614F
| MD5 | afc07e93cc124a00126d56cfd2c923af |
| SHA1 | ca85d428b551870314ef428e27628999241e6bd7 |
| SHA256 | 001b638277d6d8a121e4a7ed4cbd7384415ac53881e2a16707cdaf40e6620b35 |
| SHA512 | 6ba3313ef941d1d470da8115ba67940d540c669564b9d06b74ae474c14107fc8d7fb764e17e5ee7d44092b273224dc45a5873d38be657ff64a6632f0e6eb8af7 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\2CFCC364A7B2E7A8E9AB96BD93785B6E9759AA7A
| MD5 | cf7967a0e270b1d362956a8a574181a3 |
| SHA1 | d2df1ba57a46bc882a57bd4339aca5d69b197ef3 |
| SHA256 | 0a9b0d0b57c993561be4597a4494458e73db233e6547d21fd0a870a991a0562b |
| SHA512 | bf693c943acfcc2090409c3f57397c11eabc4a63a2cd5a44874f75bf6cb1edffbe9ea8790b133bf9acba3a780c360258ad392978d712186eaf4b56b184b313d7 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\0521CC4654678D7AAE5FA4C435BF1D1CDC8B70C8
| MD5 | 02c7f9a90bfe7e220e464bfb69762423 |
| SHA1 | 48972fa0fbefd9bd2a32273b1c2dd1b40d1bef0b |
| SHA256 | 7767a4ae43dc96071d3a83f3b7b96d9c187e982058cd49c70730e7b4f86455fc |
| SHA512 | 8d207da48ad2ffc0b885d3b2c95212c862205cdc52ebdb6f2b8fa6162138d6d23ffbec5010d2477033a8c88857e0ad6e41300ef0886370555f27804a08e885f1 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\A6C74BC2260EAFF823C7AED38BBA607C962CCB55
| MD5 | eb5512b673711be81acf44f9e0c125c3 |
| SHA1 | 6996e383a043908b10ea7ee4db991e2f38010d9c |
| SHA256 | c2b921eaca5e913f3a63a4431c37a33bffb070a54ed631a49eb7171cef7dba1d |
| SHA512 | 2bf6a17efd73b64a721bf9ad230d11519d6f3be4152e6e2957aea88cc4b1fd1d3b6a48fa418b6d424a10030311099d455bc8176b77328328abc2b07de26a7a68 |
memory/5748-2793-0x0000000000DD0000-0x00000000010CE000-memory.dmp
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\D4A68DF35DD8C6409EF594DE2E1BBAFF3807446D
| MD5 | d033fa216b0bbd2d61ee95e48b553e70 |
| SHA1 | ef7688c49fecbd5f184ac7655b6151c170f90df2 |
| SHA256 | c804d925e922d424a5b77637a2ac9ff6a6db7dad5e2f9d0b1aa147fa4e9598a2 |
| SHA512 | 2018ad002a935b4cf294967c1a48595aaf0a704668b25dc71145f4231067ad7dee4d2d4381ba506adae4d3fbb2cce3b6876f52edb4f8ec9ff7463cf5d72344f1 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\0A14640657965B8513D3F26C8B0E6802EF353192
| MD5 | cfe48babf5841e72d700819d50df9206 |
| SHA1 | 1eab0f7b41098c640c52a00d8e12a53df215da1e |
| SHA256 | 76a9cc385e7790f62193a42084ff2bf375e1d3d4b66e87349321c9edabd55b65 |
| SHA512 | 6e2cd4efcf4d6ab1a4cb2785a824a2949324a42fec453c28f72b5f31a4bfeeaa485cf9d080c3cfc2a6692d2d0ac1c3e89eb67710cec086d2a70929f57f45782d |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\B19628F39F39F1124AAB76DBF53B55E92E77E2A0
| MD5 | 890278961b41c067cb84727d051bc0e2 |
| SHA1 | 34a31ad2872a3a8fff08442bc0c0b656e298090f |
| SHA256 | 6f157c3cfbed30acc60682b72b328871a70f03c3fafc8801a89a46898a5757ad |
| SHA512 | 111abc5c28138d56bfc49f189a296605e4eea2f8d2f841a63fe9f11e93beede923dcbd801286a321874b2dbbbc7a22e29bbaec1a103992cad312c41a4bd5d6e5 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\3DDA16BC6DDABAD758EAAD1BB9028434BF62D323
| MD5 | efee9548d5269bae9f216e65c64b91f9 |
| SHA1 | 40a0b46535e1294933fdcd672cbeb46b4495fb05 |
| SHA256 | fb12cde2d87c3b38a62966736107c1dfa025f3cf9c1c1a5be59c1ebfc96585eb |
| SHA512 | df1751a7f5de2ae60914ba6feb3d0e48b885fec4da743bbebe886ab5a013f3da2ffd696b85e8c21b1c58cbc078a73fbb0893656f41c250f6a75e8dc6fc3713ec |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\9D7E9CBE75BB4D0216A8D7883B26F2F0AC422E4A
| MD5 | 5f2a365914efdb7cd50cbd5df37d779f |
| SHA1 | 4ff036979f16d49c866319bf35154d7818903c6f |
| SHA256 | aa871175072c0937a3de156e897377f989d46ec68469fbc56d4654187be17b59 |
| SHA512 | 103353fdb3697f0dc6ca2e44dec7a9b92c4db4d23a40df6ed4845771f577874654d139d93b23c340fe4833171d60aca69fd03e86ce0626b5b7e79da2e3fd83ad |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\386EAC11CA4B921A58AF901DCD97B7FA5108EE6F
| MD5 | 5cce8d7f16fe5e97644ec0acc71c7fe5 |
| SHA1 | 5eb5a8a948e428292678a7b0c8c2b4da8a6fb134 |
| SHA256 | 3302e7e5f540d94bddee547d7f5f05681018aea870c2125e0a8618dc14ae9e85 |
| SHA512 | 46932d7b50184a4684cd1db2a78fb5fc5f0e02350667e36c1b1a082e368929d1fc967e6cb841ca4b84d1dec35e1ae4a8ea94504c9c0001f6f2ff1761ccc6d377 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\9C792E5A3F18C84237D8110B36749D332666CDF8
| MD5 | 6097adecad02ddf97590c849f7d63a74 |
| SHA1 | 8df3527bdc40d763b11560509becb10476b49184 |
| SHA256 | be8373948f96845713e7244b02b48b163f3f97149aea8dcc4db6c38ed2c4548a |
| SHA512 | 415972d9df027552100b54c7253900fffff6e8f1b7b1251b529f4474a82fad9070dcbb4fba1c0e2f773227df3ddd4433af56e5b02c06ec16126e068d2bdc9651 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\3281DD4C79ACB61B312FD94931181EE61FD498DC
| MD5 | 4c0c8beab841acbb58d1d302b4d80d9d |
| SHA1 | 8dba4f137a643b37c7c6102adf312f3e6e1e5c77 |
| SHA256 | 4e215a46eb74d678bfab1d774b1f573b78faab739a64f528948cf450b31d7f92 |
| SHA512 | 8964f19e66a6e55a103346284ead2c317f72c90cb51f74c1aaa1505c4650af7eaf156c8da4edb80a9b5248bda5c11bc88c6d678204d10faa19c2c54db851b23e |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\5A4328DD39865162DC61D5C65DE504821E18F607
| MD5 | 216802796fcd539fd5e4cd709f6842cb |
| SHA1 | 6c6e5dec9e52f162e7842d29c76d93730fd1affb |
| SHA256 | a855f374aa3c11085630939468bf8f7c929afda3a57d1f47274d3d54afb92761 |
| SHA512 | bd6b829bae6061c29cb0b1d8cbaef97c0536c66d407e7a8ad9b9179b1674414d5bc559cadcf60f94f10b4733a808b970ed67318b300901087a9d30db18f40891 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\4F3CCFEBDAF94E36D1384376EF18BA5473AD00AD
| MD5 | 711fd671d35ae532abd302798e05412a |
| SHA1 | c17a054a5b81e6e9d1fc60401e45523c72236f3a |
| SHA256 | 616cea9c5dc902b60cb51e9218731d47b3d12481008152c21082a798468036cf |
| SHA512 | c318af2f882c95560ab3f8ea3930e9ff6de55e72abc9b8fcfd5f805ee9a492e1a7a1fed715449ef9e193fdab74b0c88ab3a1953ca192bc3f4858f68914bf52b6 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\7FB78C9D4678D3E57F04D54F36A2847939730A90
| MD5 | cf6f72de292d19668047d5cf802cb7bc |
| SHA1 | 09cabd1f832a03a49812e61b05236c091a902cc5 |
| SHA256 | c3eb9e35fcb73fe65f15c3eb168bd61cfc7b3e1dbbc20b683278e5c1f9c2d401 |
| SHA512 | 9bfd66675d57ce4dc28cd49bdc38e79255e3ee9fe0f03a75dd17124694946cbee93479907e7e1123a5597e49483d2121b55a978656a1198f503b31ba1711b917 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\8E58DBA2B6132702384B07933B0AB38634C3B389
| MD5 | b0d98f4aefe807da83bb33ef05aaa591 |
| SHA1 | c444a8d12fccea3f1553eedba242fda0833b26aa |
| SHA256 | 2b9fb8a9edeb47950e93a6fd1c35f6ff3bc3ba46879a00a33d418f6198248bef |
| SHA512 | 407b67c2e78fbcf9a7bed9a049b7493579445019bacc704e1ef1c11ff8873fc11796626cbbe87f058554bd95211820c087c47eee3505291b6551d6c5dd87f56f |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\B8342474273D37A8A890CF968C26F05C940C66F0
| MD5 | dbbef8cca69fd4395e906ad89487938d |
| SHA1 | 54a1511feea9cdf9ed76317270f81832786f5511 |
| SHA256 | a9a68f75e2321510ccdd3638484b68095bcba811b960404d61b44fd90ba6f659 |
| SHA512 | 7a533cabf1fe11ecf60cf154d6383a0919e4203fae4f41d0f8aaf7f16c5b3eb17e758800d0d78193d57144afb6a88c267b0e016971d83a3a97dd50a58996916f |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\D0AF9688BF547CD0A8E3B588F816B3FD56561337
| MD5 | e66aa07747b6301b9d1ffd5289ebcc86 |
| SHA1 | eed270a7082c87628a589019ee59b97b88f9303f |
| SHA256 | bf4890ca22e2f3b3616457ced53f49e9213e2e93ed368e1cb9b7ad277ec728e8 |
| SHA512 | 9b0a19efc4e53c88619813fd9a3a9147fa8e9e7dcad419e2953911df47f7dc5a26fd087884b53c4c195b9cec074e1a6e0bb2630d9fcced38da25326e5b708ba9 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\30AC9E9C28EC1FE2B05598F46EBAED7EC52CEEF8
| MD5 | 8ad26bda4830e6ecd65cd61d14fd570c |
| SHA1 | 1a3a44d98667e63eb988013a9cc5fc90340ee7be |
| SHA256 | 98f8f987a652db24a3af1b2f5066f0cdd25f7a24cce6364c6e830b0fc997a96e |
| SHA512 | a759d5aecf765b98df610dfca05ce2fbaff47d179932edcad07dec3d541f4e0f947d480b34754db20e319ca53475e3e3557ab22fec19582a9a3f5116b3644374 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\2D8DC8A9FD7C7378A6F1E4A22F6614D2F586BC6A
| MD5 | 3c868eb8e52844ac6a45f6014e517d90 |
| SHA1 | def9ca366e05b266b4462406be68c4e36cef1085 |
| SHA256 | 3e6723710ece0fe483228720ee032cd13750e9799377802f645f64a3ef66e187 |
| SHA512 | faf334043570d747f101f9262020292efcafb5c01a998844892e6bdadb2bd5046c129c5176fe91377f624fa6c11f377f61cc0ee900a66a6f4415adb684142e5e |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\29A0D4C5DF568AB7B8ECE5545C463A02732496D2
| MD5 | aeba8240337da2971866b94a2fb62585 |
| SHA1 | a14990da4bf12ad0b7ee701bd22dc04762572117 |
| SHA256 | aa48753e8daed55ac38a39e70ab192fe7229c246daf749215f1bf791a1efc122 |
| SHA512 | 6e7328dbbd28e379dd14700c9a5486d9a4f7614c11647fafd1eed45d352aec45c8d7146798bfafc5289df8e7b97b2c779c0af0a9f4662028041169a98ace61b5 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\C137593A6AC2C888ECA6F4CFDBB4AB562172A494
| MD5 | 29c693fbb4ba51f792bfcb2e36e868c3 |
| SHA1 | 920677c953478457ead3f09e59a32465e3a55b7c |
| SHA256 | ad4e99c276de6c527e4cf744558e6fd4dd821a136eb4edcfbc628c76abcd2312 |
| SHA512 | 20ec193eec569ef60c7f073f6b30a15bfe311328d08b8c679110613707f490a42c6f0fd80e5cfed90b2ef009c7a9433c9fc86acb8507c7343b4ad5b4129429c9 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\790CEE194F6BEB3DEAB304CAE478E69DEF115B99
| MD5 | c8ba80b455304fdebfb8b45eaa34ff08 |
| SHA1 | 6c888abf69b35deffe196f341b100f0e08a82c39 |
| SHA256 | d1199a8eca3235e336447f023f7ad95c772e3aa44cda030369286129a3388f25 |
| SHA512 | 39fd759e1588e24358a52d0119fd4c314a1b144c4e7309eea261fa3c7a733bfa82e2c8f904766be6da3aa16ca6777d929532d3ed46d79be0da3be0c1f42913de |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\52E2B2D145D174DD26CB222B3A6D4F0253F5EFD2
| MD5 | 2fe33cd6fe2e2fc1bdbc3c9046b2562d |
| SHA1 | 0e5404dac87ca18576417166777fbd29ac3e9d2e |
| SHA256 | 64553d7d9eb5af83273a36c189e7cf02dacada8d538d1f32bf421c8c453c0783 |
| SHA512 | 5e0f186f856926cf2ae727366a9ecfac28676b34f05e880e830555c2386ea1e4a2f87195ea36012556d9d5f0583378298c95332150de208f5d023d29d31565c3 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\25E61D0F193C12CBBBE09A429B66070577263AAA
| MD5 | 15bbae1f96329fd63e1d448e974f3a6a |
| SHA1 | bf6a1de011f62c2574d595a2e2959bb654a79ea5 |
| SHA256 | 2c14e3bb2908eae034fceb9aff3d6680b981dcfca98bfeb9d61ede2e02c38dda |
| SHA512 | c906041897907d07bcd2078ba34ce979b83efa8c699c17f52d44f67ee2847d69eb1ca9aa634dadc5f6700f7f6c66e750ddfd4a2ec891044ce76e215ee4b85f77 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7xr8dama.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 041617dcd4675b238ea51b9f179b90cb |
| SHA1 | 1a7d043a7d15750449861b4d0910f14c76c5a8a8 |
| SHA256 | 6b94cbe6a9598110909e1c9a93dc6f1ae75441ca1acf104327c5197350c78b34 |
| SHA512 | dd9b6711d0200ed3b22980da3e1a85e03e2be1b2c1558ca90635dbb8795fa78e286c04c9630f19eb04ae824ba10f7472310057a700bb9e0275d697a6e470c740 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\doomed\24754
| MD5 | 48538582f4fdb6414df33245240e886b |
| SHA1 | f0968ffa01b85cacf9928d3d09f78daa1916a728 |
| SHA256 | 53a8997ea74242d01c85fe87600820b78b55d791ca2521a03ecf4c2d548de1b6 |
| SHA512 | 6ef9f0d739d80ea9064c024c209a051c88ac6395f040c1988c29fe6ff7a4815e9b13657695d8dab10166f8acad00c458d09ac3e17e411c782b97b54efa5d726d |
memory/5748-3098-0x0000000000DD0000-0x00000000010CE000-memory.dmp
memory/5748-3104-0x0000000073810000-0x0000000073A2C000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7xr8dama.default-release\sessionstore-backups\recovery.baklz4
| MD5 | a17fda5333ab9635888651cde72eff50 |
| SHA1 | fdc3ff6c7d000bdee4c574d59e2a59e5b12ad8a9 |
| SHA256 | 83b22214b4d349cfc084bc96de8d9e86c1d2d898401eab5ff1f91ddfd7bf52c4 |
| SHA512 | 1b5b592f41d69bd1804c851f79fbee15c481846b15f338e1328a904a95aec860071a2fb55b7e1680444022cbe5c4ea6aa76000de7ade1adc16713d168c7bb70d |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\2E240B0A9691C87FC2F73B2C4A022668D4146AE0
| MD5 | a585ffd5fd8b38f7611b673d397b6358 |
| SHA1 | 4cfd2b088868b384fc49c53f29d65347964675a7 |
| SHA256 | 559d07dd46776b0be7c2db10fb1108876fd027ac58418b24470c982ad307099b |
| SHA512 | b500a3a08eb38cd2f8dd033dd359568b1bbf0b3d4e87c3de9bf880e11e274b03710ab44a082dc9225b87a015b5e09d71da68e4a246240c79b4ec964049abe6a4 |
memory/5748-3144-0x0000000000DD0000-0x00000000010CE000-memory.dmp
C:\Users\Admin\Downloads\TrustlookWannaCryToolkit-master.l8Z_iER6.zip.part
| MD5 | b4ebfcec9bb654b2c74e54fab720a84f |
| SHA1 | 6bfe45bcef8461df440af8df62066cbcb09c6f35 |
| SHA256 | 2d392ff43fabefb2efb313899bb73483fa316f644dbf9921bcef6ca4b1b68bd8 |
| SHA512 | 56b7ca0373a0709eff58b73df4d8613e02d7fb4e72447099b4c797d77d69a07485ec318e190d164110d9489f84d62aa85c924866f8374206d443263ca3f2c642 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7xr8dama.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 5130a727dcd59a11dc8e361f6b6afd35 |
| SHA1 | b7c1ff3ad6961bb0c7554268bf20f7c3421726dd |
| SHA256 | 4af8174cf0a0d00fbddad6fd4cbeb09d39647336b5a8252e9e10bee8195d394b |
| SHA512 | f7a136ed36bb06fc2e26d684d82331cff66d2bc5c858885797794b73698ddba532ab65969d6cc41a3a6a87a9807caee392058cd32ff9798f496c7a66cf512de3 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | da1d041b8b02d2dfffa14c179f8fd13a |
| SHA1 | 28e429fdf5686beab909da3d62b9b403c6519e65 |
| SHA256 | fb7fa2fc58f54ddb62a92122928e11849dfa2c6c88af8a8edef647dae437cfb3 |
| SHA512 | a27c28070b94f0e5648d5feb7a2a74b5930617a264e38c4b9103f5fc2262d4d9ced4fa6e6a504725a57fa421a6a7caccffbd4383318d49419d1581202d0f97e8 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | 6c960ba88b5b144c1b813938bd3b82dd |
| SHA1 | 894465d6fa12031530fa5163c9c3caf69d4d2907 |
| SHA256 | 0b51068d97f3ce72cddd2fa6abdf184871d912aa81c64ba30b93b272ea816af4 |
| SHA512 | 720b08f82a26d68aa8166eb4aa691768d887e7e7cd82df7fe616c63dc222cfe300ae6ff2ea147a0d0c5e31df5a94ce0a357263f1444a75dac6dd23177b2d53cd |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\jumpListCache\uXFumCr+b64DefvuzIpBPMV1iGjp4oA311+6tOxIjGk=.ico
| MD5 | 6b120367fa9e50d6f91f30601ee58bb3 |
| SHA1 | 9a32726e2496f78ef54f91954836b31b9a0faa50 |
| SHA256 | 92c62d192e956e966fd01a0c1f721d241b9b6f256b308a2be06187a7b925f9e0 |
| SHA512 | c8d55a2c10a2ef484dedded911b8f3c2f5ecb996be6f6f425c5bd4b4f53eb620a2baccd48bac1915a81da9a792971d95ff36c3f216075d93e5fd7a462ecd784f |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\jumpListCache\zdGwxD2Ki46UjwYbo1sk3G+U_tGycT6dFr1MiUp1XpY=.ico
| MD5 | 42ed60b3ba4df36716ca7633794b1735 |
| SHA1 | c33aa40eed3608369e964e22c935d640e38aa768 |
| SHA256 | 6574e6e55f56eca704a090bf08d0d4175a93a5353ea08f8722f7c985a39a52c8 |
| SHA512 | 4247460a97a43ce20d536fdd11d534b450b075c3c28cd69fc00c48bdf7de1507edb99bef811d4c61bed10f64e4c788ee4bdc58c7c72d3bd160b9b4bd696e3013 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7xr8dama.default-release\datareporting\glean\events\events
| MD5 | f84f5dab02fc180b886ce156501000b4 |
| SHA1 | b25aa341234f5ccca965590a6a07f7fa4f97f705 |
| SHA256 | a367035bdc8d337cd04bdf3b82cf604d940d67067d86654d4333b04c16d9dbbb |
| SHA512 | 5fc6a8c79ff1b362a9a42f8e4b0ed18442c139e54ec3beeb8fc1c7438e94de4c575cbfa37c9e18b6b54aa67d4f700d6f7e341c33022af2babab75b80e8ba5129 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\C406801C49E8CED264A5129E0DACD8EAEBC5A43E
| MD5 | 8b1f88f2888c380c65a31e92d4afb10c |
| SHA1 | b72fe1b10a72ac0e1f87da695c77cc9947623148 |
| SHA256 | df57fe10d57762b8c9de37bdbe3eb89e2ec443f851230634e51dc138d86daf7a |
| SHA512 | 9c03167eca9ab3760d1a9674686de83e01a63d79faf09400f019b75eda71e06b489eb9843b093f153a9f961b5b5e43c0e4aa3b2508f2f022abb3758cd1af8c10 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\423716A53B278F0D19155081F89DE40B534D9D69
| MD5 | f1cc52e9f985e7a2e8027a4b1e6418f7 |
| SHA1 | 29304d6e156188daedc9a414604c6fb91ec0c77a |
| SHA256 | a32bf734c23356869af8b7cd5399614863909a70a7bb0a34bf132d9445165dcb |
| SHA512 | 539da6131228482e80fce7fb3f2aff195afb9e4cff0cc3269a478f3393147aa75853f605c7bdcb16ad3c7d0f4e16a5528062907ba29768701441eb2e39192a14 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\0401C1A73233D82355172C153E4983CD5CECCF82
| MD5 | 57d2dd54ee7550d0f33ddf37473f72c6 |
| SHA1 | fa02c3cd009fbc42ab30c3c7eda8b825eb46680f |
| SHA256 | fcc09206fd8df0071a172bf0441a8cea6d3ab55579e8386d085039c98c0c3b59 |
| SHA512 | 6cf9ec2aa6e9923db0b66c223e76ce2b67854f88dedb7f0d21dc4d9ea2a6c8e14742554c2af8167875e040fb3e67e271c59a4501b4bae5b8c813a2894f652157 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\D8ECE89E27BFEC5305071D6112647E8AFD3CA519
| MD5 | 1e87e51207eb54041f10083c5b4c32b8 |
| SHA1 | 9b39ed18880a82bcd032a3fe795392630dba7786 |
| SHA256 | 0b864f34cf6488adb8f0f11270b65e737f55b790623a4805014b8013c76976c8 |
| SHA512 | 8a6aa39900e1d296ebc7a6a4d420d8f19d7b5c357016f6e4fdde20cf483fbad29c7f29af84b6923b32232917b955182e78a422dc071b7807b851aaef258cd265 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\8009EA3E872CD2F5A90A2930AFA0C69CEB78FCD3
| MD5 | ffbb41abb0ca38ffd46a8e71c45b0f73 |
| SHA1 | 89116962730a79de67a8358a5d9ceea22d6c75a0 |
| SHA256 | 9d4bce16a514b91d809e8ecb7a8e76a85d5247e46fe13386e9352d70db453752 |
| SHA512 | 4d133ac92e92157fccc027d8316ead1cf4aa185c6be6558bbbe98c5edb79a1f935ac4102931ad288e82f85302eaead6129999f4995454b4d9c6abacc8edc7e11 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\53E2264D03946D0F71472AED48B98967D82607D5
| MD5 | b8c60635fbe244b1f5a0156bf035bd1b |
| SHA1 | a336c4069829c68eafe64bfe94293c7eb08c7570 |
| SHA256 | f0bcc6ef4c37cb6a622fa6a968ab64ec6f76a07806b1745aa0972eac7aec4b6f |
| SHA512 | fbe99fbbd50991355ea2e2334e77e599649dd9209540266ce55274d0991c1d7ecf13e1dc60462882e76e43fcc55deec77b4128df9557bc5eee62a96571241d23 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\CD6435525970BA8ADEDC2AA6428894A80AAAC1A0
| MD5 | 146c4e7c18c5e822acf5909fe10d8662 |
| SHA1 | 6e08a58c816148623518b602b27765d7addab571 |
| SHA256 | 0ee06d63a55ac5fb0b459e694cc37df92cdecc9b85069d1d3ff44088fedf5d6a |
| SHA512 | 97a774c5d537edbf83391204b5c4fa2dbad4e59c6a52f23f8b58d1c715e9ca1aa659fe1e87f17daf97dd45bf53fb6f795c5b5fcf9465fdf2f5ab97d8967ae517 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\CC06E1495B5949D45480004C8EA86FE3A5E38352
| MD5 | 8545aa0d12b8d956404a46a5751a3fd6 |
| SHA1 | 0e97df8868450cc7a0740f004f4602e3bcfc7f9a |
| SHA256 | bdae4aff978e8d14046c5bdf06e2df2654c965412d2e490ea6e33419d2900f02 |
| SHA512 | 4f19407ff986d96f2260cd6eb9b2150e64da90d1c72fea06d661405fe17046086de84b1d70a85e7cbc289a1adbe40df4ce067594a988e3de6ff46d2d12e836a7 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\D0AFD97D280D42B47043E942A6113C75F053C8FC
| MD5 | 597e027369e3bb5249ca55d63bae607f |
| SHA1 | 4eda66a4db09ceea9875b0c08e2adb9dbaacc1ec |
| SHA256 | 819de0a3905cfcd392cd0443bf2b247049589d737f27115cc81c79fa516a4c46 |
| SHA512 | fc5632fcd02b08b6bcf6d2daed9f55a1c2f45c64e570e6552dc12a843cd5ad8c4e29f8aed1ed183a6df8bf521d4fff803b2207c1dd351b4f27d1db643ee90381 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\A0C82CC780DA8CF70AA2FCA6F4E65E8431A2D368
| MD5 | bfa5d79aa0ea7d1d3158edd2dfc6685a |
| SHA1 | 7adf38bfa0aad8ef4f1002dbd5829a39d01a4b78 |
| SHA256 | 7faf26cc190d9d7d2d1048ced9f3d7bba65fadfafab7aaf10817d19e1f6fa62a |
| SHA512 | 67ca321baa70b76c516011c30b7e505525679cd05c9fc8e56e64763a25b261208366c6e9706bb25511ad58f1e8af4a96d2a61d22d51a72a3d808f77d52e5975d |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\219D30F33B6133D46B4EAA5E5E25EF65F09279BC
| MD5 | 09367f8848be3f392ce8f39983f544fb |
| SHA1 | a293140b4b63a9da22f0f5bf02d91dfdc890b327 |
| SHA256 | 9175f149c34233d2b80eb017e0e999427c7a34900be9110b2275da997613fe8a |
| SHA512 | d1966ad336b08bfacc3b4da6f1f7499df1cfcdbd13468bf3f83bb3923ad5ef882795a082cf78bf2eb5c5cac9131b62d26019cedcb142e119a8986ec1c4bf7add |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\852260C0D42C84F6CA337BACDCA61CA899E1B417
| MD5 | 87520566d948c84b1fc57f206a215caa |
| SHA1 | b1c10affa2b50d9038c91a63e60e022d1860b791 |
| SHA256 | f2e7928edf7746f72d134e712f6ed13286e5e28d5aefecdd2909f1e5e0342215 |
| SHA512 | 723e727824fedbe9bbaee8dff277b46135684bf0fbfb534a77b684f3d7b719facd19131333fa63b9a434d23b37891f1072e3b09b7a7054f92bc5845956982542 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\5D8194AD5A0E69C8D5A4A5B4E3F2CFFC1493D2D6
| MD5 | c31c7c9aa9ce8192e6da63b7c560fe25 |
| SHA1 | 57cb2ac442b3db4880d083c7592652b344431d83 |
| SHA256 | e0584a6353307035a9b8dae25f6ab9ec9224540ebb68c767ce54adb77aa83d17 |
| SHA512 | c4751bd7ff6dcff41428a82aafa695e40da6d2ede49644f30908423b63332fe7db7aae6a1e3102721182ae59ce2e0b2c747ac4c7e2f1947c468414573d884eb2 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\057C1333DC628F967582E9B128DACDAF1994F084
| MD5 | 4545e087c90aaab86a45c1ab1ebd0431 |
| SHA1 | 4e1560edf0e7e30ac9ea6962f7f8bc3a9ff26c1b |
| SHA256 | f54b00149225dd46d17a6412d994a4ddfeb36931f0323b748116e395eea9134c |
| SHA512 | 31b800a0aa6482754b7a95d4abb91af87d510af27f5d4e14b919eccd299427a08cdb47a431056b0608b8a3150c4b409e20fe155c94055145e7ba382ab6939f94 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\818B96CEE3F4B0119E8CF8972A4035708BC9F136
| MD5 | ca487dd023d739cda6f33a60cf2f6764 |
| SHA1 | c961ba4514163a3d680c6f626bec756df72a770c |
| SHA256 | 96df7da9b7585fb80b53508ccd9d5db0eccdb55e15f337c18760d7e63390e469 |
| SHA512 | 2636029b8d3ed54d074b855d603ca0af4fcc3a61f18a0a2203c8136b27fa4fb61b1c8f406a1dfe36b50164dc4ee696d009cdb9224adc8d1b233c503ff643263e |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\81EC6C1C952C9B69019B0101287C103BB1192909
| MD5 | 2bbdc99c872b5c1b7f3d47a8b6c14a89 |
| SHA1 | d57307f7eeed486a498f6257a07562e39d5eef09 |
| SHA256 | ee61350b7460122d00e4532c66da92410f1a20814834066da1456c5cc8cde974 |
| SHA512 | 4742e2b5c582a8af3474ed6c17ae9aa85927418c92c76154a5ec8b7b3756f27e22ee4d3d19a9931edf8016094f37d55c529d2ecb496f418b0b136629b87c096b |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\78FB1882E3C788A5D7A6AD94CD03786590B04212
| MD5 | 5f9f9249cab43b74539dbd6de302219f |
| SHA1 | ea68e3a0e793310f5b1074ec351e64a50513a67d |
| SHA256 | f3717f96744aea3982b70a45381312024aa9c77077574f7b6239f30a7d8bc66e |
| SHA512 | 71961dafb45415c484bb8614951488b857f839e8e082f7e285ce1fc9993d949864787d978dc6539f0ef5c23a8c4d688ad1826e943e350e720166d2bc675d8957 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\71BF779DFBCE1307F42244F92E6190F178BC7120
| MD5 | 929e0ffe59acaf72c45417181e6c5932 |
| SHA1 | 8b880b95f6fc96e82519c43248b696fe35f37f13 |
| SHA256 | b5c54e1be56b861e8c0a36b5b3799c5b0811ea9eaffeb2d39626fd2ca80c3518 |
| SHA512 | c115b437195c0805ffd7c5fe63342a407c2210e9862bbd9de1710c3abdbcea8dd2bdfe968cf9b9e0d93c84bad93c7f938a0d1e1273efc7706a3e70daf332bff1 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\CB72DAFE855F7B4F0795CC0393AAF90DE979ADAC
| MD5 | 72ad2d0bde7b556d1e32383823abbcd7 |
| SHA1 | 5a04263481445433aa4295f030da03eb7d8820da |
| SHA256 | 83f75dd0430220abd08d1bf54e5e929d8ac9bd1d85e221e3cd5b8779d160e22b |
| SHA512 | 926d34531c6afa8bb0dc33dc97c07379457df30537cbfbd8bfa8d39617437b3824fc01b9daaaf6e76537a68effa40d8297248fda2d5f874738d5d30e8b210d55 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7xr8dama.default-release\datareporting\glean\pending_pings\54310bd8-d054-4144-8c89-b17db7e9eb6e
| MD5 | 705ffeea30e0fa0e767fe0843eaeb38e |
| SHA1 | 6e230e053aac769474d419c18b60ddca2091b0e4 |
| SHA256 | ef2741e0f38ab1e033676cfba7c2839928b60dec54840fab460bfafcbac689bd |
| SHA512 | ae271d6064d7570f871f6b6bd8c651ae4a3ef56a51283ad0ab64ec8a361a18ab41357ec1b5cc11cfcdf4884cc14a2424f3409686ea710ab621728f5c812d8ce2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7xr8dama.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | eaaad58c015f0345ae67851e4cd83648 |
| SHA1 | 20dfebe106b94432500d06977b8f954e3e7d1a64 |
| SHA256 | 272231f0d0f52ca1db65f3120c7e15d630e5e7170d0138b909a3e78e5f199d04 |
| SHA512 | 98426519fd3ecade92df4d932d366f6ae6d9ec508202220e79e70618e7fa77e2cdd71bedae2e6a441a75272aa67e9e6f8b326746280aeed690c6ea8ae452eeb8 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7xr8dama.default-release\sessionCheckpoints.json
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7xr8dama.default-release\prefs.js
| MD5 | 86448f31f42fdfc410c78839162f6b9d |
| SHA1 | 46f053de1d36bf861dcd5c9d2710384b63368e3d |
| SHA256 | d5439641466de5c744d8d44123f70387a807f73bc2e28f43d38968de12b5c073 |
| SHA512 | fd392d0cbc82b6a87f40236d3d93fb7b4b0414bd13391bb51cc35f069b36dcd3fced2472ef53ad1347233b624d708df391de00cc82276b52c6603352c434fd56 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7xr8dama.default-release\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7xr8dama.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | ad93c1676b6c247fc2d2631e1acc9a73 |
| SHA1 | 53a4390a4c373adef561b21a1d3aab4a3ce92edd |
| SHA256 | c4603376b88ba69712efc8c8351f67ae6abc0882f71801936794c08674cd72db |
| SHA512 | 89f42b84fce7248bf1c3b575d844b169f4494da742ec1328de27c5fba7cf1fbdc06a74ae7b543bebba8d751bd5d8316587f7431df0b55d1201d8ad5700d88550 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7xr8dama.default-release\datareporting\glean\pending_pings\fe353b8d-ad5d-4918-9026-1fc0194ec648
| MD5 | 83d9e46b9dabdae02e99fff780375098 |
| SHA1 | 3f037eae6f3390a2c34232661bb8f351bcd23ace |
| SHA256 | 50436fa448306900c63704e53fe29eb016fa0ac246c3a7942b0d9e1de0674aec |
| SHA512 | b07455a36528a513d51b13199cafc5742ecd5d0401988512d3cfb124e1eaee8804bfcc7c1d9bcae57816f9166c9c9e3a0c5bb2d3fbba36a44781bc140f64101e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7xr8dama.default-release\datareporting\glean\pending_pings\9937df97-b669-4d46-b4f4-aefd8503da17
| MD5 | a858a6d25c5c9016f49e032af4d9e716 |
| SHA1 | fbc8fa6049b523c4d28a6bbae0b1a3f22ff4f6bb |
| SHA256 | b5a246ed771afec01a26f3f04008e127bee616d2ed32d3adaeac3ea80d2b9b6e |
| SHA512 | dae2abdfd398901789a0706e850d47f4863a1890c9ca2485aae66ecbc165feba629e5592f149e944a6b9903cd6a82bfce00d424e0914baeee33871ce3cceac29 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7xr8dama.default-release\datareporting\glean\pending_pings\03a32ea0-b827-493f-b913-34319685e2e0
| MD5 | 320422ee69494561076075c78556988f |
| SHA1 | a624a0223a2e4f09ce32c0bf6e55d1ff92788779 |
| SHA256 | 9224022ce3181117ba9b0b5cd6f901368c89fa0d8f1b33f3df7ae2bc28c234b7 |
| SHA512 | 4d00de584c993c57e3079fde5a0d4f14f8d3a0503643a12437881959e2a5abac6b44c979c0ef6ce6d3fa3426760a6f7eb17b284f9c7e7669b63f58fa283529db |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7xr8dama.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | 3b2df7d5601d15222dcc480b59478333 |
| SHA1 | ccc137ce2f0028f8123bf7e6ebd246921594390c |
| SHA256 | ca243f935de1419c21153bb1d482a3bf209232e9db67b4af4b3337b1d4a81cb7 |
| SHA512 | 3a5c0864f14793db9a84202fcd6b55b86c9a5a0915bdfdcfd7ecd715d7d5a7dd0467c239cddba5df3ae061bc12ae40c781fe7dce742e722f9e2c4a056c36365f |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7xr8dama.default-release\prefs.js
| MD5 | 9cc751fffe5b0d3d78b527ac2317c527 |
| SHA1 | 037671711a77b2526dd4d4b05bdd1946721bcda2 |
| SHA256 | 10864e1114e7924644e9116892cf79fc2a6306d7faeca890b412868bc66467c4 |
| SHA512 | 791926db771ddb45c69d9a1168e28950949e0e7dfe90d9221fb4c3c1e015fd7dd200981920bc936f00477082bb383fde7b0c5de752743fa8a42603f5620306e2 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\startupCache\webext.sc.lz4
| MD5 | 22bc6590a6b6c6280d18700ad2654f94 |
| SHA1 | c835060a7faf966a00efaf65c5fb42aeacb39b2f |
| SHA256 | c7757a61371db126473ce934b82d93a4275afeed128b0ba76d5e17eb23b8e88b |
| SHA512 | 2779c4ee6e18a7ac39c11f7741a1dd9b2bd88bb59d81c255189c443f701949e280c4b7247e0b07f0cf12f99d1712be56624b311113c0935ab59da974f46bc058 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7xr8dama.default-release\crashes\store.json.mozlz4
| MD5 | a6338865eb252d0ef8fcf11fa9af3f0d |
| SHA1 | cecdd4c4dcae10c2ffc8eb938121b6231de48cd3 |
| SHA256 | 078648c042b9b08483ce246b7f01371072541a2e90d1beb0c8009a6118cbd965 |
| SHA512 | d950227ac83f4e8246d73f9f35c19e88ce65d0ca5f1ef8ccbb02ed6efc66b1b7e683e2ba0200279d7ca4b49831fd8c3ceb0584265b10accff2611ec1ca8c0c6c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7xr8dama.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | f90da21adf8cc2ad0c8d36bf224ca7dd |
| SHA1 | c7cc215f9f0290409ee39c009da824694d857be2 |
| SHA256 | f32a4fbb94a773e73fc98ffb7aff4e612daef81781006402ce5fc92d3942605e |
| SHA512 | 257c89e4dca7870ae0a9a4377328199aea256b9f7edf6e56d3fd06d7cd9fd79208ac139670ce715b8a5e090570eca72da7909201a0b8268663a4ba9ea22a32cb |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7xr8dama.default-release\prefs-1.js
| MD5 | effa20e27dc5071919fda42d9896dcc5 |
| SHA1 | 8e8fa4fdd266703083e4329495a65a3412c91c31 |
| SHA256 | 6a22a564f6857a9d3aa3270141442aa0b89831d78c93db39a0cbc9dc99f3b2f1 |
| SHA512 | 9b370179c9b1dbc3d4dd35d5fdb18f052ce53938edd54b03c27f678fa9a2a4fb76c7a227d07ccaadd7aa0455e6b2b45c39ab64fcfce90c3ba13164135c3f31c1 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\39DB9E847E680B765D7B04FCCE6BF5BC0225F878
| MD5 | 0db98dc84fa9048ff3ed59e5375d9025 |
| SHA1 | 1ec44185a35b13f157a2a5e1d1591373a3ba1921 |
| SHA256 | 5abb3bacfce9fee711cfda0bc961f21b84452bcb7f01e4a3a89f35a3afcbaa9a |
| SHA512 | b25d7d34eb9291256d9eb7355e7d099581b9b3ad725e6016a79d1e32bf952749a19e8618d716abf18ed18a681798e9b8cca2b64df55d49053f8979fc141d06c6 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\cache2\entries\D500AD994A7515157BB2A6ADD5B18B754E4D2F99
| MD5 | 30f47d7226b0f7ad3afe2948700ad495 |
| SHA1 | d6ddfd7cd74e32898ddd3e0156763350523f4105 |
| SHA256 | 72565b324279d74f6287ce9b1ab3ebf46fdbb1625f35542dc2083f48e41482cb |
| SHA512 | 372459272ef38c4177d81787b52c49acab7d0b0c7605e612ae8499dfc57f2018eabd34d5f293ce8f7cc51e600d754dba47eb2b91490b79def011c8ed7326f75b |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\40371339ad31a7e6.customDestinations-ms
| MD5 | 9272c196aee8c52213bb3a413ae32651 |
| SHA1 | 9fc0c7807b8fa74d2ec9a74c350451da21d6959a |
| SHA256 | a27be0e522aa77e7a876d6dc4e163ad5bbaa2a9b6c988c4a713fddb22d263e51 |
| SHA512 | 6a2fcf03542f70a72c50cdd08c6f32e3810630c69468dd248f4c153a8d82c95845917cd88cdcfce152d4052d2093c9f5b8ee5d0ee53ed1a5838cd5ba7e1a78a0 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | 50b3b82838aa2f0d96ecae841c36e26e |
| SHA1 | 681dc9348e28d9875b5b0ce38c0cc273f3f7b5fc |
| SHA256 | 1b4ba41ba36f707b43f0bff73c03ad3163cbf43a2321cdf665f790672c9b8271 |
| SHA512 | a0d8771346210a9c84a602fbbe0b5a79619451c64a986f22a4fde1a5569d89662a73414c9a276cde8b1335078f4b4e0efedba16567634b6a5a359c1db1a5760b |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\personality-provider\recipe_attachment.json
| MD5 | be3d0f91b7957bbbf8a20859fd32d417 |
| SHA1 | fbc0380fe1928d6d0c8ab8b0a793a2bba0722d10 |
| SHA256 | fc07d42847eeaf69dcbf1b9a16eb48b141c11feb67aa40724be2aee83cb621b7 |
| SHA512 | 8da24afcf587fbd4f945201702168e7cfc12434440200d00f09ddcd1d1d358a5e01065ac2a411fdf96a530e94db3697e3530578b392873cf874476b5e65d774a |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\personality-provider\nb_model_build_attachment_sports.json
| MD5 | ce4e75385300f9c03fdd52420e0f822f |
| SHA1 | 85c34648c253e4c88161d09dd1e25439b763628c |
| SHA256 | 44da98b03350e91e852fe59f0fc05d752fc867a5049ab0363da8bb7b7078ad14 |
| SHA512 | d119dc4706bbf3b6369fe72553cfacf1c9b2688e0188a7524b56d3e2ac85582a18bbee66d5594e0fb40767432646c23bf3e282090bd9b4c29f989a374aeae61f |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\personality-provider\nb_model_build_attachment_computers_and_electronics.json
| MD5 | 6ccd943214682ac8c4ec08b7ec6dbcbd |
| SHA1 | 18417647f7c76581d79b537a70bf64f614f60fa2 |
| SHA256 | ab20b97406b0d9bf4f695e5ec7db4ebad5efb682311e74ca757d45b87ffc106b |
| SHA512 | e57573d6f494df8aa7e8e6a20427a18f6868e19dc853b441b8506998158b23c7a4393b682c83b3513aae5075a21148dd8ca854a11dabcea6a0a0db8f2e6828b8 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\personality-provider\nb_model_build_attachment_science.json
| MD5 | 7a8fd079bb1aeb4710a285ec909c62b9 |
| SHA1 | 8429335e5866c7c21d752a11f57f76399e5634b6 |
| SHA256 | 9606ce3988b2d2a4921b58ac454f54e53a9ea8f358326522a8b1dcc751b50b32 |
| SHA512 | 8fc1546e509b5386c9e1088e0e3a1b81f288ef67f1989f3e83888057e23769907a2b184d624a4e4c44fcd5b88d719bd4cca94dfb33798804a721b8be022ec0c6 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\personality-provider\nb_model_build_attachment_jobs_and_education.json
| MD5 | 2d69892acde24ad6383082243efa3d37 |
| SHA1 | d8edc1c15739e34232012bb255872991edb72bc7 |
| SHA256 | 29080288b2130a67414ecb296a53ddd9f0a4771035e3c1b2112e0ce656a7481a |
| SHA512 | da391152e1fbce1f03607b486c5dea9a298a438e58e440ebb7b871bd5c62d7339b540eed115b4001b9840de1ba3898c6504872ff9094ba4d6a47455051c3f1c5 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\personality-provider\nb_model_build_attachment_real_estate.json
| MD5 | 9899942e9cd28bcb9bf5074800eae2d0 |
| SHA1 | 15e5071e5ed58001011652befc224aed06ee068f |
| SHA256 | efcf6b2d09e89b8c449ffbcdb5354beaa7178673862ebcdd6593561f2aa7d99a |
| SHA512 | 9f7a5fbe6d46c694e8bc9b50e7843e9747ea3229cf4b00b8e95f1a5467bd095d166cbd523b3d9315c62e9603d990b8e56a018ba4a11d30ad607f5281cc42b4cd |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\personality-provider\nb_model_build_attachment_shopping.json
| MD5 | 97d4a0fd003e123df601b5fd205e97f8 |
| SHA1 | a802a515d04442b6bde60614e3d515d2983d4c00 |
| SHA256 | bfd7e68ddca6696c798412402965a0384df0c8c209931bbadabf88ccb45e3bb6 |
| SHA512 | 111e8a96bc8e07be2d1480a820fc30797d861a48d80622425af00b009512aacb30a2df9052c53bfbf4ee0800b6e6f5b56daa93d33f30fecb52e2f3850dfa9130 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\personality-provider\nb_model_build_attachment_people_and_society.json
| MD5 | b1bd26cf5575ebb7ca511a05ea13fbd2 |
| SHA1 | e83d7f64b2884ea73357b4a15d25902517e51da8 |
| SHA256 | 4990a5d17bea15617624c48a0c7c23d16e95f15e2ec9dd1d82ee949567bbaec0 |
| SHA512 | edcede39c17b494474859bc1a9bbf18c9f6abd3f46f832086db3bb1337b01d862452d639f89f9470ca302a6fcb84a1686853ebb4b08003cb248615f0834a1e02 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\personality-provider\nb_model_build_attachment_autos_and_vehicles.json
| MD5 | 39b73a66581c5a481a64f4dedf5b4f5c |
| SHA1 | 90e4a0883bb3f050dba2fee218450390d46f35e2 |
| SHA256 | 022f9495f8867fea275ece900cfa7664c68c25073db4748343452dbc0b9eda17 |
| SHA512 | cfb697958e020282455ab7fabc6c325447db84ead0100d28b417b6a0e2455c9793fa624c23cb9b92dfea25124f59dcd1d5c1f43bf1703a0ad469106b755a7cdd |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\personality-provider\nb_model_build_attachment_internet_and_telecom.json
| MD5 | 36689de6804ca5af92224681ee9ea137 |
| SHA1 | 729d590068e9c891939fc17921930630cd4938dd |
| SHA256 | e646d43505c9c4e53dbaa474ef85d650a3f309ccf153d106f328d9b6aeb66d52 |
| SHA512 | 1c4f4aa02a65a9bbdf83dc5321c24cbe49f57108881616b993e274f5705f0466be2dd3389055a725b79f3317c98bdf9f8d47f86d62ebd151e4c57cc4dca2487c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\personality-provider\nb_model_build_attachment_pets_and_animals.json
| MD5 | 5b26aca80818dd92509f6a9013c4c662 |
| SHA1 | 31e322209ba7cc1abd55bbb72a3c15bc2e4a895f |
| SHA256 | dd537bfb1497eb9457c0c8ecbd2846f325e13ddef3988fd293a29e68ab0b2671 |
| SHA512 | 29038f9f3b9b12259fb42daa93cdefabb9fb32a10f0d20f384a72fe97214eff1864b7fa2674c37224b71309d7d9cea4e36abd24a45a0e65f0c61dc5ca161ec7c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\personality-provider\nb_model_build_attachment_online_communities.json
| MD5 | 37a74ab20e8447abd6ca918b6b39bb04 |
| SHA1 | b50986e6bb542f5eca8b805328be51eaa77e6c39 |
| SHA256 | 11b6084552e2979b5bc0fd6ffdc61e445d49692c0ae8dffedc07792f8062d13f |
| SHA512 | 49c6b96655ba0b5d08425af6815f06237089ec06926f49de1f03bc11db9e579bd125f2b6f3eaf434a2ccf10b262c42af9c35ab27683e8e9f984d5b36ec8f59fd |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\personality-provider\nb_model_build_attachment_books_and_literature.json
| MD5 | df96946198f092c029fd6880e5e6c6ec |
| SHA1 | 9aee90b66b8f9656063f9476ff7b87d2d267dcda |
| SHA256 | df23a5b6f583ec3b4dce2aca8ff53cbdfadfd58c4b7aeb2e397eade5ff75c996 |
| SHA512 | 43a9fc190f4faadef37e01fa8ad320940553b287ed44a95321997a48312142f110b29c79eed7930477bfb29777a5a9913b42bf22ce6bb3e679dda5af54a125ea |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\personality-provider\nb_model_build_attachment_games.json
| MD5 | 4182a69a05463f9c388527a7db4201de |
| SHA1 | 5a0044aed787086c0b79ff0f51368d78c36f76bc |
| SHA256 | 35e67835a5cf82144765dfb1095ebc84ac27d08812507ad0a2d562bf68e13e85 |
| SHA512 | 40023c9f89e0357fae26c33a023609de96b2a0b439318ef944d3d5b335b0877509f90505d119154eaa81e1097ecfb5aa44dd8bb595497cdecfc3ee711a1fe1d5 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\personality-provider\nb_model_build_attachment_beauty_and_fitness.json
| MD5 | 0ed0473b23b5a9e7d1116e8d4d5ca567 |
| SHA1 | 4eb5e948ac28453c4b90607e223f9e7d901301c4 |
| SHA256 | eed46e8fe6ff20f89884b4fc68a81e8d521231440301a01bb89beec8ebad296b |
| SHA512 | 464508d7992edfa0dfb61b04cfc5909b7daacf094fc81745de4d03214b207224133e48750a710979445ee1a65bb791bf240a2b935aacaf3987e5c67ff2d8ba9c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\personality-provider\nb_model_build_attachment_finance.json
| MD5 | e95c2d2fc654b87e77b0a8a37aaa7fcf |
| SHA1 | b4b00c9554839cab6a50a7ed8cd43d21fdaf35dc |
| SHA256 | 384bf5fcc6928200c7ebb1f03f99bf74f6063e78d3cd044374448f879799318e |
| SHA512 | 9696998a8d0e3a85982016ff0a22bb8ae1790410f1f6198bb379c0a192579f24c75c25c7648b76b00d25a32ac204178acaccd744ee78846dfc62ebf70bf7b93a |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\personality-provider\nb_model_build_attachment_arts_and_entertainment.json
| MD5 | 6c651609d367b10d1b25ef4c5f2b3318 |
| SHA1 | 0abcc756ea415abda969cd1e854e7e8ebeb6f2d4 |
| SHA256 | 960065cc44a09bef89206d28048d3c23719d2f5e9b38cfc718ca864c9e0e91e9 |
| SHA512 | 3e084452eefe14e58faa9ef0d9fda2d21af2c2ab1071ae23cde60527df8df43f701668ca0aa9d86f56630b0ab0ca8367803c968347880d674ad8217fba5d8915 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\personality-provider\nb_model_build_attachment_law_and_government.json
| MD5 | 80c49b0f2d195f702e5707ba632ae188 |
| SHA1 | e65161da245318d1f6fdc001e8b97b4fd0bc50e7 |
| SHA256 | 257ee9a218a1b7f9c1a6c890f38920eb7e731808e3d9b9fc956f8346c29a3e63 |
| SHA512 | 972e95de7fe330c61cd22111bd3785999d60e7c02140809122d696a1f1f76f2cd0d63d6d92f657cdec24366d66b681e24f2735a8aabb8bcecec43c74e23fb4f5 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\personality-provider\nb_model_build_attachment_health.json
| MD5 | 11711337d2acc6c6a10e2fb79ac90187 |
| SHA1 | 5583047c473c8045324519a4a432d06643de055d |
| SHA256 | 150f21c4f60856ab5e22891939d68d062542537b42a7ce1f8a8cec9300e7c565 |
| SHA512 | c2301ed72f623b22f05333c5ecc5ebf55d8a2d9593167cc453a66d8f42c05ff7c11e2709b6298912038a8ea6175f050bbc6d1fc4381f385f7ad7a952ad1e856b |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\personality-provider\nb_model_build_attachment_business_and_industrial.json
| MD5 | a92a0fffc831e6c20431b070a7d16d5a |
| SHA1 | da5bbe65f10e5385cbe09db3630ae636413b4e39 |
| SHA256 | 8410809ebac544389cf27a10e2cbd687b7a68753aa50a42f235ac3fc7b60ce2c |
| SHA512 | 31a8602e1972900268651cd074950d16ad989b1f15ff3ebbd8e21e0311a619eef4d7d15cdb029ea8b22cf3b8759fa95b3067b4faaadcb90456944dbc3c9806a9 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\personality-provider\nb_model_build_attachment_food_and_drink.json
| MD5 | 70ba02dedd216430894d29940fc627c2 |
| SHA1 | f0c9aa816c6b0e171525a984fd844d3a8cabd505 |
| SHA256 | 905357002f2eced8bba1be2285a9b83198f60d2f9bb1144b5c119994f2ec6e34 |
| SHA512 | 3ae60d0bf3c45d28e340d97106790787be2cc80ba579d313b5414084664b86e89879391c99e94b6e33bdc5508ea42a9fd34f48ca9b1e7adfa7b6dd22c783c263 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\personality-provider\nb_model_build_attachment_reference.json
| MD5 | 567eaa19be0963b28b000826e8dd6c77 |
| SHA1 | 7e4524c36113bbbafee34e38367b919964649583 |
| SHA256 | 3619daa64036d1f0197cdadf7660e390d4b6e8c1b328ed3b59f828a205a6ea49 |
| SHA512 | 6766919b06ca209eaed86f99bee20c6dad9cc36520fc84e1c251a668bcfe0afcf720ea6c658268dc3bbaaf602bfdf61eb237c68e08d5252ea6e5d1d2a373b9fe |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\personality-provider\nb_model_build_attachment_home_and_garden.json
| MD5 | 250acc54f92176775d6bdd8412432d9f |
| SHA1 | a6ad9ad7519e5c299d4b4ba458742b1b4d64cb65 |
| SHA256 | 19edd15ebce419b83469d2ab783c0c1377d72a186d1ff08857a82bca842eea54 |
| SHA512 | a52c81062f02c15701f13595f4476f0a07735034fcf177b1a65b001394a816020ee791fed5afae81d51de27630b34a85efa717fe80da733556fdda8739030f49 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\personality-provider\nb_model_build_attachment_blogging_resources_and_services.json
| MD5 | c82700fcfcd9b5117176362d25f3e6f6 |
| SHA1 | a7ad40b40c7e8e5e11878f4702952a4014c5d22a |
| SHA256 | c9f2a779dba0bc886cc1255816bd776bdc2e8a6a8e0f9380495a92bb66862780 |
| SHA512 | d38e65ab55cee8fef538ad96448cd0c6b001563714fc7b37c69a424d0661ec6b7d04892cf4b76b13ddbc7d300c115e87e0134d47c3f38ef51617e5367647b217 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\personality-provider\nb_model_build_attachment_hobbies_and_leisure.json
| MD5 | bb45971231bd3501aba1cd07715e4c95 |
| SHA1 | ea5bfd43d60a3d30cda1a31a3a5eb8ea0afa142a |
| SHA256 | 47db7797297a2a81d28c551117e27144b58627dbac1b1d52672b630d220f025d |
| SHA512 | 74767b1badbd32cacd3f996b8172df9c43656b11fea99f5a51fff38c6c6e2120fae8bdd0dd885234a3f173334054f580164fdf8860c27cbcf5fb29c5bcdc060d |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7xr8dama.default-release\personality-provider\nb_model_build_attachment_travel.json
| MD5 | 48139e5ba1c595568f59fe880d6e4e83 |
| SHA1 | 5e9ea36b9bb109b1ecfc41356cd5c8c9398d4a78 |
| SHA256 | 4336ac211a822b0a5c3ce5de0d4730665acc351ee1965ea8da1c72477e216dfa |
| SHA512 | 57e826f0e1d9b12d11b05d47e2f5ae4f5787537862f26e039918cb14faff4bc854298c0b7de3023e371756a331c0f3ee1aa7cebbbf94ec70cdfc29e00a900ed1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7xr8dama.default-release\bookmarkbackups\bookmarks-2024-11-14_11_vOM1VdUT+qREIZ1Ij4Ba5w==.jsonlz4
| MD5 | 32c60277b80f4575e325e277ff3910e5 |
| SHA1 | b70a820bde0cdd7a1996c61a5b78c2099c97e892 |
| SHA256 | dd2c97285c6ea289db34ca3b0b4777f9e0b9f3336eb8573b6061dff5f7fd0355 |
| SHA512 | 78c18e66d4582e4188e672089c9b49852ec88d6992759168bcf6af6c2c5f7de6876691d15b7dfcd88fe3251b26c980d6b3c7c6f84ed9f28b3cca53483c140b1d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7xr8dama.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | cd40d3fedf07f3c506a3a5400f1fdcf7 |
| SHA1 | b89bd151ceccaec618e05833befb3ad36865019a |
| SHA256 | cf92e130d689ccda0f32b6218d19f1c9df6f95c4efc82d857046ce2c0831ee4c |
| SHA512 | 2e58c595bb2390a570063d8d7cfd1c715814bbca6969d80c99e89ed6f66467eda072c1eebbbaee887e2b95c914b5240d5647d697074b06c2c3cd17cc62e5cf7d |