hxxp://cloudflare-capcut[.]infy[.]uk/dca[.]html

Analysis

max time kernel
124s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
20/11/2024, 09:08

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://cloudflare-capcut.infy.uk/dca.html

Score

7^/10

discovery phishing

Malware Config

Signatures

A potential corporate email address has been identified in the URL: [email protected]
phishing
Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Checks processor information in registry 2 TTPs 8 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	firefox.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-493223053-2004649691-1575712786-1000_Classes\Local Settings	firefox.exe

Suspicious use of AdjustPrivilegeToken 5 IoCs

description	pid	Process
Token: SeDebugPrivilege	1940	firefox.exe
Token: SeDebugPrivilege	1940	firefox.exe
Token: SeDebugPrivilege	1940	firefox.exe
Token: SeDebugPrivilege	1940	firefox.exe
Token: SeDebugPrivilege	1940	firefox.exe

Suspicious use of FindShellTrayWindow 21 IoCs

pid	Process
1940	firefox.exe
1940	firefox.exe
1940	firefox.exe
1940	firefox.exe
1940	firefox.exe
1940	firefox.exe
1940	firefox.exe
1940	firefox.exe
1940	firefox.exe
1940	firefox.exe
1940	firefox.exe
1940	firefox.exe
1940	firefox.exe
1940	firefox.exe
1940	firefox.exe
1940	firefox.exe
1940	firefox.exe
1940	firefox.exe
1940	firefox.exe
1940	firefox.exe
1940	firefox.exe

Suspicious use of SendNotifyMessage 20 IoCs

pid	Process
1940	firefox.exe
1940	firefox.exe
1940	firefox.exe
1940	firefox.exe
1940	firefox.exe
1940	firefox.exe
1940	firefox.exe
1940	firefox.exe
1940	firefox.exe
1940	firefox.exe
1940	firefox.exe
1940	firefox.exe
1940	firefox.exe
1940	firefox.exe
1940	firefox.exe
1940	firefox.exe
1940	firefox.exe
1940	firefox.exe
1940	firefox.exe
1940	firefox.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
1940	firefox.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4916 wrote to memory of 1940	4916	firefox.exe	83
PID 4916 wrote to memory of 1940	4916	firefox.exe	83
PID 4916 wrote to memory of 1940	4916	firefox.exe	83
PID 4916 wrote to memory of 1940	4916	firefox.exe	83
PID 4916 wrote to memory of 1940	4916	firefox.exe	83
PID 4916 wrote to memory of 1940	4916	firefox.exe	83
PID 4916 wrote to memory of 1940	4916	firefox.exe	83
PID 4916 wrote to memory of 1940	4916	firefox.exe	83
PID 4916 wrote to memory of 1940	4916	firefox.exe	83
PID 4916 wrote to memory of 1940	4916	firefox.exe	83
PID 4916 wrote to memory of 1940	4916	firefox.exe	83
PID 1940 wrote to memory of 4504	1940	firefox.exe	84
PID 1940 wrote to memory of 4504	1940	firefox.exe	84
PID 1940 wrote to memory of 4504	1940	firefox.exe	84
PID 1940 wrote to memory of 4504	1940	firefox.exe	84
PID 1940 wrote to memory of 4504	1940	firefox.exe	84
PID 1940 wrote to memory of 4504	1940	firefox.exe	84
PID 1940 wrote to memory of 4504	1940	firefox.exe	84
PID 1940 wrote to memory of 4504	1940	firefox.exe	84
PID 1940 wrote to memory of 4504	1940	firefox.exe	84
PID 1940 wrote to memory of 4504	1940	firefox.exe	84
PID 1940 wrote to memory of 4504	1940	firefox.exe	84
PID 1940 wrote to memory of 4504	1940	firefox.exe	84
PID 1940 wrote to memory of 4504	1940	firefox.exe	84
PID 1940 wrote to memory of 4504	1940	firefox.exe	84
PID 1940 wrote to memory of 4504	1940	firefox.exe	84
PID 1940 wrote to memory of 4504	1940	firefox.exe	84
PID 1940 wrote to memory of 4504	1940	firefox.exe	84
PID 1940 wrote to memory of 4504	1940	firefox.exe	84
PID 1940 wrote to memory of 4504	1940	firefox.exe	84
PID 1940 wrote to memory of 4504	1940	firefox.exe	84
PID 1940 wrote to memory of 4504	1940	firefox.exe	84
PID 1940 wrote to memory of 4504	1940	firefox.exe	84
PID 1940 wrote to memory of 4504	1940	firefox.exe	84
PID 1940 wrote to memory of 4504	1940	firefox.exe	84
PID 1940 wrote to memory of 4504	1940	firefox.exe	84
PID 1940 wrote to memory of 4504	1940	firefox.exe	84
PID 1940 wrote to memory of 4504	1940	firefox.exe	84
PID 1940 wrote to memory of 4504	1940	firefox.exe	84
PID 1940 wrote to memory of 4504	1940	firefox.exe	84
PID 1940 wrote to memory of 4504	1940	firefox.exe	84
PID 1940 wrote to memory of 4504	1940	firefox.exe	84
PID 1940 wrote to memory of 4504	1940	firefox.exe	84
PID 1940 wrote to memory of 4504	1940	firefox.exe	84
PID 1940 wrote to memory of 4504	1940	firefox.exe	84
PID 1940 wrote to memory of 4504	1940	firefox.exe	84
PID 1940 wrote to memory of 4504	1940	firefox.exe	84
PID 1940 wrote to memory of 4504	1940	firefox.exe	84
PID 1940 wrote to memory of 4504	1940	firefox.exe	84
PID 1940 wrote to memory of 4504	1940	firefox.exe	84
PID 1940 wrote to memory of 4504	1940	firefox.exe	84
PID 1940 wrote to memory of 4504	1940	firefox.exe	84
PID 1940 wrote to memory of 4504	1940	firefox.exe	84
PID 1940 wrote to memory of 4504	1940	firefox.exe	84
PID 1940 wrote to memory of 4504	1940	firefox.exe	84
PID 1940 wrote to memory of 4504	1940	firefox.exe	84
PID 1940 wrote to memory of 1776	1940	firefox.exe	85
PID 1940 wrote to memory of 1776	1940	firefox.exe	85
PID 1940 wrote to memory of 1776	1940	firefox.exe	85
PID 1940 wrote to memory of 1776	1940	firefox.exe	85
PID 1940 wrote to memory of 1776	1940	firefox.exe	85
PID 1940 wrote to memory of 1776	1940	firefox.exe	85
PID 1940 wrote to memory of 1776	1940	firefox.exe	85
PID 1940 wrote to memory of 1776	1940	firefox.exe	85

Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
persistence

Query Registry
T1012

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "http://cloudflare-capcut.infy.uk/dca.html"
1⤵
- Suspicious use of WriteProcessMemory
PID:4916
- C:\Program Files\Mozilla Firefox\firefox.exe
  "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url http://cloudflare-capcut.infy.uk/dca.html
  2⤵
  - Checks processor information in registry
  - Modifies registry class
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SendNotifyMessage
  - Suspicious use of SetWindowsHookEx
  - Suspicious use of WriteProcessMemory
  PID:1940
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2004 -parentBuildID 20240401114208 -prefsHandle 1940 -prefMapHandle 1928 -prefsLen 23680 -prefMapSize 244658 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d5681e88-fdd4-4147-889b-2a7dea9ec37f} 1940 "\\.\pipe\gecko-crash-server-pipe.1940" gpu
    3⤵
    PID:4504
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2452 -parentBuildID 20240401114208 -prefsHandle 2428 -prefMapHandle 2416 -prefsLen 24600 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {29ddd55a-cdaa-443a-9269-b7b05751513c} 1940 "\\.\pipe\gecko-crash-server-pipe.1940" socket
    3⤵
    PID:1776
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3196 -childID 1 -isForBrowser -prefsHandle 3228 -prefMapHandle 1472 -prefsLen 22652 -prefMapSize 244658 -jsInitHandle 1296 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {594a8295-19a0-417f-aeef-352b917fcc91} 1940 "\\.\pipe\gecko-crash-server-pipe.1940" tab
    3⤵
    PID:840
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3692 -childID 2 -isForBrowser -prefsHandle 3680 -prefMapHandle 3676 -prefsLen 29090 -prefMapSize 244658 -jsInitHandle 1296 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c8553ed6-1b96-4a06-8269-63f4c78aac1f} 1940 "\\.\pipe\gecko-crash-server-pipe.1940" tab
    3⤵
    PID:4224
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4832 -parentBuildID 20240401114208 -sandboxingKind 0 -prefsHandle 4824 -prefMapHandle 4820 -prefsLen 29090 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {9eb5b264-3eb6-4736-8f3c-71e320688bd6} 1940 "\\.\pipe\gecko-crash-server-pipe.1940" utility
    3⤵
    - Checks processor information in registry
    PID:3724
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5264 -childID 3 -isForBrowser -prefsHandle 5220 -prefMapHandle 5240 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 1296 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {9bf02006-1add-44ce-9956-3279cb59d5af} 1940 "\\.\pipe\gecko-crash-server-pipe.1940" tab
    3⤵
    PID:220
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5484 -childID 4 -isForBrowser -prefsHandle 5492 -prefMapHandle 5500 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 1296 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {12937345-57ee-4d4c-8e22-90bd8fcf9bb7} 1940 "\\.\pipe\gecko-crash-server-pipe.1940" tab
    3⤵
    PID:5000
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5680 -childID 5 -isForBrowser -prefsHandle 5284 -prefMapHandle 5304 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 1296 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7c2cb852-fe55-4b25-b073-1f6155f397e4} 1940 "\\.\pipe\gecko-crash-server-pipe.1940" tab
    3⤵
    PID:1988

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\qgf82dd5.default-release\activity-stream.discovery_stream.json

Filesize
22KB

MD5
4809b85ccc610a5d6064adaded14be5b

SHA1
288b940b014e0b0ed1afdc60fbfa5d4ff27abc00

SHA256
7c8c5fb380a016bebf00a6fc185ebab148743f5702ebae814ec95562f430f9fe

SHA512
57045d8f890d5350ed1fd304268118f1bc99be63730193f76c4e009367d829463a7ba63e641560eb17d46299e105889ea1c7a4798fc1e39077e85774cc1bc36c

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon

Filesize
479KB

MD5
09372174e83dbbf696ee732fd2e875bb

SHA1
ba360186ba650a769f9303f48b7200fb5eaccee1

SHA256
c32efac42faf4b9878fb8917c5e71d89ff40de580c4f52f62e11c6cfab55167f

SHA512
b667086ed49579592d435df2b486fe30ba1b62ddd169f19e700cd079239747dd3e20058c285fa9c10a533e34f22b5198ed9b1f92ae560a3067f3e3feacc724f1

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

Filesize
13.8MB

MD5
0a8747a2ac9ac08ae9508f36c6d75692

SHA1
b287a96fd6cc12433adb42193dfe06111c38eaf0

SHA256
32d544baf2facc893057a1d97db33207e642f0dacf235d8500a0b5eff934ce03

SHA512
59521f8c61236641b3299ab460c58c8f5f26fa67e828de853c2cf372f9614d58b9f541aae325b1600ec4f3a47953caacb8122b0dfce7481acfec81045735947d

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qgf82dd5.default-release\AlternateServices.bin

Filesize
6KB

MD5
cdcf152e8e2c5f8fb92fab686a1cd034

SHA1
dd0545f1ec5ef1c20baa61662eff8445934a037b

SHA256
f0ba50f95c7604c1bd13a2260d71b06b16b3b1fd9b4315987c5a8b09b091efe1

SHA512
005e7a9e730313edf9e666c921758c62db67f9de7a1ff469a63542292afb8e3928f78c33af94cccbe0c59c4a7bd0d53b8adaff1aa4660416166a320d03fdb5db

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qgf82dd5.default-release\AlternateServices.bin

Filesize
6KB

MD5
a05bdbac5a6a65414071e26f6fab32a5

SHA1
29756216e5e83f179682260d8fafbb992dfaaf9a

SHA256
af21db6542dcfe1cc3c8bdb8d527c42e6c743accddcc2c157591e7850563daed

SHA512
666b0d4a83af0e615ff5bbfb1249121a5592ed5d83a9b149fdac84ee97f4581b7f6ad04b13d80a598cc0c87c1efd3ba33324a82889e0b2cdc7b52f5022517b97

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qgf82dd5.default-release\AlternateServices.bin

Filesize
7KB

MD5
4fc6364ca21e5ea09e0b5a596af59064

SHA1
8511f8fb8f557b0eec0144df7a063226e09b9bd8

SHA256
d11bcdcfd4dea7307211faa9ca1621a8e008131387339ec77e43a8961cefd6dd

SHA512
f657d5447ed7aad309323882faf8a6906d3a4e0fa13cc1f44d1f9995f05fa5efec0224f0db72407b1beba876d7cf3743c51060a352c59816f470eeafa370f359

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qgf82dd5.default-release\AlternateServices.bin

Filesize
13KB

MD5
e8859487d78ea45751f4a71208486584

SHA1
91a946cf08e5665d25871dd772af8f9b6d7c91fe

SHA256
944e2885fb123f03f9f96c4d31fd3bacb9d892f36ac84c234c31402daf9446a7

SHA512
d3f7452690bb3a22d8ea031d5185e897195efcb029276f8d9e08e73b734f8097e82cf8d75088221b2769fd830a213f3aca9672bc56656471c330ef75163e9680

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qgf82dd5.default-release\datareporting\glean\db\data.safe.tmp

Filesize
5KB

MD5
4bc35d24b0eea4d515d8a8ca66d07db8

SHA1
88d5cc14a259fff3fd0b93f368a07e5289fc624b

SHA256
7e3fbe619849220e9438c30eeb14575ce10fe0670b2ba9677f88ce747d7b98f9

SHA512
1856bb84755d31c745c24dd3ae45d9741cca33317dccf05c0355311fb2d6e6098cb35192c7e8c2047f4bff29d9e7ac8892d5b19aa57bf9e926c0b1118960a165

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qgf82dd5.default-release\datareporting\glean\db\data.safe.tmp

Filesize
6KB

MD5
f7036d580ea609073e638ed8c0909f51

SHA1
72fdb92e3c3fe85f7847163f90530bcc3bb6aa1d

SHA256
5d1103b6cb633ab26bfdb0f0047af40ed6ffded3e4a48a851fee8ff5087942e8

SHA512
6e42233415d2042c4d731361f5060174d31849b167b476c53e389d2d377da0931c9a5b70e9abfc4d41a723055216e3185573648a54cd0f578bea1b5f3ffdb2e6

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qgf82dd5.default-release\datareporting\glean\db\data.safe.tmp

Filesize
30KB

MD5
56c382771d7a548393e68cfa5d0e8d3b

SHA1
1baacd649d92e04301d596168ee1323dc9f8f1e9

SHA256
0c65463dcbb3513514cf5c7309d511504b490f6a467d3d6adb729f3a25d8423c

SHA512
9da857b3ec92eca03ad8e2210e0ebb3de2b3d24ff929d23cb28f8f263b829e2a49b080de307b992ee2f5ae63fcb949e94f3a65b1f85b199ffcbf1c13fe6a9a98

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qgf82dd5.default-release\datareporting\glean\pending_pings\9869ec3a-f9ed-40c2-9341-038e121872f2

Filesize
982B

MD5
78a778032c0830c84035c4a31e4f2150

SHA1
95267a3a9ade768dc40d7cf06b2f03320ba1a1c8

SHA256
9510fe2785c315edaf6c64aa517574d09587a14927fb541cf7527f47e04be71f

SHA512
4ff4a2f20fbe9bb0e4e20b1c191d93be6343ac6864e00de08212c58f7bd60d7b596df50fc2ec2bf2e378c233cf03aa7ec23c15c6d430d18423dba1e5f44e0df0

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qgf82dd5.default-release\datareporting\glean\pending_pings\c023329c-bf62-4932-bf81-ae823808bf23

Filesize
24KB

MD5
53043038eca6bc8d25d17c02f7cbec2e

SHA1
783c2da9dcb3e6041eb82ce01fb2c483bdf73d8a

SHA256
90f56336a737110bdf05b0b4d21fcecc9a8c10737ee5ec096c008b79b57a447f

SHA512
f173761f4e012eef020362e93327776ca8745838989e1cfe87a876c7402d127aca357e66b4284e524bc7bc0e3801160dd4f28f1dba520be4a3c4d3bf163a0685

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qgf82dd5.default-release\datareporting\glean\pending_pings\f21af332-6306-4fad-b9b5-ad8d09008304

Filesize
671B

MD5
6f573779341a30206e4468b3b6faebdd

SHA1
819f1e331f058dea3afefe3dc886351f2c80c6e8

SHA256
313b6c7bfe0dbaa3b99be1656409ff823385b33542d9e91d511d22f6ef9fee94

SHA512
4ca1cb5fc4920ee85fefc11ad18dc7ec8127a2c76a510090e6c7a5938804b0a07ba077b1358e53d2fbd6a34186f64ef97ca63abf6f2cf211530f715f3347dd92

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qgf82dd5.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.dll

Filesize
1.1MB

MD5
842039753bf41fa5e11b3a1383061a87

SHA1
3e8fe1d7b3ad866b06dca6c7ef1e3c50c406e153

SHA256
d88dd3bfc4a558bb943f3caa2e376da3942e48a7948763bf9a38f707c2cd0c1c

SHA512
d3320f7ac46327b7b974e74320c4d853e569061cb89ca849cd5d1706330aca629abeb4a16435c541900d839f46ff72dfde04128c450f3e1ee63c025470c19157

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qgf82dd5.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.info

Filesize
116B

MD5
2a461e9eb87fd1955cea740a3444ee7a

SHA1
b10755914c713f5a4677494dbe8a686ed458c3c5

SHA256
4107f76ba1d9424555f4e8ea0acef69357dfff89dfa5f0ec72aa4f2d489b17bc

SHA512
34f73f7bf69d7674907f190f257516e3956f825e35a2f03d58201a5a630310b45df393f2b39669f9369d1ac990505a4b6849a0d34e8c136e1402143b6cedf2d3

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qgf82dd5.default-release\gmp-widevinecdm\4.10.2710.0\manifest.json

Filesize
372B

MD5
bf957ad58b55f64219ab3f793e374316

SHA1
a11adc9d7f2c28e04d9b35e23b7616d0527118a1

SHA256
bbab6ca07edbed72a966835c7907b3e60c7aa3d48ddea847e5076bd05f4b1eda

SHA512
79c179b56e4893fb729b225818ab4b95a50b69666ac41d17aad0b37ab0ca8cd9f0848cbc3c5d9e69e4640a8b261d7ced592eae9bcb0e0b63c05a56e7c477f44e

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qgf82dd5.default-release\gmp-widevinecdm\4.10.2710.0\widevinecdm.dll

Filesize
17.8MB

MD5
daf7ef3acccab478aaa7d6dc1c60f865

SHA1
f8246162b97ce4a945feced27b6ea114366ff2ad

SHA256
bc40c7821dcd3fea9923c6912ab1183a942c11b7690cfd79ed148ded0228777e

SHA512
5840a45cfdb12c005e117608b1e5d946e1b2e76443ed39ba940d7f56de4babeab09bee7e64b903eb82bb37624c0a0ef19e9b59fbe2ce2f0e0b1c7a6015a63f75

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qgf82dd5.default-release\prefs-1.js

Filesize
10KB

MD5
49218def2e1e4488bfe97be284d3e54a

SHA1
d87dae283c94ddc5bad9236fb018d57fa584f7fa

SHA256
713e23b2903322d751c3c30d79510d17c95e948857159a9a1cdb92ced0aabc5f

SHA512
5b7736297b03b8ad777c90b739715fb821b7bfb3b10486bfb023a6d511c93d8739caa9dc4e38ee7e0c1461776bfe4ca0605587cf07254e91747297832b1ff80b

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qgf82dd5.default-release\prefs-1.js

Filesize
11KB

MD5
697421cc150d1ab075e39b1dc9ad7252

SHA1
7dacc399321d6087e495c705e74f3eec9f7e6e67

SHA256
45e4e3dcc4129c4936b3356d3f1efb9f3b69c8b6bfead30cbaf3b94aec1555fd

SHA512
f22cb628347353b516593a0198111c0e538a692789c05c12953b503454873f215c16be4b655a828e8545c0a21da68f25737fe3a766c12a464937e944743c8845

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qgf82dd5.default-release\prefs.js

Filesize
10KB

MD5
7b8b012f70f0cf852b60c1eed4c02fc6

SHA1
7b44e55f49105d9ce61d11df3ff7f26f4f85880f

SHA256
a375bd6b82e2645d7f530ef8dd707b73b07c104641cabf5272f372c9c74aecd6

SHA512
80c0f17eecda54ac351e70f343637e417d68ca836e4375e31e6fcc3a3263a30fd1280881d23a1a4c4f3b7dee3eb6b9258e65c274f9443fb5bf9d5b53bb7c06bc

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qgf82dd5.default-release\sessionstore-backups\recovery.baklz4

Filesize
1KB

MD5
3ef0820e087fe9e68aac46f43fff760c

SHA1
fbcee090242b4e820a2415aaa58a5d72a1c429d5

SHA256
d3b2f6c52a206a930bd914a2186d22c17f52cb91de737be66ab572aeef0c46c6

SHA512
6038155c539978e8b5e292ade6a5228ef0c0814cd9a7e99521e50b0d967e07073b539d58b0eb8b32d86f5561ff1d48369dda4205cd3b876f322e24c84539c2ab

Download Submit