hxxps://doksly[.]com/view/2AKI17l2etB

Analysis

max time kernel
149s
max time network
150s
platform
windows11-21h2_x64
resource
win11-20241007-en
resource tags

arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
submitted
04-12-2024 16:00

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://doksly.com/view/2AKI17l2etB

Score

1^/10

Malware Config

Signatures

Checks processor information in registry 2 TTPs 8 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	firefox.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3870231897-2573482396-1083937135-1000_Classes\Local Settings	firefox.exe

Suspicious use of AdjustPrivilegeToken 5 IoCs

description	pid	Process
Token: SeDebugPrivilege	2144	firefox.exe
Token: SeDebugPrivilege	2144	firefox.exe
Token: SeDebugPrivilege	2144	firefox.exe
Token: SeDebugPrivilege	2144	firefox.exe
Token: SeDebugPrivilege	2144	firefox.exe

Suspicious use of FindShellTrayWindow 21 IoCs

pid	Process
2144	firefox.exe
2144	firefox.exe
2144	firefox.exe
2144	firefox.exe
2144	firefox.exe
2144	firefox.exe
2144	firefox.exe
2144	firefox.exe
2144	firefox.exe
2144	firefox.exe
2144	firefox.exe
2144	firefox.exe
2144	firefox.exe
2144	firefox.exe
2144	firefox.exe
2144	firefox.exe
2144	firefox.exe
2144	firefox.exe
2144	firefox.exe
2144	firefox.exe
2144	firefox.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2144	firefox.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 6112 wrote to memory of 2144	6112	firefox.exe	77
PID 6112 wrote to memory of 2144	6112	firefox.exe	77
PID 6112 wrote to memory of 2144	6112	firefox.exe	77
PID 6112 wrote to memory of 2144	6112	firefox.exe	77
PID 6112 wrote to memory of 2144	6112	firefox.exe	77
PID 6112 wrote to memory of 2144	6112	firefox.exe	77
PID 6112 wrote to memory of 2144	6112	firefox.exe	77
PID 6112 wrote to memory of 2144	6112	firefox.exe	77
PID 6112 wrote to memory of 2144	6112	firefox.exe	77
PID 6112 wrote to memory of 2144	6112	firefox.exe	77
PID 6112 wrote to memory of 2144	6112	firefox.exe	77
PID 2144 wrote to memory of 3196	2144	firefox.exe	78
PID 2144 wrote to memory of 3196	2144	firefox.exe	78
PID 2144 wrote to memory of 3196	2144	firefox.exe	78
PID 2144 wrote to memory of 3196	2144	firefox.exe	78
PID 2144 wrote to memory of 3196	2144	firefox.exe	78
PID 2144 wrote to memory of 3196	2144	firefox.exe	78
PID 2144 wrote to memory of 3196	2144	firefox.exe	78
PID 2144 wrote to memory of 3196	2144	firefox.exe	78
PID 2144 wrote to memory of 3196	2144	firefox.exe	78
PID 2144 wrote to memory of 3196	2144	firefox.exe	78
PID 2144 wrote to memory of 3196	2144	firefox.exe	78
PID 2144 wrote to memory of 3196	2144	firefox.exe	78
PID 2144 wrote to memory of 3196	2144	firefox.exe	78
PID 2144 wrote to memory of 3196	2144	firefox.exe	78
PID 2144 wrote to memory of 3196	2144	firefox.exe	78
PID 2144 wrote to memory of 3196	2144	firefox.exe	78
PID 2144 wrote to memory of 3196	2144	firefox.exe	78
PID 2144 wrote to memory of 3196	2144	firefox.exe	78
PID 2144 wrote to memory of 3196	2144	firefox.exe	78
PID 2144 wrote to memory of 3196	2144	firefox.exe	78
PID 2144 wrote to memory of 3196	2144	firefox.exe	78
PID 2144 wrote to memory of 3196	2144	firefox.exe	78
PID 2144 wrote to memory of 3196	2144	firefox.exe	78
PID 2144 wrote to memory of 3196	2144	firefox.exe	78
PID 2144 wrote to memory of 3196	2144	firefox.exe	78
PID 2144 wrote to memory of 3196	2144	firefox.exe	78
PID 2144 wrote to memory of 3196	2144	firefox.exe	78
PID 2144 wrote to memory of 3196	2144	firefox.exe	78
PID 2144 wrote to memory of 3196	2144	firefox.exe	78
PID 2144 wrote to memory of 3196	2144	firefox.exe	78
PID 2144 wrote to memory of 3196	2144	firefox.exe	78
PID 2144 wrote to memory of 3196	2144	firefox.exe	78
PID 2144 wrote to memory of 3196	2144	firefox.exe	78
PID 2144 wrote to memory of 3196	2144	firefox.exe	78
PID 2144 wrote to memory of 3196	2144	firefox.exe	78
PID 2144 wrote to memory of 3196	2144	firefox.exe	78
PID 2144 wrote to memory of 3196	2144	firefox.exe	78
PID 2144 wrote to memory of 3196	2144	firefox.exe	78
PID 2144 wrote to memory of 3196	2144	firefox.exe	78
PID 2144 wrote to memory of 3196	2144	firefox.exe	78
PID 2144 wrote to memory of 3196	2144	firefox.exe	78
PID 2144 wrote to memory of 3196	2144	firefox.exe	78
PID 2144 wrote to memory of 3196	2144	firefox.exe	78
PID 2144 wrote to memory of 3196	2144	firefox.exe	78
PID 2144 wrote to memory of 3196	2144	firefox.exe	78
PID 2144 wrote to memory of 5568	2144	firefox.exe	79
PID 2144 wrote to memory of 5568	2144	firefox.exe	79
PID 2144 wrote to memory of 5568	2144	firefox.exe	79
PID 2144 wrote to memory of 5568	2144	firefox.exe	79
PID 2144 wrote to memory of 5568	2144	firefox.exe	79
PID 2144 wrote to memory of 5568	2144	firefox.exe	79
PID 2144 wrote to memory of 5568	2144	firefox.exe	79
PID 2144 wrote to memory of 5568	2144	firefox.exe	79

Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
persistence

Query Registry
T1012

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "https://doksly.com/view/2AKI17l2etB"
1⤵
- Suspicious use of WriteProcessMemory
PID:6112
- C:\Program Files\Mozilla Firefox\firefox.exe
  "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url https://doksly.com/view/2AKI17l2etB
  2⤵
  - Checks processor information in registry
  - Modifies registry class
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SetWindowsHookEx
  - Suspicious use of WriteProcessMemory
  PID:2144
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=1988 -parentBuildID 20240401114208 -prefsHandle 1904 -prefMapHandle 1896 -prefsLen 23678 -prefMapSize 244658 -appDir "C:\Program Files\Mozilla Firefox\browser" - {687e2609-75c7-4b89-975f-4639ba282b2d} 2144 "\\.\pipe\gecko-crash-server-pipe.2144" gpu
    3⤵
    PID:3196
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2412 -parentBuildID 20240401114208 -prefsHandle 2388 -prefMapHandle 2352 -prefsLen 24598 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a52d6468-7233-4830-aa09-79926182a997} 2144 "\\.\pipe\gecko-crash-server-pipe.2144" socket
    3⤵
    PID:5568
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3248 -childID 1 -isForBrowser -prefsHandle 3280 -prefMapHandle 3068 -prefsLen 22652 -prefMapSize 244658 -jsInitHandle 936 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {4b230c19-aed2-49b3-9187-13a58e136699} 2144 "\\.\pipe\gecko-crash-server-pipe.2144" tab
    3⤵
    PID:4616
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2952 -childID 2 -isForBrowser -prefsHandle 2728 -prefMapHandle 3612 -prefsLen 29088 -prefMapSize 244658 -jsInitHandle 936 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {49420ddd-1459-4fd6-8406-d7ea3b6e0ce2} 2144 "\\.\pipe\gecko-crash-server-pipe.2144" tab
    3⤵
    PID:2436
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4772 -parentBuildID 20240401114208 -sandboxingKind 0 -prefsHandle 4856 -prefMapHandle 4852 -prefsLen 29088 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {031cbb72-5968-47cd-bbcb-a5cf1db5bbae} 2144 "\\.\pipe\gecko-crash-server-pipe.2144" utility
    3⤵
    - Checks processor information in registry
    PID:4048
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5432 -childID 3 -isForBrowser -prefsHandle 5424 -prefMapHandle 4928 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 936 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7e8f23ed-543c-4d8a-b4c3-4812b8e7d578} 2144 "\\.\pipe\gecko-crash-server-pipe.2144" tab
    3⤵
    PID:3548
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5564 -childID 4 -isForBrowser -prefsHandle 5572 -prefMapHandle 5576 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 936 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {8de697e3-ba10-4224-8205-cb879e27da0a} 2144 "\\.\pipe\gecko-crash-server-pipe.2144" tab
    3⤵
    PID:4192
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5824 -childID 5 -isForBrowser -prefsHandle 5832 -prefMapHandle 5836 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 936 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {dcf0c337-c775-4fce-94ff-a04f81746c4f} 2144 "\\.\pipe\gecko-crash-server-pipe.2144" tab
    3⤵
    PID:3552

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\o7bdpohx.default-release\activity-stream.discovery_stream.json

Filesize
19KB

MD5
1c4f43ee2c063b90e6ca2c2322fdb3da

SHA1
3c4fa4733a54da3041604f3ed5dd665ed04912b0

SHA256
88cfec6c90bb1e5f2d4e5c795d54adedf5bdcd56fed0fb29aa076a797d3e05c5

SHA512
925c04056c8762b29aafc02e186c8c0abfbe1c60b24d2521adcd8937a2df1484a063deb2cb8318ce164837d43c5acc8e8862002396f8833851759a8a87fab849

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\o7bdpohx.default-release\cache2\entries\39DB9E847E680B765D7B04FCCE6BF5BC0225F878

Filesize
13KB

MD5
5bb98a535f4fbd2af07ab165b39c06fc

SHA1
c64c4eeb687bbcb6f107d54f6c0d30e362eccc1e

SHA256
c1fe9f965c776321db5b696b0c887663e4fb17f8713552fa69fec2f6fe69a303

SHA512
27d426dfc9b44bcd8b02a481df8c14f6aaddf55661ce4bbe448e476e2e0e95af9f94687a9affcf62388c8bcb3483033aef8d9b8c2720c1115651f65eded19273

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\o7bdpohx.default-release\cache2\entries\92F4D5A4F9CED6E2E644D803AEE3647A0EA4D984

Filesize
13KB

MD5
dea89dac85a8ff4b760e0a3cf3087a8f

SHA1
8b09972cb8bcf9004bb4f27f8e6c8b00419e118a

SHA256
6f40afdf82db3812ffcbfc0fb9bc91d40cca9786fc35460dc237be25e34f402d

SHA512
cf88cf29724e8cdda6cc068e88234be94f5ad9b7c5b4fcba17c9f5d0bb77ff474d651aaf238c8325807a1700ca2590ecc83effde1dd8883a3e9a513dfd7d442b

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\o7bdpohx.default-release\cache2\entries\F8CBD54DDA10F4286A41EC6A537240712D6C2308

Filesize
9KB

MD5
21982fa3db96ffb5e0323177cbd08ade

SHA1
01e069021ccf06918c79f69e60476e8a76f465bf

SHA256
02dcc1410fc41a98f24ad350aacef2df27fd4409ab2508fd863e63d5e45107c7

SHA512
9b6b420236dad3632d92e0aaf98ca74d6c4c6bba1c690c4537177b0e378b4d8f8c419bd56e4d106a5284fb5f46bf327f5bdd2cbbca2d5a92a5a7395bce885cce

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\o7bdpohx.default-release\settings\main\ms-language-packs\browser\newtab\asrouter.ftl

Filesize
15KB

MD5
96c542dec016d9ec1ecc4dddfcbaac66

SHA1
6199f7648bb744efa58acf7b96fee85d938389e4

SHA256
7f32769d6bb4e875f58ceb9e2fbfdc9bd6b82397eca7a4c5230b0786e68f1798

SHA512
cda2f159c3565bc636e0523c893b293109de2717142871b1ec78f335c12bad96fc3f62bcf56a1a88abdeed2ac3f3e5e9a008b45e24d713e13c23103acc15e658

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon

Filesize
479KB

MD5
09372174e83dbbf696ee732fd2e875bb

SHA1
ba360186ba650a769f9303f48b7200fb5eaccee1

SHA256
c32efac42faf4b9878fb8917c5e71d89ff40de580c4f52f62e11c6cfab55167f

SHA512
b667086ed49579592d435df2b486fe30ba1b62ddd169f19e700cd079239747dd3e20058c285fa9c10a533e34f22b5198ed9b1f92ae560a3067f3e3feacc724f1

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

Filesize
13.8MB

MD5
0a8747a2ac9ac08ae9508f36c6d75692

SHA1
b287a96fd6cc12433adb42193dfe06111c38eaf0

SHA256
32d544baf2facc893057a1d97db33207e642f0dacf235d8500a0b5eff934ce03

SHA512
59521f8c61236641b3299ab460c58c8f5f26fa67e828de853c2cf372f9614d58b9f541aae325b1600ec4f3a47953caacb8122b0dfce7481acfec81045735947d

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\o7bdpohx.default-release\AlternateServices.bin

Filesize
6KB

MD5
2e682f7a7190332fe357d35ca1aeb100

SHA1
a2c59c889be1a76fc433beae178247c30d8bb624

SHA256
395f3075d1c85126e707bae20fffb9e1d8103a024aeab97461f97f786e331542

SHA512
ebdcc434b7d486d482da4a238424ec2947eed8e117e225b32ee786f1e2ee31bfd0bf14c08fb62e8dd61d42737a7a0f65e26706d8450e09ec88870e0e40a892fd

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\o7bdpohx.default-release\AlternateServices.bin

Filesize
8KB

MD5
d32c595b86a9ace179aa1517a5eb99ec

SHA1
71e2624fa0ca4f9917db076c4a15a77da74c6deb

SHA256
d9119b39b4a3153b4f8d171a74ba2cffee45cffcba2523a3ebd342c1ceb08679

SHA512
0c6a47f5e67b48c008c16bd5938574596ca66e75755217b1130af2c2611cfa0ba95c9271d366be7cdfc0b842eba3b1d15ea0e35bf1c0aa58db709096719137a9

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\o7bdpohx.default-release\datareporting\glean\db\data.safe.tmp

Filesize
5KB

MD5
e6fe124e1549818ed5059146631e752e

SHA1
0d1bf000ee2870131ec58b7147ddded0e2df166c

SHA256
25714a492689bf9bf59ec2269e3966c5f960ab287785edd21a6ab36d12af90c3

SHA512
71b23dac43e9cd3d121b3a563875672568d1d1cd885d6f6ca87ac05cfbe0db50fed6d04f0045a167c212055641c0e9901595095b1729b77811702c7efee326be

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\o7bdpohx.default-release\datareporting\glean\db\data.safe.tmp

Filesize
5KB

MD5
40c6fb8b15d7d1d64ea1332d0ca85e30

SHA1
a7f2ec05282b46bbdf8d5cfe5d86e37aee83a668

SHA256
de5aee01d79e91a724a8b4846a8180bbbd702c0b32f5fef33fa7542a69de4000

SHA512
e0ecbdc8445a57ba52c8717e948da8e27bd9531a37461a6b9d79f8869faba0a8fa549ae7ae19fd6b6d79627b6ad231c30bc8dc9f7533cf27b0302c7ca067f758

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\o7bdpohx.default-release\datareporting\glean\db\data.safe.tmp

Filesize
6KB

MD5
65e495844d68a8decea9c523dac02834

SHA1
e609b6d1e4386f2bf291dc4bf76238230d11e08c

SHA256
fa8740506f380e6337953d49d08636785253d3422e979caac7e5685c9c777753

SHA512
b80204a4951b3bffe59958ae885c3b123b8cf6074daff330c61197a0d52491ae6eb8eda53bcf7bf888a2af49033a5ee0a95d98862d3a3a744c2b09c093cdce4b

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\o7bdpohx.default-release\datareporting\glean\db\data.safe.tmp

Filesize
15KB

MD5
421f8c00e2a9d9b841bd4f9ceb410251

SHA1
e31f6994a612663545ee21a96c794bf737939956

SHA256
3aeb1795a16a0ef5c5634ab5b73dee97ba3bd37ae03437032ef7cfe67d046948

SHA512
5ecac87c117e8a806be294b62d2752d716d0d638af1eec8939c0ebaf083bf50034641afb96bc57182884c2fba7aab727c65c7b621c6253f2db80a6c5d46682f4

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\o7bdpohx.default-release\datareporting\glean\db\data.safe.tmp

Filesize
31KB

MD5
550691e09ca42f1bdb537f36b57eb1c9

SHA1
a88f89c7ea8d60e19e37dc06d9007f67935a8f04

SHA256
7cd15b4db37265babae16e4224d63d8e5fb93cb56f7c7d27aee9df06b7e74ad9

SHA512
eddbba809a69fde77bcd74e2b82c7b75a378be86c0aa5052ceb5d78d22efa0ff51118a22e8bfbdefc8e50523ec0e4fdf2fe2101f2b3eda026450c428693bbb2d

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\o7bdpohx.default-release\datareporting\glean\pending_pings\7bf041b7-9202-4085-bfaf-1dda9abdde8a

Filesize
982B

MD5
2ae66e9bc8dae70eae4c21ee23bd5360

SHA1
764af85e7a59a63498c348d586234774c4566f1e

SHA256
1ca803210adddbc17c3c8d2e8cb3bcffe99f3928dbb4f7103cd4e0e8acab1832

SHA512
2386beb8752f4c91f7d32ef6d91f52dda15fb9237ce1eec52ac67feda5b3f7274bbd52e312ca0e685ea1d34a9a39051c6105ad7358a9550912fc74cd68662099

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\o7bdpohx.default-release\datareporting\glean\pending_pings\93a6ea0a-2ad9-4cf6-b38a-41bb99b17ca2

Filesize
671B

MD5
8e2f5e909471c1421ed9ed5165780097

SHA1
785d1864be96feb320526dd8bd0911617a0b9942

SHA256
9275eb41f6feeaf859cbe44e37e081cc265bad74c54f4ab866f6ca119e1e578e

SHA512
fd83b03535582ed7c44ae2fc179f51690fb2eaf7c497d3ad263fc54995be94418ee3dc328ad2f335149580d9e8229e812940d504fe93264e6991585ecb3c8397

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\o7bdpohx.default-release\datareporting\glean\pending_pings\e949312d-295c-47b1-af7f-6f0e6def85c8

Filesize
24KB

MD5
4eca3531a79a73a372fa041e13030fbb

SHA1
25be9438170b21fb8c12f07559e5e78065304d23

SHA256
e63daf5ebe255e066f24712993d09f81b53b73e1f507263b887ea4d977afe58f

SHA512
3e67deaf1452d55315427f6d25cd1a4ac83ce4f855f92239ac963b1e3cd2613c323da4240e5fe7ec306df91ac24622bd1cc37469094c4f5e4266232ef441c854

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\o7bdpohx.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.dll

Filesize
1.1MB

MD5
842039753bf41fa5e11b3a1383061a87

SHA1
3e8fe1d7b3ad866b06dca6c7ef1e3c50c406e153

SHA256
d88dd3bfc4a558bb943f3caa2e376da3942e48a7948763bf9a38f707c2cd0c1c

SHA512
d3320f7ac46327b7b974e74320c4d853e569061cb89ca849cd5d1706330aca629abeb4a16435c541900d839f46ff72dfde04128c450f3e1ee63c025470c19157

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\o7bdpohx.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.info

Filesize
116B

MD5
2a461e9eb87fd1955cea740a3444ee7a

SHA1
b10755914c713f5a4677494dbe8a686ed458c3c5

SHA256
4107f76ba1d9424555f4e8ea0acef69357dfff89dfa5f0ec72aa4f2d489b17bc

SHA512
34f73f7bf69d7674907f190f257516e3956f825e35a2f03d58201a5a630310b45df393f2b39669f9369d1ac990505a4b6849a0d34e8c136e1402143b6cedf2d3

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\o7bdpohx.default-release\gmp-widevinecdm\4.10.2710.0\manifest.json

Filesize
372B

MD5
bf957ad58b55f64219ab3f793e374316

SHA1
a11adc9d7f2c28e04d9b35e23b7616d0527118a1

SHA256
bbab6ca07edbed72a966835c7907b3e60c7aa3d48ddea847e5076bd05f4b1eda

SHA512
79c179b56e4893fb729b225818ab4b95a50b69666ac41d17aad0b37ab0ca8cd9f0848cbc3c5d9e69e4640a8b261d7ced592eae9bcb0e0b63c05a56e7c477f44e

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\o7bdpohx.default-release\gmp-widevinecdm\4.10.2710.0\widevinecdm.dll

Filesize
17.8MB

MD5
daf7ef3acccab478aaa7d6dc1c60f865

SHA1
f8246162b97ce4a945feced27b6ea114366ff2ad

SHA256
bc40c7821dcd3fea9923c6912ab1183a942c11b7690cfd79ed148ded0228777e

SHA512
5840a45cfdb12c005e117608b1e5d946e1b2e76443ed39ba940d7f56de4babeab09bee7e64b903eb82bb37624c0a0ef19e9b59fbe2ce2f0e0b1c7a6015a63f75

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\o7bdpohx.default-release\prefs-1.js

Filesize
15KB

MD5
a1519e050014621fd51778973c9d7b52

SHA1
d55c7739f1e510c6e3b7990cf43a069fc3767e50

SHA256
29d415b568285e204d52fc503efa1e04c287ea2fa4675d69f326fc19590a47e5

SHA512
91f193df80cfc07e8bd66621563fc8eda367334449a7d0ba236574beb687a9e6e855f1075e6c17ddd4481b34a1d9c2a4aaf83c29dd5a543621f177bca3216143

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\o7bdpohx.default-release\prefs-1.js

Filesize
15KB

MD5
b2cf83e245ef0873383e96676d71635f

SHA1
55041bca488bbc9ccca8ea7863af82250d14fcb6

SHA256
5f7bc90952c8f12a0007ac75c4f10163a9f472e84c1e601f090f6e62da6393ed

SHA512
bbdb000d9bc8a7783e00cc23c76afde8f683a6f02a8ec8690e22e099701f851c68b51e6eb1bc604655ebb89cf78e0de704abe6b16a01772b048e66e262fcabde

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\o7bdpohx.default-release\prefs-1.js

Filesize
11KB

MD5
318eba313fb155a1d61547746a526d03

SHA1
296a975bbd863b1c807cc20b558ed050bd3e43e8

SHA256
73b7387aab76b2860c1933b86704f87aa50209e541b731b4769dcd4ab80c2ec0

SHA512
a0160cada4b013a7e3407a3f284507e22e200e97641fbe9eaf6347821a4c60a2bc467d8c5fcad51d2f8a54afd2e7dd44310208070a8f6651735d138d1acdb1d5

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\o7bdpohx.default-release\prefs.js

Filesize
10KB

MD5
7609e3dbaf7f5806e94b888c0157669b

SHA1
065339862250daf7732ce63d23c5c20b5b010cdb

SHA256
fb662e032e52a34e1f2de9a01757da27b4ef0c12a0eb17911877f1c9f46926c3

SHA512
4c80e4107c47a6e69927f296a246e4981587ce4fb9d360e1123d884e48b171be9cd67bc2f2250fa108c684fe0e36eac8a17de3dcdb19794164dfcfeee6362037

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\o7bdpohx.default-release\prefs.js

Filesize
10KB

MD5
3b27f4abd243c0df831c1b4dea6f946c

SHA1
a37fafcfe8fa488018f149ada99864ed49b3c163

SHA256
1334ad248642163ab431bf858a187930bc757b2534a83ef8ed591cdd91769618

SHA512
69b23dc2716854cec00278b407012bd402dc270a93c7ce2831b94f237c9a71e141c8b9f57139651e0d29b451529770b63b77cafb29aa9cba2fb73280df5635eb

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\o7bdpohx.default-release\sessionstore-backups\recovery.baklz4

Filesize
3KB

MD5
10b5eb39de4821102ab0abff8a0e4807

SHA1
04ef0e02d867449c7479cca0dea1a061759b8ff5

SHA256
5bccf1ebfd8f2d1ac159780c65f0ba32c681b634b2ced1669e4cc1b0db7188c4

SHA512
a1491929df8b03987c1c346840ed902e3a118c232baf73c2b12a6b8275e25f3f257005901e114109dc71425bbc8c18415527d753aa604bd8ca09341297cd9e72

Download Submit