9504fbdc366ff1c3d41b463c5cd8d87fbf5eef9755a578ceb90ce18c3f751986

Analysis

max time kernel
147s
max time network
155s
platform
windows11-21h2_x64
resource
win11-20241007-de
resource tags

arch:x64arch:x86image:win11-20241007-delocale:de-deos:windows11-21h2-x64systemwindows
submitted
06/12/2024, 13:19

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

Crosshair-X-Crack-master/web/index.html
Size

1KB
MD5

d1f3189eb4999ae4d9385df1343caa7a
SHA1

03b10b563457fd9f0f269bf14d14d3ee666166c3
SHA256

78a5158d848bbbad0575ece573c2c302f0b35f9a352fb2c46b0658ca8522e2eb
SHA512

6ff82f2aeda2c3b4a65076b87c0638d4aa2c2b45c894f7e4b218aeed740670c096ed78b87582050ada01d447ff940e50629d2c44dba693e456c6feede6da82ad

Score

1^/10

Malware Config

Signatures

Checks processor information in registry 2 TTPs 8 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-556537508-2730415644-482548075-1000_Classes\Local Settings	firefox.exe

Suspicious use of AdjustPrivilegeToken 5 IoCs

description	pid	Process
Token: SeDebugPrivilege	2704	firefox.exe
Token: SeDebugPrivilege	2704	firefox.exe
Token: SeDebugPrivilege	2704	firefox.exe
Token: SeDebugPrivilege	2704	firefox.exe
Token: SeDebugPrivilege	2704	firefox.exe

Suspicious use of FindShellTrayWindow 21 IoCs

pid	Process
2704	firefox.exe
2704	firefox.exe
2704	firefox.exe
2704	firefox.exe
2704	firefox.exe
2704	firefox.exe
2704	firefox.exe
2704	firefox.exe
2704	firefox.exe
2704	firefox.exe
2704	firefox.exe
2704	firefox.exe
2704	firefox.exe
2704	firefox.exe
2704	firefox.exe
2704	firefox.exe
2704	firefox.exe
2704	firefox.exe
2704	firefox.exe
2704	firefox.exe
2704	firefox.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2704	firefox.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4188 wrote to memory of 2704	4188	firefox.exe	77
PID 4188 wrote to memory of 2704	4188	firefox.exe	77
PID 4188 wrote to memory of 2704	4188	firefox.exe	77
PID 4188 wrote to memory of 2704	4188	firefox.exe	77
PID 4188 wrote to memory of 2704	4188	firefox.exe	77
PID 4188 wrote to memory of 2704	4188	firefox.exe	77
PID 4188 wrote to memory of 2704	4188	firefox.exe	77
PID 4188 wrote to memory of 2704	4188	firefox.exe	77
PID 4188 wrote to memory of 2704	4188	firefox.exe	77
PID 4188 wrote to memory of 2704	4188	firefox.exe	77
PID 4188 wrote to memory of 2704	4188	firefox.exe	77
PID 2704 wrote to memory of 4028	2704	firefox.exe	78
PID 2704 wrote to memory of 4028	2704	firefox.exe	78
PID 2704 wrote to memory of 4028	2704	firefox.exe	78
PID 2704 wrote to memory of 4028	2704	firefox.exe	78
PID 2704 wrote to memory of 4028	2704	firefox.exe	78
PID 2704 wrote to memory of 4028	2704	firefox.exe	78
PID 2704 wrote to memory of 4028	2704	firefox.exe	78
PID 2704 wrote to memory of 4028	2704	firefox.exe	78
PID 2704 wrote to memory of 4028	2704	firefox.exe	78
PID 2704 wrote to memory of 4028	2704	firefox.exe	78
PID 2704 wrote to memory of 4028	2704	firefox.exe	78
PID 2704 wrote to memory of 4028	2704	firefox.exe	78
PID 2704 wrote to memory of 4028	2704	firefox.exe	78
PID 2704 wrote to memory of 4028	2704	firefox.exe	78
PID 2704 wrote to memory of 4028	2704	firefox.exe	78
PID 2704 wrote to memory of 4028	2704	firefox.exe	78
PID 2704 wrote to memory of 4028	2704	firefox.exe	78
PID 2704 wrote to memory of 4028	2704	firefox.exe	78
PID 2704 wrote to memory of 4028	2704	firefox.exe	78
PID 2704 wrote to memory of 4028	2704	firefox.exe	78
PID 2704 wrote to memory of 4028	2704	firefox.exe	78
PID 2704 wrote to memory of 4028	2704	firefox.exe	78
PID 2704 wrote to memory of 4028	2704	firefox.exe	78
PID 2704 wrote to memory of 4028	2704	firefox.exe	78
PID 2704 wrote to memory of 4028	2704	firefox.exe	78
PID 2704 wrote to memory of 4028	2704	firefox.exe	78
PID 2704 wrote to memory of 4028	2704	firefox.exe	78
PID 2704 wrote to memory of 4028	2704	firefox.exe	78
PID 2704 wrote to memory of 4028	2704	firefox.exe	78
PID 2704 wrote to memory of 4028	2704	firefox.exe	78
PID 2704 wrote to memory of 4028	2704	firefox.exe	78
PID 2704 wrote to memory of 4028	2704	firefox.exe	78
PID 2704 wrote to memory of 4028	2704	firefox.exe	78
PID 2704 wrote to memory of 4028	2704	firefox.exe	78
PID 2704 wrote to memory of 4028	2704	firefox.exe	78
PID 2704 wrote to memory of 4028	2704	firefox.exe	78
PID 2704 wrote to memory of 4028	2704	firefox.exe	78
PID 2704 wrote to memory of 4028	2704	firefox.exe	78
PID 2704 wrote to memory of 4028	2704	firefox.exe	78
PID 2704 wrote to memory of 4028	2704	firefox.exe	78
PID 2704 wrote to memory of 4028	2704	firefox.exe	78
PID 2704 wrote to memory of 4028	2704	firefox.exe	78
PID 2704 wrote to memory of 4028	2704	firefox.exe	78
PID 2704 wrote to memory of 4028	2704	firefox.exe	78
PID 2704 wrote to memory of 4028	2704	firefox.exe	78
PID 2704 wrote to memory of 4864	2704	firefox.exe	79
PID 2704 wrote to memory of 4864	2704	firefox.exe	79
PID 2704 wrote to memory of 4864	2704	firefox.exe	79
PID 2704 wrote to memory of 4864	2704	firefox.exe	79
PID 2704 wrote to memory of 4864	2704	firefox.exe	79
PID 2704 wrote to memory of 4864	2704	firefox.exe	79
PID 2704 wrote to memory of 4864	2704	firefox.exe	79
PID 2704 wrote to memory of 4864	2704	firefox.exe	79

Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
persistence

Query Registry
T1012

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "C:\Users\Admin\AppData\Local\Temp\Crosshair-X-Crack-master\web\index.html"
1⤵
- Suspicious use of WriteProcessMemory
PID:4188
- C:\Program Files\Mozilla Firefox\firefox.exe
  "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url C:\Users\Admin\AppData\Local\Temp\Crosshair-X-Crack-master\web\index.html
  2⤵
  - Checks processor information in registry
  - Modifies registry class
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SetWindowsHookEx
  - Suspicious use of WriteProcessMemory
  PID:2704
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2000 -parentBuildID 20240401114208 -prefsHandle 1916 -prefMapHandle 1908 -prefsLen 23678 -prefMapSize 244658 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b6ac8c0b-4e21-435e-8c47-cbdef31c153b} 2704 "\\.\pipe\gecko-crash-server-pipe.2704" gpu
    3⤵
    PID:4028
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2412 -parentBuildID 20240401114208 -prefsHandle 2404 -prefMapHandle 2400 -prefsLen 24598 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {afb2ff93-214a-431b-b453-b09174229b98} 2704 "\\.\pipe\gecko-crash-server-pipe.2704" socket
    3⤵
    PID:4864
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3292 -childID 1 -isForBrowser -prefsHandle 3284 -prefMapHandle 3280 -prefsLen 24739 -prefMapSize 244658 -jsInitHandle 1268 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {24c3684b-d172-4b9e-8f0c-0356fc19fa4b} 2704 "\\.\pipe\gecko-crash-server-pipe.2704" tab
    3⤵
    PID:5108
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3656 -childID 2 -isForBrowser -prefsHandle 3652 -prefMapHandle 3648 -prefsLen 29088 -prefMapSize 244658 -jsInitHandle 1268 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {75aa633e-1f29-440a-84d8-b3da48e913d3} 2704 "\\.\pipe\gecko-crash-server-pipe.2704" tab
    3⤵
    PID:332
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4560 -parentBuildID 20240401114208 -sandboxingKind 0 -prefsHandle 4616 -prefMapHandle 4612 -prefsLen 29088 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {76008e88-6830-42b7-95b9-eab34fd1aa59} 2704 "\\.\pipe\gecko-crash-server-pipe.2704" utility
    3⤵
    - Checks processor information in registry
    PID:768
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5496 -childID 3 -isForBrowser -prefsHandle 5520 -prefMapHandle 5516 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1268 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {cf40d725-4ffd-4c26-8e9f-5af173e997c6} 2704 "\\.\pipe\gecko-crash-server-pipe.2704" tab
    3⤵
    PID:3936
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5488 -childID 4 -isForBrowser -prefsHandle 5532 -prefMapHandle 5528 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1268 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2261f5ae-8af8-4bf8-afbd-83dbd3e065f4} 2704 "\\.\pipe\gecko-crash-server-pipe.2704" tab
    3⤵
    PID:3944
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5896 -childID 5 -isForBrowser -prefsHandle 5764 -prefMapHandle 5760 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1268 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {47c80a59-cf04-47f6-afa4-9233a1982f84} 2704 "\\.\pipe\gecko-crash-server-pipe.2704" tab
    3⤵
    PID:2944

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\p38rro19.default-release\activity-stream.discovery_stream.json

Filesize
19KB

MD5
8ccd3ec234787b8217ef2882adc197e5

SHA1
7bccffc89cf788833e4ac3b2e767e3ad72fb577f

SHA256
581c3494f610ec87c1bf98c6c90040dbc33e249bded5bf60a6180e038c34f26c

SHA512
4f6d9e531c754ef3e56b4b08417bb567f2ce5c8eab6cfefe046bf95969ccfd3205cf9bba2a20a354ecc61e3f18bcf81a3411238a0092d83aeed76e517699bad4

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\p38rro19.default-release\cache2\entries\92F4D5A4F9CED6E2E644D803AEE3647A0EA4D984

Filesize
13KB

MD5
f6a806095460e9bbc5c27b1519517be0

SHA1
36183953c52da9eb6ccdcfdd90afc3d1d28d9060

SHA256
3fca7bbce44b9044643ad135de60189b9c418378b7a008837d3530dad942606c

SHA512
caa487ca0103c606625e8fe979613daca2814628be8433a2ba40faa7fd184c4315f00ce16285393c60d01938fd32724f6695109a950fe9d8d416bd877093c060

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\p38rro19.default-release\cache2\entries\F8CBD54DDA10F4286A41EC6A537240712D6C2308

Filesize
9KB

MD5
56c92a0cba74310c7324a6b0bab3ac9e

SHA1
e389ef30eaadaa3a7712de614d8d653e3fa783c9

SHA256
9eaf1b6ec5214308b3ca512978182dfa0768cf07f957a368631082ac0df1d68e

SHA512
2358b6b13e2d099af9e72e7aad2ecd503c1a764e3b89cd28070266faa1595fcd9a684c719c70cc69c63bafbd8eeacd38358ecab8c670846d096bf09017582842

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\p38rro19.default-release\settings\main\ms-language-packs\browser\newtab\asrouter.ftl

Filesize
15KB

MD5
96c542dec016d9ec1ecc4dddfcbaac66

SHA1
6199f7648bb744efa58acf7b96fee85d938389e4

SHA256
7f32769d6bb4e875f58ceb9e2fbfdc9bd6b82397eca7a4c5230b0786e68f1798

SHA512
cda2f159c3565bc636e0523c893b293109de2717142871b1ec78f335c12bad96fc3f62bcf56a1a88abdeed2ac3f3e5e9a008b45e24d713e13c23103acc15e658

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon

Filesize
479KB

MD5
09372174e83dbbf696ee732fd2e875bb

SHA1
ba360186ba650a769f9303f48b7200fb5eaccee1

SHA256
c32efac42faf4b9878fb8917c5e71d89ff40de580c4f52f62e11c6cfab55167f

SHA512
b667086ed49579592d435df2b486fe30ba1b62ddd169f19e700cd079239747dd3e20058c285fa9c10a533e34f22b5198ed9b1f92ae560a3067f3e3feacc724f1

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

Filesize
13.8MB

MD5
0a8747a2ac9ac08ae9508f36c6d75692

SHA1
b287a96fd6cc12433adb42193dfe06111c38eaf0

SHA256
32d544baf2facc893057a1d97db33207e642f0dacf235d8500a0b5eff934ce03

SHA512
59521f8c61236641b3299ab460c58c8f5f26fa67e828de853c2cf372f9614d58b9f541aae325b1600ec4f3a47953caacb8122b0dfce7481acfec81045735947d

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p38rro19.default-release\AlternateServices.bin

Filesize
6KB

MD5
5b7ec8660289aa29e8430f4d9764af1a

SHA1
a4e93df834dd8be1927ccc8be4b068336e4e7cf3

SHA256
74b35e43c9f256b5922043137a6a95a16e429a41818dd29d39fc4e55e3cfe2f2

SHA512
affe49bd6285f89017f643cb51189e812877d82cce5ffedf362452ac7ef73ec47d4818a684896c0c3370c1a6adb7432f341199b0f7aa40b804f32771c245eade

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p38rro19.default-release\datareporting\glean\db\data.safe.tmp

Filesize
5KB

MD5
7adf42c14b629a9ff7037763823fd8fd

SHA1
35d98b1fd2c2d492af76de7e63a04a1e3e89f89d

SHA256
d6c456bf38e25dc6217a0dc8ad215cb3dcba821be6fdc6212d81a476c0244b87

SHA512
3993e9173fabe6966dade78df740a61d186ab296855464d19f61c469cf10eac514045e4469be3137891c9439de1e040fb7ebd115040aa0d8d80c335439cf8cb0

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p38rro19.default-release\datareporting\glean\db\data.safe.tmp

Filesize
13KB

MD5
285c0efafeded6479f0d208767c7ce10

SHA1
6ed4b7dd4b849a94368eb98b0d4863c05d10730e

SHA256
c316cce1e5e49587a6d243d59dd888557e4844a9b8ebbb2a634dbeeb8c55534c

SHA512
387e30831b4b3ebe7de4821f8ebf24654a3c4dfe9a7165e3cbe6fc750b812cf3d5939f2df8b89ecb162cc3cf7674917677c1c39f9f77831b3633b4480d18d167

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p38rro19.default-release\datareporting\glean\db\data.safe.tmp

Filesize
5KB

MD5
13f2609355d223b82af59e40f80be20d

SHA1
3237cd17cd17f1dc1e7febf49418a0e57269c5f1

SHA256
06df57d8e2477d26fbca6a49e41ff19df65611c251cf56a60ffec493e522cf97

SHA512
98149a330cc2186458d9a8e32c239a2ed564ee6388b40b79f73706b0a1a37476cd2af18b05f5aea9e41e566636bf35021139bff9ebbc0b77edf2dc1bf5e5cd98

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p38rro19.default-release\datareporting\glean\pending_pings\2832c2f6-bb29-4291-a168-3438f00d9182

Filesize
671B

MD5
50d5189588430d6cc4be38de38947026

SHA1
dd398e8fb8e856bb68066be995bda3ece44f61d2

SHA256
43671b976ca0a6070dbe56f927a9b04f61be01f3f864b0b97a4ac4966850ab45

SHA512
56cbec2a5cefe5e287a3eec68fafee652aaba587a5b8117a3d1d502a11789db3fcefb72b3e5e3458d8f4c878c83be8df5d0a1e10d0071a57fc65a2897e3e9e19

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p38rro19.default-release\datareporting\glean\pending_pings\6becc12d-2961-4169-ab8f-b6e9c0f1b4e2

Filesize
24KB

MD5
d52c904d154619071c996f53c66edab0

SHA1
d0245e52391f0e8772a3f664815aeda07c2e5faf

SHA256
b78ecea7d9451e1538ee8043b1b389f0c5bd931a33326ea0559ff47ba950362b

SHA512
3b139087af00fcf285b43e7fd644762e51e3a71ecbff681e6a2b05f3065d28e622a4930fa137673743b69d9325162710b3ffa97eb0c6d7e49306d1d46607e1dc

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p38rro19.default-release\datareporting\glean\pending_pings\db5f4bca-bae7-46ac-a92b-e7ec71a94c4a

Filesize
982B

MD5
3d069628577c2a11ca63e235f782ba76

SHA1
bfc6fab4485502421c11dfadc7c6b5ea9a84b376

SHA256
b4b355bd561a8188bbb9e4561f9aab4bcd1ec3b0938bf4452b54322a3d56ebab

SHA512
10990343a3aaa6cbb1be8c5d7f4510ddcaab528d6b8e8b386ab81b978670cf6363c2dd55d561cdf39c44c5b21ae31cfe44e13aa5ddf7311da532913cb260e148

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p38rro19.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.dll

Filesize
1.1MB

MD5
842039753bf41fa5e11b3a1383061a87

SHA1
3e8fe1d7b3ad866b06dca6c7ef1e3c50c406e153

SHA256
d88dd3bfc4a558bb943f3caa2e376da3942e48a7948763bf9a38f707c2cd0c1c

SHA512
d3320f7ac46327b7b974e74320c4d853e569061cb89ca849cd5d1706330aca629abeb4a16435c541900d839f46ff72dfde04128c450f3e1ee63c025470c19157

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p38rro19.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.info

Filesize
116B

MD5
2a461e9eb87fd1955cea740a3444ee7a

SHA1
b10755914c713f5a4677494dbe8a686ed458c3c5

SHA256
4107f76ba1d9424555f4e8ea0acef69357dfff89dfa5f0ec72aa4f2d489b17bc

SHA512
34f73f7bf69d7674907f190f257516e3956f825e35a2f03d58201a5a630310b45df393f2b39669f9369d1ac990505a4b6849a0d34e8c136e1402143b6cedf2d3

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p38rro19.default-release\gmp-widevinecdm\4.10.2710.0\manifest.json

Filesize
372B

MD5
bf957ad58b55f64219ab3f793e374316

SHA1
a11adc9d7f2c28e04d9b35e23b7616d0527118a1

SHA256
bbab6ca07edbed72a966835c7907b3e60c7aa3d48ddea847e5076bd05f4b1eda

SHA512
79c179b56e4893fb729b225818ab4b95a50b69666ac41d17aad0b37ab0ca8cd9f0848cbc3c5d9e69e4640a8b261d7ced592eae9bcb0e0b63c05a56e7c477f44e

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p38rro19.default-release\gmp-widevinecdm\4.10.2710.0\widevinecdm.dll

Filesize
17.8MB

MD5
daf7ef3acccab478aaa7d6dc1c60f865

SHA1
f8246162b97ce4a945feced27b6ea114366ff2ad

SHA256
bc40c7821dcd3fea9923c6912ab1183a942c11b7690cfd79ed148ded0228777e

SHA512
5840a45cfdb12c005e117608b1e5d946e1b2e76443ed39ba940d7f56de4babeab09bee7e64b903eb82bb37624c0a0ef19e9b59fbe2ce2f0e0b1c7a6015a63f75

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p38rro19.default-release\prefs-1.js

Filesize
10KB

MD5
ce5fbc418f13063d3b32c3d62532820e

SHA1
4d26c31399be7cf090093b45b5b4c81609c089dc

SHA256
d43dfedeb385c59785d568ff51fcf6969ea39211b4f20ee7424b6e0fcf6a4a57

SHA512
0700a97d51cc6a38b8b522cdcfa72a71e40044b6a9087dc61d3f74b2efad70863ea2beb359ba673c8d30568f6e07bda3e82c150a33fd206a173c1d7230b43073

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p38rro19.default-release\prefs-1.js

Filesize
12KB

MD5
8c4787356c3b76826a9f22ede9207ea5

SHA1
f0048cd910dd2975f8c350e55c8eaddcbcd9eea4

SHA256
d4900a42dad01f9745f476d2dc9998d9dd71a00f9b58455714309ce782920e73

SHA512
11a15235c478773119b4219fd97e530d1b7ad78f97b441df1f5e728224c4102499961df054e6589ec5006b23bd7fdda681beadc23fa5c32e5b7b84c18e9934cc

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p38rro19.default-release\prefs-1.js

Filesize
15KB

MD5
e7a7001b28812a8b460ad32ea2bd4e16

SHA1
ed83fb5624770a88e96ee079b638ff3d4cbb981f

SHA256
1fc36fb856c874a41ad094417dcf0930e1b0b84ac733b1b6802e8549476dfc5d

SHA512
60cae1bbaf87964afad2356450c641045a13b22bb8b0bd143d4c44ca137429375079bc187c9a66fa5416933ce2259e50b45b2a80632d47d87dd797c50df38fdf

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p38rro19.default-release\prefs.js

Filesize
10KB

MD5
67b24f55623d2ec7da8a841edd16b86d

SHA1
b79a9a10046a73fef49a07fa897e130ce0e07ca0

SHA256
4d7e380b18fe4bed8d9290f89b8aa69024840a6083ac20530345dd7eef2a163f

SHA512
4708f019606036ccfbf10da2a2cc21c188cacbe2939d86cd64d146de5369a842ac9d4a99eba2d02399b8043aa22b6149caf5e6bed543cc346d9220b937ca2624

Download Submit