Analysis Overview
SHA256
25edefb3b0678dfe0d927ff48ce67254359ba379df9468f634d02c026f0e7131
Threat Level: Known bad
The file HOW_TO_DECRYPT.txt was found to be: Known bad.
Malicious Activity Summary
Hive family
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
Suspicious use of FindShellTrayWindow
Modifies registry class
Suspicious use of WriteProcessMemory
Opens file in notepad (likely ransom note)
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Uses Task Scheduler COM API
Suspicious use of AdjustPrivilegeToken
Checks processor information in registry
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-12-12 18:30
Signatures
Hive family
Analysis: behavioral1
Detonation Overview
Submitted
2024-12-12 18:30
Reported
2024-12-12 18:33
Platform
win10v2004-20241007-en
Max time kernel
157s
Max time network
154s
Command Line
Signatures
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Opens file in notepad (likely ransom note)
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\NOTEPAD.EXE | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Processes
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\HOW_TO_DECRYPT.txt
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2016 -parentBuildID 20240401114208 -prefsHandle 1944 -prefMapHandle 1936 -prefsLen 23680 -prefMapSize 244658 -appDir "C:\Program Files\Mozilla Firefox\browser" - {eb55fa23-93e0-4497-9a5f-d54507d3b2c7} 1484 "\\.\pipe\gecko-crash-server-pipe.1484" gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2424 -parentBuildID 20240401114208 -prefsHandle 2412 -prefMapHandle 2408 -prefsLen 23716 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {1e6fb066-4630-4c5b-9d1d-3566ffcf442a} 1484 "\\.\pipe\gecko-crash-server-pipe.1484" socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3640 -childID 1 -isForBrowser -prefsHandle 3552 -prefMapHandle 3208 -prefsLen 23857 -prefMapSize 244658 -jsInitHandle 1264 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b77a8fea-10c4-4a7c-bfa5-4f447a8d8fb4} 1484 "\\.\pipe\gecko-crash-server-pipe.1484" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2940 -childID 2 -isForBrowser -prefsHandle 2988 -prefMapHandle 3052 -prefsLen 29090 -prefMapSize 244658 -jsInitHandle 1264 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a31d1ab8-2730-4565-9f5b-783b3a0beb24} 1484 "\\.\pipe\gecko-crash-server-pipe.1484" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4832 -parentBuildID 20240401114208 -sandboxingKind 0 -prefsHandle 4736 -prefMapHandle 4796 -prefsLen 29090 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b1ef697f-7b8f-4f25-892c-86923d872f7e} 1484 "\\.\pipe\gecko-crash-server-pipe.1484" utility
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5432 -childID 3 -isForBrowser -prefsHandle 5424 -prefMapHandle 5260 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 1264 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2a711cae-f268-4792-8a66-fb2bcdcef674} 1484 "\\.\pipe\gecko-crash-server-pipe.1484" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5576 -childID 4 -isForBrowser -prefsHandle 5656 -prefMapHandle 5652 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 1264 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {44f48fa0-6863-426c-8039-3b08d3e8d10d} 1484 "\\.\pipe\gecko-crash-server-pipe.1484" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5552 -childID 5 -isForBrowser -prefsHandle 5800 -prefMapHandle 5808 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 1264 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {218818ec-4fdc-469c-92bb-bcb5e379feaa} 1484 "\\.\pipe\gecko-crash-server-pipe.1484" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5280 -childID 6 -isForBrowser -prefsHandle 6112 -prefMapHandle 6108 -prefsLen 27211 -prefMapSize 244658 -jsInitHandle 1264 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c6d89af4-abe7-445b-ac5a-3c7fc120f228} 1484 "\\.\pipe\gecko-crash-server-pipe.1484" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3056 -childID 7 -isForBrowser -prefsHandle 1224 -prefMapHandle 852 -prefsLen 27211 -prefMapSize 244658 -jsInitHandle 1264 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7c55d5d5-2462-4868-9c0d-0aa43f18303f} 1484 "\\.\pipe\gecko-crash-server-pipe.1484" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5740 -childID 8 -isForBrowser -prefsHandle 5752 -prefMapHandle 5664 -prefsLen 27211 -prefMapSize 244658 -jsInitHandle 1264 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2e090259-7f65-454c-aeec-aeb27ff820fc} 1484 "\\.\pipe\gecko-crash-server-pipe.1484" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6340 -childID 9 -isForBrowser -prefsHandle 5744 -prefMapHandle 6128 -prefsLen 27998 -prefMapSize 244658 -jsInitHandle 1264 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {87ad0dde-98cb-4db5-9c9f-ea796175e466} 1484 "\\.\pipe\gecko-crash-server-pipe.1484" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6520 -childID 10 -isForBrowser -prefsHandle 6628 -prefMapHandle 6624 -prefsLen 27998 -prefMapSize 244658 -jsInitHandle 1264 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ab6b53e7-defb-4dc7-a3da-a928a7ccb4fc} 1484 "\\.\pipe\gecko-crash-server-pipe.1484" tab
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 13.86.106.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.211.185.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.219.191.52.in-addr.arpa | udp |
| N/A | 127.0.0.1:56271 | tcp | |
| US | 8.8.8.8:53 | spocs.getpocket.com | udp |
| US | 8.8.8.8:53 | firefox-api-proxy.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | prod.ads.prod.webservices.mozgcp.net | udp |
| US | 34.149.97.1:443 | firefox-api-proxy.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 34.149.97.1:443 | firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | firefox-settings-attachments.cdn.mozilla.net | udp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | 160.181.213.54.in-addr.arpa | udp |
| N/A | 127.0.0.1:56278 | tcp | |
| US | 8.8.8.8:53 | support.mozilla.org | udp |
| US | 8.8.8.8:53 | us-west1.prod.sumo.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | us-west1.prod.sumo.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| FR | 172.217.20.164:443 | www.google.com | tcp |
| FR | 172.217.20.164:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| FR | 172.217.20.164:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 164.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| IE | 52.142.124.215:80 | duckduckgo.com | tcp |
| IE | 52.142.124.215:80 | duckduckgo.com | tcp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| IE | 52.142.124.215:443 | duckduckgo.com | tcp |
| US | 8.8.8.8:53 | 215.124.142.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | improving.duckduckgo.com | udp |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
| US | 8.8.8.8:53 | location.services.mozilla.com | udp |
| US | 35.190.72.216:443 | location.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 35.190.72.216:443 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | ciscobinary.openh264.org | udp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| GB | 88.221.134.155:80 | a19.dscg10.akamai.net | tcp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| FR | 216.58.214.174:443 | redirector.gvt1.com | tcp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | 216.72.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 201.181.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.134.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.214.58.216.in-addr.arpa | udp |
| FR | 216.58.214.174:443 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | r4---sn-aigzrnsz.gvt1.com | udp |
| GB | 74.125.175.169:443 | r4---sn-aigzrnsz.gvt1.com | tcp |
| US | 8.8.8.8:53 | r4.sn-aigzrnsz.gvt1.com | udp |
| US | 8.8.8.8:53 | r4.sn-aigzrnsz.gvt1.com | udp |
| GB | 74.125.175.169:443 | r4.sn-aigzrnsz.gvt1.com | udp |
| US | 8.8.8.8:53 | 169.175.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.236.111.52.in-addr.arpa | udp |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
| US | 8.8.8.8:53 | links.duckduckgo.com | udp |
| IE | 20.223.54.233:443 | links.duckduckgo.com | tcp |
| IE | 20.223.54.233:443 | links.duckduckgo.com | tcp |
| US | 8.8.8.8:53 | links.duckduckgo.com | udp |
| US | 8.8.8.8:53 | links.duckduckgo.com | udp |
| US | 8.8.8.8:53 | 233.54.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | addons.mozilla.org | udp |
| US | 151.101.1.91:443 | addons.mozilla.org | tcp |
| US | 8.8.8.8:53 | addons.mozilla.org | udp |
| US | 8.8.8.8:53 | addons.mozilla.org | udp |
| US | 8.8.8.8:53 | 91.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | external-content.duckduckgo.com | udp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| US | 8.8.8.8:53 | external-content.duckduckgo.com | udp |
| US | 8.8.8.8:53 | external-content.duckduckgo.com | udp |
| US | 8.8.8.8:53 | 222.125.142.52.in-addr.arpa | udp |
| US | 95.100.195.167:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | e86303.dscx.akamaiedge.net | udp |
| US | 8.8.8.8:53 | e86303.dscx.akamaiedge.net | udp |
| US | 8.8.8.8:53 | 167.195.100.95.in-addr.arpa | udp |
| US | 95.100.195.167:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | www.opera.com | udp |
| DE | 52.57.209.243:443 | www.opera.com | tcp |
| US | 8.8.8.8:53 | front-geo.production.opera-website.route53.opera.com | udp |
| US | 8.8.8.8:53 | front-geo.production.opera-website.route53.opera.com | udp |
| US | 8.8.8.8:53 | cdn-production-opera-website.operacdn.com | udp |
| NL | 92.122.63.46:443 | cdn-production-opera-website.operacdn.com | tcp |
| NL | 92.122.63.46:443 | cdn-production-opera-website.operacdn.com | tcp |
| NL | 92.122.63.46:443 | cdn-production-opera-website.operacdn.com | tcp |
| NL | 92.122.63.46:443 | cdn-production-opera-website.operacdn.com | tcp |
| NL | 92.122.63.46:443 | cdn-production-opera-website.operacdn.com | tcp |
| NL | 92.122.63.46:443 | cdn-production-opera-website.operacdn.com | tcp |
| US | 8.8.8.8:53 | e11604.dscf.akamaiedge.net | udp |
| US | 8.8.8.8:53 | 243.209.57.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | e11604.dscf.akamaiedge.net | udp |
| NL | 92.122.63.46:443 | cdn-production-opera-website.operacdn.com | tcp |
| NL | 92.122.63.46:443 | cdn-production-opera-website.operacdn.com | tcp |
| NL | 92.122.63.46:443 | cdn-production-opera-website.operacdn.com | tcp |
| NL | 92.122.63.46:443 | cdn-production-opera-website.operacdn.com | tcp |
| NL | 92.122.63.46:443 | cdn-production-opera-website.operacdn.com | tcp |
| NL | 92.122.63.46:443 | cdn-production-opera-website.operacdn.com | tcp |
| NL | 92.122.63.46:443 | cdn-production-opera-website.operacdn.com | tcp |
| NL | 92.122.63.46:443 | cdn-production-opera-website.operacdn.com | tcp |
| NL | 92.122.63.46:443 | cdn-production-opera-website.operacdn.com | tcp |
| NL | 92.122.63.46:443 | cdn-production-opera-website.operacdn.com | tcp |
| NL | 92.122.63.46:443 | cdn-production-opera-website.operacdn.com | tcp |
| NL | 92.122.63.46:443 | cdn-production-opera-website.operacdn.com | tcp |
| NL | 92.122.63.46:443 | cdn-production-opera-website.operacdn.com | tcp |
| NL | 92.122.63.46:443 | cdn-production-opera-website.operacdn.com | tcp |
| NL | 92.122.63.46:443 | cdn-production-opera-website.operacdn.com | tcp |
| NL | 92.122.63.46:443 | cdn-production-opera-website.operacdn.com | tcp |
| NL | 92.122.63.46:443 | cdn-production-opera-website.operacdn.com | tcp |
| NL | 92.122.63.46:443 | cdn-production-opera-website.operacdn.com | tcp |
| NL | 92.122.63.46:443 | cdn-production-opera-website.operacdn.com | tcp |
| NL | 92.122.63.46:443 | cdn-production-opera-website.operacdn.com | tcp |
| US | 8.8.8.8:53 | 46.63.122.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.torproject.org | udp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 8.8.8.8:53 | www.torproject.org | udp |
| US | 8.8.8.8:53 | www.torproject.org | udp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 8.8.8.8:53 | 144.99.8.204.in-addr.arpa | udp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 204.8.99.144:443 | www.torproject.org | tcp |
| US | 8.8.8.8:53 | services.addons.mozilla.org | udp |
| US | 151.101.193.91:443 | services.addons.mozilla.org | tcp |
| US | 8.8.8.8:53 | services.addons.mozilla.org | udp |
| US | 8.8.8.8:53 | services.addons.mozilla.org | udp |
| US | 151.101.193.91:443 | services.addons.mozilla.org | tcp |
| US | 8.8.8.8:53 | addons.mozilla.org | udp |
| US | 151.101.65.91:443 | addons.mozilla.org | tcp |
| US | 151.101.65.91:443 | addons.mozilla.org | tcp |
| US | 151.101.65.91:443 | addons.mozilla.org | tcp |
| US | 151.101.65.91:443 | addons.mozilla.org | tcp |
| US | 151.101.65.91:443 | addons.mozilla.org | tcp |
| US | 151.101.65.91:443 | addons.mozilla.org | tcp |
| US | 8.8.8.8:53 | addons.mozilla.org | udp |
| US | 8.8.8.8:53 | 91.193.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.65.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.mozilla.org | udp |
| US | 8.8.8.8:53 | www-mozilla.fastly-edge.com | udp |
| US | 8.8.8.8:53 | www-mozilla.fastly-edge.com | udp |
Files
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\datareporting\glean\pending_pings\5e2984d1-037d-41fd-95ff-02520005730a
| MD5 | a3bf26ea370df8826c0e41fa9085a3f0 |
| SHA1 | 653c6cd222a02f8fb07ebbe5ba8ec5df38ab2d0d |
| SHA256 | 13b4bcdbd5ba6919d1c211fe2af4874daac0ae1fe3a832539e7962ce0007af9a |
| SHA512 | 5b0ec7687de6f38d4a37fd18ac7e6660340faed700e6c9d6858d1bf90c2b8d6299a1e4879dd70cebf86cd56e5d408586c3e0129a82cab61edd4f19b2ed57e3cd |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\datareporting\glean\pending_pings\721a3e22-84ab-4444-bee5-25c59e8b7b5a
| MD5 | af0f52bb9530d22f357637c8c286c39e |
| SHA1 | e52ab257307e673139bd59d993d8a1fc455ab92b |
| SHA256 | 0e602ea8e6dfd0d2e2a7a815e3e0c8ce10d91fb1a00c3bf44519b339a548a0e0 |
| SHA512 | 5684c9a4a7138bcda0a931a14f1187a18ccc3dbf947f4dc596648ed31dacfb0e10e4587e7071abba99a299df9b2daac838c4073d2eac5a9b41a3e3508206e24b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\datareporting\glean\pending_pings\0c5a0e58-73f8-43a0-a6f8-042c6d381c27
| MD5 | 19e370db16286682e8674c291b1ee07b |
| SHA1 | a2d65d7f2d0d1c80c35280f19fdefc04c45a5fe7 |
| SHA256 | 019c35f72257477b30584f236a0f27055d92a7f640ec5cfa313736430c2a47f7 |
| SHA512 | 2b1bab71d474db39ea6671d95d53c84026b4b7fc58f2e3933ae8b41fec75954284f1fd3e821acf86df703a87631cdda05fc216070a256a8787c6414a6a0263a8 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | 7cf2a57460b201aa9c4758f37b572f9f |
| SHA1 | 8152035055254f1bb7f7a0ea539d7ace1f9047b1 |
| SHA256 | 1ca7f2b5c72bbe1c4f94b5df5022cd08129225b658b890400b872d25848f8921 |
| SHA512 | 771dde9231209742d72405cfba9b8f0911329d38f2885ef81939764ccfb6264409e827783b728e20a296121fd248ca5b8f8b59dd21b50745e23e3b8c699acea1 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6ir3v68x.default-release\activity-stream.discovery_stream.json
| MD5 | 5a700498578fb35c8e368f52de79a632 |
| SHA1 | 6db41547b60c85cbd830cc95b71cba1e3f74d085 |
| SHA256 | 0bb504d2a9b082e78e4cf115d182276b60445c38672b7a72ce1ec7a14d1f0015 |
| SHA512 | 6372886527f96a1e1bf499caf624ed7873bfe0ccb1cadc70c3d54a34e1201c2c4341ad6ef714f310587f8feabc39357362cfaf53e1602f961b02962348906ab2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\AlternateServices.bin
| MD5 | d9fd7c2df74e4f1627fc0df80f35babf |
| SHA1 | be19a2f72c42bb1d1f62a3d7881aa0b47be45883 |
| SHA256 | 61deb53e3d5518dd540a94c51c0e5b4fb03a8830d353d1873cc95d40948e2ce0 |
| SHA512 | 73119ae4e8bb7b6e4b9d07f63d5cf18974b117bcb2eb25f6f1f23a74b7142567006aaf32d84ffa35a339e2d29747fb6d3bd165462d28f2e2755e20b2d045c725 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6ir3v68x.default-release\settings\main\ms-language-packs\browser\newtab\asrouter.ftl
| MD5 | 96c542dec016d9ec1ecc4dddfcbaac66 |
| SHA1 | 6199f7648bb744efa58acf7b96fee85d938389e4 |
| SHA256 | 7f32769d6bb4e875f58ceb9e2fbfdc9bd6b82397eca7a4c5230b0786e68f1798 |
| SHA512 | cda2f159c3565bc636e0523c893b293109de2717142871b1ec78f335c12bad96fc3f62bcf56a1a88abdeed2ac3f3e5e9a008b45e24d713e13c23103acc15e658 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\prefs.js
| MD5 | a3a431705409e45d5bf2c5ac38b7f99b |
| SHA1 | c117dd5dd59571f1a38ca476a03d3e9045fd7002 |
| SHA256 | 3e87262d23f409cd7c11fd1ce378122836097b18c53cb6d69599f90eaa6b964e |
| SHA512 | d5accec3581a9702bfeec85344fa8fc32681fd618c5fd3967e20f84ac9be5c65fcfa1e7888e91f721ca6b14af795d01e7ea32261987d3e7fca11db72b88f6950 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\prefs-1.js
| MD5 | 5d8169ab374fbe9935ae458cb92f4410 |
| SHA1 | 1074e5096f3f75de86b2222c93c531676c607134 |
| SHA256 | 4cb5bfeb17086740c8ebf5cd81731e76d9fea468bc1f8d17e477110e20447a14 |
| SHA512 | 0c389a79007bd9e476256474d35ba176f3c6a383f3871b87f1cb6a8c1f15716c905ac32d2bdf56736e7e801475adb3ace5436a52ccdf6da514102afe34b85dee |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | a5da7c0cbf97863e683f1483166afc61 |
| SHA1 | eafabfedc2070bc4c44974b97a0bc6ea77160733 |
| SHA256 | 96243f489ad349f7a127dedba82f9fd8d08e3c83a5749587cca61a90098c423e |
| SHA512 | a01c25e252f2207274e1b4370e7ed9c0d6b567894befdc65237287448a2469447c8abb3ca25d0bb2ec6d39f0ef79fcfab70cce7341ee6433de49b0461390b139 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\sessionstore-backups\recovery.baklz4
| MD5 | c1096e0979d5c96eaf8ec0565ad08649 |
| SHA1 | e6ad0dfcc9ad57584749aab917cc596e0e6a3693 |
| SHA256 | 07f4814c5f72d7a76f56eafdb52d874d9176e3cb2ef116f8a96dfbff2b16106d |
| SHA512 | 72467c3e28fd6c9ebd3f36b266dc80fa610640a46a72efedb950df7fce1a06f019fce1b3b6135e3bbc75798bd55cc50e865686f90a773612c59f58816d545145 |
C:\Users\Admin\AppData\Local\Temp\tmpaddon
| MD5 | 09372174e83dbbf696ee732fd2e875bb |
| SHA1 | ba360186ba650a769f9303f48b7200fb5eaccee1 |
| SHA256 | c32efac42faf4b9878fb8917c5e71d89ff40de580c4f52f62e11c6cfab55167f |
| SHA512 | b667086ed49579592d435df2b486fe30ba1b62ddd169f19e700cd079239747dd3e20058c285fa9c10a533e34f22b5198ed9b1f92ae560a3067f3e3feacc724f1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.info
| MD5 | 2a461e9eb87fd1955cea740a3444ee7a |
| SHA1 | b10755914c713f5a4677494dbe8a686ed458c3c5 |
| SHA256 | 4107f76ba1d9424555f4e8ea0acef69357dfff89dfa5f0ec72aa4f2d489b17bc |
| SHA512 | 34f73f7bf69d7674907f190f257516e3956f825e35a2f03d58201a5a630310b45df393f2b39669f9369d1ac990505a4b6849a0d34e8c136e1402143b6cedf2d3 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.dll
| MD5 | 842039753bf41fa5e11b3a1383061a87 |
| SHA1 | 3e8fe1d7b3ad866b06dca6c7ef1e3c50c406e153 |
| SHA256 | d88dd3bfc4a558bb943f3caa2e376da3942e48a7948763bf9a38f707c2cd0c1c |
| SHA512 | d3320f7ac46327b7b974e74320c4d853e569061cb89ca849cd5d1706330aca629abeb4a16435c541900d839f46ff72dfde04128c450f3e1ee63c025470c19157 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\prefs-1.js
| MD5 | 83a307ad4074232c2ff6f47072040d8f |
| SHA1 | e7ab8b70422e3b732750eccbc89d0ac24df5c7cd |
| SHA256 | c39d7ea22a04b49fd2eb8449edb3574e9add83d430f827ea2159bfc03f9d5a8a |
| SHA512 | cfe116d4802d500b1cf7fd3918693bcd1d5fbd7a63e563ff762391345d63a35ee4a42bc0ff6ffb54423d9623c21ab87fb1f99df8d783536dd66d1c6608f290d0 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\AlternateServices.bin
| MD5 | ca802ab8afc3cfbecb4c08e28882dfa9 |
| SHA1 | edf65840ef63dbb5564ba6e678dae4c796532836 |
| SHA256 | 3e86e2753a1adb67b8977b2fd839b2de47e272561fec3aec4421285671592525 |
| SHA512 | b00735bbbac6c0d9348483bf750c769ed76d07636edd7438c5f610f8ca30c6aaccf81e3ef55e4a0acaf7e4f5ad7b7bf3efe91e164dc82da633179a921818400e |
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1
| MD5 | 0a8747a2ac9ac08ae9508f36c6d75692 |
| SHA1 | b287a96fd6cc12433adb42193dfe06111c38eaf0 |
| SHA256 | 32d544baf2facc893057a1d97db33207e642f0dacf235d8500a0b5eff934ce03 |
| SHA512 | 59521f8c61236641b3299ab460c58c8f5f26fa67e828de853c2cf372f9614d58b9f541aae325b1600ec4f3a47953caacb8122b0dfce7481acfec81045735947d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\gmp-widevinecdm\4.10.2710.0\manifest.json
| MD5 | bf957ad58b55f64219ab3f793e374316 |
| SHA1 | a11adc9d7f2c28e04d9b35e23b7616d0527118a1 |
| SHA256 | bbab6ca07edbed72a966835c7907b3e60c7aa3d48ddea847e5076bd05f4b1eda |
| SHA512 | 79c179b56e4893fb729b225818ab4b95a50b69666ac41d17aad0b37ab0ca8cd9f0848cbc3c5d9e69e4640a8b261d7ced592eae9bcb0e0b63c05a56e7c477f44e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\gmp-widevinecdm\4.10.2710.0\widevinecdm.dll
| MD5 | daf7ef3acccab478aaa7d6dc1c60f865 |
| SHA1 | f8246162b97ce4a945feced27b6ea114366ff2ad |
| SHA256 | bc40c7821dcd3fea9923c6912ab1183a942c11b7690cfd79ed148ded0228777e |
| SHA512 | 5840a45cfdb12c005e117608b1e5d946e1b2e76443ed39ba940d7f56de4babeab09bee7e64b903eb82bb37624c0a0ef19e9b59fbe2ce2f0e0b1c7a6015a63f75 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 0a74525be3d560ed34c3f83bae2c9cc5 |
| SHA1 | e61b1c9b5f86a33c91cef52ea445dc7c6b56e593 |
| SHA256 | 0b99b7dffbd6fd165787bb5a211f0edd8f2aa34af53a40cf76b37babb5d30fe8 |
| SHA512 | c6c33a2c25b711bdd4686ebda404ebe0aa73c0d598a438ac505cc28f51eba8ad05955c35a2e30e76ae6f3c6d0f3b2f5c8b374b045f9e031581c575822402104e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 9d27617d2b159018659863adc2b276ef |
| SHA1 | c79b385c13ac532de0f26da9f159daacf6b4cc47 |
| SHA256 | 42057f5fd9d8d77b8a6e9ada332be96b2cc80f263b1ea0aa8ab9c2b6f1921e7a |
| SHA512 | ef2624180f9d3b27e1eaec86baf17cca480b1582963e6c560b39e9eb2ac8afd4454b9cdba04557cac8b5c98aa2f6e205c44f8dd3d31a30b7a316a3f2b40418ee |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6ir3v68x.default-release\cache2\entries\1D2E8C9DB8518B4204F31A1B1255F76C5CCBBA79
| MD5 | 94a0d3d8421dc26476ecfd762cc742b8 |
| SHA1 | a5fd1528b3ab75359f0c665007afc9f1bdd48579 |
| SHA256 | 36eabcf6974094d7d0bbec8e218a86355d14996bd5c37138ab53ac194f5653c1 |
| SHA512 | 5865d22656253a590f94133bbddd4b11c7edeb3f424e82889062715550d18743ad6faa15774b96a3516e4891f513079832028a9100ce75fcfc8ca09f9b5860c7 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 0015c90cec22408b55b65f80b669890c |
| SHA1 | 3d7a334b062e780fc5755c42664af32fa0223595 |
| SHA256 | 1b55a5b0508ba2cf0b44e535e23a7a49709f036af3eb26ea1a622c343f3a9137 |
| SHA512 | 4b26618cf7af441ee914e8f278a51c66131114050514e6b85136ee179445c970db13e9135c9a26625939f44cba887738384be8377c213b0f18281d1a46b04d27 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6ir3v68x.default-release\cache2\entries\7B9333A62D64FB7150C744B39D020424A4016AA5
| MD5 | bd18a249af94fe560ed6112e61f38fe6 |
| SHA1 | 53dc9609d8d3b5297f26c3542c76c0fe104f3412 |
| SHA256 | 56d45bf0f99a31c0afbfa17cf487ce7612978bba55a678a137399eca386c8ec5 |
| SHA512 | a951cfce88e6766b070216dd61e2fe736674279a683a36ffb0ef11cdd85d46700562e7f0db412d5ba5dcd1abda5b86a5b477526813232c1c340cbf4b49d72f3c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6ir3v68x.default-release\cache2\entries\3AE44262AE4B0B5701C6E616D2AFA46B23BFB1D5
| MD5 | f0c68d6f7b84a8563fe3277b7a3b7de7 |
| SHA1 | 4ab8333a44b9d7456257c9783c82c520e077d436 |
| SHA256 | b93e06ead0e288a3a622ccf58dd9c5fed8830c46dff51daef5ec849eab2d9a2b |
| SHA512 | 4405ffc309942c128c9e8e267d00f2cbe29d39d3bfa42af2fcc773b6f513ef18d2f619243bdbefd2fdb2dd30a9910061cd9f9479db88676f880b13762aa639aa |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6ir3v68x.default-release\cache2\entries\C5F0B0FC11AF926EE75C59036E6D39E67DA100B8
| MD5 | fab5129b7ad0d386bb97c2bd564f06f6 |
| SHA1 | 266c00acbb19a4c7842345afdd94e32fe58884b5 |
| SHA256 | ef5ef08a5a4ede45ce353ea4470bd5c082a20bd2ac28eea263e6c41d96b6778e |
| SHA512 | d12680f7b6da9188e49a873a81f5da13261f7d93c5c45d9388b26fce7c1da7238b94c9d94ad7c1e5717cdacb7cd89b6c11fcba56d4d51978132aa46348a5cd24 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6ir3v68x.default-release\cache2\entries\8792BEC4E332D3DA45F81D1539C1F565C98649BC
| MD5 | a83e5419eb16694d9cfbbb09f436b8c5 |
| SHA1 | 36a850b170e7b87d582b4a83cc90ff81fb5a5aaa |
| SHA256 | bc25b52866f4c340e1f1aefe32e6f8229f911ef0c895db19b7eedf6c7aca42b3 |
| SHA512 | 9b49f2990ade1424b4a9691acbbdb1672456a64717bea84470bea1e51ffa46d3478ecbfef3a684eebd22ed718e517078c94dbe1ef709d9f0316032b42422e14c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6ir3v68x.default-release\cache2\entries\52AAC426094E73B9E38EFFA77614941F1BB93757
| MD5 | c876ba4d0094a700a9a16775b99b6292 |
| SHA1 | 977c83f3df4ba5696c62e9ec79250ac39d8af93f |
| SHA256 | 66b9e45ebee492303579e935288ef0da8e43e66cbdc11e47ab81747e187f2d67 |
| SHA512 | ccded25c3b57652f40b4f7b7c5c63d7c1e3df3609a338148094428707d1ad7d307ac7ad6db817df2112dd57785d477478cab68aa1b107381a13d75b5a65a9ed8 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6ir3v68x.default-release\cache2\entries\15871A5728864D28799181BEEAC2E83675385338
| MD5 | b2daafae651ad6a182c2701ae512be8a |
| SHA1 | e87593411833f18a6938692199c154dae00d98ec |
| SHA256 | b19cd91ca99c5302188e1e10255a655dc28e8f760707cce2606e3ca558054184 |
| SHA512 | 262ca85a59e6b9f8886f01fbea1685318e6b662391a62f248bd620036b79dc8dcccdfa2c17c21b03ff940af75f87857e771955151bbefea03b0c6222421ad935 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 92f4dd05ae3c323185799018d7ce2abe |
| SHA1 | 8c26be26b7191a69e137463974391cfaa349f31c |
| SHA256 | bf05663a90052c7741cdf9c3f037007a91a0757da429f3b581ab9a35d9775f19 |
| SHA512 | eab537be60b18ca5ab950673b485d391992e90ba8b75985405bac53d589a02656cfb0d6842a9123b487b83366da2a35380f13eb2da0af28dc8f38fc5096490d6 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | f9ae95d65bcdd5f1d4fe1d8014755935 |
| SHA1 | 61a60d30538d90df1ea664f7430f57611190df60 |
| SHA256 | f3d80c1f2e309c7954498fe430dcec31adac791df287a10882735927a2f5e309 |
| SHA512 | 51aa56c1da04f2d8f766741e245235ff0e764756167bba19163f5d552e109d4ff4347de8a212b5bd0dd46efd651c92c89bb8d2e3d5c2ee3668af24601c854456 |