Analysis

  • max time kernel
    1577s
  • max time network
    1584s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    13-12-2024 22:18

General

  • Target

    The-MALWARE-Repo-master/Trojan/Mist/MistInfected_newest.exe

  • Size

    22KB

  • MD5

    1e527b9018e98351782da198e9b030dc

  • SHA1

    647122775c704548a460d6d4a2e2ff0f2390a506

  • SHA256

    5f7471c215b433f1b28dd4b328b99362099b6df7cb9e5c1d86a756388e0c7aeb

  • SHA512

    4a11c811f30016218075d43a9f983fa7a484a06f22d625b1bd2d92b4cfabbfb142945ca0a9ca1cf91391a3e73c154f6121140d2f1d42aa35ad7f10817534a21b

  • SSDEEP

    384:qosO55gUoO4D+DFBCd6GyhETw62O0OnYPL3p+:XsOkUoO4Dsbc22

Score
8/10

Malware Config

Signatures

  • Drops file in Drivers directory 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

  • System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Checks processor information in registry 2 TTPs 15 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Modifies registry class 2 IoCs
  • Suspicious behavior: LoadsDriver 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 4 IoCs
  • Suspicious use of FindShellTrayWindow 8 IoCs
  • Suspicious use of SendNotifyMessage 6 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs
  • Uses Task Scheduler COM API 1 TTPs

    The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.

Processes

  • C:\Users\Admin\AppData\Local\Temp\The-MALWARE-Repo-master\Trojan\Mist\MistInfected_newest.exe
    "C:\Users\Admin\AppData\Local\Temp\The-MALWARE-Repo-master\Trojan\Mist\MistInfected_newest.exe"
    1⤵
    • Drops file in Drivers directory
    • Loads dropped DLL
    • System Location Discovery: System Language Discovery
    • Suspicious use of WriteProcessMemory
    PID:2488
    • C:\Users\Admin\AppData\Local\Temp\MistInfected_newest.exe
      "C:\Users\Admin\AppData\Local\Temp\MistInfected_newest.exe"C:\Users\Admin\AppData\Local\Temp\The-MALWARE-Repo-master\Trojan\Mist\MistInfected_newest.exe
      2⤵
      • Executes dropped EXE
      • System Location Discovery: System Language Discovery
      PID:2504
  • C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2124
    • C:\Program Files\Mozilla Firefox\firefox.exe
      "C:\Program Files\Mozilla Firefox\firefox.exe"
      2⤵
      • Checks processor information in registry
      • Modifies registry class
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SendNotifyMessage
      • Suspicious use of WriteProcessMemory
      PID:2180
      • C:\Program Files\Mozilla Firefox\firefox.exe
        "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2180.0.1682982974\1687954010" -parentBuildID 20221007134813 -prefsHandle 1272 -prefMapHandle 1104 -prefsLen 20847 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b548e93a-35ba-4173-86f7-ad9c75e2d3d5} 2180 "\\.\pipe\gecko-crash-server-pipe.2180" 1344 105b9d58 gpu
        3⤵
          PID:1580
        • C:\Program Files\Mozilla Firefox\firefox.exe
          "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2180.1.1066873605\227155198" -parentBuildID 20221007134813 -prefsHandle 1520 -prefMapHandle 1516 -prefsLen 20928 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {146e4328-b9b5-483b-ac09-d42813b26a9c} 2180 "\\.\pipe\gecko-crash-server-pipe.2180" 1532 f02fb58 socket
          3⤵
          • Checks processor information in registry
          PID:860
        • C:\Program Files\Mozilla Firefox\firefox.exe
          "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2180.2.1482852401\1210924897" -childID 1 -isForBrowser -prefsHandle 1912 -prefMapHandle 1908 -prefsLen 20966 -prefMapSize 233444 -jsInitHandle 596 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {55601f4f-4706-4904-8594-be11387a57c9} 2180 "\\.\pipe\gecko-crash-server-pipe.2180" 1924 10565958 tab
          3⤵
            PID:1184
          • C:\Program Files\Mozilla Firefox\firefox.exe
            "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2180.3.528687137\189300546" -childID 2 -isForBrowser -prefsHandle 2584 -prefMapHandle 2576 -prefsLen 26216 -prefMapSize 233444 -jsInitHandle 596 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d51611cf-ea8d-4377-8084-be36a1cdaa4f} 2180 "\\.\pipe\gecko-crash-server-pipe.2180" 2596 1bc94258 tab
            3⤵
              PID:2204
            • C:\Program Files\Mozilla Firefox\firefox.exe
              "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2180.4.1825270448\508604396" -childID 3 -isForBrowser -prefsHandle 2900 -prefMapHandle 2896 -prefsLen 26216 -prefMapSize 233444 -jsInitHandle 596 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {06078249-4589-4b37-bc01-d82fea496329} 2180 "\\.\pipe\gecko-crash-server-pipe.2180" 2916 e5b258 tab
              3⤵
                PID:1600
              • C:\Program Files\Mozilla Firefox\firefox.exe
                "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2180.5.1302888061\206115141" -childID 4 -isForBrowser -prefsHandle 3840 -prefMapHandle 3836 -prefsLen 26275 -prefMapSize 233444 -jsInitHandle 596 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {0d21a377-cfd1-4e6c-9c74-b441a5facf25} 2180 "\\.\pipe\gecko-crash-server-pipe.2180" 3852 1f0e3558 tab
                3⤵
                  PID:1764
                • C:\Program Files\Mozilla Firefox\firefox.exe
                  "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2180.6.485213003\518012782" -childID 5 -isForBrowser -prefsHandle 3956 -prefMapHandle 3960 -prefsLen 26275 -prefMapSize 233444 -jsInitHandle 596 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {ae3b14e9-3c5c-4acf-9de0-c911283223b7} 2180 "\\.\pipe\gecko-crash-server-pipe.2180" 3944 1f0e4d58 tab
                  3⤵
                    PID:2020
                  • C:\Program Files\Mozilla Firefox\firefox.exe
                    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2180.7.807113296\1130263822" -childID 6 -isForBrowser -prefsHandle 4136 -prefMapHandle 4140 -prefsLen 26275 -prefMapSize 233444 -jsInitHandle 596 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {45bc13b8-9667-4696-8d48-45502bbc0be3} 2180 "\\.\pipe\gecko-crash-server-pipe.2180" 4124 1f0e3e58 tab
                    3⤵
                      PID:2624
                    • C:\Program Files\Mozilla Firefox\firefox.exe
                      "C:\Program Files\Mozilla Firefox\firefox.exe"
                      3⤵
                        PID:2900
                        • C:\Program Files\Mozilla Firefox\firefox.exe
                          "C:\Program Files\Mozilla Firefox\firefox.exe"
                          4⤵
                          • Checks processor information in registry
                          • Modifies registry class
                          • Suspicious use of AdjustPrivilegeToken
                          • Suspicious use of FindShellTrayWindow
                          • Suspicious use of SendNotifyMessage
                          PID:960
                          • C:\Program Files\Mozilla Firefox\firefox.exe
                            "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="960.0.1011020613\1106958574" -parentBuildID 20221007134813 -prefsHandle 1104 -prefMapHandle 1100 -prefsLen 17556 -prefMapSize 230321 -appDir "C:\Program Files\Mozilla Firefox\browser" - {3af72cce-63a2-4c44-84bd-9cece1f0325b} 960 "\\.\pipe\gecko-crash-server-pipe.960" 1168 41eda58 gpu
                            5⤵
                              PID:3032
                            • C:\Program Files\Mozilla Firefox\firefox.exe
                              "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="960.1.285965877\1266772836" -parentBuildID 20221007134813 -prefsHandle 1300 -prefMapHandle 1296 -prefsLen 17601 -prefMapSize 230321 -appDir "C:\Program Files\Mozilla Firefox\browser" - {dc8e9e57-cd0a-4c9a-b96d-b0f07ae8a8bc} 960 "\\.\pipe\gecko-crash-server-pipe.960" 1312 10772a58 socket
                              5⤵
                                PID:952
                              • C:\Program Files\Mozilla Firefox\firefox.exe
                                "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="960.2.1379830287\363369474" -childID 1 -isForBrowser -prefsHandle 2352 -prefMapHandle 2280 -prefsLen 23652 -prefMapSize 230321 -jsInitHandle 656 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {de22b9cc-8324-4358-b2da-bb4c973ee587} 960 "\\.\pipe\gecko-crash-server-pipe.960" 2276 172f0358 tab
                                5⤵
                                  PID:2032
                                • C:\Program Files\Mozilla Firefox\firefox.exe
                                  "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="960.3.1234490301\734564699" -childID 2 -isForBrowser -prefsHandle 2636 -prefMapHandle 2552 -prefsLen 23807 -prefMapSize 230321 -jsInitHandle 656 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b667866a-dcde-46d3-8925-ae21ae9678b1} 960 "\\.\pipe\gecko-crash-server-pipe.960" 2660 d6b558 tab
                                  5⤵
                                    PID:812
                                  • C:\Program Files\Mozilla Firefox\firefox.exe
                                    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="960.4.2055863195\1369297967" -childID 3 -isForBrowser -prefsHandle 2956 -prefMapHandle 2960 -prefsLen 24889 -prefMapSize 230321 -jsInitHandle 656 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {849f59f9-5ace-45aa-a7fc-21f1a0393761} 960 "\\.\pipe\gecko-crash-server-pipe.960" 2944 1d79b658 tab
                                    5⤵
                                      PID:1992
                                    • C:\Program Files\Mozilla Firefox\firefox.exe
                                      "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="960.5.158332803\642467744" -parentBuildID 20221007134813 -prefsHandle 2716 -prefMapHandle 2720 -prefsLen 26036 -prefMapSize 230321 -appDir "C:\Program Files\Mozilla Firefox\browser" - {6d579402-4dec-43b4-9bf0-d6926f087ab6} 960 "\\.\pipe\gecko-crash-server-pipe.960" 3000 1fc2ef58 rdd
                                      5⤵
                                        PID:2468
                                      • C:\Program Files\Mozilla Firefox\firefox.exe
                                        "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="960.6.164749374\1073442074" -childID 4 -isForBrowser -prefsHandle 3776 -prefMapHandle 3768 -prefsLen 31523 -prefMapSize 230321 -jsInitHandle 656 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {fbb1f93b-b192-491f-99f9-9f68180a1d42} 960 "\\.\pipe\gecko-crash-server-pipe.960" 3788 1f577d58 tab
                                        5⤵
                                          PID:1540
                                        • C:\Program Files\Mozilla Firefox\firefox.exe
                                          "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="960.7.182287322\717448187" -childID 5 -isForBrowser -prefsHandle 3928 -prefMapHandle 3916 -prefsLen 31699 -prefMapSize 230321 -jsInitHandle 656 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {2537261f-5912-47c4-85f0-398396b13e5f} 960 "\\.\pipe\gecko-crash-server-pipe.960" 3900 203c9758 tab
                                          5⤵
                                            PID:888
                                          • C:\Program Files\Mozilla Firefox\firefox.exe
                                            "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="960.8.640125870\1212345033" -childID 6 -isForBrowser -prefsHandle 4064 -prefMapHandle 4032 -prefsLen 31743 -prefMapSize 230321 -jsInitHandle 656 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {83c7a856-65b7-47b8-8ab8-e9b37383acdb} 960 "\\.\pipe\gecko-crash-server-pipe.960" 3632 10771558 tab
                                            5⤵
                                              PID:2984
                                            • C:\Program Files\Mozilla Firefox\firefox.exe
                                              "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="960.9.736575353\360262293" -childID 7 -isForBrowser -prefsHandle 2016 -prefMapHandle 2344 -prefsLen 31974 -prefMapSize 230321 -jsInitHandle 656 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {94c267e4-491a-4939-96ab-5ba83272f01f} 960 "\\.\pipe\gecko-crash-server-pipe.960" 2452 202ddd58 tab
                                              5⤵
                                                PID:792
                                              • C:\Program Files\Mozilla Firefox\firefox.exe
                                                "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="960.10.224209168\2067938297" -childID 8 -isForBrowser -prefsHandle 4356 -prefMapHandle 2344 -prefsLen 32325 -prefMapSize 230321 -jsInitHandle 656 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {0aa52d83-07f7-4de5-9ae4-4346da2dcb99} 960 "\\.\pipe\gecko-crash-server-pipe.960" 2016 218fae58 tab
                                                5⤵
                                                  PID:2296

                                        Network

                                        MITRE ATT&CK Enterprise v15

                                        Replay Monitor

                                        Loading Replay Monitor...

                                        Downloads

                                        • C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\update-config.json

                                          Filesize

                                          102B

                                          MD5

                                          7d1d7e1db5d8d862de24415d9ec9aca4

                                          SHA1

                                          f4cdc5511c299005e775dc602e611b9c67a97c78

                                          SHA256

                                          ffad3b0fb11fc38ea243bf3f73e27a6034860709b39bf251ef3eca53d4c3afda

                                          SHA512

                                          1688c6725a3607c7b80dfcd6a8bea787f31c21e3368b31cb84635b727675f426b969899a378bd960bd3f27866023163b5460e7c681ae1fcb62f7829b03456477

                                        • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\1009pdhg.default-release\activity-stream.discovery_stream.json.tmp

                                          Filesize

                                          23KB

                                          MD5

                                          0ad3b3c3cb810e2e031e0a06a5efc4ea

                                          SHA1

                                          26a34133cfd392dc2964e3d8b25fb06a4ec6bf12

                                          SHA256

                                          27d4754412b0b6bf15469bd36db0b8aebdbb81bb7b039cfce23551b0be949ded

                                          SHA512

                                          99a25f4200c33b6623c41431fb2ae5a6755a837a675cb4ad613e7249953c44b3e40c8bb4d5f21b290e24c60ec307833a526ef66a559419172883c23b4dfd0607

                                        • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\1009pdhg.default-release\cache2\entries\099EB2BF8827A4F91EAB3E38B14650D0205226F2

                                          Filesize

                                          16KB

                                          MD5

                                          74a25b18b52f8a461803bf068e233d89

                                          SHA1

                                          87a61aa16b5abb3862aa96bfc93a1ff8ce20798c

                                          SHA256

                                          6688303374bfcf8c95010c5830c7af1ac36e9afa986a8435d5bbf16556f070a8

                                          SHA512

                                          0cb5be5a67973adb29efaeec27268916e5bc8cec84ba9583e505bb58654c6917625a9d3d94165a1748db5c72ad301ee7156d6e983dbbd136450038268a37900a

                                        • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\1009pdhg.default-release\cache2\entries\253AFB87441BC09DB65F7A4B53C8948852C0243A

                                          Filesize

                                          9KB

                                          MD5

                                          40519edc0ffb1c03bae76dc834315228

                                          SHA1

                                          de59b0a9d781a44146f1e4f9857bd7cbbf358901

                                          SHA256

                                          f308a4a6b2725422330620dc504e64e6bc96450ae0222008af3ec7031e7cf45d

                                          SHA512

                                          1f415f6e1ecac7108e32965ad8a1a58338bf0dfaa1f10d32b14e8b6df268114613550442a811c7b43fd7441baa6d641ae19cbdf3b0246d279ba129c9648e8931

                                        • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\1009pdhg.default-release\cache2\entries\254256B27E0C48CF9B80B695F0B3B8CA84610495

                                          Filesize

                                          9KB

                                          MD5

                                          23de6735d835c716fc7b15440488f8f1

                                          SHA1

                                          a1263853793e7e2fd160a194584db7c658ebbf58

                                          SHA256

                                          829d29344b8f6426de290cd862541cebc07315c6b2353e5f59d1ba154d9d37a0

                                          SHA512

                                          4a847255b0837a14d94316bbd0b124518ce472bb1c8ab4ed22e22bcdb8ba05468a0644c2cced8810e91ee6b96a92fd7d3050092bd41f5447450a1fb4e60ad662

                                        • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\1009pdhg.default-release\cache2\entries\37373F56CBD822F5FCF64BA01E1320A0924D8460

                                          Filesize

                                          24KB

                                          MD5

                                          2294ba878a31d5e01343cd48571218f6

                                          SHA1

                                          8ea39dee8d63b7aa8310bed0f3f8dc89903dda37

                                          SHA256

                                          66a9cd55f189e2d87387004ffd288382d88eff52faea65be0a3ea41390e71042

                                          SHA512

                                          7300524d076734c90bc3ad80acb58abf0a2405bf0a98e1f17cbee7e56238afb9ba351ee0a89be4fdabad1224b9a274a46ada7273c5c5a566a24857a51d41c5f2

                                        • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\1009pdhg.default-release\cache2\entries\58EFA56DB4BFFECB0EDA547894BC9A057159E22F

                                          Filesize

                                          13KB

                                          MD5

                                          a39ddd9575fe5225ba0865ad9e76be45

                                          SHA1

                                          dce5e9c9815c3056ebd241ef21cf0138b045cbb6

                                          SHA256

                                          63f46f43ed113c04e2fe40f973ba13ef04eb08121a224cbc114a6bb37eb3a069

                                          SHA512

                                          15cabb13923f7cc0e201b7b4c198b5e4da7e36cf5842121e6a276ddd6f0c5ac74b794d167473cdef4144ee10d20f4078774cc428fe924eaddc4143a10cf0f5a8

                                        • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\1009pdhg.default-release\cache2\entries\6D89348819C8881868053197CA0754F36784BF5F

                                          Filesize

                                          14KB

                                          MD5

                                          c8a2442a01a89135c803e04d0cabb883

                                          SHA1

                                          ee3e21f6d3f0f941ad209930a1f30cfbfacaae93

                                          SHA256

                                          0da044b161ee8048128a87db032fe783c73060015852bb3630732ff48f5a3c4a

                                          SHA512

                                          55ddbb1dd499751614f67b263844c73b0c7a58980bbb47436f72df2d6e7a0f48ddb30a49f96d320c326862e5c348fe9714ca4978b3b3f4a845916b50432bf8e5

                                        • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\1009pdhg.default-release\cache2\entries\F8CBD54DDA10F4286A41EC6A537240712D6C2308

                                          Filesize

                                          9KB

                                          MD5

                                          5e292344bdf0d6ba5d33c4c42093aa77

                                          SHA1

                                          f9fe87cadc10cf4543b254e086c25545d335e02f

                                          SHA256

                                          e5b9a71270ab88e450d3908f26aefba60111018f709e26dbc149562f09f4cad8

                                          SHA512

                                          8a5c2e38a720418fb2f7fef7c9f8928ace71c80a7c0cfea2466edb5a6c4a9b58d21df498f5cd477b42a7dd3ba2750c6934c446214c5f207949911cc82442b883

                                        • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\1009pdhg.default-release\settings\main\ms-language-packs\browser\newtab\asrouter.ftl

                                          Filesize

                                          15KB

                                          MD5

                                          96c542dec016d9ec1ecc4dddfcbaac66

                                          SHA1

                                          6199f7648bb744efa58acf7b96fee85d938389e4

                                          SHA256

                                          7f32769d6bb4e875f58ceb9e2fbfdc9bd6b82397eca7a4c5230b0786e68f1798

                                          SHA512

                                          cda2f159c3565bc636e0523c893b293109de2717142871b1ec78f335c12bad96fc3f62bcf56a1a88abdeed2ac3f3e5e9a008b45e24d713e13c23103acc15e658

                                        • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\1009pdhg.default-release\startupCache\scriptCache.bin

                                          Filesize

                                          7.8MB

                                          MD5

                                          8d24c5b32f34008202aef0958db3c513

                                          SHA1

                                          84dca874d75ec78cc0e8e9df2b8dab5dbfce810f

                                          SHA256

                                          c758a2f451e530dd9cbeea5124c82392a6e4cba0190ced10d266a8a8ac938b41

                                          SHA512

                                          9ccf9775b7c641c5e4834d6c26c09e6c05d84fda344bdc8112c9d4f7bf21c769d0b01da4dc8ab20460087bcc39fbc806c6dc84af88c716ebb9506ff9f39c7e4c

                                        • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\1009pdhg.default-release\startupCache\urlCache.bin

                                          Filesize

                                          2KB

                                          MD5

                                          66b971d68aaf433250828cea60957c33

                                          SHA1

                                          ae0c0ea2719ae0fa432207cebe459a20982a4a4f

                                          SHA256

                                          422f81bfade2421c29ed5386734dbe873dc84d7fda2e722bc4a3c926ed4ec999

                                          SHA512

                                          df3b34773c6fb610052ef7b1fcf0cf6aca000c959ea0e8c70286d7403b9ef145e441bf76d21c59ae4cbb101ceaae79df04b591b1f547ff349ab278755b6c9848

                                        • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\activity-stream.discovery_stream.json.tmp

                                          Filesize

                                          23KB

                                          MD5

                                          c9eedf06241888a849cb1e57dc03de2e

                                          SHA1

                                          07b5e514c55c709c1de31b7e1004ecf58053316e

                                          SHA256

                                          79816efb544c250c3672689ac3fb9d113f0537c540405e365fd86abc282b5254

                                          SHA512

                                          38ac2ebd702063822c4394fd92bc980b4fb1137e4ef3b89f655a39708376141000959e5d7872e368b800778cc518ff1376e0856bbc0a6939171fe31836e9dd44

                                        • C:\Users\Admin\AppData\Local\Temp\tmpaddon

                                          Filesize

                                          442KB

                                          MD5

                                          85430baed3398695717b0263807cf97c

                                          SHA1

                                          fffbee923cea216f50fce5d54219a188a5100f41

                                          SHA256

                                          a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e

                                          SHA512

                                          06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

                                        • C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

                                          Filesize

                                          8.0MB

                                          MD5

                                          a01c5ecd6108350ae23d2cddf0e77c17

                                          SHA1

                                          c6ac28a2cd979f1f9a75d56271821d5ff665e2b6

                                          SHA256

                                          345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42

                                          SHA512

                                          b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72

                                        • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms

                                          Filesize

                                          7KB

                                          MD5

                                          e04cf72d243db0dec1bcfd24244317b1

                                          SHA1

                                          94374a5063a671f976f5fbe59e9d1f9f2ec6baf5

                                          SHA256

                                          3b1ea47237da95050ebea3674f486c568dff6dd3fa11615fca518d340d228991

                                          SHA512

                                          2a5f59bc596875c818d49216dcc09868d544d754d3fa283dd68d5ea98b0bb208dfedb48b9c5296e107b22ae0bfeb5db7eb811a45087a6599a4ef714d45b5591c

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1009pdhg.default-release\AlternateServices.txt

                                          Filesize

                                          465B

                                          MD5

                                          f9f20b7837c05a9dc5177ae64127ccce

                                          SHA1

                                          aff9b1ef765c623f0d69b8e31a5848c1833a3e4d

                                          SHA256

                                          6c00cee4f9cab3788d47cb38a56238d18c993e1011154c3089cae1449eaaa545

                                          SHA512

                                          38d3392d9f352c01e79dcdc4cdefa28fcbc71737272b1716fe083c29fa3693d4ff083b6ffd4df16da5d461f377402a5d1d1b40c074979df07500f0dc519f1ffe

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1009pdhg.default-release\SiteSecurityServiceState.txt

                                          Filesize

                                          264B

                                          MD5

                                          3efe0c59d18ac186132b074acdf4d458

                                          SHA1

                                          da0100beeb338121d730a999cd2d8d48542f3c1b

                                          SHA256

                                          486eecb691dc268d09c302eebf88b472ea19f66df1b319c2ed6f3cc97347f866

                                          SHA512

                                          cd078f2252a56dffd570dda24ebe3fd54a57811ad9616cd7c7b6b4754580692ad12953256dfc0d53c97ab884202c664a565f4c71cc745c88c39029dd1086b188

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1009pdhg.default-release\datareporting\glean\db\data.safe.bin

                                          Filesize

                                          4KB

                                          MD5

                                          0ec147b1d2a1167e772440a5bf48a8d1

                                          SHA1

                                          e7d2282f18d50dbc2aed333ae4458b520d38b620

                                          SHA256

                                          674c9b87ad3fb4b42e15585dc82aa80007728937c8e2d571cad7acf29288ddc2

                                          SHA512

                                          70c2a67bdbed74e16c063a029941a28de73eb99639ff6dbfca88c2960971baa879aa2d439355f931af82289fdedf08e56e48b5fb742e0fef195792fa1f0f03f0

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1009pdhg.default-release\datareporting\glean\db\data.safe.bin

                                          Filesize

                                          1KB

                                          MD5

                                          d0cff341e285ade9ca643cc2cda57385

                                          SHA1

                                          3986719e314dd642daa6d7fe56bf3f97f1f9fceb

                                          SHA256

                                          f9db4799ca85e69559498ac1b965e8f61c4706b504d67f8a798042aa24bc6702

                                          SHA512

                                          bc746092cced69a7d7d31c377d1b438fdc10a39b1694067f326b6a0c469c876d0160882a16edd32d6a930d7cf3b267a4092bacdfcba322d910e4f4a1cf62b6bb

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1009pdhg.default-release\datareporting\glean\db\data.safe.bin

                                          Filesize

                                          2KB

                                          MD5

                                          355a577855a1aaad10a71d4de5388a9c

                                          SHA1

                                          94a0f3ad3081a5e7a95d87e1e3883062ed42aadc

                                          SHA256

                                          a2f2eba17c3f111718029c81c171972d1bedd02488e679ab1f9845f3774aa5ae

                                          SHA512

                                          63f9d17ff033556b6c95ea883a8d6777fd6d5f618a46d7b4541c06af84246509ca975d4f6d792fa0f0eda17c1db8f56a3b97b833675ba05a922c151a2462ab9e

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1009pdhg.default-release\datareporting\glean\pending_pings\13f648fe-6f8d-488e-9e60-a2420b0fea5b

                                          Filesize

                                          745B

                                          MD5

                                          bbe61f2034d8d91461f5194d038e4d0e

                                          SHA1

                                          dea1e3bf2a68fa84c1d298dc07ea8a7040795ce7

                                          SHA256

                                          d84abeea64dfbf4351f61b4cdca7e9628faf3156e3d5e45a4f528708b29b28d2

                                          SHA512

                                          589388f61bb67d4aaffcc14b651c832c9a6ab74ff936dba000ca87cb53ff133c9941839c1ee360e22cd58e4f0802430f17bd1f9c639d06a62fde6dffdbf60009

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1009pdhg.default-release\datareporting\glean\pending_pings\735e93a2-4b0e-41d6-b0e5-e28320794752

                                          Filesize

                                          10KB

                                          MD5

                                          014c73f900f81b566c5b546c6346b1a4

                                          SHA1

                                          ff90410392b691431475e5b696af1ef50e8af7ef

                                          SHA256

                                          33e5522cd93cee7d17a02eaa996514481377155d860f60f38238b2764b02d0a5

                                          SHA512

                                          dbe8ba020c40f4dc314c271d33987323856d17ac77c8dbb830c67f4718affb490e94f0272de81cf3e87450a911022ebce965786e080b64e1c2ae24c4ff7c7ecd

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1009pdhg.default-release\prefs-1.js

                                          Filesize

                                          6KB

                                          MD5

                                          17fd66bfb1844ee53bc5afd26d1e201c

                                          SHA1

                                          889d9d0d1148ee2f8c75d95dd7ae38290469e330

                                          SHA256

                                          61a1bc8a27911d2b5a9ccf6ba8e560d5581af47a64bff646243fdbae081610bd

                                          SHA512

                                          17e6052345b6bd9e46efe63e4e7e3642837653a2f6a645979c72d8797d08e2370ffc42423006ff41ffb3c92bf243b5ccaec7e72681de9ae8d218f1ee7a9346af

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1009pdhg.default-release\prefs-1.js

                                          Filesize

                                          6KB

                                          MD5

                                          3dea1a7cf8791a1c5a77eb8e3626530c

                                          SHA1

                                          0c16dfa888ec6eef7fce0b63e2641af2b39d8d54

                                          SHA256

                                          5e0b3ed466fb092c7dbee51f63ec21185dbc54c4e68d6b57802e8a18d0ff73f8

                                          SHA512

                                          f8c4cba2972b46176ae5dd2aeb18ecab15320e266c3980d70d5cadaa9a03f5d4b251d93a9319f43ab67c28421ce28a01f428aae5bc2459baf48fce27c115867f

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1009pdhg.default-release\prefs.js

                                          Filesize

                                          6KB

                                          MD5

                                          9ca16e0c6a361c85ae1d0dadb046ae83

                                          SHA1

                                          0f56f85f2dcc6f420ab7ec10e421f859684c52e3

                                          SHA256

                                          61a353b2bf0e278d8be8078757b981bc0e61d976fce99dbd74baf04dc898f5dc

                                          SHA512

                                          bc676acf8bd85a1e4f6d847f9966fd331ac4dc52b3d93c54a3533327c8ac7995eec8f515a27838824c595027a0c405600065f190bbf7578f05c7a50e770bdbc7

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1009pdhg.default-release\protections.sqlite

                                          Filesize

                                          64KB

                                          MD5

                                          deeced8825e857ead7ba3784966be7be

                                          SHA1

                                          e72a09807d97d0aeb8baedd537f2489306e25490

                                          SHA256

                                          b9f022442a1506e592bf51284091a8a7fe17580b165d07e70c06fd6827343a54

                                          SHA512

                                          01d303232d6481af322137b44fef6c2a584f0643c48bab2836f9fe3193207015da7f7514fe338500ae4469651e3d9618293858ae507e722198a249257677099e

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1009pdhg.default-release\sessionstore.jsonlz4

                                          Filesize

                                          1KB

                                          MD5

                                          805d553e58af662bc80a1b87727711dd

                                          SHA1

                                          78cf6ebc472ab15585424edb732f197b513e72ca

                                          SHA256

                                          866ad11e7b56c46368262f6e7ee82c464b9e94d7556c26e631b3c71fc9d93cc5

                                          SHA512

                                          6407e62b1fcd9c030d93801a51913d5ba2eba50bc979346d855b8a5194c2ccb6c021ae730f706d5b455fea8bf1dc06fe92d40493e4e957ff3098ed9e73fb8b87

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1009pdhg.default-release\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite

                                          Filesize

                                          48KB

                                          MD5

                                          61c3ab3a1dce79148e73e9abc7e8c9b5

                                          SHA1

                                          a6fd02cc909f725ccf6048db363992e5ff261109

                                          SHA256

                                          d9e653b1666c2e2bb1edb916e62bef7c39d5ff01036e0bb66a8d22496151263b

                                          SHA512

                                          0452effb2539a6a2b3067b416757131240c1793cf57f813d8824c4700fdbf52166a873302a4411dcbfbf4bea6cba6f8f13c84c7c9936ac87ea0e865da0a05ddc

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1009pdhg.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

                                          Filesize

                                          184KB

                                          MD5

                                          5699a35195c7237900a21c5c9f9d4fb8

                                          SHA1

                                          4b6c3f2a93c12d909e132ddef6c975132e7faa30

                                          SHA256

                                          db5da8b2172f90267285a998d144474bf1154c70cb0eb7530885468dd5225fba

                                          SHA512

                                          3baa6ae405497241c8650bf98b2526473598eeeff6e71f5d94c9d6d06b7e7f827e4bf4c7d9017e80afdc3ffbf38c5af59729c0c2f4624d90e6573a3ed64cf17f

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1009pdhg.default-release\targeting.snapshot.json

                                          Filesize

                                          4KB

                                          MD5

                                          e74fedf55ac7966e0a3448a07b8e441e

                                          SHA1

                                          817441b5846787ae24028303b3733c83ac8fe445

                                          SHA256

                                          bede5e42a106f4b8d237306d0e57c11bc30d8a810924ce3b89c59c271d3b2e4e

                                          SHA512

                                          0719c05b6b98147e0397643f9c3ba69076dc0c7f169419c172648920009daf7112569d8aedcc93932ff240eb5098bf18c4a11b53df5ce7993461371b45d7b175

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\addonStartup.json.lz4

                                          Filesize

                                          5KB

                                          MD5

                                          ab63a7b2dbacb05f12c777377ae89ba2

                                          SHA1

                                          c08dfdd48716cee65a5af07f50f8205432ec768d

                                          SHA256

                                          167bbc1ce6787131fba4448d23c2c69cb5d1d812c54e78ebab261036d7710910

                                          SHA512

                                          a3ff9049b5028919f3b44a296a473409f59873a0a41d49aa3c7867f261719803b36b21f493ab8be1ec5ae3463ba9d6eefe02c7bb1127dd0dbf7950ca9e70046c

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\bookmarkbackups\bookmarks-2024-12-13_11_N1F+KwGL2XAnXDkG61FnWA==.jsonlz4

                                          Filesize

                                          959B

                                          MD5

                                          550c533352e9c72ef97cfde20253c7ff

                                          SHA1

                                          cd8e17b2ce05ddd55531525eabf7ea1c1d01724e

                                          SHA256

                                          45c293b24d35ce09e8398f170e9b5d20ce3e8f2a65a98479918030d607537960

                                          SHA512

                                          1d3ccff97992daa2a5d8978f319abb166dd3b92e5f36b2a1f62e1b2f4cec97116de1a54dca5ce34f8eb0d96a72ca81afc50e25f771cc114856d0bc7352b044ff

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\broadcast-listeners.json

                                          Filesize

                                          204B

                                          MD5

                                          72c95709e1a3b27919e13d28bbe8e8a2

                                          SHA1

                                          00892decbee63d627057730bfc0c6a4f13099ee4

                                          SHA256

                                          9cf589357fceea2f37cd1a925e5d33fd517a44d22a16c357f7fb5d4d187034aa

                                          SHA512

                                          613ca9dd2d12afe31fb2c4a8d9337eeecfb58dabaeaaba11404b9a736a4073dfd9b473ba27c1183d3cc91d5a9233a83dce5a135a81f755d978cea9e198209182

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\containers.json

                                          Filesize

                                          939B

                                          MD5

                                          94a3843fad8c45c48b0e07342df3dfdc

                                          SHA1

                                          d55b650208bda884d573afebd90830a3f4d7c201

                                          SHA256

                                          854ff2076f71097b030c302a1ea71d8e851d2920b9ff5fc8dc8f16c91ba95b72

                                          SHA512

                                          4d2a6b2a223ad81bb97195abb27685cf88453caf5769de154b373486d5245f02e0c0f664281d8e3bb33bfcdf1d6f7b3d9602303864d4e56481382adcb0b932db

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\cookies.sqlite

                                          Filesize

                                          96KB

                                          MD5

                                          d367ddfda80fdcf578726bc3b0bc3e3c

                                          SHA1

                                          23fcd5e4e0e5e296bee7e5224a8404ecd92cf671

                                          SHA256

                                          0b8607fdf72f3e651a2a8b0ac7be171b4cb44909d76bb8d6c47393b8ea3d84a0

                                          SHA512

                                          40e9239e3f084b4b981431817ca282feb986cf49227911bf3d68845baf2ee626b564c8fabe6e13b97e6eb214da1c02ca09a62bcf5e837900160cf479c104bf77

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\datareporting\glean\db\data.safe.bin

                                          Filesize

                                          2KB

                                          MD5

                                          b75cb4fa81814378a11ac892b8a351d5

                                          SHA1

                                          3524d78e67e08be0bb1b1de67e3440d00fe55f19

                                          SHA256

                                          4ff830c992fb287565ff88e947a18f419fb9dbe67ca8bfe417f103db96f23acb

                                          SHA512

                                          a57b43b32423d723154e93f29af7a1cf310ff67cf39ab2c518d284c0e4e6527187b25b670dbc24d5ae3ebb522d449f6d3e87210c5859570ef45fb8bb08e83feb

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\datareporting\glean\pending_pings\406bd874-f7cc-430e-804e-145e98d44a11

                                          Filesize

                                          655B

                                          MD5

                                          185ea1a69c1d07cb7a3a51e24ca8bdd2

                                          SHA1

                                          ab5718b2e749e13d55592764cda4df038f225e18

                                          SHA256

                                          2acbdf38bb643ac23388aa45abc2102092b5c9d1c43a306d9208462d7736da4d

                                          SHA512

                                          26603bc9ad49999461937385e4779a6e30842b299bece76822d3dd7cbe950d8af09d1c3611987e6a3f250f269d57d89d93ed9d4cd557753a7cd5a8885f3aaed6

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\datareporting\glean\pending_pings\f4273cca-b17f-43e3-9d63-b98d330436ea

                                          Filesize

                                          586B

                                          MD5

                                          b481cf8d30aa3a131c6ba23bf7a7d94e

                                          SHA1

                                          e0b0e8b6a3fae5f82ffbee1ec42d06718c4caae0

                                          SHA256

                                          1497dc1eacbcdce2a18c743692c022103469a4ad0845f425eb8f474c53c3d0c8

                                          SHA512

                                          07a4010c54350312a085db695372d70c0269a20fd2981da5c4d847d104cd17d282cc7e974e50eb0b750357a9a77c0ab4f58695b57a8e2f8d4647a414f68086c7

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\extension-preferences.json

                                          Filesize

                                          1KB

                                          MD5

                                          be330bd97e63f073880fbac0f29880bc

                                          SHA1

                                          64436de4108c6adde238f9e925aaea2dc49cbc13

                                          SHA256

                                          5b1619884f8b770678843eb83c4a7459865aa2c5e84bf38f22026d23b5b28ef7

                                          SHA512

                                          80cf1203daeb3c31f5ffaf3b7a97b598a196750b7c9a44ebde50ff5a1aba6ac651a2d9edab58aeb395871dc600e64a81d6fc61b710994f6a2f9e202cf25362e7

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\extensions.json.tmp

                                          Filesize

                                          41KB

                                          MD5

                                          9bc44e49e13d6d4b00e5298592f2e08f

                                          SHA1

                                          2087ba1e244f2312cc924d2c56dbb383b83e847e

                                          SHA256

                                          6f7a187f887247287b7dadd9199c355b0243155971301230cd4e64e096867f2c

                                          SHA512

                                          59277cc6f34231d54953e5009a9890eb27e875af11b9c00f5222ee010d1a69960cdd282cefc5a1d1f8dedb8dca0f8b74c433abd11f2f8e04597a8a3b7b2e643b

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

                                          Filesize

                                          997KB

                                          MD5

                                          fe3355639648c417e8307c6d051e3e37

                                          SHA1

                                          f54602d4b4778da21bc97c7238fc66aa68c8ee34

                                          SHA256

                                          1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e

                                          SHA512

                                          8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

                                          Filesize

                                          116B

                                          MD5

                                          3d33cdc0b3d281e67dd52e14435dd04f

                                          SHA1

                                          4db88689282fd4f9e9e6ab95fcbb23df6e6485db

                                          SHA256

                                          f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b

                                          SHA512

                                          a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

                                          Filesize

                                          479B

                                          MD5

                                          49ddb419d96dceb9069018535fb2e2fc

                                          SHA1

                                          62aa6fea895a8b68d468a015f6e6ab400d7a7ca6

                                          SHA256

                                          2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539

                                          SHA512

                                          48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\gmp-widevinecdm\4.10.2557.0\manifest.json

                                          Filesize

                                          372B

                                          MD5

                                          8be33af717bb1b67fbd61c3f4b807e9e

                                          SHA1

                                          7cf17656d174d951957ff36810e874a134dd49e0

                                          SHA256

                                          e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd

                                          SHA512

                                          6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

                                          Filesize

                                          11.8MB

                                          MD5

                                          33bf7b0439480effb9fb212efce87b13

                                          SHA1

                                          cee50f2745edc6dc291887b6075ca64d716f495a

                                          SHA256

                                          8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e

                                          SHA512

                                          d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

                                          Filesize

                                          1KB

                                          MD5

                                          688bed3676d2104e7f17ae1cd2c59404

                                          SHA1

                                          952b2cdf783ac72fcb98338723e9afd38d47ad8e

                                          SHA256

                                          33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237

                                          SHA512

                                          7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

                                          Filesize

                                          1KB

                                          MD5

                                          937326fead5fd401f6cca9118bd9ade9

                                          SHA1

                                          4526a57d4ae14ed29b37632c72aef3c408189d91

                                          SHA256

                                          68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81

                                          SHA512

                                          b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\handlers.json

                                          Filesize

                                          410B

                                          MD5

                                          e7a65c5ead519a7b802f991353c26d3d

                                          SHA1

                                          34cc3c1cf9bd4912dba5fa422010934e46419fa3

                                          SHA256

                                          0e5ce92485da953757f615bad034a43032b220da18f8165dd85347851b56b2d2

                                          SHA512

                                          2a6034449ba6f5da8a77870ae665064047cea2460aeb4c8c0b62b308a403fdd30648150209aecc31ab1e50b6d9d94a1f51d3d7d50bbf35ec1b742bff2dbe788d

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\key4.db

                                          Filesize

                                          288KB

                                          MD5

                                          e292c613320673541b1a5988ebec04d0

                                          SHA1

                                          954958897f1861f95f0cbbb1a3cb77ecd1606216

                                          SHA256

                                          2eea5642c36ce933e9dfe9c1407a597346183f136cc8b4ec1451a38b696b73c6

                                          SHA512

                                          a8f69cac6e1e4618d05d41be47057cf3aa645ea7de55d5bcd4c9e2f0a98f9766a36a40f9d8937ec326ad407a683dedcacfe9966174a8746c2f8b63dceec558b1

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\prefs-1.js

                                          Filesize

                                          6KB

                                          MD5

                                          7e38b2ca0e1959e7761ae9c50ed1bb70

                                          SHA1

                                          bac2ec274f3c1c873a5012cd53c49a69ff309bf9

                                          SHA256

                                          60801209581f28766853bbebfb25cb290a05438d78e47699a86d649b656f8796

                                          SHA512

                                          ef06039a75721c8dba68b89f364032a8d5c444e101793dd1e2792c667423c030f7bf5a7964c24e3c872d67d4a2a5e4b15dda5439f941fb0658483608ec401196

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\prefs-1.js

                                          Filesize

                                          7KB

                                          MD5

                                          1ec01e62f48731f495565e3984412337

                                          SHA1

                                          e4a17beae792eda60e823985e343f4770966834c

                                          SHA256

                                          6d258d978cee67a0ae8020353f05e7e3c801ea4169aba01079d977350235f028

                                          SHA512

                                          9451ab28ce717e1505d54da7afc0034c4a7a6099670d42f7ce631a9fd56511e824149ce2296aa5f683005d4fa2fd269eb7f853876548d5fbda827ab146b49683

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\prefs-1.js

                                          Filesize

                                          7KB

                                          MD5

                                          503c5ccd1756bcc2468f186739f9244e

                                          SHA1

                                          89461ed0ba5de10a12c02aa72872e6edbbf1d116

                                          SHA256

                                          7eb6bc6b41799102417cb5241bd973e777b42624aaa8fd02c766dbdd39eae806

                                          SHA512

                                          ad3679fc1abed66d0d0ccb11171cb738eb79683fab9b22b294f14e484bb1a577928849c7273c7ea4ccea69ec4f4a62e5f2555d175cde679b79807cd7b6c1c4b5

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\prefs-1.js

                                          Filesize

                                          6KB

                                          MD5

                                          64b1975af5fd1c0508b15caf2425da2d

                                          SHA1

                                          58d3944bec5b2e14f3afc468875f5ac47e6d8174

                                          SHA256

                                          26c313c7e45e16a7c1c9fa85872709fcd7d4d1eaf942ebd370760b6653a51355

                                          SHA512

                                          30c33de55abf586df917fa815124079d9e62322f26c859982dc520613114f0ed8abcdcee68807223ed10212e8b4c9c29d23db2f6beb0ebc89cc58419f9f53c82

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\prefs.js

                                          Filesize

                                          3KB

                                          MD5

                                          86c5da4976c5fcf4ea43318c12238165

                                          SHA1

                                          83d2a5cd735828294e01ba138dff99af2286c070

                                          SHA256

                                          e70a7049789c42bed9c207df066d696a896460ac2f7ddce029ab8968f91f243c

                                          SHA512

                                          91e5cb5cf4fc4dd3cef4ff31949c44f2879eef75a2953004bc65b16cf74b348cbbcd0cf17ec61d2246c9c894de9aab5e4fd03c8a16eeff3d2190097e797be6b2

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\search.json.mozlz4

                                          Filesize

                                          291B

                                          MD5

                                          8eacaddb23a32317d540053f212571b5

                                          SHA1

                                          44a35efc4fb1591048c618c02ee3ba58f7dab5cc

                                          SHA256

                                          927f4ab39b925da636b897890ca6880eecccd5304dfbe07b38fafe99f22e35a1

                                          SHA512

                                          e60890810e5f36e6fd2122d60e805e3736b4e4dbe62301dbaef57953047c90847c01df72bdf7cac75c0b26e4361f90c43b273d5b1025320f16da5b27ffcb81f3

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\sessionCheckpoints.json

                                          Filesize

                                          288B

                                          MD5

                                          948a7403e323297c6bb8a5c791b42866

                                          SHA1

                                          88a555717e8a4a33eccfb7d47a2a4aa31038f9c0

                                          SHA256

                                          2fca1f29b73dd5b4159fa1eb16e69276482f5224ba7d2219a547039129a51f0e

                                          SHA512

                                          17e2f65c33f47c8bb4beca31db2aff3d4bbb6c2d36924057f9f847e207bdcb85ffcbb32c80dd06862ffc9b7f0bd3f5e2e65b48bb1bc3363732751101d5596b1a

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\sessionCheckpoints.json.tmp

                                          Filesize

                                          53B

                                          MD5

                                          ea8b62857dfdbd3d0be7d7e4a954ec9a

                                          SHA1

                                          b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a

                                          SHA256

                                          792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da

                                          SHA512

                                          076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\sessionCheckpoints.json.tmp

                                          Filesize

                                          90B

                                          MD5

                                          c4ab2ee59ca41b6d6a6ea911f35bdc00

                                          SHA1

                                          5942cd6505fc8a9daba403b082067e1cdefdfbc4

                                          SHA256

                                          00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2

                                          SHA512

                                          71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\sessionstore-backups\recovery.jsonlz4

                                          Filesize

                                          3KB

                                          MD5

                                          d87a6c6d648d4d750b254fc08bed723a

                                          SHA1

                                          fc9b90d2e91b8ffa5c8956d61864bb254c8a865d

                                          SHA256

                                          705793bd5b9a371ba75da5534b0f69b0f680229e43652a327e35ce46352f09a8

                                          SHA512

                                          06cbd6cd5718d7308694486a157e1b0ff3d5f1f99b8571d1c69b65fbab3f0b38bb5c2845dd29e46306ead15b28b08fd8f3ffa1a74c77e1ea90ce504a8e637bb1

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\sessionstore-backups\recovery.jsonlz4

                                          Filesize

                                          575B

                                          MD5

                                          22038c84d352b8be71a189c59b7b8042

                                          SHA1

                                          5a36745e2b966df83965e6007c9ca4ab89ae0328

                                          SHA256

                                          76087308d395acae928c74b40540a115ba1b7d884927f698ee6ab0403b82626f

                                          SHA512

                                          1df31cc0a74d743b9e5df254736bd152fd222488837c9d018c4947e80fedd80fa108592aa09c0dd59b2170ae12dc923e5a0be915ccfe52a9be2b99a58a115b13

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\sessionstore-backups\recovery.jsonlz4

                                          Filesize

                                          4KB

                                          MD5

                                          0cc593a8e198f6e605c04949398c3ef8

                                          SHA1

                                          0d22adc8f96630f2f89acc8da384df4c25cc49df

                                          SHA256

                                          f775adaae8f2b681255236d085321789521dff10f489b1e21780b05144122194

                                          SHA512

                                          5adb4973fd9bd034dcfb6ad025409f713b9675a51357ed6ecaae7cedd9fa2a5c3921152b6ee5fef97202ee856b235dde5a68f3212b5a831b6b07a070664cab45

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\sessionstore.jsonlz4

                                          Filesize

                                          266B

                                          MD5

                                          4fdb7f9a51ba177262d07d38c0238915

                                          SHA1

                                          f12c5a74467bf624164ac77ab7af517ce46ace8d

                                          SHA256

                                          a641f5701e0ccb2fc22a9f4323c96d899db4397fc08c63fc5de852d9aadca9d7

                                          SHA512

                                          fd0e72672b280e9f362cd8ba4a81c795fd741163020cd2c62a104c3f8e006883ac592951db85f364f3fece2d9af386f635b93ced301e12b4418e1e0a7fdd9c09

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\shield-preference-experiments.json

                                          Filesize

                                          18B

                                          MD5

                                          285cdefb3f582c224291f7a2530f3c4e

                                          SHA1

                                          f816c3e87aa007b6e6d31eb6a4618695a7d83439

                                          SHA256

                                          704d28223a4320a853df4a19d48c7015cf79d56a5317cc3475b6305fa43dcc05

                                          SHA512

                                          8f1decf1e4b5755fce8f165daae115f45d6890985c9c4bbb33a6f724cbfd26db75f6da06f9ef675de20fe755da9b7f55e5ee37124296a12a520a393da159bd58

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\targeting.snapshot.json

                                          Filesize

                                          4KB

                                          MD5

                                          83d6be525ec9c12c85c78d449046352a

                                          SHA1

                                          7839f959d8e1f8423c7c99de5f0f1ebc4ac807b8

                                          SHA256

                                          a0efbcb36bd4cb3ea30016c552c27549444c327d17daaa11d4aa70fae9fb76e3

                                          SHA512

                                          6d25e2ea0a6c9ac13d4d112d310050051a15a55f4471d4762e81be14233a6a98593697c2b45487270606d8c77aad2c1ccdf4a8155e308c8dcf1fd82768180ef1

                                        • C:\Users\Admin\Desktop\Old Firefox Data\1009pdhg.default-release\addonStartup.json.lz4

                                          Filesize

                                          5KB

                                          MD5

                                          35860b7440797fdf92b6b343858fae39

                                          SHA1

                                          62c24f43eedf6e71b226f0159dbbfeecc152f47f

                                          SHA256

                                          fa8d0fffa1b53a2ef40a65da9e28fe04dd91f053f4784f542714e60b4290f498

                                          SHA512

                                          5ae3d1a8279ae0fdf7954c3cf2279ea9c525e36547c4ed92049f741be6bd46bfef82b40763c7d01e0620dcf356fc9fc45b12be4dce319d4d9b354f6fa15d1a69

                                        • C:\Users\Admin\Desktop\Old Firefox Data\1009pdhg.default-release\storage\permanent\chrome\idb\2918063365piupsah.sqlite

                                          Filesize

                                          48KB

                                          MD5

                                          6102ebee296acc13ef300115640d7963

                                          SHA1

                                          b100d7231fea01498a0a91248e758d93b100212c

                                          SHA256

                                          cc6b9d63b2b37903cb47cc3c6925ac788728b56de09ac62912a236dcd5d44e48

                                          SHA512

                                          bb4e5d2fcd90cfb479defbd2c11f91652ecfb2b8c136eb26cad725f7cda1668d0bc19424596e0a9c83b96f712ff05fba25222a58e0414da7c9d191754aa02157

                                        • C:\Users\Admin\Desktop\Old Firefox Data\1009pdhg.default-release\xulstore.json

                                          Filesize

                                          217B

                                          MD5

                                          c64c353599fd3ad2e43607fcb5b4ebf8

                                          SHA1

                                          d47b687df6f60fab3f0b32dd20d54258b2b645d9

                                          SHA256

                                          c92da016f56b7aa125d9735490a7421c525e839d1e34c130d4f73915b08c8b44

                                          SHA512

                                          c5e25b4206a027d28ac6aae3fd31b9dc020febe33b7036885fb94d39b7378f3bf1d7f6df9902c372de1ea9505e7f4032ffbbf394bafc1cb87ed3b20fabae7b23

                                        • \Users\Admin\AppData\Local\Temp\MistInfected_newest.exe

                                          Filesize

                                          3KB

                                          MD5

                                          459f3d7499adf6570cd98bbc2635f74c

                                          SHA1

                                          e2f1ffe536315c83e65d099e84c1ec8728bbee85

                                          SHA256

                                          5c5ecc47ad85aadb5acf9d057461073ec37c9407510379dd16985284b821cda7

                                          SHA512

                                          748b9ef6c075036d6cda5840864e10b92fad80416578b51e37a0e7a01ddac1b80f2af192897e2e68b023904ac7f2f2bd17c5840161c51ac09e551f4641520490