Overview
overview
10Static
static
10The-MALWAR...ug.exe
windows7-x64
The-MALWAR...le.exe
windows7-x64
3The-MALWAR...an.bat
windows7-x64
1The-MALWAR...Lz.bat
windows7-x64
8The-MALWAR...ou.exe
windows7-x64
1The-MALWAR...MZ.exe
windows7-x64
7The-MALWAR...st.exe
windows7-x64
8The-MALWAR...er.exe
windows7-x64
8The-MALWAR...RC.exe
windows7-x64
8The-MALWAR...er.exe
windows7-x64
3The-MALWAR....a.exe
windows7-x64
The-MALWAR...rk.exe
windows7-x64
9The-MALWAR...an.exe
windows7-x64
The-MALWAR...98.exe
windows7-x64
1The-MALWAR...aj.exe
windows7-x64
7The-MALWAR...jB.exe
windows7-x64
7The-MALWAR...om.exe
windows7-x64
6The-MALWAR...1C.exe
windows7-x64
5The-MALWAR...90.exe
windows7-x64
9The-MALWAR...6a.exe
windows7-x64
9The-MALWAR...it.exe
windows7-x64
1The-MALWAR...m_.eml
windows7-x64
The-MALWAR...ng.exe
windows7-x64
7The-MALWAR....a.exe
windows7-x64
10The-MALWAR...1A.exe
windows7-x64
8The-MALWAR...as.exe
windows7-x64
6The-MALWAR...te.exe
windows7-x64
7The-MALWAR....a.exe
windows7-x64
3The-MALWAR...le.exe
windows7-x64
3The-MALWAR...us.exe
windows7-x64
10The-MALWAR...er.exe
windows7-x64
7The-MALWAR...ff.exe
windows7-x64
3Analysis
-
max time kernel
1577s -
max time network
1584s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
13-12-2024 22:18
Static task
static1
Behavioral task
behavioral1
Sample
The-MALWARE-Repo-master/Trojan/ColorBug.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
The-MALWARE-Repo-master/Trojan/DesktopPuzzle.exe
Resource
win7-20240903-en
Behavioral task
behavioral3
Sample
The-MALWARE-Repo-master/Trojan/DudleyTrojan.bat
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
The-MALWARE-Repo-master/Trojan/L0Lz.bat
Resource
win7-20240903-en
Behavioral task
behavioral5
Sample
The-MALWARE-Repo-master/Trojan/LoveYou.exe
Resource
win7-20240903-en
Behavioral task
behavioral6
Sample
The-MALWARE-Repo-master/Trojan/MEMZ.exe
Resource
win7-20240903-en
Behavioral task
behavioral7
Sample
The-MALWARE-Repo-master/Trojan/Mist/MistInfected_newest.exe
Resource
win7-20240903-en
Behavioral task
behavioral8
Sample
The-MALWARE-Repo-master/Trojan/Mist/MistInstaller.exe
Resource
win7-20241010-en
Behavioral task
behavioral9
Sample
The-MALWARE-Repo-master/Trojan/Mist/MistInstallerRC.exe
Resource
win7-20240903-en
Behavioral task
behavioral10
Sample
The-MALWARE-Repo-master/Trojan/PCToaster.exe
Resource
win7-20240903-en
Behavioral task
behavioral11
Sample
The-MALWARE-Repo-master/Trojan/Sevgi.a.exe
Resource
win7-20240708-en
Behavioral task
behavioral12
Sample
The-MALWARE-Repo-master/Trojan/Spark/Spark.exe
Resource
win7-20240903-en
Behavioral task
behavioral13
Sample
The-MALWARE-Repo-master/Virus/MadMan.exe
Resource
win7-20241010-en
Behavioral task
behavioral14
Sample
The-MALWARE-Repo-master/Virus/WinNuke.98.exe
Resource
win7-20241010-en
Behavioral task
behavioral15
Sample
The-MALWARE-Repo-master/Virus/Xpaj/xpaj.exe
Resource
win7-20240903-en
Behavioral task
behavioral16
Sample
The-MALWARE-Repo-master/Virus/Xpaj/xpajB.exe
Resource
win7-20241023-en
Behavioral task
behavioral17
Sample
The-MALWARE-Repo-master/Worm/Bezilom.exe
Resource
win7-20240903-en
Behavioral task
behavioral18
Sample
The-MALWARE-Repo-master/Worm/Blaster/607B60AD512C50B7D71DCCC057E85F1C.exe
Resource
win7-20240903-en
Behavioral task
behavioral19
Sample
The-MALWARE-Repo-master/Worm/Blaster/8676210e6246948201aa014db471de90.exe
Resource
win7-20240903-en
Behavioral task
behavioral20
Sample
The-MALWARE-Repo-master/Worm/Blaster/8a17f336f86e81f04d8e66fa23f9b36a.exe
Resource
win7-20240903-en
Behavioral task
behavioral21
Sample
The-MALWARE-Repo-master/Worm/Blaster/DComExploit.exe
Resource
win7-20240708-en
Behavioral task
behavioral22
Sample
The-MALWARE-Repo-master/Worm/Blaster/SANS_ Malware FAQ_ What is W32_Blaster worm_.eml
Resource
win7-20240708-en
Behavioral task
behavioral23
Sample
The-MALWARE-Repo-master/Worm/Bumerang.exe
Resource
win7-20240903-en
Behavioral task
behavioral24
Sample
The-MALWARE-Repo-master/Worm/Fagot.a.exe
Resource
win7-20240729-en
Behavioral task
behavioral25
Sample
The-MALWARE-Repo-master/Worm/Heap41A.exe
Resource
win7-20240729-en
Behavioral task
behavioral26
Sample
The-MALWARE-Repo-master/Worm/Mantas.exe
Resource
win7-20241010-en
Behavioral task
behavioral27
Sample
The-MALWARE-Repo-master/Worm/NadIote/Nadlote.exe
Resource
win7-20240903-en
Behavioral task
behavioral28
Sample
The-MALWARE-Repo-master/Worm/Netres.a.exe
Resource
win7-20240903-en
Behavioral task
behavioral29
Sample
The-MALWARE-Repo-master/Worm/Nople.exe
Resource
win7-20241023-en
Behavioral task
behavioral30
Sample
The-MALWARE-Repo-master/Worm/Vobfus/Vobus.exe
Resource
win7-20241010-en
Behavioral task
behavioral31
Sample
The-MALWARE-Repo-master/rogues/AdwereCleaner.exe
Resource
win7-20240903-en
Behavioral task
behavioral32
Sample
The-MALWARE-Repo-master/rogues/SpySheriff.exe
Resource
win7-20240903-en
General
-
Target
The-MALWARE-Repo-master/Trojan/Mist/MistInfected_newest.exe
-
Size
22KB
-
MD5
1e527b9018e98351782da198e9b030dc
-
SHA1
647122775c704548a460d6d4a2e2ff0f2390a506
-
SHA256
5f7471c215b433f1b28dd4b328b99362099b6df7cb9e5c1d86a756388e0c7aeb
-
SHA512
4a11c811f30016218075d43a9f983fa7a484a06f22d625b1bd2d92b4cfabbfb142945ca0a9ca1cf91391a3e73c154f6121140d2f1d42aa35ad7f10817534a21b
-
SSDEEP
384:qosO55gUoO4D+DFBCd6GyhETw62O0OnYPL3p+:XsOkUoO4Dsbc22
Malware Config
Signatures
-
Drops file in Drivers directory 1 IoCs
description ioc Process File opened for modification C:\Windows\SysWOW64\drivers\mistdrv.sys MistInfected_newest.exe -
Executes dropped EXE 1 IoCs
pid Process 2504 MistInfected_newest.exe -
Loads dropped DLL 1 IoCs
pid Process 2488 MistInfected_newest.exe -
System Location Discovery: System Language Discovery 1 TTPs 2 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language MistInfected_newest.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language MistInfected_newest.exe -
Checks processor information in registry 2 TTPs 15 IoCs
Processor information is often read in order to detect sandboxing environments.
description ioc Process Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 firefox.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature firefox.exe Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 firefox.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature firefox.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision firefox.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel firefox.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz firefox.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier firefox.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier firefox.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision firefox.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier firefox.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel firefox.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz firefox.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz firefox.exe Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 firefox.exe -
Modifies registry class 2 IoCs
description ioc Process Key created \REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000_Classes\Local Settings firefox.exe Key created \REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000_Classes\Local Settings firefox.exe -
Suspicious behavior: LoadsDriver 1 IoCs
pid Process 476 Process not Found -
Suspicious use of AdjustPrivilegeToken 4 IoCs
description pid Process Token: SeDebugPrivilege 2180 firefox.exe Token: SeDebugPrivilege 2180 firefox.exe Token: SeDebugPrivilege 960 firefox.exe Token: SeDebugPrivilege 960 firefox.exe -
Suspicious use of FindShellTrayWindow 8 IoCs
pid Process 2180 firefox.exe 2180 firefox.exe 2180 firefox.exe 2180 firefox.exe 960 firefox.exe 960 firefox.exe 960 firefox.exe 960 firefox.exe -
Suspicious use of SendNotifyMessage 6 IoCs
pid Process 2180 firefox.exe 2180 firefox.exe 2180 firefox.exe 960 firefox.exe 960 firefox.exe 960 firefox.exe -
Suspicious use of WriteProcessMemory 64 IoCs
description pid Process procid_target PID 2488 wrote to memory of 2504 2488 MistInfected_newest.exe 31 PID 2488 wrote to memory of 2504 2488 MistInfected_newest.exe 31 PID 2488 wrote to memory of 2504 2488 MistInfected_newest.exe 31 PID 2488 wrote to memory of 2504 2488 MistInfected_newest.exe 31 PID 2124 wrote to memory of 2180 2124 firefox.exe 34 PID 2124 wrote to memory of 2180 2124 firefox.exe 34 PID 2124 wrote to memory of 2180 2124 firefox.exe 34 PID 2124 wrote to memory of 2180 2124 firefox.exe 34 PID 2124 wrote to memory of 2180 2124 firefox.exe 34 PID 2124 wrote to memory of 2180 2124 firefox.exe 34 PID 2124 wrote to memory of 2180 2124 firefox.exe 34 PID 2124 wrote to memory of 2180 2124 firefox.exe 34 PID 2124 wrote to memory of 2180 2124 firefox.exe 34 PID 2124 wrote to memory of 2180 2124 firefox.exe 34 PID 2124 wrote to memory of 2180 2124 firefox.exe 34 PID 2124 wrote to memory of 2180 2124 firefox.exe 34 PID 2180 wrote to memory of 1580 2180 firefox.exe 35 PID 2180 wrote to memory of 1580 2180 firefox.exe 35 PID 2180 wrote to memory of 1580 2180 firefox.exe 35 PID 2180 wrote to memory of 860 2180 firefox.exe 36 PID 2180 wrote to memory of 860 2180 firefox.exe 36 PID 2180 wrote to memory of 860 2180 firefox.exe 36 PID 2180 wrote to memory of 860 2180 firefox.exe 36 PID 2180 wrote to memory of 860 2180 firefox.exe 36 PID 2180 wrote to memory of 860 2180 firefox.exe 36 PID 2180 wrote to memory of 860 2180 firefox.exe 36 PID 2180 wrote to memory of 860 2180 firefox.exe 36 PID 2180 wrote to memory of 860 2180 firefox.exe 36 PID 2180 wrote to memory of 860 2180 firefox.exe 36 PID 2180 wrote to memory of 860 2180 firefox.exe 36 PID 2180 wrote to memory of 860 2180 firefox.exe 36 PID 2180 wrote to memory of 860 2180 firefox.exe 36 PID 2180 wrote to memory of 860 2180 firefox.exe 36 PID 2180 wrote to memory of 860 2180 firefox.exe 36 PID 2180 wrote to memory of 860 2180 firefox.exe 36 PID 2180 wrote to memory of 860 2180 firefox.exe 36 PID 2180 wrote to memory of 860 2180 firefox.exe 36 PID 2180 wrote to memory of 860 2180 firefox.exe 36 PID 2180 wrote to memory of 860 2180 firefox.exe 36 PID 2180 wrote to memory of 860 2180 firefox.exe 36 PID 2180 wrote to memory of 860 2180 firefox.exe 36 PID 2180 wrote to memory of 860 2180 firefox.exe 36 PID 2180 wrote to memory of 860 2180 firefox.exe 36 PID 2180 wrote to memory of 860 2180 firefox.exe 36 PID 2180 wrote to memory of 860 2180 firefox.exe 36 PID 2180 wrote to memory of 860 2180 firefox.exe 36 PID 2180 wrote to memory of 860 2180 firefox.exe 36 PID 2180 wrote to memory of 860 2180 firefox.exe 36 PID 2180 wrote to memory of 860 2180 firefox.exe 36 PID 2180 wrote to memory of 860 2180 firefox.exe 36 PID 2180 wrote to memory of 860 2180 firefox.exe 36 PID 2180 wrote to memory of 860 2180 firefox.exe 36 PID 2180 wrote to memory of 860 2180 firefox.exe 36 PID 2180 wrote to memory of 860 2180 firefox.exe 36 PID 2180 wrote to memory of 860 2180 firefox.exe 36 PID 2180 wrote to memory of 860 2180 firefox.exe 36 PID 2180 wrote to memory of 860 2180 firefox.exe 36 PID 2180 wrote to memory of 860 2180 firefox.exe 36 PID 2180 wrote to memory of 860 2180 firefox.exe 36 PID 2180 wrote to memory of 860 2180 firefox.exe 36 PID 2180 wrote to memory of 860 2180 firefox.exe 36 PID 2180 wrote to memory of 860 2180 firefox.exe 36 PID 2180 wrote to memory of 860 2180 firefox.exe 36 PID 2180 wrote to memory of 1184 2180 firefox.exe 37 -
Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
Processes
-
C:\Users\Admin\AppData\Local\Temp\The-MALWARE-Repo-master\Trojan\Mist\MistInfected_newest.exe"C:\Users\Admin\AppData\Local\Temp\The-MALWARE-Repo-master\Trojan\Mist\MistInfected_newest.exe"1⤵
- Drops file in Drivers directory
- Loads dropped DLL
- System Location Discovery: System Language Discovery
- Suspicious use of WriteProcessMemory
PID:2488 -
C:\Users\Admin\AppData\Local\Temp\MistInfected_newest.exe"C:\Users\Admin\AppData\Local\Temp\MistInfected_newest.exe"C:\Users\Admin\AppData\Local\Temp\The-MALWARE-Repo-master\Trojan\Mist\MistInfected_newest.exe2⤵
- Executes dropped EXE
- System Location Discovery: System Language Discovery
PID:2504
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe"1⤵
- Suspicious use of WriteProcessMemory
PID:2124 -
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe"2⤵
- Checks processor information in registry
- Modifies registry class
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2180 -
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2180.0.1682982974\1687954010" -parentBuildID 20221007134813 -prefsHandle 1272 -prefMapHandle 1104 -prefsLen 20847 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b548e93a-35ba-4173-86f7-ad9c75e2d3d5} 2180 "\\.\pipe\gecko-crash-server-pipe.2180" 1344 105b9d58 gpu3⤵PID:1580
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2180.1.1066873605\227155198" -parentBuildID 20221007134813 -prefsHandle 1520 -prefMapHandle 1516 -prefsLen 20928 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {146e4328-b9b5-483b-ac09-d42813b26a9c} 2180 "\\.\pipe\gecko-crash-server-pipe.2180" 1532 f02fb58 socket3⤵
- Checks processor information in registry
PID:860
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2180.2.1482852401\1210924897" -childID 1 -isForBrowser -prefsHandle 1912 -prefMapHandle 1908 -prefsLen 20966 -prefMapSize 233444 -jsInitHandle 596 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {55601f4f-4706-4904-8594-be11387a57c9} 2180 "\\.\pipe\gecko-crash-server-pipe.2180" 1924 10565958 tab3⤵PID:1184
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2180.3.528687137\189300546" -childID 2 -isForBrowser -prefsHandle 2584 -prefMapHandle 2576 -prefsLen 26216 -prefMapSize 233444 -jsInitHandle 596 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d51611cf-ea8d-4377-8084-be36a1cdaa4f} 2180 "\\.\pipe\gecko-crash-server-pipe.2180" 2596 1bc94258 tab3⤵PID:2204
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2180.4.1825270448\508604396" -childID 3 -isForBrowser -prefsHandle 2900 -prefMapHandle 2896 -prefsLen 26216 -prefMapSize 233444 -jsInitHandle 596 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {06078249-4589-4b37-bc01-d82fea496329} 2180 "\\.\pipe\gecko-crash-server-pipe.2180" 2916 e5b258 tab3⤵PID:1600
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2180.5.1302888061\206115141" -childID 4 -isForBrowser -prefsHandle 3840 -prefMapHandle 3836 -prefsLen 26275 -prefMapSize 233444 -jsInitHandle 596 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {0d21a377-cfd1-4e6c-9c74-b441a5facf25} 2180 "\\.\pipe\gecko-crash-server-pipe.2180" 3852 1f0e3558 tab3⤵PID:1764
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2180.6.485213003\518012782" -childID 5 -isForBrowser -prefsHandle 3956 -prefMapHandle 3960 -prefsLen 26275 -prefMapSize 233444 -jsInitHandle 596 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {ae3b14e9-3c5c-4acf-9de0-c911283223b7} 2180 "\\.\pipe\gecko-crash-server-pipe.2180" 3944 1f0e4d58 tab3⤵PID:2020
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2180.7.807113296\1130263822" -childID 6 -isForBrowser -prefsHandle 4136 -prefMapHandle 4140 -prefsLen 26275 -prefMapSize 233444 -jsInitHandle 596 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {45bc13b8-9667-4696-8d48-45502bbc0be3} 2180 "\\.\pipe\gecko-crash-server-pipe.2180" 4124 1f0e3e58 tab3⤵PID:2624
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe"3⤵PID:2900
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe"4⤵
- Checks processor information in registry
- Modifies registry class
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:960 -
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="960.0.1011020613\1106958574" -parentBuildID 20221007134813 -prefsHandle 1104 -prefMapHandle 1100 -prefsLen 17556 -prefMapSize 230321 -appDir "C:\Program Files\Mozilla Firefox\browser" - {3af72cce-63a2-4c44-84bd-9cece1f0325b} 960 "\\.\pipe\gecko-crash-server-pipe.960" 1168 41eda58 gpu5⤵PID:3032
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="960.1.285965877\1266772836" -parentBuildID 20221007134813 -prefsHandle 1300 -prefMapHandle 1296 -prefsLen 17601 -prefMapSize 230321 -appDir "C:\Program Files\Mozilla Firefox\browser" - {dc8e9e57-cd0a-4c9a-b96d-b0f07ae8a8bc} 960 "\\.\pipe\gecko-crash-server-pipe.960" 1312 10772a58 socket5⤵PID:952
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="960.2.1379830287\363369474" -childID 1 -isForBrowser -prefsHandle 2352 -prefMapHandle 2280 -prefsLen 23652 -prefMapSize 230321 -jsInitHandle 656 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {de22b9cc-8324-4358-b2da-bb4c973ee587} 960 "\\.\pipe\gecko-crash-server-pipe.960" 2276 172f0358 tab5⤵PID:2032
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="960.3.1234490301\734564699" -childID 2 -isForBrowser -prefsHandle 2636 -prefMapHandle 2552 -prefsLen 23807 -prefMapSize 230321 -jsInitHandle 656 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b667866a-dcde-46d3-8925-ae21ae9678b1} 960 "\\.\pipe\gecko-crash-server-pipe.960" 2660 d6b558 tab5⤵PID:812
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="960.4.2055863195\1369297967" -childID 3 -isForBrowser -prefsHandle 2956 -prefMapHandle 2960 -prefsLen 24889 -prefMapSize 230321 -jsInitHandle 656 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {849f59f9-5ace-45aa-a7fc-21f1a0393761} 960 "\\.\pipe\gecko-crash-server-pipe.960" 2944 1d79b658 tab5⤵PID:1992
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="960.5.158332803\642467744" -parentBuildID 20221007134813 -prefsHandle 2716 -prefMapHandle 2720 -prefsLen 26036 -prefMapSize 230321 -appDir "C:\Program Files\Mozilla Firefox\browser" - {6d579402-4dec-43b4-9bf0-d6926f087ab6} 960 "\\.\pipe\gecko-crash-server-pipe.960" 3000 1fc2ef58 rdd5⤵PID:2468
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="960.6.164749374\1073442074" -childID 4 -isForBrowser -prefsHandle 3776 -prefMapHandle 3768 -prefsLen 31523 -prefMapSize 230321 -jsInitHandle 656 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {fbb1f93b-b192-491f-99f9-9f68180a1d42} 960 "\\.\pipe\gecko-crash-server-pipe.960" 3788 1f577d58 tab5⤵PID:1540
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="960.7.182287322\717448187" -childID 5 -isForBrowser -prefsHandle 3928 -prefMapHandle 3916 -prefsLen 31699 -prefMapSize 230321 -jsInitHandle 656 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {2537261f-5912-47c4-85f0-398396b13e5f} 960 "\\.\pipe\gecko-crash-server-pipe.960" 3900 203c9758 tab5⤵PID:888
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="960.8.640125870\1212345033" -childID 6 -isForBrowser -prefsHandle 4064 -prefMapHandle 4032 -prefsLen 31743 -prefMapSize 230321 -jsInitHandle 656 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {83c7a856-65b7-47b8-8ab8-e9b37383acdb} 960 "\\.\pipe\gecko-crash-server-pipe.960" 3632 10771558 tab5⤵PID:2984
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="960.9.736575353\360262293" -childID 7 -isForBrowser -prefsHandle 2016 -prefMapHandle 2344 -prefsLen 31974 -prefMapSize 230321 -jsInitHandle 656 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {94c267e4-491a-4939-96ab-5ba83272f01f} 960 "\\.\pipe\gecko-crash-server-pipe.960" 2452 202ddd58 tab5⤵PID:792
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="960.10.224209168\2067938297" -childID 8 -isForBrowser -prefsHandle 4356 -prefMapHandle 2344 -prefsLen 32325 -prefMapSize 230321 -jsInitHandle 656 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {0aa52d83-07f7-4de5-9ae4-4346da2dcb99} 960 "\\.\pipe\gecko-crash-server-pipe.960" 2016 218fae58 tab5⤵PID:2296
-
-
-
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\update-config.json
Filesize102B
MD57d1d7e1db5d8d862de24415d9ec9aca4
SHA1f4cdc5511c299005e775dc602e611b9c67a97c78
SHA256ffad3b0fb11fc38ea243bf3f73e27a6034860709b39bf251ef3eca53d4c3afda
SHA5121688c6725a3607c7b80dfcd6a8bea787f31c21e3368b31cb84635b727675f426b969899a378bd960bd3f27866023163b5460e7c681ae1fcb62f7829b03456477
-
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\1009pdhg.default-release\activity-stream.discovery_stream.json.tmp
Filesize23KB
MD50ad3b3c3cb810e2e031e0a06a5efc4ea
SHA126a34133cfd392dc2964e3d8b25fb06a4ec6bf12
SHA25627d4754412b0b6bf15469bd36db0b8aebdbb81bb7b039cfce23551b0be949ded
SHA51299a25f4200c33b6623c41431fb2ae5a6755a837a675cb4ad613e7249953c44b3e40c8bb4d5f21b290e24c60ec307833a526ef66a559419172883c23b4dfd0607
-
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\1009pdhg.default-release\cache2\entries\099EB2BF8827A4F91EAB3E38B14650D0205226F2
Filesize16KB
MD574a25b18b52f8a461803bf068e233d89
SHA187a61aa16b5abb3862aa96bfc93a1ff8ce20798c
SHA2566688303374bfcf8c95010c5830c7af1ac36e9afa986a8435d5bbf16556f070a8
SHA5120cb5be5a67973adb29efaeec27268916e5bc8cec84ba9583e505bb58654c6917625a9d3d94165a1748db5c72ad301ee7156d6e983dbbd136450038268a37900a
-
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\1009pdhg.default-release\cache2\entries\253AFB87441BC09DB65F7A4B53C8948852C0243A
Filesize9KB
MD540519edc0ffb1c03bae76dc834315228
SHA1de59b0a9d781a44146f1e4f9857bd7cbbf358901
SHA256f308a4a6b2725422330620dc504e64e6bc96450ae0222008af3ec7031e7cf45d
SHA5121f415f6e1ecac7108e32965ad8a1a58338bf0dfaa1f10d32b14e8b6df268114613550442a811c7b43fd7441baa6d641ae19cbdf3b0246d279ba129c9648e8931
-
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\1009pdhg.default-release\cache2\entries\254256B27E0C48CF9B80B695F0B3B8CA84610495
Filesize9KB
MD523de6735d835c716fc7b15440488f8f1
SHA1a1263853793e7e2fd160a194584db7c658ebbf58
SHA256829d29344b8f6426de290cd862541cebc07315c6b2353e5f59d1ba154d9d37a0
SHA5124a847255b0837a14d94316bbd0b124518ce472bb1c8ab4ed22e22bcdb8ba05468a0644c2cced8810e91ee6b96a92fd7d3050092bd41f5447450a1fb4e60ad662
-
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\1009pdhg.default-release\cache2\entries\37373F56CBD822F5FCF64BA01E1320A0924D8460
Filesize24KB
MD52294ba878a31d5e01343cd48571218f6
SHA18ea39dee8d63b7aa8310bed0f3f8dc89903dda37
SHA25666a9cd55f189e2d87387004ffd288382d88eff52faea65be0a3ea41390e71042
SHA5127300524d076734c90bc3ad80acb58abf0a2405bf0a98e1f17cbee7e56238afb9ba351ee0a89be4fdabad1224b9a274a46ada7273c5c5a566a24857a51d41c5f2
-
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\1009pdhg.default-release\cache2\entries\58EFA56DB4BFFECB0EDA547894BC9A057159E22F
Filesize13KB
MD5a39ddd9575fe5225ba0865ad9e76be45
SHA1dce5e9c9815c3056ebd241ef21cf0138b045cbb6
SHA25663f46f43ed113c04e2fe40f973ba13ef04eb08121a224cbc114a6bb37eb3a069
SHA51215cabb13923f7cc0e201b7b4c198b5e4da7e36cf5842121e6a276ddd6f0c5ac74b794d167473cdef4144ee10d20f4078774cc428fe924eaddc4143a10cf0f5a8
-
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\1009pdhg.default-release\cache2\entries\6D89348819C8881868053197CA0754F36784BF5F
Filesize14KB
MD5c8a2442a01a89135c803e04d0cabb883
SHA1ee3e21f6d3f0f941ad209930a1f30cfbfacaae93
SHA2560da044b161ee8048128a87db032fe783c73060015852bb3630732ff48f5a3c4a
SHA51255ddbb1dd499751614f67b263844c73b0c7a58980bbb47436f72df2d6e7a0f48ddb30a49f96d320c326862e5c348fe9714ca4978b3b3f4a845916b50432bf8e5
-
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\1009pdhg.default-release\cache2\entries\F8CBD54DDA10F4286A41EC6A537240712D6C2308
Filesize9KB
MD55e292344bdf0d6ba5d33c4c42093aa77
SHA1f9fe87cadc10cf4543b254e086c25545d335e02f
SHA256e5b9a71270ab88e450d3908f26aefba60111018f709e26dbc149562f09f4cad8
SHA5128a5c2e38a720418fb2f7fef7c9f8928ace71c80a7c0cfea2466edb5a6c4a9b58d21df498f5cd477b42a7dd3ba2750c6934c446214c5f207949911cc82442b883
-
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\1009pdhg.default-release\settings\main\ms-language-packs\browser\newtab\asrouter.ftl
Filesize15KB
MD596c542dec016d9ec1ecc4dddfcbaac66
SHA16199f7648bb744efa58acf7b96fee85d938389e4
SHA2567f32769d6bb4e875f58ceb9e2fbfdc9bd6b82397eca7a4c5230b0786e68f1798
SHA512cda2f159c3565bc636e0523c893b293109de2717142871b1ec78f335c12bad96fc3f62bcf56a1a88abdeed2ac3f3e5e9a008b45e24d713e13c23103acc15e658
-
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\1009pdhg.default-release\startupCache\scriptCache.bin
Filesize7.8MB
MD58d24c5b32f34008202aef0958db3c513
SHA184dca874d75ec78cc0e8e9df2b8dab5dbfce810f
SHA256c758a2f451e530dd9cbeea5124c82392a6e4cba0190ced10d266a8a8ac938b41
SHA5129ccf9775b7c641c5e4834d6c26c09e6c05d84fda344bdc8112c9d4f7bf21c769d0b01da4dc8ab20460087bcc39fbc806c6dc84af88c716ebb9506ff9f39c7e4c
-
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\1009pdhg.default-release\startupCache\urlCache.bin
Filesize2KB
MD566b971d68aaf433250828cea60957c33
SHA1ae0c0ea2719ae0fa432207cebe459a20982a4a4f
SHA256422f81bfade2421c29ed5386734dbe873dc84d7fda2e722bc4a3c926ed4ec999
SHA512df3b34773c6fb610052ef7b1fcf0cf6aca000c959ea0e8c70286d7403b9ef145e441bf76d21c59ae4cbb101ceaae79df04b591b1f547ff349ab278755b6c9848
-
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\activity-stream.discovery_stream.json.tmp
Filesize23KB
MD5c9eedf06241888a849cb1e57dc03de2e
SHA107b5e514c55c709c1de31b7e1004ecf58053316e
SHA25679816efb544c250c3672689ac3fb9d113f0537c540405e365fd86abc282b5254
SHA51238ac2ebd702063822c4394fd92bc980b4fb1137e4ef3b89f655a39708376141000959e5d7872e368b800778cc518ff1376e0856bbc0a6939171fe31836e9dd44
-
Filesize
442KB
MD585430baed3398695717b0263807cf97c
SHA1fffbee923cea216f50fce5d54219a188a5100f41
SHA256a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e
SHA51206511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1
-
Filesize
8.0MB
MD5a01c5ecd6108350ae23d2cddf0e77c17
SHA1c6ac28a2cd979f1f9a75d56271821d5ff665e2b6
SHA256345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42
SHA512b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72
-
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
Filesize7KB
MD5e04cf72d243db0dec1bcfd24244317b1
SHA194374a5063a671f976f5fbe59e9d1f9f2ec6baf5
SHA2563b1ea47237da95050ebea3674f486c568dff6dd3fa11615fca518d340d228991
SHA5122a5f59bc596875c818d49216dcc09868d544d754d3fa283dd68d5ea98b0bb208dfedb48b9c5296e107b22ae0bfeb5db7eb811a45087a6599a4ef714d45b5591c
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1009pdhg.default-release\AlternateServices.txt
Filesize465B
MD5f9f20b7837c05a9dc5177ae64127ccce
SHA1aff9b1ef765c623f0d69b8e31a5848c1833a3e4d
SHA2566c00cee4f9cab3788d47cb38a56238d18c993e1011154c3089cae1449eaaa545
SHA51238d3392d9f352c01e79dcdc4cdefa28fcbc71737272b1716fe083c29fa3693d4ff083b6ffd4df16da5d461f377402a5d1d1b40c074979df07500f0dc519f1ffe
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1009pdhg.default-release\SiteSecurityServiceState.txt
Filesize264B
MD53efe0c59d18ac186132b074acdf4d458
SHA1da0100beeb338121d730a999cd2d8d48542f3c1b
SHA256486eecb691dc268d09c302eebf88b472ea19f66df1b319c2ed6f3cc97347f866
SHA512cd078f2252a56dffd570dda24ebe3fd54a57811ad9616cd7c7b6b4754580692ad12953256dfc0d53c97ab884202c664a565f4c71cc745c88c39029dd1086b188
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1009pdhg.default-release\datareporting\glean\db\data.safe.bin
Filesize4KB
MD50ec147b1d2a1167e772440a5bf48a8d1
SHA1e7d2282f18d50dbc2aed333ae4458b520d38b620
SHA256674c9b87ad3fb4b42e15585dc82aa80007728937c8e2d571cad7acf29288ddc2
SHA51270c2a67bdbed74e16c063a029941a28de73eb99639ff6dbfca88c2960971baa879aa2d439355f931af82289fdedf08e56e48b5fb742e0fef195792fa1f0f03f0
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1009pdhg.default-release\datareporting\glean\db\data.safe.bin
Filesize1KB
MD5d0cff341e285ade9ca643cc2cda57385
SHA13986719e314dd642daa6d7fe56bf3f97f1f9fceb
SHA256f9db4799ca85e69559498ac1b965e8f61c4706b504d67f8a798042aa24bc6702
SHA512bc746092cced69a7d7d31c377d1b438fdc10a39b1694067f326b6a0c469c876d0160882a16edd32d6a930d7cf3b267a4092bacdfcba322d910e4f4a1cf62b6bb
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1009pdhg.default-release\datareporting\glean\db\data.safe.bin
Filesize2KB
MD5355a577855a1aaad10a71d4de5388a9c
SHA194a0f3ad3081a5e7a95d87e1e3883062ed42aadc
SHA256a2f2eba17c3f111718029c81c171972d1bedd02488e679ab1f9845f3774aa5ae
SHA51263f9d17ff033556b6c95ea883a8d6777fd6d5f618a46d7b4541c06af84246509ca975d4f6d792fa0f0eda17c1db8f56a3b97b833675ba05a922c151a2462ab9e
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1009pdhg.default-release\datareporting\glean\pending_pings\13f648fe-6f8d-488e-9e60-a2420b0fea5b
Filesize745B
MD5bbe61f2034d8d91461f5194d038e4d0e
SHA1dea1e3bf2a68fa84c1d298dc07ea8a7040795ce7
SHA256d84abeea64dfbf4351f61b4cdca7e9628faf3156e3d5e45a4f528708b29b28d2
SHA512589388f61bb67d4aaffcc14b651c832c9a6ab74ff936dba000ca87cb53ff133c9941839c1ee360e22cd58e4f0802430f17bd1f9c639d06a62fde6dffdbf60009
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1009pdhg.default-release\datareporting\glean\pending_pings\735e93a2-4b0e-41d6-b0e5-e28320794752
Filesize10KB
MD5014c73f900f81b566c5b546c6346b1a4
SHA1ff90410392b691431475e5b696af1ef50e8af7ef
SHA25633e5522cd93cee7d17a02eaa996514481377155d860f60f38238b2764b02d0a5
SHA512dbe8ba020c40f4dc314c271d33987323856d17ac77c8dbb830c67f4718affb490e94f0272de81cf3e87450a911022ebce965786e080b64e1c2ae24c4ff7c7ecd
-
Filesize
6KB
MD517fd66bfb1844ee53bc5afd26d1e201c
SHA1889d9d0d1148ee2f8c75d95dd7ae38290469e330
SHA25661a1bc8a27911d2b5a9ccf6ba8e560d5581af47a64bff646243fdbae081610bd
SHA51217e6052345b6bd9e46efe63e4e7e3642837653a2f6a645979c72d8797d08e2370ffc42423006ff41ffb3c92bf243b5ccaec7e72681de9ae8d218f1ee7a9346af
-
Filesize
6KB
MD53dea1a7cf8791a1c5a77eb8e3626530c
SHA10c16dfa888ec6eef7fce0b63e2641af2b39d8d54
SHA2565e0b3ed466fb092c7dbee51f63ec21185dbc54c4e68d6b57802e8a18d0ff73f8
SHA512f8c4cba2972b46176ae5dd2aeb18ecab15320e266c3980d70d5cadaa9a03f5d4b251d93a9319f43ab67c28421ce28a01f428aae5bc2459baf48fce27c115867f
-
Filesize
6KB
MD59ca16e0c6a361c85ae1d0dadb046ae83
SHA10f56f85f2dcc6f420ab7ec10e421f859684c52e3
SHA25661a353b2bf0e278d8be8078757b981bc0e61d976fce99dbd74baf04dc898f5dc
SHA512bc676acf8bd85a1e4f6d847f9966fd331ac4dc52b3d93c54a3533327c8ac7995eec8f515a27838824c595027a0c405600065f190bbf7578f05c7a50e770bdbc7
-
Filesize
64KB
MD5deeced8825e857ead7ba3784966be7be
SHA1e72a09807d97d0aeb8baedd537f2489306e25490
SHA256b9f022442a1506e592bf51284091a8a7fe17580b165d07e70c06fd6827343a54
SHA51201d303232d6481af322137b44fef6c2a584f0643c48bab2836f9fe3193207015da7f7514fe338500ae4469651e3d9618293858ae507e722198a249257677099e
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1009pdhg.default-release\sessionstore.jsonlz4
Filesize1KB
MD5805d553e58af662bc80a1b87727711dd
SHA178cf6ebc472ab15585424edb732f197b513e72ca
SHA256866ad11e7b56c46368262f6e7ee82c464b9e94d7556c26e631b3c71fc9d93cc5
SHA5126407e62b1fcd9c030d93801a51913d5ba2eba50bc979346d855b8a5194c2ccb6c021ae730f706d5b455fea8bf1dc06fe92d40493e4e957ff3098ed9e73fb8b87
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1009pdhg.default-release\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite
Filesize48KB
MD561c3ab3a1dce79148e73e9abc7e8c9b5
SHA1a6fd02cc909f725ccf6048db363992e5ff261109
SHA256d9e653b1666c2e2bb1edb916e62bef7c39d5ff01036e0bb66a8d22496151263b
SHA5120452effb2539a6a2b3067b416757131240c1793cf57f813d8824c4700fdbf52166a873302a4411dcbfbf4bea6cba6f8f13c84c7c9936ac87ea0e865da0a05ddc
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1009pdhg.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
Filesize184KB
MD55699a35195c7237900a21c5c9f9d4fb8
SHA14b6c3f2a93c12d909e132ddef6c975132e7faa30
SHA256db5da8b2172f90267285a998d144474bf1154c70cb0eb7530885468dd5225fba
SHA5123baa6ae405497241c8650bf98b2526473598eeeff6e71f5d94c9d6d06b7e7f827e4bf4c7d9017e80afdc3ffbf38c5af59729c0c2f4624d90e6573a3ed64cf17f
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1009pdhg.default-release\targeting.snapshot.json
Filesize4KB
MD5e74fedf55ac7966e0a3448a07b8e441e
SHA1817441b5846787ae24028303b3733c83ac8fe445
SHA256bede5e42a106f4b8d237306d0e57c11bc30d8a810924ce3b89c59c271d3b2e4e
SHA5120719c05b6b98147e0397643f9c3ba69076dc0c7f169419c172648920009daf7112569d8aedcc93932ff240eb5098bf18c4a11b53df5ce7993461371b45d7b175
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\addonStartup.json.lz4
Filesize5KB
MD5ab63a7b2dbacb05f12c777377ae89ba2
SHA1c08dfdd48716cee65a5af07f50f8205432ec768d
SHA256167bbc1ce6787131fba4448d23c2c69cb5d1d812c54e78ebab261036d7710910
SHA512a3ff9049b5028919f3b44a296a473409f59873a0a41d49aa3c7867f261719803b36b21f493ab8be1ec5ae3463ba9d6eefe02c7bb1127dd0dbf7950ca9e70046c
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\bookmarkbackups\bookmarks-2024-12-13_11_N1F+KwGL2XAnXDkG61FnWA==.jsonlz4
Filesize959B
MD5550c533352e9c72ef97cfde20253c7ff
SHA1cd8e17b2ce05ddd55531525eabf7ea1c1d01724e
SHA25645c293b24d35ce09e8398f170e9b5d20ce3e8f2a65a98479918030d607537960
SHA5121d3ccff97992daa2a5d8978f319abb166dd3b92e5f36b2a1f62e1b2f4cec97116de1a54dca5ce34f8eb0d96a72ca81afc50e25f771cc114856d0bc7352b044ff
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\broadcast-listeners.json
Filesize204B
MD572c95709e1a3b27919e13d28bbe8e8a2
SHA100892decbee63d627057730bfc0c6a4f13099ee4
SHA2569cf589357fceea2f37cd1a925e5d33fd517a44d22a16c357f7fb5d4d187034aa
SHA512613ca9dd2d12afe31fb2c4a8d9337eeecfb58dabaeaaba11404b9a736a4073dfd9b473ba27c1183d3cc91d5a9233a83dce5a135a81f755d978cea9e198209182
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\containers.json
Filesize939B
MD594a3843fad8c45c48b0e07342df3dfdc
SHA1d55b650208bda884d573afebd90830a3f4d7c201
SHA256854ff2076f71097b030c302a1ea71d8e851d2920b9ff5fc8dc8f16c91ba95b72
SHA5124d2a6b2a223ad81bb97195abb27685cf88453caf5769de154b373486d5245f02e0c0f664281d8e3bb33bfcdf1d6f7b3d9602303864d4e56481382adcb0b932db
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\cookies.sqlite
Filesize96KB
MD5d367ddfda80fdcf578726bc3b0bc3e3c
SHA123fcd5e4e0e5e296bee7e5224a8404ecd92cf671
SHA2560b8607fdf72f3e651a2a8b0ac7be171b4cb44909d76bb8d6c47393b8ea3d84a0
SHA51240e9239e3f084b4b981431817ca282feb986cf49227911bf3d68845baf2ee626b564c8fabe6e13b97e6eb214da1c02ca09a62bcf5e837900160cf479c104bf77
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\datareporting\glean\db\data.safe.bin
Filesize2KB
MD5b75cb4fa81814378a11ac892b8a351d5
SHA13524d78e67e08be0bb1b1de67e3440d00fe55f19
SHA2564ff830c992fb287565ff88e947a18f419fb9dbe67ca8bfe417f103db96f23acb
SHA512a57b43b32423d723154e93f29af7a1cf310ff67cf39ab2c518d284c0e4e6527187b25b670dbc24d5ae3ebb522d449f6d3e87210c5859570ef45fb8bb08e83feb
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\datareporting\glean\pending_pings\406bd874-f7cc-430e-804e-145e98d44a11
Filesize655B
MD5185ea1a69c1d07cb7a3a51e24ca8bdd2
SHA1ab5718b2e749e13d55592764cda4df038f225e18
SHA2562acbdf38bb643ac23388aa45abc2102092b5c9d1c43a306d9208462d7736da4d
SHA51226603bc9ad49999461937385e4779a6e30842b299bece76822d3dd7cbe950d8af09d1c3611987e6a3f250f269d57d89d93ed9d4cd557753a7cd5a8885f3aaed6
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\datareporting\glean\pending_pings\f4273cca-b17f-43e3-9d63-b98d330436ea
Filesize586B
MD5b481cf8d30aa3a131c6ba23bf7a7d94e
SHA1e0b0e8b6a3fae5f82ffbee1ec42d06718c4caae0
SHA2561497dc1eacbcdce2a18c743692c022103469a4ad0845f425eb8f474c53c3d0c8
SHA51207a4010c54350312a085db695372d70c0269a20fd2981da5c4d847d104cd17d282cc7e974e50eb0b750357a9a77c0ab4f58695b57a8e2f8d4647a414f68086c7
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\extension-preferences.json
Filesize1KB
MD5be330bd97e63f073880fbac0f29880bc
SHA164436de4108c6adde238f9e925aaea2dc49cbc13
SHA2565b1619884f8b770678843eb83c4a7459865aa2c5e84bf38f22026d23b5b28ef7
SHA51280cf1203daeb3c31f5ffaf3b7a97b598a196750b7c9a44ebde50ff5a1aba6ac651a2d9edab58aeb395871dc600e64a81d6fc61b710994f6a2f9e202cf25362e7
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\extensions.json.tmp
Filesize41KB
MD59bc44e49e13d6d4b00e5298592f2e08f
SHA12087ba1e244f2312cc924d2c56dbb383b83e847e
SHA2566f7a187f887247287b7dadd9199c355b0243155971301230cd4e64e096867f2c
SHA51259277cc6f34231d54953e5009a9890eb27e875af11b9c00f5222ee010d1a69960cdd282cefc5a1d1f8dedb8dca0f8b74c433abd11f2f8e04597a8a3b7b2e643b
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll
Filesize997KB
MD5fe3355639648c417e8307c6d051e3e37
SHA1f54602d4b4778da21bc97c7238fc66aa68c8ee34
SHA2561ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e
SHA5128f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info
Filesize116B
MD53d33cdc0b3d281e67dd52e14435dd04f
SHA14db88689282fd4f9e9e6ab95fcbb23df6e6485db
SHA256f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b
SHA512a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\gmp-widevinecdm\4.10.2557.0\LICENSE.txt
Filesize479B
MD549ddb419d96dceb9069018535fb2e2fc
SHA162aa6fea895a8b68d468a015f6e6ab400d7a7ca6
SHA2562af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539
SHA51248386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\gmp-widevinecdm\4.10.2557.0\manifest.json
Filesize372B
MD58be33af717bb1b67fbd61c3f4b807e9e
SHA17cf17656d174d951957ff36810e874a134dd49e0
SHA256e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd
SHA5126125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll
Filesize11.8MB
MD533bf7b0439480effb9fb212efce87b13
SHA1cee50f2745edc6dc291887b6075ca64d716f495a
SHA2568ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e
SHA512d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib
Filesize1KB
MD5688bed3676d2104e7f17ae1cd2c59404
SHA1952b2cdf783ac72fcb98338723e9afd38d47ad8e
SHA25633899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237
SHA5127a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig
Filesize1KB
MD5937326fead5fd401f6cca9118bd9ade9
SHA14526a57d4ae14ed29b37632c72aef3c408189d91
SHA25668a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81
SHA512b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\handlers.json
Filesize410B
MD5e7a65c5ead519a7b802f991353c26d3d
SHA134cc3c1cf9bd4912dba5fa422010934e46419fa3
SHA2560e5ce92485da953757f615bad034a43032b220da18f8165dd85347851b56b2d2
SHA5122a6034449ba6f5da8a77870ae665064047cea2460aeb4c8c0b62b308a403fdd30648150209aecc31ab1e50b6d9d94a1f51d3d7d50bbf35ec1b742bff2dbe788d
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\key4.db
Filesize288KB
MD5e292c613320673541b1a5988ebec04d0
SHA1954958897f1861f95f0cbbb1a3cb77ecd1606216
SHA2562eea5642c36ce933e9dfe9c1407a597346183f136cc8b4ec1451a38b696b73c6
SHA512a8f69cac6e1e4618d05d41be47057cf3aa645ea7de55d5bcd4c9e2f0a98f9766a36a40f9d8937ec326ad407a683dedcacfe9966174a8746c2f8b63dceec558b1
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\prefs-1.js
Filesize6KB
MD57e38b2ca0e1959e7761ae9c50ed1bb70
SHA1bac2ec274f3c1c873a5012cd53c49a69ff309bf9
SHA25660801209581f28766853bbebfb25cb290a05438d78e47699a86d649b656f8796
SHA512ef06039a75721c8dba68b89f364032a8d5c444e101793dd1e2792c667423c030f7bf5a7964c24e3c872d67d4a2a5e4b15dda5439f941fb0658483608ec401196
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\prefs-1.js
Filesize7KB
MD51ec01e62f48731f495565e3984412337
SHA1e4a17beae792eda60e823985e343f4770966834c
SHA2566d258d978cee67a0ae8020353f05e7e3c801ea4169aba01079d977350235f028
SHA5129451ab28ce717e1505d54da7afc0034c4a7a6099670d42f7ce631a9fd56511e824149ce2296aa5f683005d4fa2fd269eb7f853876548d5fbda827ab146b49683
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\prefs-1.js
Filesize7KB
MD5503c5ccd1756bcc2468f186739f9244e
SHA189461ed0ba5de10a12c02aa72872e6edbbf1d116
SHA2567eb6bc6b41799102417cb5241bd973e777b42624aaa8fd02c766dbdd39eae806
SHA512ad3679fc1abed66d0d0ccb11171cb738eb79683fab9b22b294f14e484bb1a577928849c7273c7ea4ccea69ec4f4a62e5f2555d175cde679b79807cd7b6c1c4b5
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\prefs-1.js
Filesize6KB
MD564b1975af5fd1c0508b15caf2425da2d
SHA158d3944bec5b2e14f3afc468875f5ac47e6d8174
SHA25626c313c7e45e16a7c1c9fa85872709fcd7d4d1eaf942ebd370760b6653a51355
SHA51230c33de55abf586df917fa815124079d9e62322f26c859982dc520613114f0ed8abcdcee68807223ed10212e8b4c9c29d23db2f6beb0ebc89cc58419f9f53c82
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\prefs.js
Filesize3KB
MD586c5da4976c5fcf4ea43318c12238165
SHA183d2a5cd735828294e01ba138dff99af2286c070
SHA256e70a7049789c42bed9c207df066d696a896460ac2f7ddce029ab8968f91f243c
SHA51291e5cb5cf4fc4dd3cef4ff31949c44f2879eef75a2953004bc65b16cf74b348cbbcd0cf17ec61d2246c9c894de9aab5e4fd03c8a16eeff3d2190097e797be6b2
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\search.json.mozlz4
Filesize291B
MD58eacaddb23a32317d540053f212571b5
SHA144a35efc4fb1591048c618c02ee3ba58f7dab5cc
SHA256927f4ab39b925da636b897890ca6880eecccd5304dfbe07b38fafe99f22e35a1
SHA512e60890810e5f36e6fd2122d60e805e3736b4e4dbe62301dbaef57953047c90847c01df72bdf7cac75c0b26e4361f90c43b273d5b1025320f16da5b27ffcb81f3
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\sessionCheckpoints.json
Filesize288B
MD5948a7403e323297c6bb8a5c791b42866
SHA188a555717e8a4a33eccfb7d47a2a4aa31038f9c0
SHA2562fca1f29b73dd5b4159fa1eb16e69276482f5224ba7d2219a547039129a51f0e
SHA51217e2f65c33f47c8bb4beca31db2aff3d4bbb6c2d36924057f9f847e207bdcb85ffcbb32c80dd06862ffc9b7f0bd3f5e2e65b48bb1bc3363732751101d5596b1a
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\sessionCheckpoints.json.tmp
Filesize53B
MD5ea8b62857dfdbd3d0be7d7e4a954ec9a
SHA1b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a
SHA256792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da
SHA512076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\sessionCheckpoints.json.tmp
Filesize90B
MD5c4ab2ee59ca41b6d6a6ea911f35bdc00
SHA15942cd6505fc8a9daba403b082067e1cdefdfbc4
SHA25600ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2
SHA51271ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\sessionstore-backups\recovery.jsonlz4
Filesize3KB
MD5d87a6c6d648d4d750b254fc08bed723a
SHA1fc9b90d2e91b8ffa5c8956d61864bb254c8a865d
SHA256705793bd5b9a371ba75da5534b0f69b0f680229e43652a327e35ce46352f09a8
SHA51206cbd6cd5718d7308694486a157e1b0ff3d5f1f99b8571d1c69b65fbab3f0b38bb5c2845dd29e46306ead15b28b08fd8f3ffa1a74c77e1ea90ce504a8e637bb1
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\sessionstore-backups\recovery.jsonlz4
Filesize575B
MD522038c84d352b8be71a189c59b7b8042
SHA15a36745e2b966df83965e6007c9ca4ab89ae0328
SHA25676087308d395acae928c74b40540a115ba1b7d884927f698ee6ab0403b82626f
SHA5121df31cc0a74d743b9e5df254736bd152fd222488837c9d018c4947e80fedd80fa108592aa09c0dd59b2170ae12dc923e5a0be915ccfe52a9be2b99a58a115b13
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\sessionstore-backups\recovery.jsonlz4
Filesize4KB
MD50cc593a8e198f6e605c04949398c3ef8
SHA10d22adc8f96630f2f89acc8da384df4c25cc49df
SHA256f775adaae8f2b681255236d085321789521dff10f489b1e21780b05144122194
SHA5125adb4973fd9bd034dcfb6ad025409f713b9675a51357ed6ecaae7cedd9fa2a5c3921152b6ee5fef97202ee856b235dde5a68f3212b5a831b6b07a070664cab45
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\sessionstore.jsonlz4
Filesize266B
MD54fdb7f9a51ba177262d07d38c0238915
SHA1f12c5a74467bf624164ac77ab7af517ce46ace8d
SHA256a641f5701e0ccb2fc22a9f4323c96d899db4397fc08c63fc5de852d9aadca9d7
SHA512fd0e72672b280e9f362cd8ba4a81c795fd741163020cd2c62a104c3f8e006883ac592951db85f364f3fece2d9af386f635b93ced301e12b4418e1e0a7fdd9c09
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\shield-preference-experiments.json
Filesize18B
MD5285cdefb3f582c224291f7a2530f3c4e
SHA1f816c3e87aa007b6e6d31eb6a4618695a7d83439
SHA256704d28223a4320a853df4a19d48c7015cf79d56a5317cc3475b6305fa43dcc05
SHA5128f1decf1e4b5755fce8f165daae115f45d6890985c9c4bbb33a6f724cbfd26db75f6da06f9ef675de20fe755da9b7f55e5ee37124296a12a520a393da159bd58
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1894d6c0.default-release-1734129665221\targeting.snapshot.json
Filesize4KB
MD583d6be525ec9c12c85c78d449046352a
SHA17839f959d8e1f8423c7c99de5f0f1ebc4ac807b8
SHA256a0efbcb36bd4cb3ea30016c552c27549444c327d17daaa11d4aa70fae9fb76e3
SHA5126d25e2ea0a6c9ac13d4d112d310050051a15a55f4471d4762e81be14233a6a98593697c2b45487270606d8c77aad2c1ccdf4a8155e308c8dcf1fd82768180ef1
-
Filesize
5KB
MD535860b7440797fdf92b6b343858fae39
SHA162c24f43eedf6e71b226f0159dbbfeecc152f47f
SHA256fa8d0fffa1b53a2ef40a65da9e28fe04dd91f053f4784f542714e60b4290f498
SHA5125ae3d1a8279ae0fdf7954c3cf2279ea9c525e36547c4ed92049f741be6bd46bfef82b40763c7d01e0620dcf356fc9fc45b12be4dce319d4d9b354f6fa15d1a69
-
C:\Users\Admin\Desktop\Old Firefox Data\1009pdhg.default-release\storage\permanent\chrome\idb\2918063365piupsah.sqlite
Filesize48KB
MD56102ebee296acc13ef300115640d7963
SHA1b100d7231fea01498a0a91248e758d93b100212c
SHA256cc6b9d63b2b37903cb47cc3c6925ac788728b56de09ac62912a236dcd5d44e48
SHA512bb4e5d2fcd90cfb479defbd2c11f91652ecfb2b8c136eb26cad725f7cda1668d0bc19424596e0a9c83b96f712ff05fba25222a58e0414da7c9d191754aa02157
-
Filesize
217B
MD5c64c353599fd3ad2e43607fcb5b4ebf8
SHA1d47b687df6f60fab3f0b32dd20d54258b2b645d9
SHA256c92da016f56b7aa125d9735490a7421c525e839d1e34c130d4f73915b08c8b44
SHA512c5e25b4206a027d28ac6aae3fd31b9dc020febe33b7036885fb94d39b7378f3bf1d7f6df9902c372de1ea9505e7f4032ffbbf394bafc1cb87ed3b20fabae7b23
-
Filesize
3KB
MD5459f3d7499adf6570cd98bbc2635f74c
SHA1e2f1ffe536315c83e65d099e84c1ec8728bbee85
SHA2565c5ecc47ad85aadb5acf9d057461073ec37c9407510379dd16985284b821cda7
SHA512748b9ef6c075036d6cda5840864e10b92fad80416578b51e37a0e7a01ddac1b80f2af192897e2e68b023904ac7f2f2bd17c5840161c51ac09e551f4641520490