Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14-12-2024 13:44

General

  • Target

    https://shorturl.at/v2n5K

Score
3/10

Malware Config

Signatures

  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

  • Checks processor information in registry 2 TTPs 8 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Modifies registry class 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 5 IoCs
  • Suspicious use of FindShellTrayWindow 21 IoCs
  • Suspicious use of SendNotifyMessage 20 IoCs
  • Suspicious use of SetWindowsHookEx 10 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs
  • Uses Task Scheduler COM API 1 TTPs

    The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.

Processes

  • C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "https://shorturl.at/v2n5K"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4152
    • C:\Program Files\Mozilla Firefox\firefox.exe
      "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url https://shorturl.at/v2n5K
      2⤵
      • Checks processor information in registry
      • Modifies registry class
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SendNotifyMessage
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:3996
      • C:\Program Files\Mozilla Firefox\firefox.exe
        "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2024 -parentBuildID 20240401114208 -prefsHandle 1944 -prefMapHandle 1936 -prefsLen 23680 -prefMapSize 244658 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d4be846f-803f-4ae3-8dd2-1c8ed994af72} 3996 "\\.\pipe\gecko-crash-server-pipe.3996" gpu
        3⤵
          PID:1672
        • C:\Program Files\Mozilla Firefox\firefox.exe
          "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2464 -parentBuildID 20240401114208 -prefsHandle 2432 -prefMapHandle 2428 -prefsLen 24600 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {4ed74ecd-64b1-43d9-aac9-d022cbb66a3c} 3996 "\\.\pipe\gecko-crash-server-pipe.3996" socket
          3⤵
            PID:5020
          • C:\Program Files\Mozilla Firefox\firefox.exe
            "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3060 -childID 1 -isForBrowser -prefsHandle 1436 -prefMapHandle 2800 -prefsLen 22652 -prefMapSize 244658 -jsInitHandle 896 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b45d50ad-f78a-4808-abae-421c57782f72} 3996 "\\.\pipe\gecko-crash-server-pipe.3996" tab
            3⤵
              PID:4008
            • C:\Program Files\Mozilla Firefox\firefox.exe
              "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3960 -childID 2 -isForBrowser -prefsHandle 3972 -prefMapHandle 3968 -prefsLen 29090 -prefMapSize 244658 -jsInitHandle 896 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2ad8c57f-7301-4645-9833-9e16f74a4d1c} 3996 "\\.\pipe\gecko-crash-server-pipe.3996" tab
              3⤵
                PID:1580
              • C:\Program Files\Mozilla Firefox\firefox.exe
                "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4652 -parentBuildID 20240401114208 -sandboxingKind 0 -prefsHandle 4636 -prefMapHandle 4532 -prefsLen 29090 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {4af35a0a-e40b-49e1-b5b6-ec78737d6db5} 3996 "\\.\pipe\gecko-crash-server-pipe.3996" utility
                3⤵
                • Checks processor information in registry
                PID:3916
              • C:\Program Files\Mozilla Firefox\firefox.exe
                "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5412 -childID 3 -isForBrowser -prefsHandle 5400 -prefMapHandle 5372 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 896 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f12e4bdf-636a-4c19-8596-7d9fd6bb0025} 3996 "\\.\pipe\gecko-crash-server-pipe.3996" tab
                3⤵
                  PID:3088
                • C:\Program Files\Mozilla Firefox\firefox.exe
                  "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5424 -childID 4 -isForBrowser -prefsHandle 5416 -prefMapHandle 5408 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 896 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ae0919d4-dccc-4395-ad8f-ac8ed716dec1} 3996 "\\.\pipe\gecko-crash-server-pipe.3996" tab
                  3⤵
                    PID:3672
                  • C:\Program Files\Mozilla Firefox\firefox.exe
                    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5692 -childID 5 -isForBrowser -prefsHandle 5684 -prefMapHandle 5680 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 896 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {46fb183a-6a9f-451f-a8f0-656bd1e74dab} 3996 "\\.\pipe\gecko-crash-server-pipe.3996" tab
                    3⤵
                      PID:2020
                    • C:\Program Files\Mozilla Firefox\firefox.exe
                      "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5768 -childID 6 -isForBrowser -prefsHandle 3352 -prefMapHandle 3356 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 896 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {341af555-cad3-466f-9983-77e9cb4b0c0c} 3996 "\\.\pipe\gecko-crash-server-pipe.3996" tab
                      3⤵
                        PID:2920
                      • C:\Program Files\Mozilla Firefox\firefox.exe
                        "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5528 -childID 7 -isForBrowser -prefsHandle 6240 -prefMapHandle 5444 -prefsLen 28303 -prefMapSize 244658 -jsInitHandle 896 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b5bf5c87-ae72-4b40-971c-8be39c9e1639} 3996 "\\.\pipe\gecko-crash-server-pipe.3996" tab
                        3⤵
                          PID:3788

                    Network

                    MITRE ATT&CK Enterprise v15

                    Replay Monitor

                    Loading Replay Monitor...

                    Downloads

                    • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\activity-stream.discovery_stream.json

                      Filesize

                      20KB

                      MD5

                      fdf4f38e03f64a8766f9a66f1958aaf1

                      SHA1

                      b2374135aea81074a9283d2cd12624c6ca6af4b6

                      SHA256

                      aa0325812f62722e4e12dbf91703ea8725ef62940c39f4d6ba35b20c7d0c0d8e

                      SHA512

                      9fe414173030e80fb88ebf1a21430f5abf0e34bea372bd29234f29490d604f66335d84f364425f666d2e3ad059efe32fcd02391f87e97443a5f10886fb7ad856

                    • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\cache2\entries\7A550E6E1F298273B3F3920A8F4F69E641EC0D2F

                      Filesize

                      112KB

                      MD5

                      318751960b67fc394d19d74acdf339fc

                      SHA1

                      442b93e377b4e6f304f1ffe9d318a42bb38f47c7

                      SHA256

                      7f705c5e47d6efc39e41057554b59073fc5d77a5e3e1bbc55702b5cbcdc545da

                      SHA512

                      068ac3ee4156991ec2f10ffd6e6bbd5f041ec858cb0645148cc1279c872f61c22b65bbc5038814e7fb33e5c6041cba70ae54c6770166ac2d6fdc1015ef0585c9

                    • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\settings\main\ms-language-packs\browser\newtab\asrouter.ftl

                      Filesize

                      15KB

                      MD5

                      96c542dec016d9ec1ecc4dddfcbaac66

                      SHA1

                      6199f7648bb744efa58acf7b96fee85d938389e4

                      SHA256

                      7f32769d6bb4e875f58ceb9e2fbfdc9bd6b82397eca7a4c5230b0786e68f1798

                      SHA512

                      cda2f159c3565bc636e0523c893b293109de2717142871b1ec78f335c12bad96fc3f62bcf56a1a88abdeed2ac3f3e5e9a008b45e24d713e13c23103acc15e658

                    • C:\Users\Admin\AppData\Local\Temp\tmpaddon

                      Filesize

                      479KB

                      MD5

                      09372174e83dbbf696ee732fd2e875bb

                      SHA1

                      ba360186ba650a769f9303f48b7200fb5eaccee1

                      SHA256

                      c32efac42faf4b9878fb8917c5e71d89ff40de580c4f52f62e11c6cfab55167f

                      SHA512

                      b667086ed49579592d435df2b486fe30ba1b62ddd169f19e700cd079239747dd3e20058c285fa9c10a533e34f22b5198ed9b1f92ae560a3067f3e3feacc724f1

                    • C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

                      Filesize

                      13.8MB

                      MD5

                      0a8747a2ac9ac08ae9508f36c6d75692

                      SHA1

                      b287a96fd6cc12433adb42193dfe06111c38eaf0

                      SHA256

                      32d544baf2facc893057a1d97db33207e642f0dacf235d8500a0b5eff934ce03

                      SHA512

                      59521f8c61236641b3299ab460c58c8f5f26fa67e828de853c2cf372f9614d58b9f541aae325b1600ec4f3a47953caacb8122b0dfce7481acfec81045735947d

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\AlternateServices.bin

                      Filesize

                      6KB

                      MD5

                      e5d682c52b39e4b37c27dbc24194534b

                      SHA1

                      ff8f98fb28d9922114123bdfa74c9488cd919ac1

                      SHA256

                      deaba541f30f95484b57cfdd4a5d0996e3d9caa84da4d29774649215a5b88b26

                      SHA512

                      bbbbeda72923538f20965dea0c1ab25f82e060edce7a4041daa4c8089b695a560aae7da0598b50887aa0342df6f53c7f3141cb36cb1535319ce7b6c9d67ae61a

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\datareporting\glean\db\data.safe.tmp

                      Filesize

                      5KB

                      MD5

                      f77c84d2ac057ed052eedd53d7b9c650

                      SHA1

                      0cd8f765b2423fad7844611e9184ce4a60a7c109

                      SHA256

                      75945fc8db0d948e43315137353a1e1cbc5f1d4919fe3f6c75629131a7d0c567

                      SHA512

                      bc825b535c57351d4801de80214326e2a52aae25484bce01a93b0af9f83bf623e43c4c3d9b5845f74a40af209cfa3e164e7db42832c908c6f77b0a5b9544848e

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\datareporting\glean\db\data.safe.tmp

                      Filesize

                      15KB

                      MD5

                      0b21095c4953d9cf1b27c0b2c5497192

                      SHA1

                      4ab8674f55976cf89055ddfdb85d3d5248f3809a

                      SHA256

                      82b7cf138b7c0ff21dbdeb7c5ca2c3f431412327991fc062b7d951f06ea05f02

                      SHA512

                      1bfa446232febb86405e82308d629d7778b0280d3d65e8fdb2ea662e60c4c78ff1a9ab99926cac34e594eb2c6f2b4b7303bfd80843f6d745e224e013ac802775

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\datareporting\glean\pending_pings\2abfe4b0-9f34-40d0-b9d8-faf0db35929f

                      Filesize

                      671B

                      MD5

                      15e1edf0b74987afbc1cf2198fb90db6

                      SHA1

                      5b29416e745bd033e2814f25f3c855366b938827

                      SHA256

                      5e3a6571911772a8745ca2d8586fafaca30bf1480ee56e233b773ffc30924862

                      SHA512

                      0603be937ebbb074088f13027b8dbd977c0e432d16b744db1527982be8b3130e7475dcc960912c37516cc5b4cd20d6dcf41c86dd6fb3d3b82698510254042b48

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\datareporting\glean\pending_pings\58d4781b-5a50-406a-85c1-4cdbf6247a9a

                      Filesize

                      26KB

                      MD5

                      fe1d2908b87be1a7d8023f3ae0453692

                      SHA1

                      8f9663d904de0e5f07efc2b6c5fbe26e5236b3bb

                      SHA256

                      384541a6ea0c870809c8b7a61313a311e0e5c6331ce4c6eee21fcb71a14761bb

                      SHA512

                      92673599bf51d8a626523c3367ca97de78d2853487c3736afea331400e1d830e13e9d907ef34de97259b940914558413a1dcd8849a10dd4166141bf1298417bf

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\datareporting\glean\pending_pings\c6bad8bc-b966-46de-8411-b094d9fc2f29

                      Filesize

                      982B

                      MD5

                      06695579672fcee3a3f6a6a8fdeb4ea0

                      SHA1

                      da23a7aff4cf22ef04d5572d8ffd95db3edd772b

                      SHA256

                      5d33f7e49a28a6e92bf42b4564e1fa85c6565aa4eee3b4cc1e56a43e16bca21e

                      SHA512

                      6a0fc24d2dbab6a137c7afae5e9d38ada12745603872b557835aa046b3612b5d1b469c19312002044f0c03b562396874eba7e448d52a7cb531b17184e79ff984

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.dll

                      Filesize

                      1.1MB

                      MD5

                      842039753bf41fa5e11b3a1383061a87

                      SHA1

                      3e8fe1d7b3ad866b06dca6c7ef1e3c50c406e153

                      SHA256

                      d88dd3bfc4a558bb943f3caa2e376da3942e48a7948763bf9a38f707c2cd0c1c

                      SHA512

                      d3320f7ac46327b7b974e74320c4d853e569061cb89ca849cd5d1706330aca629abeb4a16435c541900d839f46ff72dfde04128c450f3e1ee63c025470c19157

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.info

                      Filesize

                      116B

                      MD5

                      2a461e9eb87fd1955cea740a3444ee7a

                      SHA1

                      b10755914c713f5a4677494dbe8a686ed458c3c5

                      SHA256

                      4107f76ba1d9424555f4e8ea0acef69357dfff89dfa5f0ec72aa4f2d489b17bc

                      SHA512

                      34f73f7bf69d7674907f190f257516e3956f825e35a2f03d58201a5a630310b45df393f2b39669f9369d1ac990505a4b6849a0d34e8c136e1402143b6cedf2d3

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\gmp-widevinecdm\4.10.2710.0\LICENSE.txt.tmp

                      Filesize

                      479B

                      MD5

                      49ddb419d96dceb9069018535fb2e2fc

                      SHA1

                      62aa6fea895a8b68d468a015f6e6ab400d7a7ca6

                      SHA256

                      2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539

                      SHA512

                      48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\gmp-widevinecdm\4.10.2710.0\manifest.json

                      Filesize

                      372B

                      MD5

                      bf957ad58b55f64219ab3f793e374316

                      SHA1

                      a11adc9d7f2c28e04d9b35e23b7616d0527118a1

                      SHA256

                      bbab6ca07edbed72a966835c7907b3e60c7aa3d48ddea847e5076bd05f4b1eda

                      SHA512

                      79c179b56e4893fb729b225818ab4b95a50b69666ac41d17aad0b37ab0ca8cd9f0848cbc3c5d9e69e4640a8b261d7ced592eae9bcb0e0b63c05a56e7c477f44e

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\gmp-widevinecdm\4.10.2710.0\widevinecdm.dll

                      Filesize

                      17.8MB

                      MD5

                      daf7ef3acccab478aaa7d6dc1c60f865

                      SHA1

                      f8246162b97ce4a945feced27b6ea114366ff2ad

                      SHA256

                      bc40c7821dcd3fea9923c6912ab1183a942c11b7690cfd79ed148ded0228777e

                      SHA512

                      5840a45cfdb12c005e117608b1e5d946e1b2e76443ed39ba940d7f56de4babeab09bee7e64b903eb82bb37624c0a0ef19e9b59fbe2ce2f0e0b1c7a6015a63f75

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\prefs.js

                      Filesize

                      11KB

                      MD5

                      3cfb86f16cf9edda78f03d3643792d45

                      SHA1

                      730d7089fd2cc1987aab205465ad0481ae7c145e

                      SHA256

                      24d105c507ea2df234b1aa6fc6e95ce7f8dd6df28834fbf27b7fb9569c8f69d8

                      SHA512

                      63c4018f11c74bdefff5ace179411034ca7ee7377c288b966a90d0ceedd02ef15c547f7357a424a6d8e29c7422369ea7c373009707eae5b277f50f114aab7ab0

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\prefs.js

                      Filesize

                      10KB

                      MD5

                      dbf6c23d4911c161db72912dab9f2194

                      SHA1

                      f945de49f563a68c39730c945f3052a2e065782e

                      SHA256

                      5bf7df77c0ccfc7c4bad76829a0dea99c77d9d1155bdc825d6a13b33b5c55ea1

                      SHA512

                      1d9ac3119866a4351fae7022ab1bb4fc0adc6709911ed5b922a8e3170f328fe4fb6a71c50f3d126d30e837e41292ec864c1ef679a6d5046546ea0cd14e1edb27

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\prefs.js

                      Filesize

                      10KB

                      MD5

                      c0ab6df707ac66440a8e095a879d791e

                      SHA1

                      508f9847476039ab6767481634f37053f1c34d2d

                      SHA256

                      d1f256caaca556da37738e72e35ee0adf10fde2b98229b10480a419cd5d04fc2

                      SHA512

                      2a4349cd4d21abc1b27d611ff2da3a1b7d3232cc7f0e2e1e9beb060e0158807912eaf1c8804512e20e3e397f405b1055247d1fb1fea157e16f7312b502fdb2d7

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\sessionstore-backups\recovery.baklz4

                      Filesize

                      2KB

                      MD5

                      36393bbfd63f53ccb219997bdec483d7

                      SHA1

                      44bcdaa0bcdb3054f28f394bf29a15743eff0ce9

                      SHA256

                      fe50bed8aaf2dabd10c68c6d6e01eb779ef3b1df58ab408a260effaa5715b110

                      SHA512

                      4f0f39de786c48828383fb8aaced582881b3de427b25413829a44f367859ceea60d26f8d56647eb24a70a470023ead17e3225c1df38c7d91c640fadbcf398eb7

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\sessionstore-backups\recovery.baklz4

                      Filesize

                      5KB

                      MD5

                      5d2e82e811f8cfbef2cbf2626ea3c1ec

                      SHA1

                      46310666df0b62244026feb8972646566c20267a

                      SHA256

                      f225ab1ce0a57e238d08b802a050047ad4be83d697c0610629b30a1ded46055b

                      SHA512

                      c1d00c3c9e30e7f13f0fec0dc20950b082be4bbe1d0d15edd962a3df507ed41d7eaf1803ae8d98acbf97ff22d067781a387d6ef4f5b2da707f2884ac647c8ea8

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\sessionstore-backups\recovery.baklz4

                      Filesize

                      5KB

                      MD5

                      1c374aee07dfa48e0571672b238b2596

                      SHA1

                      7d21110f90e201be7fe625946a1817f997659f43

                      SHA256

                      8599bb925e40acd26423f289b3e2cb9a0f064824b73f52ff67ec6f7fa330b12c

                      SHA512

                      7a99038516e9fb568fd220f43b7210d60ae7a17042dc5764b1f486f9bf8327fa1dbf54ab426a2fe996915c456864ee75369ef8aa814388b83e66ccf45b542127

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\sessionstore-backups\recovery.baklz4

                      Filesize

                      5KB

                      MD5

                      e8443f88acfc45021707a519906b88cf

                      SHA1

                      b5f508a4dae69f564853af422c11dc40b288df0c

                      SHA256

                      ebfc7f3c64c2e9a306b902cad9fda53784cfd64d56f5fa9b5357067437517630

                      SHA512

                      69a4e35d5fd891eb719e0eaeb49de269aa058a1c1eb220849b52b386dbbaec4eade9baa59e21d4a08f1bb3fe3af392908726ad450e031a5e073f9b7e6367c8f4

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\iz0mcgq4.default-release\storage\default\https+++r.oblox.com.se\idb\3140325527hBbDa.sqlite

                      Filesize

                      48KB

                      MD5

                      7d9e3aafaf427900e58b900675a1e6ef

                      SHA1

                      31778c32288a1a5c8590dc0f91ff21a6e7950f46

                      SHA256

                      46b56e9b4bf5c2323cecf4fa95d3028e9932bfad7a565e39cc52e722632d0e72

                      SHA512

                      1f198e1b21461a337539d400fe07a8b7d70a7ce233c9c0a468917718ce34dc26621d8ed53a309ebf0cb82d73b43dd7c1755b5e8dd743be0c9bf52fff021e3dbb