lumma | hxxps://mega[.]nz/file/ORgGzagY#IIcOCmPYMKoGETypsoOrZG6HrD_IiyF5Gf0Gd_nQUT8

Analysis

max time kernel
93s
max time network
94s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
22-01-2025 22:45

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://mega.nz/file/ORgGzagY#IIcOCmPYMKoGETypsoOrZG6HrD_IiyF5Gf0Gd_nQUT8

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

https://impolitewearr.biz/api

https://toppyneedus.biz/api

https://lightdeerysua.biz/api

https://suggestyuoz.biz/api

https://hoursuhouy.biz/api

https://mixedrecipew.biz/api

https://affordtempyo.biz/api

https://pleasedcfrown.biz/api

Signatures

Lumma Stealer, LummaC
Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
stealer lumma
Lumma family
lumma

Executes dropped EXE 1 IoCs

pid	Process
1256	Set-up.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Set-up.exe

Checks processor information in registry 2 TTPs 12 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings	firefox.exe

NTFS ADS 1 IoCs

description	ioc	Process
File created	C:\Users\Admin\Downloads\𝔽𝕦𝕝𝕝+ℕ𝕖𝕨_𝔻𝕠𝕨𝕟𝕝𝕠𝕒𝕕_𝕊𝕖𝕥𝕦𝕡_ℙℂ#2025.zip:Zone.Identifier	firefox.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
1256	Set-up.exe
1256	Set-up.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
5880	7zFM.exe

Suspicious use of AdjustPrivilegeToken 8 IoCs

description	pid	Process
Token: SeDebugPrivilege	3096	firefox.exe
Token: SeDebugPrivilege	3096	firefox.exe
Token: 33	4124	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	4124	AUDIODG.EXE
Token: SeDebugPrivilege	3096	firefox.exe
Token: SeRestorePrivilege	5880	7zFM.exe
Token: 35	5880	7zFM.exe
Token: SeSecurityPrivilege	5880	7zFM.exe

Suspicious use of FindShellTrayWindow 23 IoCs

pid	Process
3096	firefox.exe
3096	firefox.exe
3096	firefox.exe
3096	firefox.exe
3096	firefox.exe
3096	firefox.exe
3096	firefox.exe
3096	firefox.exe
3096	firefox.exe
3096	firefox.exe
3096	firefox.exe
3096	firefox.exe
3096	firefox.exe
3096	firefox.exe
3096	firefox.exe
3096	firefox.exe
3096	firefox.exe
3096	firefox.exe
3096	firefox.exe
3096	firefox.exe
3096	firefox.exe
5880	7zFM.exe
5880	7zFM.exe

Suspicious use of SendNotifyMessage 20 IoCs

pid	Process
3096	firefox.exe
3096	firefox.exe
3096	firefox.exe
3096	firefox.exe
3096	firefox.exe
3096	firefox.exe
3096	firefox.exe
3096	firefox.exe
3096	firefox.exe
3096	firefox.exe
3096	firefox.exe
3096	firefox.exe
3096	firefox.exe
3096	firefox.exe
3096	firefox.exe
3096	firefox.exe
3096	firefox.exe
3096	firefox.exe
3096	firefox.exe
3096	firefox.exe

Suspicious use of SetWindowsHookEx 4 IoCs

pid	Process
3096	firefox.exe
3096	firefox.exe
3096	firefox.exe
3096	firefox.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4268 wrote to memory of 3096	4268	firefox.exe	82
PID 4268 wrote to memory of 3096	4268	firefox.exe	82
PID 4268 wrote to memory of 3096	4268	firefox.exe	82
PID 4268 wrote to memory of 3096	4268	firefox.exe	82
PID 4268 wrote to memory of 3096	4268	firefox.exe	82
PID 4268 wrote to memory of 3096	4268	firefox.exe	82
PID 4268 wrote to memory of 3096	4268	firefox.exe	82
PID 4268 wrote to memory of 3096	4268	firefox.exe	82
PID 4268 wrote to memory of 3096	4268	firefox.exe	82
PID 4268 wrote to memory of 3096	4268	firefox.exe	82
PID 4268 wrote to memory of 3096	4268	firefox.exe	82
PID 3096 wrote to memory of 4212	3096	firefox.exe	83
PID 3096 wrote to memory of 4212	3096	firefox.exe	83
PID 3096 wrote to memory of 4212	3096	firefox.exe	83
PID 3096 wrote to memory of 4212	3096	firefox.exe	83
PID 3096 wrote to memory of 4212	3096	firefox.exe	83
PID 3096 wrote to memory of 4212	3096	firefox.exe	83
PID 3096 wrote to memory of 4212	3096	firefox.exe	83
PID 3096 wrote to memory of 4212	3096	firefox.exe	83
PID 3096 wrote to memory of 4212	3096	firefox.exe	83
PID 3096 wrote to memory of 4212	3096	firefox.exe	83
PID 3096 wrote to memory of 4212	3096	firefox.exe	83
PID 3096 wrote to memory of 4212	3096	firefox.exe	83
PID 3096 wrote to memory of 4212	3096	firefox.exe	83
PID 3096 wrote to memory of 4212	3096	firefox.exe	83
PID 3096 wrote to memory of 4212	3096	firefox.exe	83
PID 3096 wrote to memory of 4212	3096	firefox.exe	83
PID 3096 wrote to memory of 4212	3096	firefox.exe	83
PID 3096 wrote to memory of 4212	3096	firefox.exe	83
PID 3096 wrote to memory of 4212	3096	firefox.exe	83
PID 3096 wrote to memory of 4212	3096	firefox.exe	83
PID 3096 wrote to memory of 4212	3096	firefox.exe	83
PID 3096 wrote to memory of 4212	3096	firefox.exe	83
PID 3096 wrote to memory of 4212	3096	firefox.exe	83
PID 3096 wrote to memory of 4212	3096	firefox.exe	83
PID 3096 wrote to memory of 4212	3096	firefox.exe	83
PID 3096 wrote to memory of 4212	3096	firefox.exe	83
PID 3096 wrote to memory of 4212	3096	firefox.exe	83
PID 3096 wrote to memory of 4212	3096	firefox.exe	83
PID 3096 wrote to memory of 4212	3096	firefox.exe	83
PID 3096 wrote to memory of 4212	3096	firefox.exe	83
PID 3096 wrote to memory of 4212	3096	firefox.exe	83
PID 3096 wrote to memory of 4212	3096	firefox.exe	83
PID 3096 wrote to memory of 4212	3096	firefox.exe	83
PID 3096 wrote to memory of 4212	3096	firefox.exe	83
PID 3096 wrote to memory of 4212	3096	firefox.exe	83
PID 3096 wrote to memory of 4212	3096	firefox.exe	83
PID 3096 wrote to memory of 4212	3096	firefox.exe	83
PID 3096 wrote to memory of 4212	3096	firefox.exe	83
PID 3096 wrote to memory of 4212	3096	firefox.exe	83
PID 3096 wrote to memory of 4212	3096	firefox.exe	83
PID 3096 wrote to memory of 4212	3096	firefox.exe	83
PID 3096 wrote to memory of 4212	3096	firefox.exe	83
PID 3096 wrote to memory of 4212	3096	firefox.exe	83
PID 3096 wrote to memory of 4212	3096	firefox.exe	83
PID 3096 wrote to memory of 4212	3096	firefox.exe	83
PID 3096 wrote to memory of 4872	3096	firefox.exe	85
PID 3096 wrote to memory of 4872	3096	firefox.exe	85
PID 3096 wrote to memory of 4872	3096	firefox.exe	85
PID 3096 wrote to memory of 4872	3096	firefox.exe	85
PID 3096 wrote to memory of 4872	3096	firefox.exe	85
PID 3096 wrote to memory of 4872	3096	firefox.exe	85
PID 3096 wrote to memory of 4872	3096	firefox.exe	85
PID 3096 wrote to memory of 4872	3096	firefox.exe	85

Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
persistence

Query Registry
T1012

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "https://mega.nz/file/ORgGzagY#IIcOCmPYMKoGETypsoOrZG6HrD_IiyF5Gf0Gd_nQUT8"
1⤵
- Suspicious use of WriteProcessMemory
PID:4268
- C:\Program Files\Mozilla Firefox\firefox.exe
  "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url https://mega.nz/file/ORgGzagY#IIcOCmPYMKoGETypsoOrZG6HrD_IiyF5Gf0Gd_nQUT8
  2⤵
  - Checks processor information in registry
  - Modifies registry class
  - NTFS ADS
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SendNotifyMessage
  - Suspicious use of SetWindowsHookEx
  - Suspicious use of WriteProcessMemory
  PID:3096
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=1988 -parentBuildID 20240401114208 -prefsHandle 1924 -prefMapHandle 1920 -prefsLen 23680 -prefMapSize 244658 -appDir "C:\Program Files\Mozilla Firefox\browser" - {e84c5a66-cbbc-4389-abdc-0847fb11b73f} 3096 "\\.\pipe\gecko-crash-server-pipe.3096" gpu
    3⤵
    PID:4212
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2368 -parentBuildID 20240401114208 -prefsHandle 2420 -prefMapHandle 2416 -prefsLen 24600 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e76e77a0-afa9-411e-bb1b-58a73643fd6f} 3096 "\\.\pipe\gecko-crash-server-pipe.3096" socket
    3⤵
    - Checks processor information in registry
    PID:4872
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3012 -childID 1 -isForBrowser -prefsHandle 3028 -prefMapHandle 3228 -prefsLen 22652 -prefMapSize 244658 -jsInitHandle 1288 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {97798af0-d26f-4ea7-a373-22f2abc07ca4} 3096 "\\.\pipe\gecko-crash-server-pipe.3096" tab
    3⤵
    PID:4580
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4048 -childID 2 -isForBrowser -prefsHandle 4040 -prefMapHandle 4036 -prefsLen 29090 -prefMapSize 244658 -jsInitHandle 1288 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {61237235-c16e-4956-9557-720bd72a68e8} 3096 "\\.\pipe\gecko-crash-server-pipe.3096" tab
    3⤵
    PID:2428
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4944 -parentBuildID 20240401114208 -sandboxingKind 0 -prefsHandle 4936 -prefMapHandle 1536 -prefsLen 32565 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {592caf6e-a854-4c48-99d4-d0a31e4384b9} 3096 "\\.\pipe\gecko-crash-server-pipe.3096" utility
    3⤵
    - Checks processor information in registry
    PID:4260
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5384 -childID 3 -isForBrowser -prefsHandle 5428 -prefMapHandle 5424 -prefsLen 27178 -prefMapSize 244658 -jsInitHandle 1288 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {53856d0b-4f61-41b1-8f83-1792a15e4323} 3096 "\\.\pipe\gecko-crash-server-pipe.3096" tab
    3⤵
    PID:3216
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5592 -childID 4 -isForBrowser -prefsHandle 5600 -prefMapHandle 5548 -prefsLen 27178 -prefMapSize 244658 -jsInitHandle 1288 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {668f62a0-a7d8-4b26-a0d6-ab0d3035da5a} 3096 "\\.\pipe\gecko-crash-server-pipe.3096" tab
    3⤵
    PID:4128
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5840 -childID 5 -isForBrowser -prefsHandle 5760 -prefMapHandle 5764 -prefsLen 27178 -prefMapSize 244658 -jsInitHandle 1288 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ea68ec71-fa73-4a9d-afdc-fdca383bb5f1} 3096 "\\.\pipe\gecko-crash-server-pipe.3096" tab
    3⤵
    PID:4896
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6000 -childID 6 -isForBrowser -prefsHandle 6092 -prefMapHandle 6088 -prefsLen 27178 -prefMapSize 244658 -jsInitHandle 1288 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {344562fa-bd93-432b-a5ba-7e9919d6a9ae} 3096 "\\.\pipe\gecko-crash-server-pipe.3096" tab
    3⤵
    PID:2144
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6192 -childID 7 -isForBrowser -prefsHandle 6200 -prefMapHandle 6204 -prefsLen 27178 -prefMapSize 244658 -jsInitHandle 1288 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {cde97ae4-04a8-4b69-b5eb-b04de922950a} 3096 "\\.\pipe\gecko-crash-server-pipe.3096" tab
    3⤵
    PID:2120

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x2f4 0x504
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:4124

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:2376

C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\Desktop\ℕ𝕖𝕨𝔽𝕦𝕝𝕝𝔽𝕚𝕝𝕖#ℂ𝕠𝕕𝕖_2025.7z"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
PID:5880

C:\Users\Admin\Desktop\ℕ𝕖𝕨𝔽𝕦𝕝𝕝𝔽𝕚𝕝𝕖#ℂ𝕠𝕕𝕖_2025\Set-up.exe
"C:\Users\Admin\Desktop\ℕ𝕖𝕨𝔽𝕦𝕝𝕝𝔽𝕚𝕝𝕖#ℂ𝕠𝕕𝕖_2025\Set-up.exe"
1⤵
- Executes dropped EXE
- System Location Discovery: System Language Discovery
- Suspicious behavior: EnumeratesProcesses
PID:1256

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\y0bypz8z.default-release\activity-stream.discovery_stream.json

Filesize
21KB

MD5
d1f7de9f9784eea63dcd13793dd9d148

SHA1
d5c5a3bff959844ab1a1f337ef21fde7440e5b4e

SHA256
ce60a80355ed2f7e063013ceb708878a8208a6631a268d4ae49734db14dcbd3f

SHA512
773278f9d8b9fcb7d00f0960591b57a17f7c5aad966d95209a0dce7d1fdfa7fb0dc57a692374c4de3befed3d83ac2e11c56f5e061609123e59b2c81b18ad8c86

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\y0bypz8z.default-release\settings\main\ms-language-packs\browser\newtab\asrouter.ftl

Filesize
15KB

MD5
96c542dec016d9ec1ecc4dddfcbaac66

SHA1
6199f7648bb744efa58acf7b96fee85d938389e4

SHA256
7f32769d6bb4e875f58ceb9e2fbfdc9bd6b82397eca7a4c5230b0786e68f1798

SHA512
cda2f159c3565bc636e0523c893b293109de2717142871b1ec78f335c12bad96fc3f62bcf56a1a88abdeed2ac3f3e5e9a008b45e24d713e13c23103acc15e658

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zE8F65F118\ℕ𝕖𝕨𝔽𝕦𝕝𝕝𝔽𝕚𝕝𝕖#ℂ𝕠𝕕𝕖_2025\Add-Ons\Data\MigrationService\legal\Qest\5.png

Filesize
1.1MB

MD5
58fca4c7b881aaeec8b8aa8db72fe219

SHA1
ff8c37b2adff7be33ba6c51863ad9d4ef801833d

SHA256
da1625bd11023e2cd79eddfeb3544a4d0857a2a400d53e2d2cc6bd6154d484c5

SHA512
2bbb21939f085ab476994c53ec9d4fba78ec4f0fa2cce8e2db82b83bfd29bbf635c565f7fad6bf235b2539a463ae530a32e859e2d79da4ab73cbe45479fca9c6

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zE8F65F118\ℕ𝕖𝕨𝔽𝕦𝕝𝕝𝔽𝕚𝕝𝕖#ℂ𝕠𝕕𝕖_2025\Add-Ons\Data\Plugins\Data\017.phpt

Filesize
964B

MD5
7b23a20dcadfd60ad310603ef8c62b6d

SHA1
5239aba15cdc55e58acd10a608e39b028cfa3329

SHA256
ed1b311a704d6e1a3ba53d49db3c4c9b8d23115294e88b1cb2d30364ff026b51

SHA512
4ada19207cba9036d9bd7bc06a2ceb2d5255008d79f8e19b7479db0e6a6fb40f62464a5730c4594fb19b7d7ddc2c64666d4fb3b1cb6d50b3d17e40aacf2205e9

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zE8F65F118\ℕ𝕖𝕨𝔽𝕦𝕝𝕝𝔽𝕚𝕝𝕖#ℂ𝕠𝕕𝕖_2025\Files\Config\Plugins\NvStWiz

Filesize
432KB

MD5
9e82e3b658393bed3f7e4f090df1fbe7

SHA1
bfff954b8ef192c01af9fb5d9141a21279cb9c31

SHA256
c2ad5bd189df04b39be18dec5cd251cf79b066010706ad26d99df7e49fd07762

SHA512
de6a1e62d4e33f807d9c04f355a762717eedbcf540e747a97ba824871d4a1f144f4929141df333711d42af01e441dbbcecbb25a6a4f8ec073a024d94197b776b

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zE8F65F118\ℕ𝕖𝕨𝔽𝕦𝕝𝕝𝔽𝕚𝕝𝕖#ℂ𝕠𝕕𝕖_2025\Files\Config\Plugins\StartupHelper

Filesize
364KB

MD5
14934caca84d5fe0288f27efb31dcbf8

SHA1
98c8c659488a5782679112e0ffb089422a664ac5

SHA256
7fa86147035627bae39576bcbe619d045e94a48c4db8ca131968c20bb4de4a36

SHA512
9a239132a46fe578fa04ff727d8c28f9e1d179e7154619670a22a403819f337af0a96ebd7081d04d53910a12bbdc548b3cd2b2a285931c92f1c149ad5d846a6a

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zE8F65F118\ℕ𝕖𝕨𝔽𝕦𝕝𝕝𝔽𝕚𝕝𝕖#ℂ𝕠𝕕𝕖_2025\Files\Data\ReflectionParameter_isDefaultValueAvailable_Internal.phpt

Filesize
631B

MD5
f7ac95b4c50c8d987c1e0ca19f3dbc7c

SHA1
ecd4b2d1a895ee81fb23e041a7cef28a45b49050

SHA256
bbb42ccb113c5f8fa7fb7969d11582db6c7873bc87ae74fd11c3fd70b13788dc

SHA512
ab8b990ae0328f8e93707730c7f85101255ef9558e6c971c796732dea808de61b030d7a94ef603b922d8e0cc2f0f66d548781df75ea19288e9978a1b603ab270

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zE8F65F118\ℕ𝕖𝕨𝔽𝕦𝕝𝕝𝔽𝕚𝕝𝕖#ℂ𝕠𝕕𝕖_2025\Files\Data\TMRegEx64.dll

Filesize
803KB

MD5
75e94d3ca12a7b80d5779302bad90495

SHA1
3e85b6a3e84d455b6d5f6e3566f6309876d343ed

SHA256
eab6419cd005e8a1ed4757cbb8d787036e61fa43e6555cb2689f3716054c1c04

SHA512
3dada2a921c513642ef328d36854cda25533b67f68c33adeed75206b71e55ac2c002d29381b976374cc5683676abccb9b0049c664225dbdc512e6be75c357eb0

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zE8F65F118\ℕ𝕖𝕨𝔽𝕦𝕝𝕝𝔽𝕚𝕝𝕖#ℂ𝕠𝕕𝕖_2025\Files\Data\bug18556.phpt

Filesize
752B

MD5
a4032889bb59f7c23df4fba26ff07409

SHA1
2f8fc843e3feaa5c3eccde4003d64ed06243c927

SHA256
dd7a625eab0105e7ce5cd2d7913790c132cb618f7b6b3084d412e7d5ce3d280d

SHA512
8adbae88f76cf424d30857e5b0c5509a62f553872356b8cd5391c10173a89d0882dcd8b2a8ade2b2b5422fc917cccd8c3bea951f9a00e6acf01b60b6f4b9fa9c

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zE8F65F118\ℕ𝕖𝕨𝔽𝕦𝕝𝕝𝔽𝕚𝕝𝕖#ℂ𝕠𝕕𝕖_2025\Files\Data\bug77812-readline.phpt

Filesize
1KB

MD5
34f3e4ba3d8a3a2f62ae38e8c04fad8f

SHA1
ebca794db07f1ad74a763aac4d4044db72b102db

SHA256
c80f4e4f14003d409bb0f43715ab834f61aacdfd207bfbcd4cbaa374ed725874

SHA512
4ea74fd6b975c2f6efa498c8d587dae25bd6c834408642ced72f24ff110a8df5db632535531a015fde0ed7de014c146aa1997710ae32f309dac859eef3c00e07

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zE8F65F118\ℕ𝕖𝕨𝔽𝕦𝕝𝕝𝔽𝕚𝕝𝕖#ℂ𝕠𝕕𝕖_2025\Files\Data\fputcsv_variation18.phpt

Filesize
980B

MD5
0577f9191119a1292ecdf738828cda60

SHA1
8a260e8e43a6d9b184e1f719a791b53b5cf89eaf

SHA256
309fb552864a7ca4af452c5b11577aa6e5611b69cf0d58be1400fd5d173178c5

SHA512
cdd15c29300bacf93bb29f3093cbf1aea6c802521edd9da47b67071616fa292893e261ec0aad11183d3d3740d27fc4e50822e88a49da9a92e32d1b99d12ed75b

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zE8F65F118\ℕ𝕖𝕨𝔽𝕦𝕝𝕝𝔽𝕚𝕝𝕖#ℂ𝕠𝕕𝕖_2025\Files\Data\gh10043-015.phpt

Filesize
305B

MD5
b82f7d6c437e096be2fc23558a0c6939

SHA1
66212c78c1e92ce692e92c23e899b84861b250c2

SHA256
10640eecfd2d7e7acb9df25da5560cdeb47bb2e914a5d72111204f69b1aac4f9

SHA512
b62a01b539b51a4c7907be8da46c7d051f325e2d5d72a67a886076fc3ab5b8ba092e33a57a8ad4f12e6c07f3ea6c23e875ef308dc2cebbaeb219ca4393db3fad

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zE8F65F118\ℕ𝕖𝕨𝔽𝕦𝕝𝕝𝔽𝕚𝕝𝕖#ℂ𝕠𝕕𝕖_2025\Files\Data\header_redirection_006.phpt

Filesize
278B

MD5
d37234c3a4700873e4a957e305f86392

SHA1
d99e1a64fd7028d78da979be7491b483b1cfc057

SHA256
4b0418c357ca87e14a961ece21368abdf5fc91135777d38550c5c2085799e4d3

SHA512
6ce3acd8f4ab64f9d665f2d11e72051e6deace3e967793a889aa305047051ed73eb14e41a2f2b420b7366dbf37a0cdaeeb2e743777bc8bc79bc1d00d00de215a

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zE8F65F118\ℕ𝕖𝕨𝔽𝕦𝕝𝕝𝔽𝕚𝕝𝕖#ℂ𝕠𝕕𝕖_2025\Files\Data\immunochemistry.tiff

Filesize
37KB

MD5
a29bfa63306ee267a4d5040f94c7ea99

SHA1
3fab8137ae9f5e331bd0437f564fea8fd57178e7

SHA256
8496b93687ad4c2e04413253d06b363a563a8df3de2a773c62030802809e30ee

SHA512
b5a7432cbdc0441f187dceafc31cad55ade08e087aed06935b291a89a5a525be6cf889aca435d089eb2556aec18e156f26e5f90cde9547f51b596663332ec3e4

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zE8F65F118\ℕ𝕖𝕨𝔽𝕦𝕝𝕝𝔽𝕚𝕝𝕖#ℂ𝕠𝕕𝕖_2025\Files\Data\list_keyed_evaluation_order.phpt

Filesize
792B

MD5
ddb93202c70ca821037cd350e07ce465

SHA1
6db72fd98694f6ffdd075ee5254243f78cde1b73

SHA256
1f9ee77691dd3b69b57654f4f92c15cf53bf6d43e096d064299b662310bf41d1

SHA512
b0f5b30ae6688fcb7e044e540f49283f80126936b24f77e229e55e092a7a0110bb8e67bf9b7030dc580a4d7c9f3270f30883abb4724d5522e59c842362631005

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zE8F65F118\ℕ𝕖𝕨𝔽𝕦𝕝𝕝𝔽𝕚𝕝𝕖#ℂ𝕠𝕕𝕖_2025\Files\Data\ns.phpt

Filesize
391B

MD5
50ec300bf11c30b8cca353675d8ee589

SHA1
b90ea50b5ad08fc6482c3d15822997ff5b4c81bd

SHA256
25006c80fe10e35f65c7e328228cedc1e362b46bdfd57807f16d993331a06839

SHA512
012edb7f0377c47402485eed635bec3ac51f95187ff4aaad8b7b5264d7aaad10676eedf2f88d648a78223b4f097d52609dbf736130e3f6f56f0276f459960b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zE8F65F118\ℕ𝕖𝕨𝔽𝕦𝕝𝕝𝔽𝕚𝕝𝕖#ℂ𝕠𝕕𝕖_2025\Files\Data\openssl.phpt

Filesize
2KB

MD5
5773125e401ec76948c72c83c965696c

SHA1
e32bc20148314b5b1f3065d0555fc6c9802100c9

SHA256
2ecf6a462a364ba0157f6380ab8d8a8cd70b3f23f1110ef1f8bae2e384a42537

SHA512
9730166a0256688c1ff8258679eee5e009866bd701ba7f367e8e8c9d5c31275fc8160f72d8336c6b42b41ee5c6e276cb93890d8b726199fe4815e771a214aff4

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zE8F65F118\ℕ𝕖𝕨𝔽𝕦𝕝𝕝𝔽𝕚𝕝𝕖#ℂ𝕠𝕕𝕖_2025\Files\Data\socket-close-on-exec.phpt

Filesize
1KB

MD5
7cb7cb7d7afa6141d1a6f985a88fc984

SHA1
a0f7e8cdf437c04804f2048c53754653b496fe10

SHA256
65647645ddf9495f128bf071eedc56d5fc1c05c24af7dc64bbba922739d8ce94

SHA512
7291f6329018d40ee5633bafcd6da6f5bd9c6448206f28752e8db8625d0859b92ccf04c958c0a4780a3af3c4cb838e47983df4f8e0f1bb6ba2bdf6a2d0f1d0da

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zE8F65F118\ℕ𝕖𝕨𝔽𝕦𝕝𝕝𝔽𝕚𝕝𝕖#ℂ𝕠𝕕𝕖_2025\Files\Data\test_vendor.txt

Filesize
1000B

MD5
80aec646e662ecdb8f7677b93f39aab7

SHA1
5fd0591618895472bbfa350c9ea59356c93d8346

SHA256
5912f1ba252bac927720d0342e63b16a7e273b63e097bb3d1c8e68f9b0703742

SHA512
19e5d35c78cdfb64ca5caaeda5cd3b46dec21aa77c85d421959fa771614e5265602277c85b7557e58cae04d166feab5a9c5cb6c70c512a29852eb7b1a68fa078

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zE8F65F118\ℕ𝕖𝕨𝔽𝕦𝕝𝕝𝔽𝕚𝕝𝕖#ℂ𝕠𝕕𝕖_2025\Files\MigrationService\Addrgcts64.dll

Filesize
204KB

MD5
6f3eae2c8926b4de98bf1fbd91908881

SHA1
1c8b033f7d89216699af0bac3f23d4d2f345ef15

SHA256
2af64d9db0f8b5b7245b63f29f312821aa0e5d04e356942e7664317e839481f0

SHA512
72d87d63da1f0a51df0bf465b1ef126a6630dd4263fe6c72812ae39b45fbf59f586ea3d94b735980d1da17750b5d57cad1b5f48667a4e66b8e45a857e09cc6f3

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zE8F65F118\ℕ𝕖𝕨𝔽𝕦𝕝𝕝𝔽𝕚𝕝𝕖#ℂ𝕠𝕕𝕖_2025\Files\MigrationService\Microsoft.ApplicationInsights.dll

Filesize
918KB

MD5
b54b12e54fdf7413b7a34af55e88b399

SHA1
52cc6b30835f2cacac164a82d23783f63b5dd6e8

SHA256
4e76d83d3a34000559cc7a4bc30e8a4aba502d9cab90028c9bbda3161108bed0

SHA512
1c6b460700ce7d42bf4c3c56b983cbfe2789f4ed6bf94ab8e4221783072eec6e5b93c43e43702ea2a72f0ee1d1f44394a37cdffa481d65e8f9f9736313b79900

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zE8F65F118\ℕ𝕖𝕨𝔽𝕦𝕝𝕝𝔽𝕚𝕝𝕖#ℂ𝕠𝕕𝕖_2025\Files\MigrationService\legal\Balloon 3.png

Filesize
247KB

MD5
f0971ec0f8a84e4773733653b80fd36f

SHA1
0ba2441954263001304d3701f5d24a0fb67f7efb

SHA256
a6f50250d1842f14be8bb074d0e21fa7f73b4c57b2db031882bd3f956e18ba74

SHA512
3a2b567bf1ac96925b78c9563a3b9514fe2f227b9d5e319dffbccd52059e5f585bedd3b3aa465170517ef788b8232675401b6bf24696ccb9d5062bee0ecfaa51

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zE8F65F118\ℕ𝕖𝕨𝔽𝕦𝕝𝕝𝔽𝕚𝕝𝕖#ℂ𝕠𝕕𝕖_2025\Files\MigrationService\legal\L0.png

Filesize
19KB

MD5
34c38ea325d70fcb35f285106ae17f1f

SHA1
23202e18a44a4db52b11890863797c43e1876d35

SHA256
cb63c47bad132bcbc896094a8da4f22452c1029db1785d9eef28d7fd3d5983d1

SHA512
f2ebfedb3b327daa1c57dce649fc13b0bb2f680f371e0a532ddede8b0067e7b7e3277f05048f3846ffb820a306188d7b6fd16441ffa432980f975e102849ff01

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zE8F65F118\ℕ𝕖𝕨𝔽𝕦𝕝𝕝𝔽𝕚𝕝𝕖#ℂ𝕠𝕕𝕖_2025\Files\MigrationService\legal\bin\odt2txt.exe

Filesize
60KB

MD5
7740873b69ed9fbd043883f35625215e

SHA1
4f3dc44479feaef804c6d16af6feaeb98f2deaee

SHA256
87ccefd04081c88273f289e38052b172e3607803178593f57547adfcb9a41685

SHA512
5006fbc8fb283ccd2e181172bb675666e870bd861bbb0db6d7b1b0462331154ec9d24ac7b1c5ce748229d95028dfc5cea216c61297cce0da9d453b500bc00ea6

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zE8F65F118\ℕ𝕖𝕨𝔽𝕦𝕝𝕝𝔽𝕚𝕝𝕖#ℂ𝕠𝕕𝕖_2025\Files\MigrationService\legal\bin\sexp-conv.exe

Filesize
62KB

MD5
28dfa4942f159d4078c8d59abfbb0d15

SHA1
1189807666fb4cbb131a54c4e73a16d536a84041

SHA256
49a56387ba47d53025b2e78cd957fc465e5a8fddfc771d776f87ec2ca455764c

SHA512
2703edd205d55d6ffcfed968d6e2f3fc91e111d626443180f295d139b3d3d82402ecb4973e23bc37c0f78078ab47d9bb5cbf133fe8030088e19fae87c64fe0ff

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zE8F65F118\ℕ𝕖𝕨𝔽𝕦𝕝𝕝𝔽𝕚𝕝𝕖#ℂ𝕠𝕕𝕖_2025\Files\MigrationService\legal\bin\wish.exe

Filesize
65KB

MD5
04e5e2f8ad46008a4691874bfc4a7a5d

SHA1
94a08eee1b13612cc11b77ebf44ece901362df31

SHA256
fc199ee77bc8ab131cf21ba332fafcc8a7132e7006d69a6e4195d48962c87fa0

SHA512
5b5521a6f256d812f3c8d3c0a8d03210da6c490c5a1ed53743a02cc422b6c1fc1136698f5e41ba6aaee6b92a5d6e4a5b2306cd77e0b8a2e4f7ecbde72c5f0944

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zE8F65F118\ℕ𝕖𝕨𝔽𝕦𝕝𝕝𝔽𝕚𝕝𝕖#ℂ𝕠𝕕𝕖_2025\Files\MigrationService\legal\condition.png

Filesize
11KB

MD5
bb50772b781ca9544746d94ca5bb4667

SHA1
c25fe4f90f19d94ae87176b8aeb15a3ce721dab6

SHA256
c99bdc63217711d479cc25044de6deca1ca758efc2db40910909b5a2416df950

SHA512
87acd6d57033d245cc01a13d622d819528ec99c0cde776200dd79311cd43b1e2fc3277c4a4a1e190ce4315a9138646e14b4bba520ecbcc5db3a806a6d9bd6da2

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zE8F65F118\ℕ𝕖𝕨𝔽𝕦𝕝𝕝𝔽𝕚𝕝𝕖#ℂ𝕠𝕕𝕖_2025\Files\MigrationService\legal\pkcs11-vision.png

Filesize
33KB

MD5
f62bc3771805bc323cb7713c4f47c67b

SHA1
cc0eade52eef4be3ad496255077f1aeb35ad0a90

SHA256
b75efab869b15d8cac0b8eb2040ddd675a2bcda6cf1f2d3a1cfc9a4401cf47b1

SHA512
34c1121b8f132d225504b10dc4e6ca4bbf38076cb8652dc58c2c1dea29ffc12835bb8bd6b8debc1e550c9a267d7720822a343dbc9a57ef2b9f67bcf2ba6f5433

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zE8F65F118\ℕ𝕖𝕨𝔽𝕦𝕝𝕝𝔽𝕚𝕝𝕖#ℂ𝕠𝕕𝕖_2025\Files\MigrationService\libsmi-2.dll

Filesize
714KB

MD5
7ddc1f47c81f90f211ea6bb5a778d8fb

SHA1
a299a1bd0deddbe75b463e9c2802021934a37dbe

SHA256
aac65a1beea9932cc8d5976739139b37cbfb9164d1ad93012c63e34a1c628376

SHA512
f117981e67d17d2553ee33e0ec5099e03b55e3e8b87c751318abc44c56a18cdee6e6a80e1e6b70404c49dbf2601a916df8479cd393ae3bd2087182556b9a041d

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zE8F65F118\ℕ𝕖𝕨𝔽𝕦𝕝𝕝𝔽𝕚𝕝𝕖#ℂ𝕠𝕕𝕖_2025\Files\b2.wsdl

Filesize
1KB

MD5
565a3f668db9df5c72ed6f35917d145b

SHA1
851951634b87fd7f861cd2d6159a5f574e5e34aa

SHA256
313bf30f16f3338e1448a341ed691fea378ae551bce433b9801f4125cece14f5

SHA512
77b2d5c6f58c5f9a255e574f76aba8bb0d9f15851e90ee0bae1a82554b076502c1fa05eb3134f8475913faa9fed1a1a6cc83740ddd61fe560671054553317f11

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zE8F65F118\ℕ𝕖𝕨𝔽𝕦𝕝𝕝𝔽𝕚𝕝𝕖#ℂ𝕠𝕕𝕖_2025\Files\mc_enc_mpa.dll

Filesize
262KB

MD5
51f7f7019658c2d03321795aaee76794

SHA1
d72856af1cd0f95951c3b7fd335caf620eda5796

SHA256
e2c7640c1c3e6f47a42e31770db248bbe8f44974d34441fc36e8651bddabab3d

SHA512
26e5934820cd7df1dfe0ed2ae7a1002e60312855da1654459a7b7037a8e8de037934c360d05c1af2ac53e655c7fd1be45dc52adb486ce73a8907486b76d0457f

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zE8F65F118\ℕ𝕖𝕨𝔽𝕦𝕝𝕝𝔽𝕚𝕝𝕖#ℂ𝕠𝕕𝕖_2025\Files\msm.dll

Filesize
191KB

MD5
3109afa3173ddc16f9b08043e1db0ab9

SHA1
6076352e45786e341c5598e1bceb82bc98c7ea9f

SHA256
59ba38d1dfb82affc6ab8c797c9d75c18ca03fd6cee76a8ed542dbbfeef70060

SHA512
cfd59fef4344091179e772128105548e1ef0e67084105d4fe492eeb16b090f9a80cf18cfce626be125e3b00104079d21739451a8b97bade37d2f24af81bf766f

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zE8F65F118\ℕ𝕖𝕨𝔽𝕦𝕝𝕝𝔽𝕚𝕝𝕖#ℂ𝕠𝕕𝕖_2025\hips32.dll

Filesize
1.2MB

MD5
9a7234078559093e06c9d32148ed95a3

SHA1
40361dad15b9b5ae2757a21d1ce6a61c3c37e891

SHA256
32f5d0a454c26e8aa6f4cad58f3782337cc97cfe2305bbfe564437e5f0d51bbc

SHA512
9a2c3761d799999a691cd605f11c4014f604afa9a46b3b4c9999eef177f0e703ca2ed52c22824cba613559ce37bd134c566d54a4e51141828816b02a4f3da05b

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\y0bypz8z.default-release\AlternateServices.bin

Filesize
6KB

MD5
a70e71cbcb215ddaa5feb502a6ed32a0

SHA1
017de765378c5f5aa8fe9fa5337b87d9f06affb4

SHA256
161fefc00c8fb183734303c5c3a0ec64e48b5d23019abf35f6f60199b9c2b985

SHA512
2de56f96223395225ad16484d52088f64297a9f9e1ae24266d5b26384bec63f1c4fa67d5b73e0929a145f30105a300fe31bbecdc5cc3002640b8ee6f0a3042e3

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\y0bypz8z.default-release\AlternateServices.bin

Filesize
6KB

MD5
cf6022a3ebbefbad3748eb11cb632ee8

SHA1
b98ff429e8cd0ecdbd2ebd2034c0b5ff8a2fc03b

SHA256
48a85d3aa15d7a52a52fd15472fb80c47c623d2c6b2ba5d0af00a77cde1b452c

SHA512
4c849cc3b23065e696021032807d1cfd9edfda13eec8777ef9d5485c51c09544d05f321a0c5868ee714ffd7405d53693e40f93f4657a599c41dafbc5deea0bb9

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\y0bypz8z.default-release\datareporting\glean\db\data.safe.tmp

Filesize
16KB

MD5
e2898e3ba64a309d52865dabbf15cf92

SHA1
129954a565356d9d479e441b71ba9b1b825fcf9c

SHA256
36dfb495c959cb81c9b8b411bf6718fe39c42af724c9a5c0c3ae50f15881abea

SHA512
2dc13db5cc18b5267877c4a1df0b6dd05371e2fa534ee45d7623954ae3a83d30e153a965be3bafa054b757206c513a4b6f4fed81a5ece5e0e2bd5beb1851410b

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\y0bypz8z.default-release\datareporting\glean\db\data.safe.tmp

Filesize
5KB

MD5
80cb4d78e0d4ce9a9014ac5236ea01f8

SHA1
e18cfac85106fda86662c1cb462e2842e99feb6b

SHA256
333d6f8479602f9f74277321ad64f34bb9568f30bd2ed02a2c0aa52754d4efd0

SHA512
015d84e597169a8505542bfc23382102afa860e22242fbd14414251847a0e1fd6b1ad14d8464a635b4ca5c502b6b19397f851bcb526f1e2712a2941282340293

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\y0bypz8z.default-release\datareporting\glean\pending_pings\48dc27e5-9d14-4e30-a893-a802633b1b5b

Filesize
1KB

MD5
78b3bf885c72cc9b8e84b84ae208daea

SHA1
0fcc5f1755b0c1bc2e3ca7ed2c0a0f5b9fcb766a

SHA256
562c61510e82f307ef2265bd00693e897f0204b7a9bd4cb344bf458ce876df00

SHA512
f5fb1c24a87d36d149c4f63000e741802ba6cec392688d63b7f02947067bd286cfccc056353bfe98dd76788bb08ba308fcc4321b04fe79c891195471b1fe8427

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\y0bypz8z.default-release\datareporting\glean\pending_pings\4910158e-761b-4258-bab3-8f42bda9eaed

Filesize
982B

MD5
899f25429bace3367e72b500fcde7e53

SHA1
e963920a2273f7a049f00e7e34328470bd924ea3

SHA256
e6e6468a3085faefb1ffccb5ea98f66f6947f9939b6bd4847def23773b4f77cb

SHA512
cbec793ab810232d6afbb94b46ca6feacfdd6d3b7b1c7d863f251e8f6600778d5b18399a9b0eb8f5bc7ce05b3395d0a535a6f856da809c9ca3c2b4c0a5c92898

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\y0bypz8z.default-release\datareporting\glean\pending_pings\5cd243f1-28d4-475d-8e96-7ffdc3019ab1

Filesize
671B

MD5
7ae1cab33b0ce2cf0cff92acc71338c2

SHA1
561af64971bdb8e372199342dab55b9a0ae380d2

SHA256
a4fa60a0c537e884a7dc01a30399ecab11b6af9eeb829ef70587072060e262b4

SHA512
56f78a752a91c06be163fd8c3bc8d873392f1c372a8dfe8c6029745b5573d0bab392a7f03ec4490166a50a1e84575cb2028d8869233d7cee006ec29e274faac8

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\y0bypz8z.default-release\datareporting\glean\pending_pings\8f734ea0-fc4f-44d2-9c2c-95dcda4c321b

Filesize
27KB

MD5
92dd2d75b45d389873ee5fed76343d1f

SHA1
79d0ec034107bffab731e0d857377f25b9b7b7f1

SHA256
6621a75866af9d3b59b1038bdba31386fb2a9241902c7502ec8f7be1f9edf28b

SHA512
480db09e57ab4a00a0681112013f4d4582d5e83db8f7ecc6af648d7f358ada3291f4d21eb985f14be9c7f90a0bfd3214220ebfc3d204bcf90ff5550ab3793237

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\y0bypz8z.default-release\prefs-1.js

Filesize
9KB

MD5
8ca783fecc3aae3d5311df3fb7e8a922

SHA1
3d9aca7dc8a404bec08cc65d599b9d62b81aab66

SHA256
d854369de13e81667a5c3c14009f843b72c1aeec869fbd8581ef5771309ee0e7

SHA512
dfd150f791f893eda25bd8b1ce3d942c1b620e4382f7e736ef0b6a8371a81a2a2c31cfd089018196b5e23d376cc3234ae8bd4d5d6af89d416d6cad4727377873

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\y0bypz8z.default-release\prefs-1.js

Filesize
9KB

MD5
65d11f8739fd8defe0a73668db9114f6

SHA1
566de000159696a039638c718b0a1d442a4ce7f0

SHA256
b080e68776832f299eefc6b2465f8388a9079414b1aea807489e6733227fd5a2

SHA512
4b8d589465c9d234b8b7b5ef7b55de102105cd1d76c2283e5e20cd32980f7639aa54bbcb1277d49f0147c387595ff74cd4379be7da53f9c13ead6d9405d52f9a

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\y0bypz8z.default-release\prefs.js

Filesize
10KB

MD5
67d67436266e77b1a72099cf39af33ee

SHA1
08809e0dd61c727589b1647c3c1449f0e24479e8

SHA256
e979c04a63d9a93cd0dcb3ecbc0b53fab20176b29831287aa9cc8883b115fddb

SHA512
6bb728c17266021750bb60708b1521dd806a905137853fdfc38933f3b14b5c0b7c711def46fe6a0255c2dd48c464a23338bcdd550e7626b26de4b9f9d37616d1

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\y0bypz8z.default-release\storage\default\https+++mega.nz\cache\morgue\35\{dfe58da8-e2fe-44b7-a557-a35771316623}.final

Filesize
1KB

MD5
3efa9abd92666265dd81c4f4311a96f9

SHA1
41b6b716d67b93555e444cd453f3c6e3f8c9522c

SHA256
5066b1841e8877db31312ef3af86f9bc9234c95071119e025764f45241a4e2e7

SHA512
5961950f077501608a0f2975e7f69c483eeacc4eec4ac77fd650cc1131609501f87819f93ed23aa508a90426156abf038a859fac4112d2d4435bbb634027cd6c

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\y0bypz8z.default-release\storage\default\https+++mega.nz\idb\3713173747_s_edmban.sqlite

Filesize
48KB

MD5
6f6ee23d4eb6b3ad861afdfb1484dc9c

SHA1
24f5e304a99b71fc488ad6b4ad3190dfebf5e526

SHA256
a4b8cc51dae72efef1e52bfae3314faeb6a919d9f1999c7a2f0fb6d19a748d9f

SHA512
8814bba13ba6f4280890c6ecc722e7e93a0daaa62f1e72da6815d95e683751b75b331531f2cb5370a5bc56a27876a0a60ce7e70cab8a64e0f4e15ccdac7cc8de

Download Submit
C:\Users\Admin\Downloads\𝔽𝕦𝕝𝕝+ℕ𝕖𝕨_𝔻𝕠𝕨𝕟𝕝𝕠𝕒𝕕_𝕊𝕖𝕥𝕦𝕡_ℙℂ#2025.iOfU-u-i.zip.part

Filesize
30.9MB

MD5
761dd819e7d9e4a136d2ec63d6bd08be

SHA1
abc5fc0615a472eb22dfafe1a6d25de6fa64a0a4

SHA256
61bc7903f4294cd072b78db2ae5ac834660139d373f7ad8695ef19fce17fc036

SHA512
6083537db512817c8a25b11797fb26faa4d67c288c20b3bf5e4cf65e555a0879c4c3b1aac8b45bceaa5c750110a4c3273a89009f1509b7b0de757151dcc488f8

Download Submit
memory/1256-1338-0x0000000002480000-0x00000000024D7000-memory.dmp

Filesize
348KB

Download
memory/1256-1339-0x0000000002480000-0x00000000024D7000-memory.dmp

Filesize
348KB

Download