hxxp://r[.]oblox[.]com[.]co/communities/4696692894/TxT

Analysis

max time kernel
433s
max time network
604s
platform
windows10-ltsc_2021_x64
resource
win10ltsc2021-20250314-en
resource tags

arch:x64arch:x86image:win10ltsc2021-20250314-enlocale:en-usos:windows10-ltsc_2021-x64system
submitted
22/03/2025, 04:04

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://r.oblox.com.co/communities/4696692894/TxT

Score

6^/10

Malware Config

Signatures

Drops desktop.ini file(s) 3 IoCs

description	ioc	Process
File opened for modification	C:\Users\Public\desktop.ini	firefox.exe
File opened for modification	C:\Users\Public\Documents\desktop.ini	firefox.exe
File opened for modification	C:\Users\Admin\Documents\desktop.ini	firefox.exe

Checks processor information in registry 2 TTPs 20 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2123103809-19148277-2527443841-1000_Classes\Local Settings	firefox.exe

Suspicious use of AdjustPrivilegeToken 6 IoCs

description	pid	Process
Token: SeDebugPrivilege	3056	firefox.exe
Token: SeDebugPrivilege	3056	firefox.exe
Token: SeDebugPrivilege	3056	firefox.exe
Token: SeDebugPrivilege	3056	firefox.exe
Token: SeDebugPrivilege	3056	firefox.exe
Token: SeDebugPrivilege	3056	firefox.exe

Suspicious use of FindShellTrayWindow 19 IoCs

pid	Process
3056	firefox.exe
3056	firefox.exe
3056	firefox.exe
3056	firefox.exe
3056	firefox.exe
3056	firefox.exe
3056	firefox.exe
3056	firefox.exe
3056	firefox.exe
3056	firefox.exe
3056	firefox.exe
3056	firefox.exe
3056	firefox.exe
3056	firefox.exe
3056	firefox.exe
3056	firefox.exe
3056	firefox.exe
3056	firefox.exe
3056	firefox.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
3056	firefox.exe
3056	firefox.exe
3056	firefox.exe
3056	firefox.exe
3056	firefox.exe
3056	firefox.exe
3056	firefox.exe
3056	firefox.exe
3056	firefox.exe
3056	firefox.exe
3056	firefox.exe
3056	firefox.exe

Suspicious use of SetWindowsHookEx 4 IoCs

pid	Process
3056	firefox.exe
3056	firefox.exe
3056	firefox.exe
3056	firefox.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 8 wrote to memory of 3056	8	firefox.exe	83
PID 8 wrote to memory of 3056	8	firefox.exe	83
PID 8 wrote to memory of 3056	8	firefox.exe	83
PID 8 wrote to memory of 3056	8	firefox.exe	83
PID 8 wrote to memory of 3056	8	firefox.exe	83
PID 8 wrote to memory of 3056	8	firefox.exe	83
PID 8 wrote to memory of 3056	8	firefox.exe	83
PID 8 wrote to memory of 3056	8	firefox.exe	83
PID 8 wrote to memory of 3056	8	firefox.exe	83
PID 8 wrote to memory of 3056	8	firefox.exe	83
PID 8 wrote to memory of 3056	8	firefox.exe	83
PID 3056 wrote to memory of 1436	3056	firefox.exe	84
PID 3056 wrote to memory of 1436	3056	firefox.exe	84
PID 3056 wrote to memory of 1436	3056	firefox.exe	84
PID 3056 wrote to memory of 1436	3056	firefox.exe	84
PID 3056 wrote to memory of 1436	3056	firefox.exe	84
PID 3056 wrote to memory of 1436	3056	firefox.exe	84
PID 3056 wrote to memory of 1436	3056	firefox.exe	84
PID 3056 wrote to memory of 1436	3056	firefox.exe	84
PID 3056 wrote to memory of 1436	3056	firefox.exe	84
PID 3056 wrote to memory of 1436	3056	firefox.exe	84
PID 3056 wrote to memory of 1436	3056	firefox.exe	84
PID 3056 wrote to memory of 1436	3056	firefox.exe	84
PID 3056 wrote to memory of 1436	3056	firefox.exe	84
PID 3056 wrote to memory of 1436	3056	firefox.exe	84
PID 3056 wrote to memory of 1436	3056	firefox.exe	84
PID 3056 wrote to memory of 1436	3056	firefox.exe	84
PID 3056 wrote to memory of 1436	3056	firefox.exe	84
PID 3056 wrote to memory of 1436	3056	firefox.exe	84
PID 3056 wrote to memory of 1436	3056	firefox.exe	84
PID 3056 wrote to memory of 1436	3056	firefox.exe	84
PID 3056 wrote to memory of 1436	3056	firefox.exe	84
PID 3056 wrote to memory of 1436	3056	firefox.exe	84
PID 3056 wrote to memory of 1436	3056	firefox.exe	84
PID 3056 wrote to memory of 1436	3056	firefox.exe	84
PID 3056 wrote to memory of 1436	3056	firefox.exe	84
PID 3056 wrote to memory of 1436	3056	firefox.exe	84
PID 3056 wrote to memory of 1436	3056	firefox.exe	84
PID 3056 wrote to memory of 1436	3056	firefox.exe	84
PID 3056 wrote to memory of 1436	3056	firefox.exe	84
PID 3056 wrote to memory of 1436	3056	firefox.exe	84
PID 3056 wrote to memory of 1436	3056	firefox.exe	84
PID 3056 wrote to memory of 1436	3056	firefox.exe	84
PID 3056 wrote to memory of 1436	3056	firefox.exe	84
PID 3056 wrote to memory of 1436	3056	firefox.exe	84
PID 3056 wrote to memory of 1436	3056	firefox.exe	84
PID 3056 wrote to memory of 1436	3056	firefox.exe	84
PID 3056 wrote to memory of 1436	3056	firefox.exe	84
PID 3056 wrote to memory of 1436	3056	firefox.exe	84
PID 3056 wrote to memory of 1436	3056	firefox.exe	84
PID 3056 wrote to memory of 1436	3056	firefox.exe	84
PID 3056 wrote to memory of 1436	3056	firefox.exe	84
PID 3056 wrote to memory of 1436	3056	firefox.exe	84
PID 3056 wrote to memory of 1436	3056	firefox.exe	84
PID 3056 wrote to memory of 1436	3056	firefox.exe	84
PID 3056 wrote to memory of 1436	3056	firefox.exe	84
PID 3056 wrote to memory of 192	3056	firefox.exe	86
PID 3056 wrote to memory of 192	3056	firefox.exe	86
PID 3056 wrote to memory of 192	3056	firefox.exe	86
PID 3056 wrote to memory of 192	3056	firefox.exe	86
PID 3056 wrote to memory of 192	3056	firefox.exe	86
PID 3056 wrote to memory of 192	3056	firefox.exe	86
PID 3056 wrote to memory of 192	3056	firefox.exe	86
PID 3056 wrote to memory of 192	3056	firefox.exe	86

Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
persistence

Query Registry
T1012

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "http://r.oblox.com.co/communities/4696692894/TxT"
1⤵
- Suspicious use of WriteProcessMemory
PID:8
- C:\Program Files\Mozilla Firefox\firefox.exe
  "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url http://r.oblox.com.co/communities/4696692894/TxT
  2⤵
  - Drops desktop.ini file(s)
  - Checks processor information in registry
  - Modifies registry class
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SendNotifyMessage
  - Suspicious use of SetWindowsHookEx
  - Suspicious use of WriteProcessMemory
  PID:3056
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -parentBuildID 20250130195129 -prefsHandle 2008 -prefsLen 27100 -prefMapHandle 2012 -prefMapSize 270279 -ipcHandle 2088 -initialChannelId {35c5164f-9675-47ca-9a0a-2db412288ad6} -parentPid 3056 -crashReporter "\\.\pipe\gecko-crash-server-pipe.3056" -appDir "C:\Program Files\Mozilla Firefox\browser" - 1 gpu
    3⤵
    PID:1436
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -parentBuildID 20250130195129 -prefsHandle 2492 -prefsLen 27136 -prefMapHandle 2496 -prefMapSize 270279 -ipcHandle 2512 -initialChannelId {75fd93fb-dcb5-46c7-ba22-fd06b83f911a} -parentPid 3056 -crashReporter "\\.\pipe\gecko-crash-server-pipe.3056" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 2 socket
    3⤵
    PID:192
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -isForBrowser -prefsHandle 4028 -prefsLen 25164 -prefMapHandle 4032 -prefMapSize 270279 -jsInitHandle 4036 -jsInitLen 253512 -parentBuildID 20250130195129 -ipcHandle 4044 -initialChannelId {cc9ffd4e-b3ab-42fb-b3e4-6b5bd60db4b1} -parentPid 3056 -crashReporter "\\.\pipe\gecko-crash-server-pipe.3056" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 3 tab
    3⤵
    - Checks processor information in registry
    PID:4772
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -parentBuildID 20250130195129 -prefsHandle 4196 -prefsLen 27277 -prefMapHandle 4200 -prefMapSize 270279 -ipcHandle 4268 -initialChannelId {34e8c27f-7b85-4f5c-94ae-9fdfff0be4f2} -parentPid 3056 -crashReporter "\\.\pipe\gecko-crash-server-pipe.3056" -appDir "C:\Program Files\Mozilla Firefox\browser" - 4 rdd
    3⤵
    PID:4828
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -isForBrowser -prefsHandle 3232 -prefsLen 34776 -prefMapHandle 3048 -prefMapSize 270279 -jsInitHandle 3204 -jsInitLen 253512 -parentBuildID 20250130195129 -ipcHandle 3088 -initialChannelId {c5022590-5000-4464-b631-ada4206f2781} -parentPid 3056 -crashReporter "\\.\pipe\gecko-crash-server-pipe.3056" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 5 tab
    3⤵
    - Checks processor information in registry
    PID:5072
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -parentBuildID 20250130195129 -sandboxingKind 0 -prefsHandle 5092 -prefsLen 35013 -prefMapHandle 5040 -prefMapSize 270279 -ipcHandle 5128 -initialChannelId {b801b199-31e9-4d9d-ac66-184fed272657} -parentPid 3056 -crashReporter "\\.\pipe\gecko-crash-server-pipe.3056" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 6 utility
    3⤵
    - Checks processor information in registry
    PID:3392
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -isForBrowser -prefsHandle 5352 -prefsLen 32900 -prefMapHandle 5356 -prefMapSize 270279 -jsInitHandle 5360 -jsInitLen 253512 -parentBuildID 20250130195129 -ipcHandle 5368 -initialChannelId {05327079-f9f4-4d82-8ce4-7ce06c4db047} -parentPid 3056 -crashReporter "\\.\pipe\gecko-crash-server-pipe.3056" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 7 tab
    3⤵
    - Checks processor information in registry
    PID:1032
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -isForBrowser -prefsHandle 5620 -prefsLen 32952 -prefMapHandle 5624 -prefMapSize 270279 -jsInitHandle 5628 -jsInitLen 253512 -parentBuildID 20250130195129 -ipcHandle 5604 -initialChannelId {390bea96-b8cc-4c67-8682-93516400c52d} -parentPid 3056 -crashReporter "\\.\pipe\gecko-crash-server-pipe.3056" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 8 tab
    3⤵
    - Checks processor information in registry
    PID:3080
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -isForBrowser -prefsHandle 5788 -prefsLen 32952 -prefMapHandle 5792 -prefMapSize 270279 -jsInitHandle 5796 -jsInitLen 253512 -parentBuildID 20250130195129 -ipcHandle 5804 -initialChannelId {6cdabea0-d1eb-4d69-a776-33204e4af57b} -parentPid 3056 -crashReporter "\\.\pipe\gecko-crash-server-pipe.3056" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 9 tab
    3⤵
    - Checks processor information in registry
    PID:480
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -isForBrowser -prefsHandle 5524 -prefsLen 32952 -prefMapHandle 5604 -prefMapSize 270279 -jsInitHandle 5612 -jsInitLen 253512 -parentBuildID 20250130195129 -ipcHandle 5620 -initialChannelId {17dc9abc-8e09-4112-8cf2-f2ddbc474e53} -parentPid 3056 -crashReporter "\\.\pipe\gecko-crash-server-pipe.3056" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 10 tab
    3⤵
    - Checks processor information in registry
    PID:3640

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\ptqf56iz.default-release\activity-stream.contile.json

Filesize
4KB

MD5
d3b863089f98409febb47ff034e3ad27

SHA1
9e90cda57a97b4aefce8be68e1b4bdfb85e5c1e6

SHA256
5292f06ec63b9e110dbce64b9ef1f8f150c037ac1413a1352834f0f692be35c4

SHA512
f84166e493c23688cc548d2e8373fbc96f78f46deb06e3ffdba4fd2be492d9f2b25c0ca499a0fb29d0213f6da8a5bf23ac35c9666cecf248b9da3312b406fda1

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\ptqf56iz.default-release\activity-stream.discovery_stream.json

Filesize
33KB

MD5
65554907520516464850a491e11c431f

SHA1
f9ef9a1ef9f6a3a5831f69d65f9da9b8fb705835

SHA256
d0b7ebc3a9bcbf199231020c3f109f3359bec51766cb39be68ecaf94e517ddc0

SHA512
2255a22003dc85bdb49e4f5dd574c9aeb5ae1a256e40ac63e8629ecf4d4c480bd0f401d299858d05f35408612084ee6da1743d65b1753486102b9e4eaf7f9d3e

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\ptqf56iz.default-release\cache2\entries\E19316B1CDA62317F9DA2551F9B56E711FCC77AD

Filesize
13KB

MD5
1430cbbebc48bc543124d09c0f624f22

SHA1
60b70117855ef0fd4b143fb328260380432eccd4

SHA256
b8042711a12683bdba72448811531cccd060393bcef1a3693815986c88c5c5a1

SHA512
b319c276c157dae81a43b2c2d1657b8f7d755a235c657c9cf3e8626ccbd6628d970579abb67e8feca861a681c8ad388e8ed886240a21d181a559f345f093880d

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\ptqf56iz.default-release\personality-provider\nb_model_build_attachment_arts_and_entertainment.json

Filesize
67KB

MD5
6c651609d367b10d1b25ef4c5f2b3318

SHA1
0abcc756ea415abda969cd1e854e7e8ebeb6f2d4

SHA256
960065cc44a09bef89206d28048d3c23719d2f5e9b38cfc718ca864c9e0e91e9

SHA512
3e084452eefe14e58faa9ef0d9fda2d21af2c2ab1071ae23cde60527df8df43f701668ca0aa9d86f56630b0ab0ca8367803c968347880d674ad8217fba5d8915

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\ptqf56iz.default-release\personality-provider\nb_model_build_attachment_autos_and_vehicles.json

Filesize
44KB

MD5
39b73a66581c5a481a64f4dedf5b4f5c

SHA1
90e4a0883bb3f050dba2fee218450390d46f35e2

SHA256
022f9495f8867fea275ece900cfa7664c68c25073db4748343452dbc0b9eda17

SHA512
cfb697958e020282455ab7fabc6c325447db84ead0100d28b417b6a0e2455c9793fa624c23cb9b92dfea25124f59dcd1d5c1f43bf1703a0ad469106b755a7cdd

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\ptqf56iz.default-release\personality-provider\nb_model_build_attachment_beauty_and_fitness.json

Filesize
33KB

MD5
0ed0473b23b5a9e7d1116e8d4d5ca567

SHA1
4eb5e948ac28453c4b90607e223f9e7d901301c4

SHA256
eed46e8fe6ff20f89884b4fc68a81e8d521231440301a01bb89beec8ebad296b

SHA512
464508d7992edfa0dfb61b04cfc5909b7daacf094fc81745de4d03214b207224133e48750a710979445ee1a65bb791bf240a2b935aacaf3987e5c67ff2d8ba9c

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\ptqf56iz.default-release\personality-provider\nb_model_build_attachment_blogging_resources_and_services.json

Filesize
33KB

MD5
c82700fcfcd9b5117176362d25f3e6f6

SHA1
a7ad40b40c7e8e5e11878f4702952a4014c5d22a

SHA256
c9f2a779dba0bc886cc1255816bd776bdc2e8a6a8e0f9380495a92bb66862780

SHA512
d38e65ab55cee8fef538ad96448cd0c6b001563714fc7b37c69a424d0661ec6b7d04892cf4b76b13ddbc7d300c115e87e0134d47c3f38ef51617e5367647b217

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\ptqf56iz.default-release\personality-provider\nb_model_build_attachment_books_and_literature.json

Filesize
67KB

MD5
df96946198f092c029fd6880e5e6c6ec

SHA1
9aee90b66b8f9656063f9476ff7b87d2d267dcda

SHA256
df23a5b6f583ec3b4dce2aca8ff53cbdfadfd58c4b7aeb2e397eade5ff75c996

SHA512
43a9fc190f4faadef37e01fa8ad320940553b287ed44a95321997a48312142f110b29c79eed7930477bfb29777a5a9913b42bf22ce6bb3e679dda5af54a125ea

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\ptqf56iz.default-release\personality-provider\nb_model_build_attachment_business_and_industrial.json

Filesize
45KB

MD5
a92a0fffc831e6c20431b070a7d16d5a

SHA1
da5bbe65f10e5385cbe09db3630ae636413b4e39

SHA256
8410809ebac544389cf27a10e2cbd687b7a68753aa50a42f235ac3fc7b60ce2c

SHA512
31a8602e1972900268651cd074950d16ad989b1f15ff3ebbd8e21e0311a619eef4d7d15cdb029ea8b22cf3b8759fa95b3067b4faaadcb90456944dbc3c9806a9

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\ptqf56iz.default-release\personality-provider\nb_model_build_attachment_computers_and_electronics.json

Filesize
45KB

MD5
6ccd943214682ac8c4ec08b7ec6dbcbd

SHA1
18417647f7c76581d79b537a70bf64f614f60fa2

SHA256
ab20b97406b0d9bf4f695e5ec7db4ebad5efb682311e74ca757d45b87ffc106b

SHA512
e57573d6f494df8aa7e8e6a20427a18f6868e19dc853b441b8506998158b23c7a4393b682c83b3513aae5075a21148dd8ca854a11dabcea6a0a0db8f2e6828b8

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\ptqf56iz.default-release\personality-provider\nb_model_build_attachment_finance.json

Filesize
33KB

MD5
e95c2d2fc654b87e77b0a8a37aaa7fcf

SHA1
b4b00c9554839cab6a50a7ed8cd43d21fdaf35dc

SHA256
384bf5fcc6928200c7ebb1f03f99bf74f6063e78d3cd044374448f879799318e

SHA512
9696998a8d0e3a85982016ff0a22bb8ae1790410f1f6198bb379c0a192579f24c75c25c7648b76b00d25a32ac204178acaccd744ee78846dfc62ebf70bf7b93a

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\ptqf56iz.default-release\personality-provider\nb_model_build_attachment_food_and_drink.json

Filesize
67KB

MD5
70ba02dedd216430894d29940fc627c2

SHA1
f0c9aa816c6b0e171525a984fd844d3a8cabd505

SHA256
905357002f2eced8bba1be2285a9b83198f60d2f9bb1144b5c119994f2ec6e34

SHA512
3ae60d0bf3c45d28e340d97106790787be2cc80ba579d313b5414084664b86e89879391c99e94b6e33bdc5508ea42a9fd34f48ca9b1e7adfa7b6dd22c783c263

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\ptqf56iz.default-release\personality-provider\nb_model_build_attachment_games.json

Filesize
44KB

MD5
4182a69a05463f9c388527a7db4201de

SHA1
5a0044aed787086c0b79ff0f51368d78c36f76bc

SHA256
35e67835a5cf82144765dfb1095ebc84ac27d08812507ad0a2d562bf68e13e85

SHA512
40023c9f89e0357fae26c33a023609de96b2a0b439318ef944d3d5b335b0877509f90505d119154eaa81e1097ecfb5aa44dd8bb595497cdecfc3ee711a1fe1d5

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\ptqf56iz.default-release\personality-provider\nb_model_build_attachment_health.json

Filesize
33KB

MD5
11711337d2acc6c6a10e2fb79ac90187

SHA1
5583047c473c8045324519a4a432d06643de055d

SHA256
150f21c4f60856ab5e22891939d68d062542537b42a7ce1f8a8cec9300e7c565

SHA512
c2301ed72f623b22f05333c5ecc5ebf55d8a2d9593167cc453a66d8f42c05ff7c11e2709b6298912038a8ea6175f050bbc6d1fc4381f385f7ad7a952ad1e856b

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\ptqf56iz.default-release\personality-provider\nb_model_build_attachment_hobbies_and_leisure.json

Filesize
67KB

MD5
bb45971231bd3501aba1cd07715e4c95

SHA1
ea5bfd43d60a3d30cda1a31a3a5eb8ea0afa142a

SHA256
47db7797297a2a81d28c551117e27144b58627dbac1b1d52672b630d220f025d

SHA512
74767b1badbd32cacd3f996b8172df9c43656b11fea99f5a51fff38c6c6e2120fae8bdd0dd885234a3f173334054f580164fdf8860c27cbcf5fb29c5bcdc060d

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\ptqf56iz.default-release\personality-provider\nb_model_build_attachment_home_and_garden.json

Filesize
33KB

MD5
250acc54f92176775d6bdd8412432d9f

SHA1
a6ad9ad7519e5c299d4b4ba458742b1b4d64cb65

SHA256
19edd15ebce419b83469d2ab783c0c1377d72a186d1ff08857a82bca842eea54

SHA512
a52c81062f02c15701f13595f4476f0a07735034fcf177b1a65b001394a816020ee791fed5afae81d51de27630b34a85efa717fe80da733556fdda8739030f49

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\ptqf56iz.default-release\personality-provider\nb_model_build_attachment_internet_and_telecom.json

Filesize
67KB

MD5
36689de6804ca5af92224681ee9ea137

SHA1
729d590068e9c891939fc17921930630cd4938dd

SHA256
e646d43505c9c4e53dbaa474ef85d650a3f309ccf153d106f328d9b6aeb66d52

SHA512
1c4f4aa02a65a9bbdf83dc5321c24cbe49f57108881616b993e274f5705f0466be2dd3389055a725b79f3317c98bdf9f8d47f86d62ebd151e4c57cc4dca2487c

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\ptqf56iz.default-release\personality-provider\nb_model_build_attachment_jobs_and_education.json

Filesize
33KB

MD5
2d69892acde24ad6383082243efa3d37

SHA1
d8edc1c15739e34232012bb255872991edb72bc7

SHA256
29080288b2130a67414ecb296a53ddd9f0a4771035e3c1b2112e0ce656a7481a

SHA512
da391152e1fbce1f03607b486c5dea9a298a438e58e440ebb7b871bd5c62d7339b540eed115b4001b9840de1ba3898c6504872ff9094ba4d6a47455051c3f1c5

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\ptqf56iz.default-release\personality-provider\nb_model_build_attachment_law_and_government.json

Filesize
68KB

MD5
80c49b0f2d195f702e5707ba632ae188

SHA1
e65161da245318d1f6fdc001e8b97b4fd0bc50e7

SHA256
257ee9a218a1b7f9c1a6c890f38920eb7e731808e3d9b9fc956f8346c29a3e63

SHA512
972e95de7fe330c61cd22111bd3785999d60e7c02140809122d696a1f1f76f2cd0d63d6d92f657cdec24366d66b681e24f2735a8aabb8bcecec43c74e23fb4f5

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\ptqf56iz.default-release\personality-provider\nb_model_build_attachment_online_communities.json

Filesize
67KB

MD5
37a74ab20e8447abd6ca918b6b39bb04

SHA1
b50986e6bb542f5eca8b805328be51eaa77e6c39

SHA256
11b6084552e2979b5bc0fd6ffdc61e445d49692c0ae8dffedc07792f8062d13f

SHA512
49c6b96655ba0b5d08425af6815f06237089ec06926f49de1f03bc11db9e579bd125f2b6f3eaf434a2ccf10b262c42af9c35ab27683e8e9f984d5b36ec8f59fd

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\ptqf56iz.default-release\personality-provider\nb_model_build_attachment_people_and_society.json

Filesize
45KB

MD5
b1bd26cf5575ebb7ca511a05ea13fbd2

SHA1
e83d7f64b2884ea73357b4a15d25902517e51da8

SHA256
4990a5d17bea15617624c48a0c7c23d16e95f15e2ec9dd1d82ee949567bbaec0

SHA512
edcede39c17b494474859bc1a9bbf18c9f6abd3f46f832086db3bb1337b01d862452d639f89f9470ca302a6fcb84a1686853ebb4b08003cb248615f0834a1e02

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\ptqf56iz.default-release\personality-provider\nb_model_build_attachment_pets_and_animals.json

Filesize
44KB

MD5
5b26aca80818dd92509f6a9013c4c662

SHA1
31e322209ba7cc1abd55bbb72a3c15bc2e4a895f

SHA256
dd537bfb1497eb9457c0c8ecbd2846f325e13ddef3988fd293a29e68ab0b2671

SHA512
29038f9f3b9b12259fb42daa93cdefabb9fb32a10f0d20f384a72fe97214eff1864b7fa2674c37224b71309d7d9cea4e36abd24a45a0e65f0c61dc5ca161ec7c

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\ptqf56iz.default-release\personality-provider\nb_model_build_attachment_real_estate.json

Filesize
67KB

MD5
9899942e9cd28bcb9bf5074800eae2d0

SHA1
15e5071e5ed58001011652befc224aed06ee068f

SHA256
efcf6b2d09e89b8c449ffbcdb5354beaa7178673862ebcdd6593561f2aa7d99a

SHA512
9f7a5fbe6d46c694e8bc9b50e7843e9747ea3229cf4b00b8e95f1a5467bd095d166cbd523b3d9315c62e9603d990b8e56a018ba4a11d30ad607f5281cc42b4cd

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\ptqf56iz.default-release\personality-provider\nb_model_build_attachment_reference.json

Filesize
56KB

MD5
567eaa19be0963b28b000826e8dd6c77

SHA1
7e4524c36113bbbafee34e38367b919964649583

SHA256
3619daa64036d1f0197cdadf7660e390d4b6e8c1b328ed3b59f828a205a6ea49

SHA512
6766919b06ca209eaed86f99bee20c6dad9cc36520fc84e1c251a668bcfe0afcf720ea6c658268dc3bbaaf602bfdf61eb237c68e08d5252ea6e5d1d2a373b9fe

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\ptqf56iz.default-release\personality-provider\nb_model_build_attachment_science.json

Filesize
56KB

MD5
7a8fd079bb1aeb4710a285ec909c62b9

SHA1
8429335e5866c7c21d752a11f57f76399e5634b6

SHA256
9606ce3988b2d2a4921b58ac454f54e53a9ea8f358326522a8b1dcc751b50b32

SHA512
8fc1546e509b5386c9e1088e0e3a1b81f288ef67f1989f3e83888057e23769907a2b184d624a4e4c44fcd5b88d719bd4cca94dfb33798804a721b8be022ec0c6

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\ptqf56iz.default-release\personality-provider\nb_model_build_attachment_shopping.json

Filesize
67KB

MD5
97d4a0fd003e123df601b5fd205e97f8

SHA1
a802a515d04442b6bde60614e3d515d2983d4c00

SHA256
bfd7e68ddca6696c798412402965a0384df0c8c209931bbadabf88ccb45e3bb6

SHA512
111e8a96bc8e07be2d1480a820fc30797d861a48d80622425af00b009512aacb30a2df9052c53bfbf4ee0800b6e6f5b56daa93d33f30fecb52e2f3850dfa9130

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\ptqf56iz.default-release\personality-provider\nb_model_build_attachment_sports.json

Filesize
56KB

MD5
ce4e75385300f9c03fdd52420e0f822f

SHA1
85c34648c253e4c88161d09dd1e25439b763628c

SHA256
44da98b03350e91e852fe59f0fc05d752fc867a5049ab0363da8bb7b7078ad14

SHA512
d119dc4706bbf3b6369fe72553cfacf1c9b2688e0188a7524b56d3e2ac85582a18bbee66d5594e0fb40767432646c23bf3e282090bd9b4c29f989a374aeae61f

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\ptqf56iz.default-release\personality-provider\nb_model_build_attachment_travel.json

Filesize
67KB

MD5
48139e5ba1c595568f59fe880d6e4e83

SHA1
5e9ea36b9bb109b1ecfc41356cd5c8c9398d4a78

SHA256
4336ac211a822b0a5c3ce5de0d4730665acc351ee1965ea8da1c72477e216dfa

SHA512
57e826f0e1d9b12d11b05d47e2f5ae4f5787537862f26e039918cb14faff4bc854298c0b7de3023e371756a331c0f3ee1aa7cebbbf94ec70cdfc29e00a900ed1

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\ptqf56iz.default-release\personality-provider\recipe_attachment.json

Filesize
1KB

MD5
be3d0f91b7957bbbf8a20859fd32d417

SHA1
fbc0380fe1928d6d0c8ab8b0a793a2bba0722d10

SHA256
fc07d42847eeaf69dcbf1b9a16eb48b141c11feb67aa40724be2aee83cb621b7

SHA512
8da24afcf587fbd4f945201702168e7cfc12434440200d00f09ddcd1d1d358a5e01065ac2a411fdf96a530e94db3697e3530578b392873cf874476b5e65d774a

Download Submit
C:\Users\Admin\AppData\Local\Temp\remote-settings-startup-bundle-

Filesize
183KB

MD5
fc6ae667156314aeca251f84823cc04f

SHA1
3e5fc5d8843888151fcd7f8c2c641082e62f25da

SHA256
35b6261c710baf813181a24139b2b9bbc087480cc785e4140b2a9407b6d3d253

SHA512
a1fd6af17d53e48c38d8f1f101f7ec8d14d3c71ef695fc038c4eeb80fb70b5ab34e2f313002e55cb129c80e69cdbb085b14774535579cdf1ae5dead395fe1a6e

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon

Filesize
502KB

MD5
e690f995973164fe425f76589b1be2d9

SHA1
e947c4dad203aab37a003194dddc7980c74fa712

SHA256
87862f4bc8559fbe578389a9501dc01c4c585edb4bb03b238493327296d60171

SHA512
77991110c1d195616e936d27151d02e4d957be6c20a4f3b3511567868b5ddffc6abbfdc668d17672f5d681f12b20237c7905f9b0daaa6d71dcdac4b38f2448b2

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon

Filesize
14.0MB

MD5
bcceccab13375513a6e8ab48e7b63496

SHA1
63d8a68cf562424d3fc3be1297d83f8247e24142

SHA256
a6af95a209b2e652ed6766804b9b8ad6b6a68f2c610b8f14713cd40df0d62bf9

SHA512
d94483deaae98bf9212699f1ab0bd913f6151a63e65ebc1ea644ab98d5e3ebd74ecaa08f70aca31e11a5d2c64d1504b723817af35bbe9d7b05c758dd6945d484

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\AARGA2DCOWNUJDAFN4IM.temp

Filesize
7KB

MD5
649c3d47dbb34ace2386e86050c427f7

SHA1
8f678f79fb4c881803120663fc9cb065552a3e65

SHA256
a09cf47c4cb2d5afdb720771a4bdfba979bc207f6825be1e4f03660c1b06246c

SHA512
09e65a59527a7874b902d0b11b5fd6ba89bb9bbbd1171fb0e0f47c847bdaf313f68ef7a7e2c4db265c9050ec521e50b1d36cc42bb520fc995164141b2bde8022

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ptqf56iz.default-release\AlternateServices.bin

Filesize
8KB

MD5
c112a5379cf121904724662b49b77683

SHA1
eaf274c405071a22d02c2ec5f603ba425cc70f2a

SHA256
d32d5334ea25e72989d0c48c37883a82dd73d2d35bec56e19bcd6403c6f3b9b7

SHA512
ef9a7d6f4fbb90cd77daa5977f431c83d6d003ffba4c9e891d6063e4e86252b967526fc489979f7db98112b8234b933f03e7787197caa8011444c6c2ee8bb56f

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ptqf56iz.default-release\bookmarkbackups\bookmarks-2025-03-22_10_3_Se4dOL0uXhTe-9HQAuCN1hT4fRp5ySHMXt362a4bE=.jsonlz4

Filesize
857B

MD5
b0fd89dafedc4762af143a582b6db5c3

SHA1
129b60b63741aeeca2a66cc1c7b122c001f2d303

SHA256
e1ac4673fbcaa4b41a31269410cbde29b9f66e61e72d5433be17a500e1dc4a35

SHA512
fffd7cff5bf8ea78d08cd0a49d4287f969ef5101125759c7b20b62a791030390ae99396dd32c61d60d9edfa76b048d1caa59066b6544a4f8614180144d85e4de

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ptqf56iz.default-release\datareporting\glean\db\data.safe.tmp

Filesize
4KB

MD5
8a26086e9c95d2b559ed225d48ca0420

SHA1
134a76775f8d22ae73184d47e4aafeb8542a40df

SHA256
148a3852059d3a37c1803683798b32f39275fb2d5181a4bdb017d7f78e08f92b

SHA512
03b7922c3cc5c2a7eefd298737974036508037f9d1ee3165069a228346f8c8c4d35d48278e0d91705a1d62048f2fa01b6fc6e27258b17f6d339fbfd4f12d13e4

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ptqf56iz.default-release\datareporting\glean\db\data.safe.tmp

Filesize
6KB

MD5
34afff01610182571df80fec6db3da39

SHA1
14c188fc4924d41703005adea043ba7bb913d7b0

SHA256
a0aae13837322a4a14728e8981de65c6a1d8e2555f092411e4805a397247e896

SHA512
98c97ce11c80a7a97da9c9c7745ff10a45345fe05a76f816d4d7c48e4c19241fb218dbfc2c61c8661f4fffbb39e7ba09e41749f1330db3786abfe12239aa994d

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ptqf56iz.default-release\datareporting\glean\db\data.safe.tmp

Filesize
73KB

MD5
6f82d329c13dcf3558ab262b1c31f0ae

SHA1
c3c631836dd7c249a5cabf0b0d3f5223b60492ae

SHA256
b18c46d7c60504f5a5550ce3eb474313b38f5d6adf37feaa1482ed072afd89c8

SHA512
818766bdaff38b862d3b1b7f9862fbc327911896397e30d8f9324fb862996f182464ad36c4643fcea0a81374dde91a8173cbbb6a5327a653bbf7c870047daf9a

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ptqf56iz.default-release\datareporting\glean\pending_pings\11c2db30-c014-4e8c-8d42-59e97ba69e89

Filesize
2KB

MD5
24348a2111283c4238fe1767072e4ed4

SHA1
7ead1f56d20a72747ce7e1e4912e6fee40196fdd

SHA256
1ce7c7e15232522e0a535e6bbc32ee02308104625387e75e9fa302e0a0658e89

SHA512
cbbd58a876586b2ad7d9c5d481f5fb32197bbd90790316baeafe4d987c8a1fecffc75a98b9a269118a0c3a5451f7b7135a6b2a201e987c0e319d2c7c7f30b146

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ptqf56iz.default-release\datareporting\glean\pending_pings\53282931-31af-43d1-9b03-f9a8f214b021

Filesize
235B

MD5
623647e38b417785569b66ce5217c710

SHA1
94de19fcaa5e6ee3ff822d947267906a10595e01

SHA256
19178d26b16b4a2ff2aab69f21ab3d4b589a3cb2a2aba4ecef0f2c8bc1743780

SHA512
c1ad016cd181d7b4298fa6ecae708096ce4f5d483cb6c2efc00418e2240db51aabebd6a326bf6b1625b09d73159269aafe5e244fc35095504140c0719956609b

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ptqf56iz.default-release\datareporting\glean\pending_pings\89ba9535-b58c-4881-b997-d52da035c60b

Filesize
235B

MD5
23ef76d6741797cee4703003d32dedbb

SHA1
e6242f19bd71402c93da96b5112ebc2ffe0488e4

SHA256
902ccf4d4236aa68e6814c1e444e1ea5233bb8221bdd079874917b5ba35cd1c7

SHA512
37adacb270df89de197a2d3c514c9c57aea30621263c8f289e7b26693e01e66ff9ab8af89121b1c7c488365494beef3196608aed5cdb0ec6081a4dc82b4a1c18

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ptqf56iz.default-release\datareporting\glean\pending_pings\e11c7661-9ea2-401f-99db-6141c18e1231

Filesize
883B

MD5
653e1cf982b192b7c84bb0666336bb11

SHA1
76533d9f346c26bc316507963cd46e56df0e4d1e

SHA256
f0e1046d5ed7c2ad94d62a054ee56f1480fe8ec06ba8ead43fb42f5cc3a249da

SHA512
cf8be9b11d49d2f09238e5e3050e0b97d050541aa50b9fb0c16e3a1d8fb4113b175b56de8b6d3785d4bb5b7cd23870bb827b98e62744a7edc686c0dc97c0f54e

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ptqf56iz.default-release\datareporting\glean\pending_pings\e7fc35a0-88bd-43e3-816b-3eb15392ce6d

Filesize
17KB

MD5
b74e702e9ce32d21286313af146e9a4b

SHA1
a0ad80dcb817b3f368560238c324a426f191176a

SHA256
0c955fe5e038f76772696f822ab7f1c41f80044db02aff6af8570c50d5c2ab28

SHA512
8ef38d5973edbb821be9c4fa48261c25edefc308e4b5385d72e06ebb249e0ef0a54e25390da9b347690270c9c5faac5a603d1d4d7a9c899be3d3c50bbfa5198f

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ptqf56iz.default-release\datareporting\glean\pending_pings\f65df972-c3a4-4ddc-912d-ed71a84f1578

Filesize
886B

MD5
eb6a95bec9c6c3a2e234b623d5193597

SHA1
1c4c4564ef831c283757ff3b17f4867561a78131

SHA256
56a4e35d34501ac900d7c3bd65661c94a12f237b95462528de25b8b7ffc7cc97

SHA512
ff1b6dee4f74646d7ec1670fc49f5016fb95fb6c6394864dcf2ecf8fa87f3c172a2955b9d9e236953bf64d2ff38e3763cebf0e5958ee57c621959354e214f7b6

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ptqf56iz.default-release\extensions.json

Filesize
14KB

MD5
2c2c204e58026335e95efcac95f1b304

SHA1
8ed2f9115c6323c5e2e06eb1b9e30e66c06fed20

SHA256
ba3374a51a8f983c1a435669e2d7fc3c994d7f3a17b3213cf3f641973ced90e8

SHA512
ba3dbf0f6e233a2f2bc4c8f0ab493a4c5da842f203db6a8224a17909edffaa9ba46e8acc9d0e2541c0d7f852530cfc3badb7a3dc467ad9445aa0fc5c9870a41a

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ptqf56iz.default-release\gmp-gmpopenh264\2.6.0\gmpopenh264.dll

Filesize
1.1MB

MD5
626073e8dcf656ac4130e3283c51cbba

SHA1
7e3197e5792e34a67bfef9727ce1dd7dc151284c

SHA256
37c005a7789747b412d6c0a6a4c30d15732da3d857b4f94b744be1a67231b651

SHA512
eebdeef5e47aeadfeebdbab8625f4ec91e15c4c4e4db4be91ea41be4a3da1e1afeed305f6470e5d6b2a31c41cbfb5548b35a15fccd7896d3fde7cdf402d7a339

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ptqf56iz.default-release\gmp-gmpopenh264\2.6.0\gmpopenh264.info

Filesize
116B

MD5
ae29912407dfadf0d683982d4fb57293

SHA1
0542053f5a6ce07dc206f69230109be4a5e25775

SHA256
fe7686a6281f0ab519c32c788ce0da0d01640425018dcffcfcb81105757f6fe6

SHA512
6f9083152c02f93a900cb69b1ce879e0c0d69453f1046280ca549a0301ae7925facdda6329f7ccb61726addee78ba2fffc5ba3491a185f139f3155716caf0a8d

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ptqf56iz.default-release\gmp-widevinecdm\4.10.2891.0\manifest.json

Filesize
1001B

MD5
32aeacedce82bafbcba8d1ade9e88d5a

SHA1
a9b4858d2ae0b6595705634fd024f7e076426a24

SHA256
4ed3c6389f6f7cd94db5cd0f870c34a296fc0de3b1e707fccf01645b455790ce

SHA512
67dfe5632188714ec87f3c79dbe217a0ae4dfb784f3fac63affd20fef8b8ef1978c28b3bf7955f3daaf3004ac5316b1ffa964683b0676841bab4274c325c6e2b

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ptqf56iz.default-release\gmp-widevinecdm\4.10.2891.0\widevinecdm.dll

Filesize
18.5MB

MD5
1b32d1ec35a7ead1671efc0782b7edf0

SHA1
8e3274b9f2938ff2252ed74779dd6322c601a0c8

SHA256
3ed0dec36754402707c2ae4fbfa887fe3089945f6f7c1a8a3e6c1e64ad1c2648

SHA512
ab452caa2a529b5bf3874c291f1ffb2a30d9ea43dae5df6a6995dde4bc3506648c749317f0d8e94c31214e62f18f855d933b6d0b6b44634b01e058d3c5fcb499

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ptqf56iz.default-release\prefs-1.js

Filesize
6KB

MD5
35bb13ce7d00870cd1674abae0c4a08c

SHA1
7173b8289ce517106f026da466268af40d0f3b0f

SHA256
6d45a4f2aab870ecd28b49a331d3c4ad7e2a481101399e5caf3820478ccb4f2e

SHA512
507816a2b96267f43efed89b20435052f40fa5d256fbcc20f4a33d1425f5aa2074f69e43811857aff3e266ca3d1afedfff9cbadcde99ebfe63d2a6df961eaa98

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ptqf56iz.default-release\prefs-1.js

Filesize
7KB

MD5
8ffa14024143a85ae2846980cbcf3ae1

SHA1
5bfcbbb45760a8df97daf9c6fef7c39fbec8796d

SHA256
f90d29c583fe94f2c3d8db24b0183ef3adf61be0471d6095dd0e846973d5819a

SHA512
3d9eb7a433704cbcf1593f4a41bbbd33b8c6905715c6bb68aa7a12ee0fee64c0fb101b95da96c3df8785432496199ee90878b851b3e31d1bcd46810dbd252089

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ptqf56iz.default-release\prefs-1.js

Filesize
11KB

MD5
bbaa42ca793e6816e1fdc3c142debe95

SHA1
e356eac97862c7583aeec203303f688f68dd005b

SHA256
438495d01a6658d65802d913bac69ac184c3b6db006f232b7e8953adbf00e1d5

SHA512
d02d907a26a473c0e8d0307bd8a779f7fd0912bffeedfce1395d256721b67944a794d0cff1b5adf93271567b687c4326ab42e22c074857dc63362c4a6599ef46

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ptqf56iz.default-release\prefs.js

Filesize
6KB

MD5
03403ba474b24f3a51761cde38139ad3

SHA1
7d4f38b86548474d3f9273e924b80e2a76ed3bfa

SHA256
91c5685b9b7023fbc97d3f1ee76013d8eb5df5f216b337b79d50f8ac624e91e6

SHA512
5852ce26620244f88da69fc2eacde6d22498ae150fe6bef874d4d622176b2b6371590061d21f0a9fb2270253ef6f96fbc3d42268ce3f44867d71f5a13d15921f

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ptqf56iz.default-release\sessionstore-backups\recovery.baklz4

Filesize
1KB

MD5
de256f85158b2efd01a6b2664aef2b90

SHA1
85b1dae1322bea8e12d8e9b6bd507a0267efaec6

SHA256
f10f6946dfe5f4d9e2ed08d8502b0f0e7e91253b15b35296b67bda3d2fe6b04b

SHA512
4b1be1ac2bd36c9870e35aa48955da9555f5402409c2c96383ab01876ffb13be5c95554f5fb6f966901e3f52b84e056d85b077e528c62a0b7f1ea33d0aa98e4d

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ptqf56iz.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
1KB

MD5
aa68e81d6ae7122811e73164c820ec44

SHA1
25cc3a4727dd3f2e5e3a686d5eef467000a60150

SHA256
0c28a6d32ffce47165816ef859401335060f6885286070f71508ffce616eaf8e

SHA512
4b97fcfd55f9e4bd3f7e1852fd0219313161578b4aac9a124052cffc5d9edafadb182f9959b5001274db186bae17c8372abf5d15e5f39dbf04b94a58feb458a1

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ptqf56iz.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

Filesize
3.5MB

MD5
74790b4d4bef3f24210e05d73741079e

SHA1
d87c26db385054783c6973448d835e795b650b8e

SHA256
8a52e126a7ffe3529bc464dba659840fa21d7b2fc61b5ddab21190a2b25466e7

SHA512
af3720cbb0a89e92e97b83164765fe844456189a8262336880adc2af458b0c39eaa529cd367f1f1ae3f35338e5c16bbceae148f4e2ab8a8a99a19bfe6ceaaf12

Download Submit