General Info

File name

Steam登陆授权.exe

Full analysis
https://app.any.run/tasks/ff639c7d-51c9-43e6-bdff-792c1edba79d
Verdict
Malicious activity
Analysis date
7/18/2019, 14:45:47
OS:
Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Indicators:

MIME:
application/x-dosexec
File info:
PE32 executable (GUI) Intel 80386, for MS Windows
MD5

3eb0176fa3e29e1b3614334889e3b5b9

SHA1

24ca9a4212cf03c1046551ced68cfe73fd7866dd

SHA256

1e6ef5515cb9f38ae8d9e1c7d2d5d22f6efe8320234aaa88b2511d61f5814a00

SSDEEP

12288:CWbZeLhGdlOPk83beblt8O4fZlzUu7bFjGYCNL:C1hG/R8rebQOYquvFjiNL

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distored by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

Software environment set and analysis options

Launch configuration

Task duration
60 seconds
Additional time used
none
Fakenet option
off
Heavy Evaision option
off
MITM proxy
off
Route via Tor
off
Network geolocation
off
Privacy
Public submission
Autoconfirmation of UAC
on

Software preset

  • Internet Explorer 8.0.7601.17514
  • Adobe Acrobat Reader DC MUI (15.023.20070)
  • Adobe Flash Player 26 ActiveX (26.0.0.131)
  • Adobe Flash Player 26 NPAPI (26.0.0.131)
  • Adobe Flash Player 26 PPAPI (26.0.0.131)
  • Adobe Refresh Manager (1.8.0)
  • CCleaner (5.35)
  • FileZilla Client 3.36.0 (3.36.0)
  • Google Chrome (75.0.3770.100)
  • Google Update Helper (1.3.34.7)
  • Java 8 Update 92 (8.0.920.14)
  • Java Auto Updater (2.8.92.14)
  • Microsoft .NET Framework 4.7.2 (4.7.03062)
  • Microsoft Office Access MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Access Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Excel MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office OneNote MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Outlook MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office PowerPoint MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Professional 2010 (14.0.6029.1000)
  • Microsoft Office Proof (English) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (French) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (Spanish) 2010 (14.0.6029.1000)
  • Microsoft Office Proofing (English) 2010 (14.0.6029.1000)
  • Microsoft Office Publisher MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Single Image 2010 (14.0.6029.1000)
  • Microsoft Office Word MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (9.0.30729.6161)
  • Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (10.0.40219)
  • Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (12.0.30501.0)
  • Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.21.27702 (14.21.27702.2)
  • Microsoft Visual C++ 2019 X86 Additional Runtime - 14.21.27702 (14.21.27702)
  • Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.21.27702 (14.21.27702)
  • Mozilla Firefox 67.0.4 (x86 en-US) (67.0.4)
  • Notepad++ (32-bit x86) (7.5.1)
  • Opera 12.15 (12.15.1748)
  • Skype version 8.29 (8.29)
  • Update for Microsoft .NET Framework 4.7.2 (KB4087364) (1)
  • VLC media player (2.2.6)
  • WinRAR 5.60 (32-bit) (5.60.0)

Hotfixes

  • Client LanguagePack Package
  • Client Refresh LanguagePack Package
  • CodecPack Basic Package
  • Foundation Package
  • IE Troubleshooters Package
  • InternetExplorer Optional Package
  • KB2534111
  • KB2999226
  • KB4019990
  • KB976902
  • LocalPack AU Package
  • LocalPack CA Package
  • LocalPack GB Package
  • LocalPack US Package
  • LocalPack ZA Package
  • ProfessionalEdition
  • UltimateEdition

Behavior activities

MALICIOUS SUSPICIOUS INFO

No malicious indicators.

No suspicious indicators.

Manual execution by user
  • firefox.exe (PID: 3552)
Reads CPU info
  • firefox.exe (PID: 3552)
Application launched itself
  • firefox.exe (PID: 3552)
Creates files in the user directory
  • firefox.exe (PID: 3552)

Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report

Static information

TRiD
.exe
|   Win32 Executable MS Visual C++ (generic) (42.2%)
.exe
|   Win64 Executable (generic) (37.3%)
.dll
|   Win32 Dynamic Link Library (generic) (8.8%)
.exe
|   Win32 Executable (generic) (6%)
.exe
|   Generic Win/DOS Executable (2.7%)
EXIF
EXE
MachineType:
Intel 386 or later, and compatibles
TimeStamp:
2018:05:07 06:14:15+02:00
PEType:
PE32
LinkerVersion:
6
CodeSize:
528384
InitializedDataSize:
184320
UninitializedDataSize:
null
EntryPoint:
0x63021
OSVersion:
4
ImageVersion:
null
SubsystemVersion:
4
Subsystem:
Windows GUI
FileVersionNumber:
1.0.0.0
ProductVersionNumber:
1.0.0.0
FileFlagsMask:
0x0000
FileFlags:
(none)
FileOS:
Win32
ObjectFileType:
Executable application
FileSubtype:
null
LanguageCode:
Chinese (Simplified)
CharacterSet:
Unicode
FileVersion:
1.0.0.0
FileDescription:
易语言程序
ProductName:
易语言程序
ProductVersion:
1.0.0.0
LegalCopyright:
作者版权所有 请尊重并使用正版
Comments:
本程序使用易语言编写(http://www.dywt.com.cn)
Summary
Architecture:
IMAGE_FILE_MACHINE_I386
Subsystem:
IMAGE_SUBSYSTEM_WINDOWS_GUI
Compilation Date:
07-May-2018 04:14:15
Detected languages
Chinese - PRC
FileVersion:
1.0.0.0
FileDescription:
易语言程序
ProductName:
易语言程序
ProductVersion:
1.0.0.0
LegalCopyright:
作者版权所有 请尊重并使用正版
Comments:
本程序使用易语言编写(http://www.dywt.com.cn)
DOS Header
Magic number:
MZ
Bytes on last page of file:
0x0090
Pages in file:
0x0003
Relocations:
0x0000
Size of header:
0x0004
Min extra paragraphs:
0x0000
Max extra paragraphs:
0xFFFF
Initial SS value:
0x0000
Initial SP value:
0x00B8
Checksum:
0x0000
Initial IP value:
0x0000
Initial CS value:
0x0000
Overlay number:
0x0000
OEM identifier:
0x0000
OEM information:
0x0000
Address of NE header:
0x000000F8
PE Headers
Signature:
PE
Machine:
IMAGE_FILE_MACHINE_I386
Number of sections:
4
Time date stamp:
07-May-2018 04:14:15
Pointer to Symbol Table:
0x00000000
Number of symbols:
0
Size of Optional Header:
0x00E0
Characteristics
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_RELOCS_STRIPPED
Sections
Name Virtual Address Virtual Size Raw Size Charateristics Entropy
.text 0x00001000 0x0008089E 0x00081000 IMAGE_SCN_CNT_CODE,IMAGE_SCN_MEM_EXECUTE,IMAGE_SCN_MEM_READ 6.57002
.rdata 0x00082000 0x00012DD4 0x00013000 IMAGE_SCN_CNT_INITIALIZED_DATA,IMAGE_SCN_MEM_READ 4.54908
.data 0x00095000 0x000246E8 0x00012000 IMAGE_SCN_CNT_INITIALIZED_DATA,IMAGE_SCN_MEM_READ,IMAGE_SCN_MEM_WRITE 4.99486
.rsrc 0x000BA000 0x000076D0 0x00008000 IMAGE_SCN_CNT_INITIALIZED_DATA,IMAGE_SCN_MEM_READ 4.54925
Resources
1

2

3

4

5

6

7

8

127

150

286

554

1031

1032

1033

1037

1038

1039

1084

1124

1134

1138

1139

1140

1141

1142

1143

1144

1145

1150

1151

1152

3841

3842

3843

3857

3858

3859

3865

3866

3867

3868

3869

26567

30721

30722

30977

30994

30995

30996

DEFAULT_ICON

Imports
    KERNEL32.dll

    USER32.dll

    GDI32.dll

    WINMM.dll

    WINSPOOL.DRV

    ADVAPI32.dll

    SHELL32.dll

    ole32.dll

    OLEAUT32.dll

    COMCTL32.dll

    WS2_32.dll

    comdlg32.dll

Exports

    No exports.

Screenshots

Processes

Total processes
38
Monitored processes
6
Malicious processes
0
Suspicious processes
0

Behavior graph

+
start steam登陆授权.exe no specs firefox.exe firefox.exe no specs firefox.exe firefox.exe firefox.exe
Specs description
Program did not start
Integrity level elevation
Task сontains an error or was rebooted
Process has crashed
Task contains several apps running
Executable file was dropped
Debug information is available
Process was injected
Network attacks were detected
Application downloaded the executable file
Actions similar to stealing personal data
Behavior similar to exploiting the vulnerability
Inspected object has sucpicious PE structure
File is detected by antivirus software
CPU overrun
RAM overrun
Process starts the services
Process was added to the startup
Behavior similar to spam
Low-level access to the HDD
Probably Tor was used
System was rebooted
Connects to the network
Known threat

Process information

Click at the process to see the details.

PID
2992
CMD
"C:\Users\admin\AppData\Local\Temp\Steam登陆授权.exe"
Path
C:\Users\admin\AppData\Local\Temp\Steam登陆授权.exe
Indicators
No indicators
Parent process
––
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Description
易语言程序
Version
1.0.0.0
Modules
Image
c:\users\admin\appdata\local\temp\steam登陆授权.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\winmm.dll
c:\windows\system32\winspool.drv
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\shell32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\propsys.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\profapi.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\shdocvw.dll
c:\program files\common files\microsoft shared\ink\tiptsf.dll
c:\windows\system32\explorerframe.dll
c:\windows\system32\duser.dll
c:\windows\system32\dui70.dll
c:\windows\system32\windowscodecs.dll
c:\windows\system32\ehstorshell.dll
c:\windows\system32\cscui.dll
c:\windows\system32\cscdll.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\slc.dll
c:\windows\system32\imageres.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\xmllite.dll
c:\windows\system32\msftedit.dll
c:\windows\system32\msls31.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\structuredquery.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\actxprxy.dll
c:\program files\internet explorer\ieproxy.dll
c:\windows\system32\thumbcache.dll
c:\windows\system32\psapi.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\searchfolder.dll
c:\windows\system32\samcli.dll
c:\windows\system32\samlib.dll
c:\windows\system32\netutils.dll
c:\windows\system32\linkinfo.dll
c:\windows\system32\networkexplorer.dll
c:\windows\system32\mpr.dll
c:\windows\system32\drprov.dll
c:\windows\system32\winsta.dll
c:\windows\system32\ntlanman.dll
c:\windows\system32\davclnt.dll
c:\windows\system32\davhlpr.dll
c:\windows\system32\wkscli.dll
c:\windows\system32\wpdshext.dll
c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll
c:\windows\system32\portabledeviceapi.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\audiodev.dll
c:\windows\system32\wmvcore.dll
c:\windows\system32\wmasf.dll
c:\windows\system32\ehstorapi.dll
c:\program files\videolan\vlc\vlc.exe

PID
3552
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe"
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
Parent process
––
User
admin
Integrity Level
MEDIUM
Version:
Company
Mozilla Corporation
Description
Firefox
Version
67.0.4
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\avrt.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\kbdus.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\psapi.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\wbem\wbemprox.dll
c:\windows\system32\wbemcomn.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\wship6.dll
c:\windows\system32\winsta.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\wbem\wbemsvc.dll
c:\windows\system32\wbem\fastprox.dll
c:\windows\system32\ntdsapi.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\mscms.dll
c:\windows\system32\wpc.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\samcli.dll
c:\windows\system32\samlib.dll
c:\windows\system32\netutils.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\audioses.dll
c:\windows\system32\d2d1.dll
c:\program files\google\update\1.3.34.11\npgoogleupdate3.dll
c:\windows\system32\msimg32.dll
c:\program files\mozilla firefox\softokn3.dll
c:\program files\mozilla firefox\freebl3.dll
c:\progra~1\mozill~1\nssckbi.dll
c:\windows\system32\wininet.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\explorerframe.dll
c:\windows\system32\duser.dll
c:\windows\system32\dui70.dll
c:\windows\system32\actxprxy.dll
c:\program files\adobe\acrobat reader dc\reader\acrord32.exe

PID
2968
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3552.0.1955992710\218003012" -parentBuildID 20190619235627 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 3552 "\\.\pipe\gecko-crash-server-pipe.3552" 1168 gpu
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
No indicators
Parent process
firefox.exe
User
admin
Integrity Level
MEDIUM
Version:
Company
Mozilla Corporation
Description
Firefox
Version
67.0.4
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\mf.dll
c:\windows\system32\atl.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\dxva2.dll
c:\windows\system32\evr.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\wship6.dll
c:\windows\system32\wshqos.dll

PID
3564
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3552.3.1059077551\1505444233" -childID 1 -isForBrowser -prefsHandle 1576 -prefMapHandle 1648 -prefsLen 1 -prefMapSize 188076 -parentBuildID 20190619235627 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 3552 "\\.\pipe\gecko-crash-server-pipe.3552" 1720 tab
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
Parent process
firefox.exe
User
admin
Integrity Level
LOW
Version:
Company
Mozilla Corporation
Description
Firefox
Version
67.0.4
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\wship6.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\mscms.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\audioses.dll
c:\program files\mozilla firefox\softokn3.dll
c:\program files\mozilla firefox\freebl3.dll
c:\windows\system32\wpc.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\samcli.dll
c:\windows\system32\samlib.dll
c:\windows\system32\netutils.dll
c:\program files\mozilla firefox\mozavutil.dll
c:\program files\mozilla firefox\mozavcodec.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\mf.dll
c:\windows\system32\atl.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\dxva2.dll
c:\windows\system32\evr.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\msmpeg2vdec.dll
c:\windows\system32\slc.dll
c:\windows\system32\sqmapi.dll
c:\windows\system32\bcrypt.dll

PID
2380
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3552.13.242434138\342085571" -childID 2 -isForBrowser -prefsHandle 2672 -prefMapHandle 2676 -prefsLen 5842 -prefMapSize 188076 -parentBuildID 20190619235627 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 3552 "\\.\pipe\gecko-crash-server-pipe.3552" 2728 tab
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
Parent process
firefox.exe
User
admin
Integrity Level
LOW
Version:
Company
Mozilla Corporation
Description
Firefox
Version
67.0.4
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\windows\system32\shell32.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\wship6.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\mscms.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\audioses.dll
c:\program files\mozilla firefox\softokn3.dll
c:\program files\mozilla firefox\freebl3.dll

PID
2956
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3552.20.2055729047\971574112" -childID 3 -isForBrowser -prefsHandle 3600 -prefMapHandle 3604 -prefsLen 6778 -prefMapSize 188076 -parentBuildID 20190619235627 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 3552 "\\.\pipe\gecko-crash-server-pipe.3552" 3616 tab
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
Parent process
firefox.exe
User
admin
Integrity Level
LOW
Version:
Company
Mozilla Corporation
Description
Firefox
Version
67.0.4
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\shell32.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\wship6.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\mscms.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\audioses.dll

Registry activity

Total events
950
Read events
880
Write events
70
Delete events
0

Modification events

PID
Process
Operation
Key
Name
Value
2992
Steam登陆授权.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\FirstFolder
0
43003A005C00550073006500720073005C00610064006D0069006E005C0041007000700044006100740061005C004C006F00630061006C005C00540065006D0070005C0053007400650061006D007B764696886343672E00650078006500000043003A005C00550073006500720073005C00610064006D0069006E005C0041007000700044006100740061005C004C006F00630061006C005C00540065006D0070000000
2992
Steam登陆授权.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\FirstFolder
MRUListEx
00000000FFFFFFFF
2992
Steam登陆授权.exe
write
HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\BagMRU
NodeSlots
020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202
2992
Steam登陆授权.exe
write
HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\BagMRU
MRUListEx
0700000001000000020000000000000006000000030000000500000004000000FFFFFFFF
2992
Steam登陆授权.exe
write
HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\7
MRUListEx
0100000000000000FFFFFFFF
2992
Steam登陆授权.exe
write
HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\7\1\0
1
4A00310000000000F24EC065102054656D700000360008000400EFBE454B814AF24EC0652A00000090010000000002000000000000000000000000000000540065006D007000000014000000
2992
Steam登陆授权.exe
write
HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\7\1\0
MRUListEx
0100000000000000FFFFFFFF
2992
Steam登陆授权.exe
write
HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\BagMRU
NodeSlots
02020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202
2992
Steam登陆授权.exe
write
HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\7\1\0\1
NodeSlot
100
2992
Steam登陆授权.exe
write
HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\7\1\0\1
MRUListEx
FFFFFFFF
2992
Steam登陆授权.exe
write
HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\Bags\100\Shell
KnownFolderDerivedFolderType
{57807898-8C4F-4462-BB63-71042380B109}
2992
Steam登陆授权.exe
write
HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\Bags\100\Shell
SniffedFolderType
Generic
2992
Steam登陆授权.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\70\52C64B7E
LanguageList
en-US
2992
Steam登陆授权.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\CIDSizeMRU
1
53007400650061006D007B764696886343672E0065007800650000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000C5010000BE000000450400009E020000000000000000000000000000000000000100000000000000
2992
Steam登陆授权.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\CIDSizeMRU
1
53007400650061006D007B764696886343672E006500780065000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000C2010000FA0000003E030000D601000000000000000000000000000000000000C5010000BE000000450400009E020000000000000000000000000000000000000100000000000000
2992
Steam登陆授权.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\CIDSizeMRU
MRUListEx
0100000000000000FFFFFFFF
2992
Steam登陆授权.exe
write
HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\Bags\100\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}
Mode
4
2992
Steam登陆授权.exe
write
HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\Bags\100\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}
LogicalViewMode
1
2992
Steam登陆授权.exe
write
HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\Bags\100\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}
FFlags
1092616257
2992
Steam登陆授权.exe
write
HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\Bags\100\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}
IconSize
16
2992
Steam登陆授权.exe
write
HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\Bags\100\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}
ColInfo
00000000000000000000000000000000FDDFDFFD100000000000000000000000040000001800000030F125B7EF471A10A5F102608C9EEBAC0A0000001001000030F125B7EF471A10A5F102608C9EEBAC0E0000007800000030F125B7EF471A10A5F102608C9EEBAC040000007800000030F125B7EF471A10A5F102608C9EEBAC0C00000050000000
2992
Steam登陆授权.exe
write
HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\Bags\100\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}
Sort
000000000000000000000000000000000100000030F125B7EF471A10A5F102608C9EEBAC0A00000001000000
2992
Steam登陆授权.exe
write
HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\Bags\100\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}
GroupView
0
2992
Steam登陆授权.exe
write
HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\Bags\100\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}
GroupByKey:FMTID
{00000000-0000-0000-0000-000000000000}
2992
Steam登陆授权.exe
write
HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\Bags\100\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}
GroupByKey:PID
0
2992
Steam登陆授权.exe
write
HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\Bags\100\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}
GroupByDirection
1
2992
Steam登陆授权.exe
write
HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\Bags\100\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}
FFlags
1
2992
Steam登陆授权.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CIDOpen\Modules\GlobalSettings\ProperTreeModuleInner
ProperTreeModuleInner
9C000000980000003153505305D5CDD59C2E1B10939708002B2CF9AE3B0000002A000000004E0061007600500061006E0065005F004300460044005F0046006900720073007400520075006E0000000B000000000000004100000030000000004E0061007600500061006E0065005F00530068006F0077004C00690062007200610072007900500061006E00650000000B000000FFFF00000000000000000000
2992
Steam登陆授权.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Modules\NavPane
ExpandedState
06000000160014001F8080A63C324DC29940B94D446DD2D7249E0000010000004D0000002D00000031535053357EC777E31B5043A48C7563D727776D1100000002000000000B000000FFFF0000000000001C00000031535053A66A63283D95D211B5D600C04FD918D00000000000000000160014001F4225481E03947BC34DB131E946B44C8DD50000010000004D0000002D00000031535053357EC777E31B5043A48C7563D727776D1100000002000000000B000000FFFF0000000000001C00000031535053A66A63283D95D211B5D600C04FD918D00000000000000000160014001F43983FFBB4EAC18D42A78AD1F5659CBA930000010000004D0000002D00000031535053357EC777E31B5043A48C7563D727776D1100000002000000000B000000FFFF0000000000001C00000031535053A66A63283D95D211B5D600C04FD918D0000000000000000002000000010000004D0000002D00000031535053357EC777E31B5043A48C7563D727776D1100000002000000000B000000FFFF0000000000001C00000031535053A66A63283D95D211B5D600C04FD918D00000000000000000160014001F580D1A2CF021BE504388B07367FC96EF3C0000010000004D0000002D00000031535053357EC777E31B5043A48C7563D727776D1100000002000000000B00000000000000000000001C00000031535053A66A63283D95D211B5D600C04FD918D00000000000000000160014001F50E04FD020EA3A6910A2D808002B30309D0000010000004D0000002D00000031535053357EC777E31B5043A48C7563D727776D1100000002000000000B000000FFFF0000000000001C00000031535053A66A63283D95D211B5D600C04FD918D00000000000000000
3552
firefox.exe
write
HKEY_CURRENT_USER\Software\Mozilla\Firefox\Launcher
C:\Program Files\Mozilla Firefox\firefox.exe|Browser
0000000000000000
3552
firefox.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings
ProxyEnable
0
3552
firefox.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
SavedLegacySettings
4600000077000000010000000000000000000000000000000000000000000000C0E333BBEAB1D301000000000000000000000000020000001700000000000000FE800000000000007D6CB050D9C573F70B000000000000006D00330032005C004D00530049004D004700330032002E0064006C000100000004AA400014AA4000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000C0A8016400000000000000000000000000000000000000000800000000000000805D3F00983740000008000002000000000000600000002060040000B8A94000020000008802000060040000B8A9400004000000F8010000B284000088B64000B84B400043003A000000000000000000000000000000000000000000

Files activity

Executable files
0
Suspicious files
104
Text files
88
Unknown types
59

Dropped files

PID
Process
Filename
Type
3552
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite-shm
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-phish-proto.pset
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\2918063365piupsah.sqlite-shm
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite-wal
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1451318868ntouromlalnodry--epcr.sqlite-shm
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3561288849sdhlie.sqlite-shm
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\F00751F8D37A54E559634070C50D91428097261E
binary
MD5: 66e5b8cee1f3251f05472ee061cad78b
SHA256: d68373606cd79e555598a068c54d19e21b7d768e0d272c715a01707fbe1ea324
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\DD0189BB9C0E367EB7969848F3BD3C14AFEB9120
binary
MD5: 16b25f23b942800970d8ab01d2dd9f25
SHA256: 844e88a170fb14b138cd2bf7ab7b2b0dc579ad77b29215be9ee51acf4494409f
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\18B5AEEB3063FE85E2B90625837848BB699EE75F
compressed
MD5: 75312f27bfd9cda7baf66b28648325e8
SHA256: 03630e45abd13dd163c27946e63b7500bde60f8c013f39eb6ade0b6010a8d208
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\2C4C76460BD8F592899A2627115EB851FAD1B3C0
html
MD5: ddb00cb12aa58eebc47b2d4360571267
SHA256: ae03808345bca2d3df900aa69a5ddcbe74192d40dc7cbd5329ffdb1fbfdc6529
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\421F14BCC6ADEFDA42F0B449AC4DE614918D4CD6
html
MD5: dc9c8c15c14aef8ee54a267c9b553039
SHA256: f40a764c128c857a433da12196ef4735fa5ea021e3357c4e0ab899318c944739
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache-child.bin
binary
MD5: 83c9292a1f60970857d086dd329eabf4
SHA256: aa5f8a58c9fc5a8f5b117fba3e654e6572482731865cb663fc2c7b926482ec49
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache-child-new.bin
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache.bin
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache-new.bin
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\urlCache.bin
binary
MD5: 06bf7bc2ab42c44b54ac6a2f77c58200
SHA256: 8b665a7ffd6f385ed733732c1abe6eb8171d4f63390ca7bd71e9d3d055ce53d0
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\urlCache-new.bin
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\default\moz-extension+++a35bff6e-5489-4e10-95ce-0340b402ad38^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
sqlite
MD5: 780c5a2b706b1382e66ac8e4caed3c4b
SHA256: 36989ad309a1d66db6ae79cde21dcfa1dc736e4ae5be7e707a483814fc7658f2
3552
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\default\moz-extension+++a35bff6e-5489-4e10-95ce-0340b402ad38^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite-wal
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\default\moz-extension+++a35bff6e-5489-4e10-95ce-0340b402ad38^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite-shm
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite-shm
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: bdc01cb3f900a4e66f8f6aca595e2321
SHA256: 3187f7af65a1803cdaf9e96647c72319e073acbad4fabaed57a987938c1d728b
3552
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs-1.js
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-backup
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozstd-trackwhite-digest256.pset
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozstd-trackwhite-digest256.sbstore
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozstd-trackwhite-digest256-1.sbstore
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\base-track-digest256.pset
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\base-track-digest256.sbstore
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\base-track-digest256-1.sbstore
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-unwanted-simple.sbstore
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-unwanted-simple.pset
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-trackwhite-simple.sbstore
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-trackwhite-simple.pset
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-track-simple.sbstore
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-track-simple.pset
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-phish-simple.sbstore
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-phish-simple.pset
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-malware-simple.sbstore
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-malware-simple.pset
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-harmful-simple.sbstore
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-harmful-simple.pset
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-block-simple.sbstore
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-block-simple.pset
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozplugin-block-digest256.sbstore
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozplugin-block-digest256.pset
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.vlpset
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.metadata
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-phish-proto.vlpset
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-phish-proto.metadata
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto.vlpset
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto.metadata
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-downloadwhite-proto.pset
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-downloadwhite-proto.metadata
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto.vlpset
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto.metadata
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashsubdoc-digest256.sbstore
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashsubdoc-digest256.pset
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashallow-digest256.sbstore
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashallow-digest256.pset
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flash-digest256.sbstore
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flash-digest256.pset
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flashsubdoc-digest256.sbstore
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flashsubdoc-digest256.pset
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flash-digest256.sbstore
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flash-digest256.pset
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\allow-flashallow-digest256.sbstore
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\allow-flashallow-digest256.pset
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\thumbnails\7196b5e475f4480a60bfce2d43a73fb4.png
image
MD5: de3665aa3e9db68c3c6441e43c87d9ea
SHA256: ed5b5a73e99dd55c68b26b6a8dfd9e3b1092e78f51aaf00192bef0b0a6d1a3fb
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\thumbnails\6db16373ff33bfc03409f1cbf059e1e6.png
image
MD5: de3665aa3e9db68c3c6441e43c87d9ea
SHA256: ed5b5a73e99dd55c68b26b6a8dfd9e3b1092e78f51aaf00192bef0b0a6d1a3fb
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\thumbnails\6db16373ff33bfc03409f1cbf059e1e6.png.tmp
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 215ae21710943205896ff6c51994e500
SHA256: cea38296abb32ed4ae36bc8dee4310b92e37a72a0362c5454e3f2fb63c639175
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\BA003660021F583BB1A9673EA4E4334B13DA6035
der
MD5: 5adb33681aa3c232adfdf1a52ce22f55
SHA256: c18652c7f6960ed295183982a85f6cb3af3308004dbe60cfff51cc61b5705662
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\263C64850724C151EA9190177A1837516A5DAD81
image
MD5: 1b68ab974c499396c13b335f003ac56a
SHA256: 1d97cd089f1c763cdc64d6c654a5779291f6a424197b3e227226c1f2f6560a26
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\37BEC4ED59E3DDD754DC0358ECA11CF830E6B4DA
image
MD5: b5bb9e7408a644323921d7599ab9e787
SHA256: 1f545d87e3804596258f45a480b9a931fd3f8a20b5110d5d9c31281d6499d541
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\F0C027AFF7E696F3AFF1E9D24188284EE309C565
image
MD5: 93ec1112cc0383c5928a7aa22032e356
SHA256: c0a44e972ccb76ba0817198b89a319f9c6c3b3f7da5cc075795626dc682ad9d5
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\960D65A4030C05FFD74DBD613E1844D016D6CE01
image
MD5: 18fb9592c9831c9aefdd77e8fd7011f7
SHA256: d8ffee0d8c1dafbb2dc11c7b7e521ed6629af4802feb297eb6e17fbe2266e905
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\C1FEF2B4DA058053DB8FF89ADA14F17F596D3368
image
MD5: bb1642634e294c150fe11fc7aa511f21
SHA256: 71092f4d98a9e92eae3c5718ed0f36c7c9f85c9a5445d96a628b4b22bab45a00
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\48876AC82AE9E00D92BDA3151A2A785D08EE2C2A
image
MD5: db7bec2da331b20dc67fbbaf2fbc8c47
SHA256: 23fd8781eff7a42379d6440f480a8d6e4d8e2d24e67793d178f077123a688aeb
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\64343DE44473255998FE018D7D8FF0221A35B182
image
MD5: 3e4654ee5b21124403a2b4bfd9f59404
SHA256: 9d2cf70968b9035fc6ff5705fdbccbd504f965349f222e7014beccd7643f6450
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\1790FE5B8EF4B43D379656C7ECA7EAB2118419C3
image
MD5: 16fd18a5762350acfff73ebf7f5410f0
SHA256: 87c49a25c16b9d3e7c24dcd3fae911a43b9542595c53a058a546eab7c9c2ed84
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\CE4A0FAEB7BD9DCE03EB34420C42AA2421510660
image
MD5: 287d494149f3b36e237428c9c6537f69
SHA256: ababbe7410656a8b182c461823178b6689252d98f16506888c216cc67d7e9195
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\050654DA490055C038CF5438162DBB4C7331AB9C
image
MD5: cda7dd6d742d01e15b740f3121f104fc
SHA256: 2b36f127436814bd7a6d6e8c156c676d987061c8b2ad4aa70a10938b5a4309b7
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\269E18A55D26774D94FD8D6495A18782CDCC8758
image
MD5: 8ce1be3898d496e733b985ba47f0766c
SHA256: f07586ea328f73d74e2aae44d1aaeb46c7aba547e20828f05bacdc82c82a7932
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\F2A4EB1B795658C43873A649209B2795F6A45CFF
image
MD5: 61f042eb8387bf940d413ac3b3530e7f
SHA256: 66fb8531d08d7452030340ae4771d36ba4403c254b8fed2b2ad60d8cba90828b
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\4F820C688AA8EB66328A51141F93BC3B1FAEC4E7
image
MD5: 8a7d8d061397d0e015d810a3d1b033cd
SHA256: 3c777e526c6fe95cdf4dc36ca01ac239bf98a9f5757614b9453324ccfa1ebd30
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\3DC61B39E9BA71667B49D2CC2FD9694C1021B9A5
image
MD5: cb2436882a2cb19ada4040399860dc86
SHA256: 47992453434e435cc12b4834d609e360b5906121ae2c06f601b636c799bd09f4
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\B236D06C28465F68C6A763789DC4377E74641C3E
image
MD5: f82b6cac1bd41d37b0d62cabb5223302
SHA256: 786854c24130c3151d1f6e679e88d9791bd4245f3348c5b030330a608badc6ca
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\60ED4F4962C0EFBA290FCE28D03C603D562CC022
image
MD5: 26bc36a764c4358401bc2d5df079ab92
SHA256: d465b3f8576946bbc60d6857c7fee3a84570c92d3f432e316a543b33072d78aa
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\865E3A0912B33A0FFAC4C62C6357E1007483160E
image
MD5: 3c731f2034e9ca2660baf3611ca60403
SHA256: f15d571c9dcca0ac454f0a203fdda8027f8224a9c0d7c021892b53888ad382d7
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\7045AE1D200E1B6C8E3F62D545D38D48E32E4F66
image
MD5: 17272ddd00a8341783f74cd31e92e2da
SHA256: 100c0a98ecf07ecc0a5f49fc1f4d42706e75ed5108e6fa9c98d656e089173203
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\086CFE2AF193DD4F50F824B30E2A17CDEEB3425A
image
MD5: 81dbd951aecf8d92190b4eea91a000f2
SHA256: 07e5f3e11d6163e40f6d36d64317d6072e8695d7600587e16521ececf3ba7dec
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\E9F85F6ECB0DB46289B3E449ABBF486B9823EA6B
image
MD5: ac94004417c667129f53bf8052744bdc
SHA256: b5c7267b71114613156367ca9a328408a315f0391bc11d20829790ada96efbf7
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\CAC9B1520487EF5DBE4D98118FC57259D93BB9AA
image
MD5: 8515a2e8debdae62afca0f3748552d8a
SHA256: d873616500c107b98a62aef02c59d9479043ed07359bdc26971d56bf87d5d449
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\93826BA35B0529A799CEAD1A2B829E657733FAD2
image
MD5: 365e6ed26a79bfca39c1cc5b6647a208
SHA256: 2470241dad8b5698eb2f117a255e2f217679581ca4e53abb5a60ac5f78bae45a
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\70F5CA7D5D8CCE26855FC04A52F88270534F75A2
image
MD5: 711a6278b69ea1a0cfd6c60f6858ee16
SHA256: ce5f97bb307aac7b07af5799a4e81a91cdda2d592363db5ee84f785bf3c2b0b7
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\2D3A92CC356253DF4475DA132BE817C95C4044AD
image
MD5: 4563e318423adea98940708a3307fe4f
SHA256: 546e1186cddcb4568de6d00b497faabe5978f8f407faf8c7a58c576ca1719d45
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\AB89F1807AA415B7F58BEC9CCA7978E4485F16D2
image
MD5: 1ece9b5278e15eae55d090f71db3b3dd
SHA256: ae80cf2b3ce78e83d630c381754fc067d1a75f6e5707a2c9cc4b79a863e85ff7
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\E1E99C4A9002CF90F03E89F390B08377CBA0C763
image
MD5: 9a5c17d1e1c040db92d9de45a90e0c6c
SHA256: ca475c772a743b1e13c4ff3bdaf2d207f1e7584091ac3e7a531eec9d5bb43d93
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\D4F9D5A72DE66A99A51A83B852BFFE575CA16A31
image
MD5: 150a82241017179bb44ff6a998f5dadb
SHA256: 9afc58b8f155b8442b5cf202d6ff9bb8768769c4670553383a39c12b09c322f3
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\623A032ECB1FF9F2DDACFD8D6E3E7ADB893DB5A0
image
MD5: 325818ffe70edb0f192e759fdb1e0545
SHA256: f1396d406a97fc735e141c902e09dc59d35f3d48b588bfb67d1c49a0768262a5
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\CD469FF96BF4439B9AF36791E610574EC1E2F060
image
MD5: 790fd92867868ade2972380aeafa4c2d
SHA256: 27b29b15c2a5ee2662f2be209e1b266fc947c148984324aaf4c56ee6f6fddb87
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\84A5D59F6C07E28471087E2A97E3B048C0FECC00
image
MD5: 6d6057f14ecc63862765609eabf29b17
SHA256: 5953eb582e9ec05ca8ce90c64c59cab599e31ab7de34cdbccf71eb4a9621acaf
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\FA7F477DFF8742BBE22C3887A432DB23FF18F0B5
image
MD5: 860464346aba013406d63e2fcf765ad4
SHA256: 4595248179e6c370a21593701c9fcbbfb71669d63705723697f6875b53e56a86
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\A40E2B7E40EC9AF17D8F49DA7F754C5F806A8EA6
image
MD5: 4a4de027da709a8a213b1c7ba7383609
SHA256: 932531557e991ff7bba642419d1eb86dd95c3864185fddf77c6d623cbc422b86
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\58BC2CE4CC4999BCC7B2AA4563B8656482D8A289
image
MD5: 3c8c535cd0cfc67b3a7a55ef15656752
SHA256: 70072523425bb4459692741fe6c41d996d715cc7680e77a19667d3ef8494dce0
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\7E5D2ACDBEAFED89846D838D563F2C973FBD4597
image
MD5: 8a9692c2a4651ef2cc082e97784c747e
SHA256: f440b2afc69f932d25830e134ecc0881ccccb6530530fcce4778d0ecea75052a
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\1BBB69F39338836BF0F81EFCB3EB889F41101436
image
MD5: 152c5cd49d37a650308d9c9f89a18826
SHA256: 373a555b6ce788e2f71cd68f3ee7b47d4c587084d58b3bb9cd50c92a39f69062
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\3BF91FBD9E3E5E16A58EC0AB9B53BFBB8F1336BF
image
MD5: 3c620c01bc185b2d29c8f9d8b86f2cc5
SHA256: 24ed47748c9866a84bda5b18ec894e444eea38ab27c270a7cb483eb548867430
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\74E696AFFA07D48803B278A61BC8AD18FFD49779
image
MD5: eaaf3467bc51407c7abead730e779b33
SHA256: 1002773c44b84d3c41d3480103dc9f34f87e9a523f886c2ee09a5f584ea563f6
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\1A602ABE1C8C0040DA2BC2989159FF77C4B93F57
image
MD5: ab585509fb519633baeb0570f55e0370
SHA256: 737d78aa1bd505bcb4288b0add4ffb40f3303753bd0cf5edccedb8d48e2bc09e
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\9F7E60F823E17C99C906CDF62C99DD5741A540AC
image
MD5: e55cbc1219c8964b77c6136672667721
SHA256: 5fa631bdb25a200c2cc45c4dd1e5f3de53ac666df2a71c45138726a9e0fd7bfc
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\411FDA72113C97B5CCA91AC34D1A9ED67FADC1F8
image
MD5: e11aa78adee113f722214fd98ced1170
SHA256: 65ac20efbdacac51b887b26a1de1158f3231804eac756d8d059b0c8cef358e1a
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\9CBF3AE72B362D0DF39F8F043AD9CA74B0C5B842
image
MD5: 2e4264a50d886d5133821d035cd7cc29
SHA256: 275f7c5867921db5c54d8f16e101a48c1634c98dc91188437e7b6bce8da36edf
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\C0781AA53F7845D54F31974722B3A2664A879127
image
MD5: 78ce8b61bfb14d834117ad48997e403e
SHA256: 52e670c7247e7a9510774f7c5e52dcc552503f4e621d2f2f0f16e70c4412e3e5
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\92B77CB37D7B0D6CA39D28CBD88FC2A33EB2D679
image
MD5: 40978c17f4304e35c78fabec6f5140e7
SHA256: f22ef3bb0c21f6b5d321c282d60da5a6fbf76912a6e84e2b52e7986507565676
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\FCAE8AE8136E5CE5D0481D2142FD1765A0C7A259
compressed
MD5: 526ef4955c1b6fa6cd93bc6d95f1da69
SHA256: 30198aaba87a983753e27428699cec7f72e107f21fca0d3f229d4bfb5c2ae7a9
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\25B1C17CBFF4C2DC1FC947E0A3CAEDF0BD593B27
compressed
MD5: 8698485f63255f8898209836ec6348d7
SHA256: d4dc45c8e8d3e0c367c000ea8b3576238167b03921be439b19003420fb9a5f5b
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\06AA64631D014983619DBECE23FE3448353BB83A
compressed
MD5: 5fd615aa4973c440bc30c1b32ae7bc21
SHA256: 67c82dbbbdd122b52f84395c5b033009b6da7789c29d1165c84262caa65b1bd4
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\7CDC27964F7D64CFF428FFD8B3304EEA48B14DF2
compressed
MD5: 96eb347e76f844b66033ada01786cf73
SHA256: fe0b09b052aaaf24acfc4d7801617b478b17a7ffd6a8229a8afa811cae30ca00
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\4DBE33EC73593AAC7AA0C27026670EB4EBFFCF9E
compressed
MD5: 7d330a60eead7b08519d5c6fa59a4760
SHA256: 5497ebeb4f51cc0ca6a1bd7c3bd05047787f3ea3130438f7f3a7397572a87fe9
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\39F88C4F49BC50EB761AA9E148BC5B388A625C89
compressed
MD5: a743d5340133b4464786c217f6b18b3e
SHA256: c0be93797c5b2ec925741ac4c36aee05efde91bddf7587f94f543ff54403376c
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\2D6D814B3B054067187D71918E60FA3D9AA1E536
compressed
MD5: 77122bb9f760c35162eda9b78a441f18
SHA256: 270a1b3853028fcdf74830a02853b37911bcf1b25ee87c0c824dd22312d9faa4
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\9DE569570104631C2A4375473FD89A60D978C82E
compressed
MD5: dffb791179eecc609d045e02007d0478
SHA256: 55edf85a62489e2410bfa3325df3b8f73d49ec8892149391b6141db4501c26ef
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\840F60E062FC86CEFCCC232429E6A841EF924047
compressed
MD5: 40de7bfbf983f786d2e64a3f35c8397f
SHA256: 6d5363a82d48ee25c44bcf3f74941006d6553ba9ab76160570ef4eeea3803fce
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\A77DBFB5A2BDB5F3C9C98AD65B9A2CD4983679F4
compressed
MD5: a36375e33a5f1a643b5c31cdc18ab165
SHA256: 568e4d286c2708cf337e17e73fe1a8f2af0d648b51813bec556c7d12ccddd407
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\ADD531DA954B5D30C2229F524FA708779ECE8209
compressed
MD5: 388f50ff23ff9bec954a7f075484bbf4
SHA256: 74816ba1e66e69660eabc7e494fab08b44c3eb0ffa4ebe1331e278844b3be2b5
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\5532D6D5E23B55BAF6C776BE90F12E4FAF8B8AD2
compressed
MD5: 3506f1f696f64550a9a09915c2832e15
SHA256: 39a5fd2236cea22a9837d98bdf8783a48be48cd85bdeeac0f2ed2ba0c44c5f9f
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\C4B2119AB131F2EFE5F991C70063C7151E5E0F25
compressed
MD5: 453d5b56ca888e468443f422fcff251d
SHA256: a2cb5e7fc270c2d2d7876010cffec557de1046d5971a276efd5e62d4006f9c36
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\2BBBA8DFFDD9DC568172E6A476B1AF107A43AD6D
compressed
MD5: bbf69a4c5e886522a1c0ced57693f3fd
SHA256: 6272b7d1cc9d58ce65c7989eb5918939bb06fa7184cd8c2f6cb012ca80f6e7af
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\6FCF655065336475B83228C2D953459C360A079D
compressed
MD5: 5ba8cd6470c69b14176db103919e2d45
SHA256: c517ec35212f6fc180da6eec9864af5243095e5dec6e6c66ed4c6c44c118492a
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\3AE8243E4202980A3106A2A78D2EA4A03BE3182D
compressed
MD5: 8f6a5605e54eb0ddc826e3a496876af1
SHA256: fe31d46e5e846f53d09d702ae766bebe2dc947672477b86f6299d524edb019bb
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\0B1E9076D9878FA3ACB194709B6D2794497E4B3A
compressed
MD5: ce5fc525f5c1df74fd77a395f1f9c74f
SHA256: 381ac6f72deb97625cdd21144d335e9037c5da51d72d994f518069afd3468626
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\37F399F0B4E07CC777851FA7CC77E65898AD7451
3g2
MD5: 8115832b1f9bad00af4ae47770d150fe
SHA256: dc4e5c591a0c11cbd93b4f2b77e71c1d50802acc7111233e33e14111ba3c7062
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\808637140059468E39813624867A9AEFA1AFF62B
3g2
MD5: 4acf5d8cd8afe842df63b9482cefc85a
SHA256: 6fcd76ee6981caa2db537fe331a92b24e1101030f644426b616ad774d0ffb896
3552
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 0c0fb351f98fd2f80f5f3fd10d34a5ee
SHA256: 6c1ab486411bfe1eeb3348b36097e89d7ebe3b62c42658c9673c8bc67b4e4baa
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\DD979788B0836761E3F62E5C8F8367397127F17D
image
MD5: cb31b265ffabe790216d8b32370fdf13
SHA256: 49cc0fff3ddf3c40f16177a5b6bd0535a15b31858fbc15835749362d31f69be8
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\81E439DC1E45EEB6ADE795C93D888398546EE5AB
der
MD5: baf5909975141b05e6e0cf7ef099c686
SHA256: c5c72e1adaa319b20d09d55f652b00dbc5a33972743dbfe80c2a2a617b87ac55
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\4F1DF98FF7ED99BA6BA9E2C561E96A3728AAC17E
image
MD5: ec4af477d469b1de86396f7d84bcab72
SHA256: e288e300b938eaf8cfb50f7191a7a97a5c39610e95c283335c00a9b56d3d6f40
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\2FD3F54C36F19425E3BB1A79D39803C289670F4A
binary
MD5: 345f9ea2cfb7717ae535a35e2264e5bb
SHA256: 83330857c53e9de05c23585b496b689f12dd99f62291040949857ab81dddac26
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\A9C7F22529AB30512FC8E27D04D33E54DD3EBEE3
der
MD5: ea755d70620202a5a4310a877533d9fb
SHA256: ef538e4aa1478e2c4edc2e54c6a0208b6724d9d51013c25187e8622c3cec9ce3
3552
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\default\moz-extension+++a35bff6e-5489-4e10-95ce-0340b402ad38^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
sqlite
MD5: 9836fe4c2c47fc11d9102294c78ac21c
SHA256: 3b74a4d20e7a01896421ed1d32bce01d452deb95d3f3b3cc1ff3bf5851420dd5
3552
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\default\moz-extension+++a35bff6e-5489-4e10-95ce-0340b402ad38^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite-wal
binary
MD5: 672767095dcb36deb9a9f902f0a088b9
SHA256: 44a57cb7ab1b83cda254b481bf623a51322f6b5daa5268d33a25ed2cf424b168
3552
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\default\moz-extension+++a35bff6e-5489-4e10-95ce-0340b402ad38^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite-shm
binary
MD5: 0fcd90c19f81f557a9a072188843a773
SHA256: 075cffcb54d5e879bc5e5d84172c49291c904d5aa11d4bbaed622cf488690c14
3552
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\default\moz-extension+++a35bff6e-5489-4e10-95ce-0340b402ad38^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite-journal
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\default\moz-extension+++a35bff6e-5489-4e10-95ce-0340b402ad38^userContextId=4294967295\.metadata-v2
binary
MD5: 9a63cf524d44d240dd4318dfd5024dfa
SHA256: c5f03f24a5904b100ed5f048cccbecee06c21170fed231f76728a3d2f6e2376d
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\421F14BCC6ADEFDA42F0B449AC4DE614918D4CD6
html
MD5: ccc7f6b2ea40e5d3f732c3146cd06ae6
SHA256: 82c5a1d4756edc15849b458cac7fc2226c2c5071632215bab3d4cd58c4d92768
3552
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\default\moz-extension+++a35bff6e-5489-4e10-95ce-0340b402ad38^userContextId=4294967295\.metadata-v2-tmp
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\default\moz-extension+++a35bff6e-5489-4e10-95ce-0340b402ad38^userContextId=4294967295\.metadata
binary
MD5: 4954f08f442221505cec0cb70bc3ce20
SHA256: 873b627ca80b3e34ecba0112379d320090434c7770c0da5fb6ecc7293836cecc
3552
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\default\moz-extension+++a35bff6e-5489-4e10-95ce-0340b402ad38^userContextId=4294967295\.metadata-tmp
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\2C4C76460BD8F592899A2627115EB851FAD1B3C0
html
MD5: 1491a6a2b979f78e9df6b9f1da706861
SHA256: 40dd58e147c8e8f92fa02024d6d13b4dd4c6f7f5d97e88b1eaf32fa40de8b52a
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\5CD9D04B7A037ECE0AF1FF208BFA80964C5ADD67
der
MD5: 8080aa4425288f0cc9696cc20d7321fb
SHA256: bdecf773349836ba2398971fb9584e1526985452a900c8135d4f9aaf11242b79
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\E98FEED75BE615A60DC2CF097EC3595FEF89B4F6
compressed
MD5: 6fc7d18ed181fe69c4730577e3e60d52
SHA256: 17bff64522db79370f4e4fd1a52475a040d43e447f7eaa54ffabc4dc8cf23008
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\881272C1D34564C8E6FACF25D9C75730D1F92066
compressed
MD5: d7b4452bec42c9dd77fe18e84678a37b
SHA256: b99732507db00a2510ff8dffff34303e6e19f765e81a8d70b2cc0673946b9dce
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\EEFD9931889ED790285A62E87DE3B3E65DEB4FF6
html
MD5: bf3b3423257523dd101dc21a7fe0c482
SHA256: e6242c4dd2fefa1b24082f249fa5232f8a0e9dba42befd7b45d09b1220f299d3
3552
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite
sqlite
MD5: a6c49188982a25c1871973dea1096fad
SHA256: 6e524368b246555727b2c9d7c27040d7873573683c57cc25f12b86b557182e5c
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\6B81F15F323AF27F06F2B4EBE6173D3475E3DEA5
compressed
MD5: a118f49fa6054880e3271b51dd0136c3
SHA256: d361c5d429be93805d4bc76df3645bf155860fe68a3a915125b71332d686dc34
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\324421F15C3073D6F56630B2B32F4FA5A9DE8B96
compressed
MD5: 5de5d0d99cf97453d297e298359092e8
SHA256: b7b837a932a3448294a2e7dc2c80621a4a86200741c57876bc3dde0b30e1ea70
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\8E1D1CD075EE0733B852F6DA83697B73DE1F03B0
html
MD5: 60d7604b0bf24f4bab3d76f7092293dc
SHA256: e5164321a76e5ce937c9aa15f097a20e402cf3dbd2ee36c2d22842e450c757e0
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\B2F69D4B04F02B296BD9721C70A6BF49CF2B841F
compressed
MD5: 12c83bc0b660249ad9024522920d8a34
SHA256: 50cd9b9b1de87995b5debbda990b76d4c9e4553712a984e7dc346bcb7d3ac3a6
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashsubdoc-digest256.sbstore
binary
MD5: ba0009932844173bc8f9af264229df24
SHA256: 66d1c00c04d86e313e9a02775cdf906b1be8d4cd6bef423a1b9e21cc4e9f50c1
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashsubdoc-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashallow-digest256.sbstore
binary
MD5: 6f85bc4b2ecb49e26b0bd83a821065d0
SHA256: c0b3bc9b3dc507ab654caf72d13c3aefa58c9b13b1e4d14dd8816712d80a7e54
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashallow-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flash-digest256.sbstore
binary
MD5: c921d8e98fa01b4f303481e112202e92
SHA256: 4ef1038730ec8bc7206713c29a936768831b922c5e6c83355fd62d7401d8c1dc
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flash-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flashsubdoc-digest256.sbstore
binary
MD5: 04824a1f92353f43ebb9e7f74b7476fd
SHA256: b48e58ebab82e4c376f16150a3fff850c1111ff1f5985d68819cfd6f0db159d2
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flashsubdoc-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flash-digest256.sbstore
binary
MD5: 0e8fe60ccd7e9b4c32589a5743a95302
SHA256: 2b124d4026850a3cffd28dbacb58aec28f7dcd4d40bc14e52bbe96d60ce4e749
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flash-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\base-track-digest256.sbstore
binary
MD5: 23e438fd4af1829d4469ff8d0bc83854
SHA256: 96e0d7644aea81d26f039ae633eb405583e11b020363090dac5cad9b4b188846
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\A7F4033DEE4708F16CFD9387A948C975D78B16C3
binary
MD5: 09d987ec73d462c74e3d884e73555d3f
SHA256: 11a3f16a8b1021e974bdc3994cd22ae6f8cb190e7070b4bcc4e26bca6070b570
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\8F24F87DECE4102032865888FEEEFAA4D577ED4F
image
MD5: d28b83a636d56a79a574b3af45404999
SHA256: 63453425bdec4218045d6f8f0fa952ff95792d76cefde4db72dfffefbc31c686
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\DD0189BB9C0E367EB7969848F3BD3C14AFEB9120
pgc
MD5: d775c4ea8a2b31814905990bde2c0470
SHA256: 9eb1bf2e47c861d34edd97a9c0065247eb708de259e843599aca97486a88f2ce
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\E2A5FC8C3A403DFB39F6ED8A63342204FCB109CF
binary
MD5: 8bf8734bbaabe70c96d4c462ce085473
SHA256: 28ca14e1d416b45042f2737fa73509df44addbef1e64e5485db45b0c59b33044
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\4067DAF0AE5B033E92B6F2B562349F78FAC48EBD
binary
MD5: ab2340d33a97927b9a8ba23bf8c76194
SHA256: 772e1fec77914067ac4406dda46f9c291b7150783bd4e0ee9160ead2683cba50
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\F42A08FBB43A4F3EA14082D77C6D535E4173208A
binary
MD5: 8dff728746ccd0bcfca456fe5a749657
SHA256: 1cacbaba48f8765205a60e639ce98e141aed2e91146d46c14b2ebbc3f7ddd824
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\C0F10CF19628CA7C40CD4F046DFDBE1C939E89A8
binary
MD5: f56abb1aa9b0555809df049ac228857b
SHA256: bc4cac80fc57623472bcc0054ea0bd4fd7693fbb0fddc44149eb7d8b919e7763
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\18B5AEEB3063FE85E2B90625837848BB699EE75F
compressed
MD5: a1e640a5244fe9fd8175552f71764740
SHA256: ee0e0da0871ae2c57a9618d5f4f44c9571991ce711e51a7297eb7bee605e3d79
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\5E4954707B44E5A4B4ACF5F22B52219A1DCA477F
compressed
MD5: b7a423d7631093a677c51c888dada61c
SHA256: eea3d1f6c4dc2a4acc45d4c7bd6ae182e36d245d8161e0f108ff35d27408d10c
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\6007966864097DBE6A084076EE852BAD04E9CC7C
compressed
MD5: 6778b8895dc6e681adc6bf3359a63c70
SHA256: 58c06cc9bffb3a61c0e963219c49e8c6c0e10d2b35800d0be993693c7ef52740
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\8CB005C44951B0E3864AFDF6C985066E1519AECB
image
MD5: 2104adf7b85555f43230fabcd6c417c2
SHA256: f7e576718bde0d9d775f62e522676bd4439fce41787ff853196a46516f3a7194
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\47301FD3770C1BE450FFAAD4D7AB3727B2168851
image
MD5: 753065ac15e24b3f97fa6f65625e17fc
SHA256: e976cdaf9217b5928288b95454efeef0c7e2f4d75baa4f8e6a69fe8bf0a6c090
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\D19AB654889B6324D8AF996E3432FE4897B919BB
image
MD5: 090afeb25cdfa76be34bc66f808574a4
SHA256: 4189eebda73ebce59925854efb47f9f10f4bf3b059f858e53100a37cc1661b0c
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\2B9744AEC60CFA3449A02CBAFCE9743591364D03
image
MD5: 6f098b1fec467ff285822fb6449a7e28
SHA256: 73801f5ad5ba8a7de7f15f16c8fc57e848548e4f6698bcb2c5c2801d17ac9d62
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\A710B17548E88FC5865863B0C281E3D6AFF3ED3D
binary
MD5: 0362a60efed8e25392cf91e049a7ec89
SHA256: 2377d0b771bb48d7a0f9ebaaa5975afae9117f2ed5fbad7dccd107fa917c566c
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\FE716553150CD550E2221BD8C56B55666FE475F3
image
MD5: 01b99f1a0801ac857a0225acef67b55c
SHA256: 78a2dde45eac8bac08d92aa5ec46a40242413c301fc5ca008822850d7cc9246f
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\62A02C419440C7F45E29FE94356D17BCB473A706
image
MD5: ecfe4fa0421e77638525bb2855e08817
SHA256: 0cc952e52dd1c5d9653d17a8d1ccd484d791fff430b03760918b19bec6ecd707
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\C1EF4B61A875C1A83DE34EA19A71E9741B5D332B
image
MD5: 395303ef4d08466b3ea7479c1e25d115
SHA256: 1c9ec12d09740b1c2a081cd871ed2a83ebf40666e1657c301a1aff97545cb9fb
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\B77FB155F30C94C8AE9DF54C5B74C13DED88640A
image
MD5: 38890688c31803e6771e08e8295103e7
SHA256: 42026b6bc423fb961c7affa42c12aeeb4e16c5390ecc30cac8741cab39352a22
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\D09E728BC9379BCF1B97D056B9BD9BF604D6245A
image
MD5: 65d044274faf481d70b368bdad5f283b
SHA256: 8b1ecdd360f09f8e6d357f9b639adaa10fd6ff0777acbb1c45a53fee9de0eee6
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\21D876D98508E62B57AD0FE0CAED1E0F504A957C
image
MD5: b64f3f4bb690c07985fabaafd356967f
SHA256: 1ffcf779c499238eefbc3dc3604c4864916c8c98295684f5ed1cb8b5c9707b33
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\5810FEE624BF64F5341761B3E46A3CC0B62FB8EE
image
MD5: 3719f7963ea05d5a540bafcc8ce77b3b
SHA256: 0a75df3d2ec0bee5408bf564cbd04ad498b0dc8ce89e0d7335b731b9c5735ced
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\DA38F98B61BCDDB70ABFD1EDD11554691663483A
image
MD5: 49295bdc1ce992087561e8b7c4db2117
SHA256: fe2112141ff24871160dbc69c229aa6a60317c87e5c51185f164122114373294
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\2D5A806F09D0C5D9EE575658CAE42B8CD2A508D6
image
MD5: e8064f95817cbe7ea5dc837319d7c98b
SHA256: 20530a5cd130529f86483e9814fa536f68ff614b6ad6b5e68c5b23b5efda85e0
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\BFC279FD70CEFF8C7C8CC4D5DBD0177AA26D4417
image
MD5: f519195b1cf981c8a5e45fe98678e751
SHA256: 420082a064850a2afaff33ce66cfee1c9a0d20d2e763d31d4722d25e5659914f
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\18F2780DA9751940C52CBF1A0ED09684E29F0E02
image
MD5: 0c78781a000a33471976066213285a59
SHA256: b4cdb594e4379e352dba22b44ccd8a425830e9849b6b6fcd7ce3b65898512904
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\6358CE9B292BFDE27AA461457C558C29788EEE75
image
MD5: b380e9c156bc8413fc41df59b400f93d
SHA256: 55162827ed87029ffae24a5ed66c990568a43161aed2fbf5ef158cbb35ea8b8b
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\6024312A1EC1392FC47CE00994712AA8D49ECDF2
image
MD5: 3a6d65890a4e2d8a6e90c06b5b4d6872
SHA256: 10ba7956cff2993fe9e578f45941eca48d1e25f6273a7b598798ec3ac2629ee8
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\21A82A89ABA0E8E002C235C681E08536E6ACFEF7
image
MD5: 2e6fd0242cbb75d84c15fa248d4a4932
SHA256: 3aa21145c873b950ceadf5c09858409d1fbb9aa8202c55a52fb23e51728268a7
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\121D257658F87D8C15D9521857174DE83EBFE202
image
MD5: 9e010256cf348d6a0d060c62bc03588a
SHA256: c308504c18321b86a169e33c99a1e25d76d9f3001eabaa036d2e4b8195bc8d88
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\E841E9C8034A28ACD46BB4D80BA2E391CCE22722
image
MD5: 13717ffd49eb99089c7b2a88ebcc2367
SHA256: 1a0d52d2ac297845dc5bc636ec324c016e866bdbac3ad089093145c208970bd3
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\7E2524788200FE7F4C7EBB6B74D9FC65DB7BF434
image
MD5: fb154c393110f0be93b2c18d1c8eb640
SHA256: 67fba779f6fd7d0b7a147e4efe5c2d9238caac6d3446688d33c3760af5565f33
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\3A89550A0BE163101DDA7599D367199375D5CA17
image
MD5: 6ce69fa27b1d721884cf05e37522e126
SHA256: 18b425ff9a727dd77eb363d11da91635c1b37b1ea8c666071703a92e9c41b6d3
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\460D5EA43D659FFA03F89BFE6F4BAD9736A6739B
image
MD5: 2033e52a9a57181c8196e0a903a07b29
SHA256: 24dbe55a1b2fa00437700d91d011fec4db76e5114c19f0b33dac03e7cd402b17
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\E6A65BF3510CA0A1A616999EDA978EF354037EE6
image
MD5: b2e91efefa2cabb33cbf96a41a72e39b
SHA256: 226209ef7c56c2a9abe263c24ea6c433fd810af0aa4d4d7882b6b24c67bf1941
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\FAD591829CA2222D088482EBEC4CC0F8F905C70B
compressed
MD5: d9ee3688212930a2da849ee842d68049
SHA256: 51c74914b7d1b5ad972cba0cc038d41c55b37aebc6cd9f0857702373900a4932
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\CFDD9A5CA17D1D8E70D5965195E7116CB27C77C0
compressed
MD5: 2896399f828a0ee5c7e023280eb4561c
SHA256: 6acc4be18d379d0af6a4a323bf5c564f324f029cd04021bc05231344163f8786
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\2FC09089A8B8DFA38F629C04CF9A60A6DEE53583
image
MD5: 0cac0e6a8a45c34228b8f81ed4be206e
SHA256: 0fc4789edd89f9b4db4af8949f07faf4181c39c05799c91a041172b571a7f19e
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\316514BA591EF6EADD8D25FF25F151F22FA1044A
compressed
MD5: 014b4b73c1015beadf126861595c3638
SHA256: 107ac1bdd93457bf832a7b9c2c77f4c3a4aa2b7fe09b7406d95d274843806361
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\324421F15C3073D6F56630B2B32F4FA5A9DE8B96
compressed
MD5: 202a6bd03cf864c3e9cb537e7f79382e
SHA256: e172a8a2113ff29eee2100e19844e1660d9bfd541bfb2c39d6763f3ce9edddf5
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\95D6FFCBBB84ACF49153CBE925C3D0DAA0280AE2
image
MD5: 55338e16b567e77261a264cf6b3f8ab8
SHA256: 0af67b5f20e412f06925f3a7c596f4a748f0206257364c3c217b09c925f34f74
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\1BF4884147BF58A2E8943BABF6F778E173D68E48
image
MD5: 014950b96e39e580cf10119c3387547a
SHA256: 93d46d6d516d1aab232fe58068a563f159eca09f71be4800c5d16016658417ff
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\EC1A7DE998B214349F8D102199D61F0FBFCF542A
binary
MD5: 120f97dc280d61cad88c8ca4cb4d3c39
SHA256: 6998c6c58f6a5bf737b018da04f795cbdea848c712771ceeaa5889219e07d14a
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\63121A7F3FE73724CADEBDFC6B4C4A16442AC23A
der
MD5: f39384fea495a49b8a48bd463f4921e8
SHA256: 1c629026d1ae049511e030265fc07869e4dbe96c3015d2a00dad9ca15b7711e4
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\0023B5F87ADA0CB4575D209F7E774484B79910DE
der
MD5: 3290072c0015be6b4f87fb1b1852abaf
SHA256: 1496653c4b989a46ffb212a818f9b021a6ee68f8a09a6f9d6c7e670a43d6a644
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\047CA7DD2DF12362FA8E7A6915A7C6CF19E9CBD4
der
MD5: 95b68f608771ffea8bf75ba5f51dd0ab
SHA256: d5be66332cb649893647b31e756d6741ec540a8343613af71e4314e744d99fa0
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\21FFB0E04B2BAAFDA3945EDCBBA5BFC1F5111CA9
compressed
MD5: 432fef3ac60158f83e1316ec49ec78be
SHA256: b7b832406c0c0e657d6d6e8f9c526da8af039dde3a1380a7f7fc086c079f10c2
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\A3019D735A2AFA3028E598DDD62C3B3954CB8359
compressed
MD5: 0e44272a8ecbbe5da84e8713a9810e8e
SHA256: 2995265a87f2cc8ffd9823d849135ee07117b18eb4c06953fd16a80bebbdca99
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\73C4A6E9461660DBAFDE7A5B297DA7A9C405CA1F
compressed
MD5: c2d928f4d859e58149bae6b7d8046317
SHA256: 3057ec3904f938a7d47989f6560c6f1fb541a0f93051f8b6db752f617c8a2feb
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\2FB072CF1F01AF47AC0EB51708C466AACEDB95A1
compressed
MD5: 0abbb9f216b260c2495eedb9c6d0d8fc
SHA256: 5dfb976616c400e73d307a9563ab44f0b7db5d16db89bb654f7e79490ce331b2
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\347918E2A3FEF44EC0C774C271C3D8B8A9097C05
compressed
MD5: 3262c16a25f037a83f4b735eaecb842e
SHA256: 3a0b5fc48e0e70f22434cdded5401f439e3111c2c85d6561d22744d5ab414bbd
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\96B50574B5B9925420CB4C7988D187661267668E
compressed
MD5: e103fb173decca08f185491a48832306
SHA256: 87862725e1f1ba3d1a6c932ade2e7c10b6829084ae81b703aa1f8def9962e21e
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\03C0BB091E0AEAD0F7AF45004ECF3DF0D6C62C63
compressed
MD5: cef307e57a61c83d37fb71e3edb127da
SHA256: 2e82cef49fff735c6dbcb1dfcfb9140b804343d9474dce1dd98aa80a1d0fed3a
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\90FA1FBE55CF719A7152FC45D4765EB30F8B48E2
compressed
MD5: 26d26e471d914947c31e70ecc4462889
SHA256: 207fdc08d97753773cc85f4965dce8897a1e66c94ddf803d0f5f176bbd8d7718
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\D7F30161F26D5F4B0F3700273B782DC8EFD22E06
compressed
MD5: 69928ab9d5cb8e02f8af3c749f2f748d
SHA256: 1eaf4c72e74d070fddbe1a3f9601331db65dd9376ac75429a9a3df06a4998f0c
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\C34E6429F5AEF6AF81CA20ACDCBF10DC5A1DC55D
binary
MD5: cb546de71c5b3cb2785143e1803d5885
SHA256: 5eac26bf26bb8c61e6fdac7554e08919247fd8bdf30b2c6b92c37eb72e9f705b
3552
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\cert9.db
sqlite
MD5: ecca5c8b86451df9947786fe609d332f
SHA256: 26a57549ca9cefe40008a233874e6ae90598e77b97bab3848f83ca3e2a4ad239
3552
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\cert9.db-journal
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\2E70F099062239D547738791D0E65FC07CEF177F
compressed
MD5: c3b20a04bcf4c781e6d6c93e935cda2f
SHA256: cf89cb5745807b8e53e3d2b02e1f51801a2ba0cfc974dbd8c8d5360b62e72177
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\A6C7A0C1A1A0E30F4455AC619D77A6FA37FEDAAE
compressed
MD5: 2e720dd13fd3c2c08a102cfd88b41097
SHA256: 656422a2c2b40538bb940b47c30648c2fd72ac8b06960c18c232f5c40de0a77f
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\9DA96FC14A73AF7872D78FB6DF998C9B5D6B30C5
compressed
MD5: dba25f8c07d335fc8f67e65633aa807d
SHA256: 2680c55276f0d30eb7c88642a83aea17c9317363cac6ce841981f126b05df308
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\AF2429564C3512B997FA87909009C540E825873C
compressed
MD5: a0930fd817ddc109502d3876d35c6c1c
SHA256: a93730b97f8107daff72dc80fe271f5d671399a6bc7bd1848ecfda240c4a57e7
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\8A0B22F234BCB24836E3FEEA51C28DAFFBAD11FD
compressed
MD5: 094e1eaf7349693724585b8e05710708
SHA256: 8fb0a6e17e021702f0c1e92e9dd5295b04567887eff6017d091e9d0ec66f713b
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\C24FED1036506C93AC0A37C704C0C1E008D267B8
der
MD5: 9d4d484d3a30b75da9ee892b27bd4d59
SHA256: 49b53d786c4b24b717593b5d87234d42a02b36e9ecc3eeab6c0fcc9d8d55bef6
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\18B5AEEB3063FE85E2B90625837848BB699EE75F
compressed
MD5: cb6edbe1df311d4448e2377aa600493e
SHA256: 8e426278d9f4a31ab77fd1548e112b3b5f83febb31546e811c75f93ec95b9785
3552
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\cert9.db
sqlite
MD5: 1f6ba3bfda0609565c0df0a2bc398e9c
SHA256: 25195b5f68727292845f581919d42ad19d3304f1549d2f46c1d39c94c9480f5d
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\14D1976376CD19BF45073F440A111A94AF2E7BC9
der
MD5: 9be6e0691fdb92df9a691e498c528e56
SHA256: f18950f1ba8f9b3b1eef85878de0e8efe76c87eb785a549ec86f91aa8b181fde
3552
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\permissions.sqlite-journal
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.jsonlz4
jsonlz4
MD5: c462d36e76e587b73a1ef012fe5df0bf
SHA256: c12cb39a403580a001b0edb5c83bf17db90c5d5504d98fa630a7df38414ea7e0
3552
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\previous.jsonlz4
jsonlz4
MD5: d282be26272e1e2a33d64d5be0e55f51
SHA256: 8e09de9b62723612ca98aca7137289dd00e19fa0d3a81a167341cc8020e310d1
3552
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.jsonlz4.tmp
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\68D9ED657A5D8BC15935BC54BDBDB1DAAFC84D47
der
MD5: 93ca2337fc2f09671e27762587cd92e7
SHA256: 1c1f3e4fcb0c42d25c51eb960640f394297f419e570a3457b8c260e8ea3e1182
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\A91BE0D394F1C1181DBCAC9E1F871ABCFC0A4D21
der
MD5: 814b01317df9d6a14d000715e0bcc770
SHA256: 13cfd9cf97f692aae0cb955de63ab4c6a462ca09b4986cad42287e6d9c779fb9
3552
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\addonStartup.json.lz4
jsonlz4
MD5: 351583f788997971d6d0e40152cefd23
SHA256: fa70ea6714bd13f2e974400187afcd659c62a52712444e8f32e48320ea47d3a7
3552
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\addonStartup.json.lz4.tmp
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\485CA201EA9979186198D3133FD07E6C662D6042
der
MD5: 23daa559d4c3a7ab4a5e6da5b34b5887
SHA256: 4368906ed8b9a5d4c84d5ef8ecda353f5e54fe930eb528a3b07d53799d90976f
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\13F9D28541EA884964BD37FA152E3E6FA636A783
der
MD5: 71781459aa8661a63e129ddbe057a121
SHA256: f22131c6df957890704128d9d27b42de4fe941997b74e61d5d4847d148b422e5
3552
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 42de7b5e95f66a997b01b7262ea8e4ae
SHA256: d44af935aa3c159e25928c663ce0dd26b5e2faee4672efee6729746994c8f8e6
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\7CF0700F1E66C5F7AEC7B7578A1DB9A91AE59CC7
binary
MD5: a18f25a714d1d9044270494634c6b525
SHA256: 9fbecc63cca2083484315b93f6766431253578eaa3fbafe51598c5a2ada17c54
3552
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\search.json.mozlz4
jsonlz4
MD5: c59647140b5cc94c26180d7d7508cdb5
SHA256: c5a1fb16b108cfd0cd005b9c34385a1426cbcdd085d2170a7a990f968c6950b5
3552
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\search.json.mozlz4.tmp
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\59492F030C339E91FFEB2CB196987133F6AA543F
binary
MD5: 50fdf5bbfe17d82c8e94c934885a0b9d
SHA256: 57bd55817bb3de33a171a2f9d84548b0ef237889a13787875a618e92253afb3d
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\A480136AC69E1A3BA1C55984E672B9F3D05F40D8
binary
MD5: e45e93c193a89cfeda5071b824e73c11
SHA256: ce2936043314e703c0dc0b6bd9c208ca9b6448c4dc91c6e6b30a83659e3fe797
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\EE197B20CAB0419D1C0BD23EE03034F880EDC296
image
MD5: 9839175142abc50a1491a58db5a10cec
SHA256: 9c5bb2cfc54bf99958717924028d879778a58b61a8828978bb98efe0b85a01e5
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\6E5044297353B10BC4EA2D2E1808CAD014D5810D
der
MD5: 002818d0e60ef5f714feb479a63e1ad8
SHA256: d37d2e8be8c743ae8043f404e403a1938e0e9be6445bd98e851ae0f47a520112
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\96D74E7852927E827C0C426A1A5178424AD227F7
image
MD5: d6d96f573f5a3adc7509230ed798d452
SHA256: 2fa16ba8aa1585727e817eb3ca0ae4a2fa0bc370fc13d6e4dd51bd2f67cc7c20
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\54C960E2D5B80A0C439225267DADFAEF6DF4A867
der
MD5: f375699e8684f0786fc5b008d327645e
SHA256: 9dd713eae814f6621acb92c5d1c824e58d72b257fb4da35b74bbb43f4ea5c0eb
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-block-simple.sbstore
binary
MD5: e2cf527ca7550b7e7bdf7311e483a2c3
SHA256: f1e07b1d717433f47073dc54a7d98e3e87b3d0fa88e53466f93ea544af885d11
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-block-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-block-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-trackwhite-simple.sbstore
binary
MD5: 65e942614eee70680464ac4be75019fc
SHA256: 34395085da32c8b4efe9959e3b0d756b43ffed17694d66f39b966cd331bd9a94
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-trackwhite-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-track-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-track-simple.sbstore
binary
MD5: 95f28ede25c301301f25fbbd9a3c56ec
SHA256: 87763df78772f7d750b0fa5a31eec23e931fd3bd1cbb33beddfc61889da36478
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-track-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-trackwhite-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-harmful-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-harmful-simple.sbstore
binary
MD5: 051fb32dece757ba112ac36dc72e3a91
SHA256: 0806d98fb3de55f75d7c0b17e26146567e08c483031526659a4a35d09b97ef19
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-harmful-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-unwanted-simple.sbstore
binary
MD5: a5695cc64d77967232b0c1344c6e72b3
SHA256: 042a22b8681d754671d2018ba109b31a53ee3728d48c6379043f8e3394e7fbad
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-unwanted-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\0C057C8B7A3E4E31476D6BBD97A5B14B528B8514
der
MD5: 8ac1b3a132a0117d730ca4ddc141ba09
SHA256: 601d8518687c03184612a2c645f2848a941332b8d4b6a77ec22ac6e679ba07e9
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-unwanted-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-malware-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-malware-simple.sbstore
binary
MD5: 3675254e341df799d4307c1f59109185
SHA256: 23d108134bed6099793f7dd6b8b6e62081ec3b945efdbc7c5e0e779fd9b82f98
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-phish-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-phish-simple.sbstore
binary
MD5: 3d1ce5e50208f0cb3b979186043a548f
SHA256: 1e13d05d482c3d533dc6035af2b2d6e84749412a5748d1435b70cec8b312340b
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-phish-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-malware-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozstd-trackwhite-digest256.sbstore
binary
MD5: d772261ff33497d3681e094f23282ffe
SHA256: 8ee76fa11d5a67f0c93766da3b1ac0c942020afba15b55a8750a896292cf4dce
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozstd-trackwhite-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozplugin-block-digest256.sbstore
binary
MD5: d6acf2573e12afdd7939568804d3fcc1
SHA256: 5525cbf8f8dc41d19ac632ed324e55293a510ae0eeba16d0e3f33c707aa58a0c
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozplugin-block-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.pset
binary
MD5: 72e2352f7976b0dd90f2a68047493b8c
SHA256: e0d74336b6c041b6087a697dd7f65fa1da7ea035e202e3d977cc6a7e5bdc13a8
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.metadata
binary
MD5: eb744b05b13e9410146dab0bd459efa0
SHA256: bfde7f131200eb06c1d54b03d2ce1be1ff31062e8009c937243464712dcd2d50
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\1F92648E1F8CAE627BA93AD03FE92D5BE7211870
ini
MD5: f0f2ed51854cd0a181089184139e3bcc
SHA256: 59b52132f38c8be48eb6c2ce9094988982ccd7189983af8f42983b8cffc84092
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-phish-proto.metadata
binary
MD5: ddf263974b1925672d369bbcc8f830de
SHA256: 92a7323dd7eb199618a1e2e823a71919285a70196bfe627808c66cf1c1f3c8e3
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto.pset
binary
MD5: e608435b687616692a96462e1ac26756
SHA256: 6aa8ee3813d86411d8073a4c2f850b1e8e734c3759d860cbe54ec7f378a82a52
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto.metadata
binary
MD5: 704df61fa2e3f587b268ad85126bc689
SHA256: 7e97db3c9370a35f59a6a649e6cf608e4f5ed572f87f433ea652977ac2cc48d5
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-downloadwhite-proto.metadata
binary
MD5: 498dae4e538658a57f464748f2dabfda
SHA256: 8778f52cd9cb4f4787bf7ba18006d212f8c3004652d163f7786556a8eef3a067
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-downloadwhite-proto.pset
binary
MD5: 7655fffe7cfbe1ebf96afea5fe2e1376
SHA256: ff2f663c4e453706b7817109f6a43e8b3389e8cfb1b7d64aace2bfba45f3a359
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto.pset
binary
MD5: 844aff63a5f67cd54d9814b7b54abf18
SHA256: 8985970b72a7bcfcf54c4a2474c36ea9a911ab3672881ee299d58f5a4e64e690
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto.metadata
binary
MD5: 778202e2ee08f4b4073413c0b03e05fc
SHA256: 33147037ce75ec0a48b3da60d619bc76c2471f5f20c15f9d075671de2067cfb0
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\base-track-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\allow-flashallow-digest256.sbstore
binary
MD5: d886a47c89d9c49c795da345bc236990
SHA256: a03c5e2656d2f292bf5794c8eeb8d223cd6ba4f4bfb2ed1f325460e879d0bcf7
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\allow-flashallow-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\FD8C550620E58D25C048D6E001C4DF4B0559FC38
der
MD5: 51d193c3059030e9a0587308ef1ccbc4
SHA256: d9b39eea80b85fdf29b521df69b3b4ac6a1768a3d15185db295539947f9756db
3552
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3561288849sdhlie.sqlite-shm
binary
MD5: b7c14ec6110fa820ca6b65f5aec85911
SHA256: fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb
3552
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\search.json.mozlz4
jsonlz4
MD5: 03e22f63ea4be5add7aef9050d485611
SHA256: 0b5a2bcd1edf7ee6252f04b41403e0bc21f2eedf7cbaa6565f6562238c771c13
3552
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 61e04f058e592438993dcc5c8087b674
SHA256: 39d3b68fb7d143fe276c1e9ad89d9b4f0aa38e95788fca8278d73407e7e3b51f
3552
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionCheckpoints.json.tmp
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionCheckpoints.json
text
MD5: c4ab2ee59ca41b6d6a6ea911f35bdc00
SHA256: 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2
3552
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite-shm
binary
MD5: b7c14ec6110fa820ca6b65f5aec85911
SHA256: fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb
3552
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionCheckpoints.json
text
MD5: ea8b62857dfdbd3d0be7d7e4a954ec9a
SHA256: 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da
3552
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: d65b2bd591a1d6cc666241e6eef1afe7
SHA256: 1b94f69a3bf3cb9f7349fe274ca82166c22d675f9b043b19f2770d044ae9bd16
3552
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\pluginreg.dat
text
MD5: 37818d9b7248f34395c2db3c0bd4b07f
SHA256: ff229e03d2ab696e81957957ea8d71280b5800a2b0f70ea77998c3fa4e98a8a6
3552
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\pluginreg.dat.tmp
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\cookies.sqlite-shm
binary
MD5: b7c14ec6110fa820ca6b65f5aec85911
SHA256: fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache-current.bin
––
MD5:  ––
SHA256:  ––
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache-child-current.bin
binary
MD5: 6a1ef5c5ae2f682a0606848fa329072b
SHA256: 29312a09916820dec3eee29b40c503fee9569204e291320bd9c908b3386b1896
3552
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\urlCache-current.bin
binary
MD5: fd4ac055b608cf2c11c9b2c796a4fe1a
SHA256: 1d8a349613f7dcb71bf648c8c7f780f3953a2bc53435846289101fd77d8887af

Find more information of the staic content and download it at the full report

Network activity

HTTP(S) requests
19
TCP/UDP connections
67
DNS requests
109
Threats
0

HTTP requests

PID Process Method HTTP Code IP URL CN Type Size Reputation
3552 firefox.exe GET 200 95.100.39.17:80 http://detectportal.firefox.com/success.txt DE
text
whitelisted
3552 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
whitelisted
3552 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
whitelisted
3552 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
whitelisted
3552 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
whitelisted
3552 firefox.exe POST 200 172.217.21.227:80 http://ocsp.pki.goog/GTSGIAG3 US
binary
der
whitelisted
3552 firefox.exe POST 200 172.217.21.227:80 http://ocsp.pki.goog/GTSGIAG3 US
binary
der
whitelisted
3552 firefox.exe POST 200 172.217.21.227:80 http://ocsp.pki.goog/GTSGIAG3 US
binary
der
whitelisted
3552 firefox.exe POST 200 172.217.21.227:80 http://ocsp.pki.goog/GTSGIAG3 US
binary
der
whitelisted
3552 firefox.exe GET 301 66.254.114.41:80 http://pornhub.com/ US
––
––
whitelisted
3552 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
whitelisted
3552 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
whitelisted
3552 firefox.exe POST 200 172.217.21.227:80 http://ocsp.pki.goog/GTSGIAG3 US
binary
der
whitelisted
3552 firefox.exe POST 200 172.217.21.227:80 http://ocsp.pki.goog/GTSGIAG3 US
binary
der
whitelisted
3552 firefox.exe POST 200 172.217.21.227:80 http://ocsp.pki.goog/GTSGIAG3 US
binary
der
whitelisted
3552 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
whitelisted
3552 firefox.exe POST 200 172.217.21.227:80 http://ocsp.pki.goog/GTSGIAG3 US
binary
der
whitelisted
3552 firefox.exe POST 200 172.217.21.227:80 http://ocsp.pki.goog/GTSGIAG3 US
binary
der
whitelisted
3552 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
whitelisted

Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID Process IP ASN CN Reputation
3552 firefox.exe 95.100.39.17:80 Akamai International B.V. DE unknown
3552 firefox.exe 52.50.56.62:443 Amazon.com, Inc. IE unknown
3552 firefox.exe 93.184.220.29:80 MCI Communications Services, Inc. d/b/a Verizon Business US whitelisted
3552 firefox.exe 34.218.190.17:443 Amazon.com, Inc. US unknown
3552 firefox.exe 34.213.89.114:443 Amazon.com, Inc. US unknown
3552 firefox.exe 52.11.30.237:443 Amazon.com, Inc. US unknown
3552 firefox.exe 54.192.202.51:443 Amazon.com, Inc. US unknown
3552 firefox.exe 172.217.23.138:443 Google Inc. US whitelisted
3552 firefox.exe 172.217.21.227:80 Google Inc. US whitelisted
3552 firefox.exe 172.217.21.196:443 Google Inc. US whitelisted
–– –– 172.217.21.196:443 Google Inc. US whitelisted
3552 firefox.exe 66.254.114.41:80 Reflected Networks, Inc. US suspicious
3552 firefox.exe 66.254.114.41:443 Reflected Networks, Inc. US suspicious
3552 firefox.exe 66.254.114.32:443 Reflected Networks, Inc. US unknown
3552 firefox.exe 172.217.16.142:443 Google Inc. US whitelisted
3552 firefox.exe 66.254.114.38:443 Reflected Networks, Inc. US unknown
3552 firefox.exe 18.211.9.206:443 US shared
3552 firefox.exe 172.217.22.10:443 Google Inc. US whitelisted
3552 firefox.exe 205.185.208.142:443 Highwinds Network Group, Inc. US unknown
3552 firefox.exe 69.16.175.10:443 Highwinds Network Group, Inc. US malicious
3552 firefox.exe 205.185.208.85:443 Highwinds Network Group, Inc. US unknown
3552 firefox.exe 152.195.34.118:443 MCI Communications Services, Inc. d/b/a Verizon Business US whitelisted
–– –– 66.254.114.38:443 Reflected Networks, Inc. US unknown
–– –– 66.254.114.41:443 Reflected Networks, Inc. US suspicious
3552 firefox.exe 216.18.168.166:443 Reflected Networks, Inc. US unknown
3552 firefox.exe 64.233.167.155:443 Google Inc. US whitelisted
3552 firefox.exe 205.185.208.20:443 Highwinds Network Group, Inc. US unknown
3552 firefox.exe 216.58.207.35:443 Google Inc. US whitelisted
3552 firefox.exe 216.18.168.25:443 Reflected Networks, Inc. US unknown
3552 firefox.exe 52.39.125.163:443 Amazon.com, Inc. US unknown
3552 firefox.exe 52.85.183.51:443 Amazon.com, Inc. US unknown

DNS requests

Domain IP Reputation
detectportal.firefox.com 95.100.39.17
95.100.39.8
whitelisted
a1089.dscd.akamai.net 95.100.39.8
95.100.39.17
whitelisted
location.services.mozilla.com 52.50.56.62
52.210.139.31
108.128.247.43
whitelisted
locprod1-elb-eu-west-1.prod.mozaws.net 108.128.247.43
52.210.139.31
52.50.56.62
whitelisted
ocsp.digicert.com 93.184.220.29
whitelisted
cs9.wac.phicdn.net 93.184.220.29
whitelisted
push.services.mozilla.com 34.218.190.17
whitelisted
autopush.prod.mozaws.net No response whitelisted
snippets.cdn.mozilla.net 54.192.202.51
whitelisted
tiles.services.mozilla.com 34.213.89.114
54.186.163.246
34.210.151.118
34.208.138.0
54.186.90.148
52.25.71.236
34.209.86.85
35.166.166.56
whitelisted
search.services.mozilla.com 52.11.30.237
34.215.70.240
54.190.222.97
whitelisted
search.r53-2.services.mozilla.com 54.190.222.97
34.215.70.240
52.11.30.237
whitelisted
tiles.r53-2.services.mozilla.com 35.166.166.56
34.209.86.85
52.25.71.236
54.186.90.148
34.208.138.0
34.210.151.118
54.186.163.246
34.213.89.114
whitelisted
drcwo519tnci7.cloudfront.net 54.192.202.51
whitelisted
safebrowsing.googleapis.com 172.217.23.138
whitelisted
ocsp.pki.goog 172.217.21.227
whitelisted
pki-goog.l.google.com No response whitelisted
www.google.com 172.217.21.196
whitelisted
support.mozilla.org 52.39.170.29
34.208.233.116
whitelisted
www.youtube.com 172.217.22.110
216.58.210.14
172.217.16.206
172.217.18.110
172.217.23.174
216.58.205.238
172.217.21.238
172.217.22.14
172.217.23.142
216.58.207.78
172.217.16.174
172.217.16.142
172.217.22.46
whitelisted
www.facebook.com 185.60.216.35
whitelisted
star-mini.c10r.facebook.com 185.60.216.35
whitelisted
youtube-ui.l.google.com 172.217.22.46
172.217.16.142
172.217.16.174
216.58.207.78
172.217.23.142
172.217.22.14
172.217.21.238
216.58.205.238
172.217.23.174
172.217.18.110
172.217.16.206
216.58.210.14
172.217.22.110
whitelisted
prod-tp.sumo.mozit.cloud 34.208.233.116
52.39.170.29
malicious
www.wikipedia.org 91.198.174.192
whitelisted
twitter.com 104.244.42.1
104.244.42.193
whitelisted
www.reddit.com 151.101.1.140
151.101.65.140
151.101.129.140
151.101.193.140
whitelisted
reddit.map.fastly.net No response whitelisted
dyna.wikimedia.org 91.198.174.192
whitelisted
www.mozilla.org.cdn.cloudflare.net 104.16.40.2
104.16.41.2
whitelisted
www.mozilla.org 104.16.41.2
104.16.40.2
whitelisted
pornhub.com 66.254.114.41
whitelisted
www.pornhub.com 66.254.114.41
suspicious
www.google-analytics.com 172.217.16.142
whitelisted
ads.trafficjunky.net 66.254.114.38
unknown
hubt.pornhub.com 66.254.114.32
unknown
cdn1.smallimg.phcdn.com 18.211.9.206
shared
fonts.googleapis.com 172.217.22.10
whitelisted
www-google-analytics.l.google.com 172.217.16.142
whitelisted
hubtraffic.com 66.254.114.32
whitelisted
HDRedirect-LB6-54290b28133ca5af.elb.us-east-1.amazonaws.com 18.211.9.206
shared
smpop.icfcdn.com 69.16.175.10
69.16.175.42
malicious
di.phncdn.com 205.185.208.142
unknown
cdn1d-static-shared.phncdn.com 205.185.208.142
unknown
googleadapis.l.google.com 172.217.22.10
whitelisted
media.trafficjunky.net 205.185.208.85
unknown
vip0x08e.ssl.rncdn5.com 205.185.208.142
unknown
ci.phncdn.com 152.195.34.118
unknown
cds.j6g5d7i6.hwcdn.net 69.16.175.42
69.16.175.10
whitelisted
vip0x055.ssl.rncdn5.com 205.185.208.85
unknown
cs851.wpc.rncdn4.com 152.195.34.118
unknown
stats.g.doubleclick.net 64.233.167.155
64.233.167.154
64.233.167.157
64.233.167.156
whitelisted
stats.l.doubleclick.net 64.233.167.156
64.233.167.155
64.233.167.154
64.233.167.157
whitelisted
a.adtng.com 216.18.168.166
unknown
hw-cdn2.ang-content.com 205.185.208.20
unknown
vip0x014.ssl.rncdn5.com 205.185.208.20
unknown
www.google.co.uk 216.58.207.35
whitelisted
cdn1-smallimg.phncdn.com 216.18.168.25
unknown
smallimg.phncdn.com 216.18.168.25
unknown
shavar.services.mozilla.com 52.39.125.163
35.166.72.120
52.26.199.81
52.40.28.81
35.155.164.84
52.41.30.135
whitelisted
shavar.prod.mozaws.net 52.41.30.135
35.155.164.84
52.40.28.81
52.26.199.81
35.166.72.120
52.39.125.163
whitelisted
d1zkz3k4cclnv6.cloudfront.net 52.85.183.177
52.85.183.205
52.85.183.238
52.85.183.51
whitelisted
tracking-protection.cdn.mozilla.net 52.85.183.51
52.85.183.238
52.85.183.205
52.85.183.177
whitelisted

Threats

No threats detected.

Debug output strings

No debug info.