General Info

URL

https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fapp-eu.whitesourcesoftware.com%2FWss%2FWSS.html%23!createAccount%3BactivationId%3D0360d446-2143-4a9b-93ac-079b0151d273&data=02%7C01%7C%7Cf1eb95ca4bd940e8608f08d7644b8673%7C28042244bb514cd680347776fa3703e8%7C1%7C0%7C637088147848048553&sdata=O9AjuiYXArnTjwpu5lMB3%2B3JxFlJhXFMGAV%2B8kRl1Pk%3D&reserved=0

Full analysis
https://app.any.run/tasks/b590a1c5-2082-405c-8256-e8f0016258f1
Verdict
Malicious activity
Analysis date
11/8/2019, 15:01:41
OS:
Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Indicators:

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distored by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

Software environment set and analysis options

Launch configuration

Task duration
60 seconds
Additional time used
none
Fakenet option
off
Heavy Evaision option
off
MITM proxy
off
Route via Tor
off
Network geolocation
off
Privacy
Public submission
Autoconfirmation of UAC
on

Software preset

  • Internet Explorer 8.0.7601.17514
  • Adobe Acrobat Reader DC MUI (15.023.20070)
  • Adobe Flash Player 26 ActiveX (26.0.0.131)
  • Adobe Flash Player 26 NPAPI (26.0.0.131)
  • Adobe Flash Player 26 PPAPI (26.0.0.131)
  • Adobe Refresh Manager (1.8.0)
  • CCleaner (5.35)
  • FileZilla Client 3.36.0 (3.36.0)
  • Google Chrome (75.0.3770.100)
  • Google Update Helper (1.3.34.7)
  • Java 8 Update 92 (8.0.920.14)
  • Java Auto Updater (2.8.92.14)
  • Microsoft .NET Framework 4.7.2 (4.7.03062)
  • Microsoft Office Access MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Access MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office Access MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office Access MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office Access MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office Access MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office Access MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office Access MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office Access MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office Access MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office Access Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Excel MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Excel MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office Excel MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office Excel MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office Excel MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office Excel MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office Excel MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office Excel MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office Excel MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office Excel MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office Groove MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office Groove MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office Groove MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office Groove MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office Groove MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office Groove MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office Groove MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office Groove MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office Groove MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office IME (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office IME (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office InfoPath MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office InfoPath MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office InfoPath MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office InfoPath MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office InfoPath MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office InfoPath MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office InfoPath MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office InfoPath MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office Language Pack 2010 - French/Français (14.0.4763.1000)
  • Microsoft Office Language Pack 2010 - German/Deutsch (14.0.4763.1000)
  • Microsoft Office Language Pack 2010 - Italian/Italiano (14.0.4763.1000)
  • Microsoft Office Language Pack 2010 - Japanese/日本語 (14.0.4763.1000)
  • Microsoft Office Language Pack 2010 - Korean/한국어 (14.0.4763.1000)
  • Microsoft Office Language Pack 2010 - Portuguese/Português (Brasil) (14.0.4763.1000)
  • Microsoft Office Language Pack 2010 - Russian/русский (14.0.4763.1000)
  • Microsoft Office Language Pack 2010 - Spanish/Español (14.0.4763.1000)
  • Microsoft Office Language Pack 2010 - Turkish/Türkçe (14.0.4763.1013)
  • Microsoft Office O MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office O MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office O MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office O MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office O MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office O MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office O MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office O MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office O MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office OneNote MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office OneNote MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office OneNote MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office OneNote MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office OneNote MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office OneNote MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office OneNote MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office OneNote MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office OneNote MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office OneNote MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office Outlook MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Outlook MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office Outlook MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office Outlook MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office Outlook MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office Outlook MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office Outlook MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office Outlook MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office Outlook MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office Outlook MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office PowerPoint MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office PowerPoint MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office PowerPoint MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office PowerPoint MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office PowerPoint MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office PowerPoint MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office PowerPoint MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office PowerPoint MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office PowerPoint MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office Professional 2010 (14.0.6029.1000)
  • Microsoft Office Proof (Arabic) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (Basque) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (Catalan) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (Dutch) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (English) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (French) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (Galician) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (German) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (Spanish) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office Proof (Ukrainian) 2010 (14.0.4763.1000)
  • Microsoft Office Proofing (English) 2010 (14.0.6029.1000)
  • Microsoft Office Proofing (French) 2010 (14.0.4763.1000)
  • Microsoft Office Proofing (German) 2010 (14.0.4763.1000)
  • Microsoft Office Proofing (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office Proofing (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office Proofing (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office Proofing (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office Proofing (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office Proofing (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office Proofing (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office Publisher MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Publisher MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office Publisher MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office Publisher MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office Publisher MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office Publisher MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office Publisher MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office Publisher MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office Publisher MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office Publisher MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office SharePoint Designer MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office SharePoint Designer MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office SharePoint Designer MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office SharePoint Designer MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office SharePoint Designer MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office SharePoint Designer MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office SharePoint Designer MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office SharePoint Designer MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office SharePoint Designer MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office Shared MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office Shared MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office Shared MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office Shared MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office Shared MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office Shared MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office Shared MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office Shared MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office Shared MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office Shared Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Single Image 2010 (14.0.6029.1000)
  • Microsoft Office Word MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Word MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office Word MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office Word MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office Word MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office Word MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office Word MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office Word MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office Word MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office Word MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office X MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office X MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office X MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office X MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office X MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office X MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office X MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office X MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office X MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (9.0.30729.6161)
  • Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (10.0.40219)
  • Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (12.0.30501.0)
  • Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.21.27702 (14.21.27702.2)
  • Microsoft Visual C++ 2019 X86 Additional Runtime - 14.21.27702 (14.21.27702)
  • Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.21.27702 (14.21.27702)
  • Mozilla Firefox 68.0.1 (x86 en-US) (68.0.1)
  • Notepad++ (32-bit x86) (7.5.1)
  • Opera 12.15 (12.15.1748)
  • Skype version 8.29 (8.29)
  • Update for Microsoft .NET Framework 4.7.2 (KB4087364) (1)
  • VLC media player (2.2.6)
  • WinRAR 5.60 (32-bit) (5.60.0)

Hotfixes

  • Client LanguagePack Package
  • Client Refresh LanguagePack Package
  • CodecPack Basic Package
  • Foundation Package
  • IE Troubleshooters Package
  • InternetExplorer Optional Package
  • KB2534111
  • KB2999226
  • KB4019990
  • KB976902
  • LocalPack AU Package
  • LocalPack CA Package
  • LocalPack GB Package
  • LocalPack US Package
  • LocalPack ZA Package
  • ProfessionalEdition
  • UltimateEdition

Behavior activities

MALICIOUS SUSPICIOUS INFO

No malicious indicators.

Creates files in the program directory
  • firefox.exe (PID: 4004)
Application launched itself
  • firefox.exe (PID: 2580)
  • firefox.exe (PID: 4004)
Reads CPU info
  • firefox.exe (PID: 4004)
Creates files in the user directory
  • firefox.exe (PID: 4004)
Dropped object may contain Bitcoin addresses
  • firefox.exe (PID: 4004)

Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report

Screenshots

Processes

Total processes
40
Monitored processes
6
Malicious processes
0
Suspicious processes
0

Behavior graph

+
start firefox.exe no specs firefox.exe firefox.exe no specs firefox.exe firefox.exe firefox.exe
Specs description
Program did not start
Integrity level elevation
Task сontains an error or was rebooted
Process has crashed
Task contains several apps running
Executable file was dropped
Debug information is available
Process was injected
Network attacks were detected
Application downloaded the executable file
Actions similar to stealing personal data
Behavior similar to exploiting the vulnerability
Inspected object has sucpicious PE structure
File is detected by antivirus software
CPU overrun
RAM overrun
Process starts the services
Process was added to the startup
Behavior similar to spam
Low-level access to the HDD
Probably Tor was used
System was rebooted
Connects to the network
Known threat

Process information

Click at the process to see the details.

PID
2580
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" "https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fapp-eu.whitesourcesoftware.com%2FWss%2FWSS.html%23!createAccount%3BactivationId%3D0360d446-2143-4a9b-93ac-079b0151d273&data=02%7C01%7C%7Cf1eb95ca4bd940e8608f08d7644b8673%7C28042244bb514cd680347776fa3703e8%7C1%7C0%7C637088147848048553&sdata=O9AjuiYXArnTjwpu5lMB3%2B3JxFlJhXFMGAV%2B8kRl1Pk%3D&reserved=0"
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
No indicators
Parent process
––
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Mozilla Corporation
Description
Firefox
Version
68.0.1
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll

PID
4004
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fapp-eu.whitesourcesoftware.com%2FWss%2FWSS.html%23!createAccount%3BactivationId%3D0360d446-2143-4a9b-93ac-079b0151d273&data=02%7C01%7C%7Cf1eb95ca4bd940e8608f08d7644b8673%7C28042244bb514cd680347776fa3703e8%7C1%7C0%7C637088147848048553&sdata=O9AjuiYXArnTjwpu5lMB3%2B3JxFlJhXFMGAV%2B8kRl1Pk%3D&reserved=0
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
Parent process
firefox.exe
User
admin
Integrity Level
MEDIUM
Version:
Company
Mozilla Corporation
Description
Firefox
Version
68.0.1
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\kbdus.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\psapi.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\wbem\wbemprox.dll
c:\windows\system32\wbemcomn.dll
c:\windows\system32\wship6.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\winsta.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\wbem\wbemsvc.dll
c:\windows\system32\wbem\fastprox.dll
c:\windows\system32\ntdsapi.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\mscms.dll
c:\windows\system32\wpc.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\samcli.dll
c:\windows\system32\samlib.dll
c:\windows\system32\netutils.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\audioses.dll
c:\windows\system32\d2d1.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\wininet.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\iertutil.dll
c:\program files\mozilla firefox\softokn3.dll
c:\program files\mozilla firefox\freebl3.dll
c:\windows\system32\sspicli.dll
c:\progra~1\mozill~1\nssckbi.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\explorerframe.dll
c:\windows\system32\duser.dll
c:\windows\system32\dui70.dll
c:\windows\system32\actxprxy.dll
c:\program files\adobe\acrobat reader dc\reader\acrord32.exe
c:\program files\mozilla firefox\mozavutil.dll
c:\program files\mozilla firefox\mozavcodec.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\mf.dll
c:\windows\system32\atl.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\dxva2.dll
c:\windows\system32\evr.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\msmpeg2adec.dll
c:\windows\system32\slc.dll
c:\windows\system32\msmpeg2vdec.dll
c:\windows\system32\sqmapi.dll
c:\windows\system32\bcrypt.dll

PID
2716
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4004.0.502793132\701979972" -parentBuildID 20190717172542 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 4004 "\\.\pipe\gecko-crash-server-pipe.4004" 1144 gpu
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
No indicators
Parent process
firefox.exe
User
admin
Integrity Level
MEDIUM
Version:
Company
Mozilla Corporation
Description
Firefox
Version
68.0.1
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\mf.dll
c:\windows\system32\atl.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\dxva2.dll
c:\windows\system32\evr.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\wship6.dll
c:\windows\system32\wshqos.dll

PID
2040
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4004.3.1054923503\1254435007" -childID 1 -isForBrowser -prefsHandle 1704 -prefMapHandle 1700 -prefsLen 1 -prefMapSize 191824 -parentBuildID 20190717172542 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 4004 "\\.\pipe\gecko-crash-server-pipe.4004" 1724 tab
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
Parent process
firefox.exe
User
admin
Integrity Level
LOW
Version:
Company
Mozilla Corporation
Description
Firefox
Version
68.0.1
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\nsi.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\wship6.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\mscms.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\audioses.dll
c:\windows\system32\wpc.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\samcli.dll
c:\windows\system32\samlib.dll
c:\windows\system32\netutils.dll
c:\program files\mozilla firefox\softokn3.dll
c:\program files\mozilla firefox\freebl3.dll

PID
2824
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4004.13.586133139\1519966725" -childID 2 -isForBrowser -prefsHandle 2872 -prefMapHandle 2876 -prefsLen 5996 -prefMapSize 191824 -parentBuildID 20190717172542 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 4004 "\\.\pipe\gecko-crash-server-pipe.4004" 2888 tab
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
Parent process
firefox.exe
User
admin
Integrity Level
LOW
Version:
Company
Mozilla Corporation
Description
Firefox
Version
68.0.1
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\wship6.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\mscms.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\audioses.dll
c:\program files\mozilla firefox\softokn3.dll
c:\program files\mozilla firefox\freebl3.dll
c:\windows\system32\wpc.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\samcli.dll
c:\windows\system32\samlib.dll
c:\windows\system32\netutils.dll

PID
3972
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4004.20.1025948625\49713112" -childID 3 -isForBrowser -prefsHandle 3796 -prefMapHandle 3800 -prefsLen 7129 -prefMapSize 191824 -parentBuildID 20190717172542 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 4004 "\\.\pipe\gecko-crash-server-pipe.4004" 3812 tab
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
Parent process
firefox.exe
User
admin
Integrity Level
LOW
Version:
Company
Mozilla Corporation
Description
Firefox
Version
68.0.1
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\wship6.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\mscms.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\audioses.dll
c:\windows\system32\wpc.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\samcli.dll
c:\windows\system32\samlib.dll
c:\windows\system32\netutils.dll

Registry activity

Total events
354
Read events
349
Write events
5
Delete events
0

Modification events

PID
Process
Operation
Key
Name
Value
4004
firefox.exe
write
HKEY_CURRENT_USER\Software\Mozilla\Firefox\Launcher
C:\Program Files\Mozilla Firefox\firefox.exe|Browser
90DE001803000000
4004
firefox.exe
write
HKEY_CURRENT_USER\Software\Mozilla\Firefox\Launcher
C:\Program Files\Mozilla Firefox\firefox.exe|Telemetry
1
4004
firefox.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings
ProxyEnable
0
4004
firefox.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
SavedLegacySettings
4600000092000000010000000000000000000000000000000000000000000000C0E333BBEAB1D301000000000000000000000000020000001700000000000000FE800000000000007D6CB050D9C573F70B000000000000006D00330032005C004D00530049004D004700330032002E0064006C000100000004AA400014AA4000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000C0A8016400000000000000000000000000000000000000000800000000000000805D3F00983740000008000002000000000000600000002060040000B8A94000020000008802000060040000B8A9400004000000F8010000B284000088B64000B84B400043003A000000000000000000000000000000000000000000
2580
firefox.exe
write
HKEY_CURRENT_USER\Software\Mozilla\Firefox\Launcher
C:\Program Files\Mozilla Firefox\firefox.exe|Launcher
B97EFD1703000000

Files activity

Executable files
0
Suspicious files
120
Text files
21
Unknown types
51

Dropped files

PID
Process
Filename
Type
4004
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\crashes\store.json.mozlz4.tmp
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\ads-track-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
4004
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.baklz4
jsonlz4
MD5: df56aaf26bd5f509068f29afbb56b319
SHA256: d11554ac04645fb00fbf72be426a12193f4930508760765a6de6f50ebe658232
4004
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.jsonlz4
jsonlz4
MD5: c6bcfe9a8bf64b04c338a25b3c269677
SHA256: 206f1f75bd342dd524f9f44d3de72ecc4b6fcdc79af6cc5d30aed39be232c2bd
4004
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.jsonlz4.tmp
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\broadcast-listeners.json
text
MD5: 0d6ef5bcc56779514e58ba5d0eb54976
SHA256: a5380befbc2476960b5d90b2483856996877a2e4e1661389854315139af0df27
4004
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\broadcast-listeners.json.tmp
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 5348c3f428c9e512d014675721506c7d
SHA256: a7c05645bfc9042d5df74eae34a3bc4d1ba6f8feaf5c04d981a97a1347b64b9b
4004
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs-1.js
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\2918063365piupsah.sqlite-wal
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite-shm
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite-wal
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\2918063365piupsah.sqlite-shm
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite
sqlite
MD5: 7279c728bb2d557ec6f15b08fd97df0d
SHA256: 7d81309a1e86e2ae5e85847440b317dbcfdfec66b60189e52f7a25e0e1a577af
4004
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite-wal
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite-shm
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.jsonlz4
jsonlz4
MD5: df56aaf26bd5f509068f29afbb56b319
SHA256: d11554ac04645fb00fbf72be426a12193f4930508760765a6de6f50ebe658232
4004
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.baklz4
jsonlz4
MD5: 45f0deef6377c1efe3f8c71e4e53e224
SHA256: f2dd98dd6094069cc11b3fde5aaccd74e1322de99cd91fb39c7714f366ceadb5
4004
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\default\https+++www.google.com\idb\548905059db.sqlite
sqlite
MD5: d4cff09f7b08007723ee1b20efd64774
SHA256: 00848f33231810e42847bc7c22f69d155c58c280e6c0da6b410fe7ab03948acd
4004
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\default\https+++www.google.com\idb\548905059db.sqlite-wal
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\default\https+++www.google.com\idb\548905059db.sqlite-shm
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\9177A730A75A3AED965C9E07E7094239DD45F8CA
binary
MD5: a475011ff6135c93c8ba420e2b2b66bf
SHA256: 91fc1969c7d33986a47b13a8fa6df8702ba372b628170ba3c0da693dc53e9b9b
4004
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: e917a440ddb062e06a22e36df62b2c3a
SHA256: 3f019af6a4baa85ff0c2b3d476158646657fbaff214a154746f2dcd26539edf1
4004
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 4d22fbc614b7722f612b511d64016761
SHA256: 010b4754b78019289e01a68d0e7cd9320849b5fd6f97d21e35e3a9f5d15e6ed4
4004
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\extensions.json
text
MD5: 9cf5e9e40b5f764838f42c8f2721957f
SHA256: ad9889206f043a9d31af59d6db2a74d9680930c009a560e8cd158bafa271af8f
4004
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\extensions.json.tmp
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 9561bd63478fa3edd4df35e9c7cccd7d
SHA256: 0aea5f33c70cf7e83e235b759db547eea53944b4605736bccdfe9b9e7dca6eeb
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\B06E1D29677C5C3714B3982BF0DADEE29A0C9B96
binary
MD5: 0232e6c474ddae091ce016c2d751f5a3
SHA256: 5b23e6bea59771114d2cca3700afc87badfce6b35b79f4407738c361c0d48d79
4004
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite-shm
binary
MD5: 1d2a0b250ef389a450b5c876e0c83be4
SHA256: 13ebfb5e2a1e4e85cce865008d8e14932a26dd59eb517fc4a4da9026ec5c98b8
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\B76AE19835CDEA86B521946719284134832ED132
binary
MD5: d297583809ed73f74dd8b9fc2ef416ef
SHA256: aa373409adae97e6f5eed91a887985af6b63e06068c42aea0df8a216f14a6c8d
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\2D36C0DFC004DBFFB5A3C28AA2634CE8FB544939
der
MD5: b395fcca49fff38651a445606f8c9c02
SHA256: d9d4a5cdb3cba820ccf5703a10e6dd0b5b343d4a5662c40b84854af2a127884c
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\11575FAC92EF74FD848AAE93AB91113A4E413077
binary
MD5: 8ed1b96c6d5a72fc4fc76b109afd365e
SHA256: 205caf9637d27140a2947d9b5fd167558f94662810b44495c284f82dcef720e3
4004
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\search.json.mozlz4
jsonlz4
MD5: 350cc2f1fb168042cc8f1178a4d908b8
SHA256: 0bad8b545fff85f712ee0719410c64580d0ef5f17402b9ae1445ad4a921ce059
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\A5D93CC48B83C8124FEB6A2E9448677EACA5BA86
binary
MD5: b5d5f8f992a2d7a1437e5eb89ce00690
SHA256: 48dfdb8a68960883bed8ad62b02d9df8d58790f2ca0ad7d46823356c8b0f0338
4004
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\search.json.mozlz4.tmp
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\doomed\9632
binary
MD5: b5d5f8f992a2d7a1437e5eb89ce00690
SHA256: 48dfdb8a68960883bed8ad62b02d9df8d58790f2ca0ad7d46823356c8b0f0338
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\F18D85F52EBBBA2AB081EF739ED0D6E8A76D497C
binary
MD5: d42d2c7b785237a13c11ccc302291bc1
SHA256: fc287ffe080c18d7433b8b32a8ebad5d2225d5f4337c59982b96f308d88aa6c2
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\9A3EF8133F0FA6C3DE8D839A13E7E624CC01FBCC
binary
MD5: b93d9777a8d829af47bebdfdc0797cf4
SHA256: 158b1cbe43c2183b9e6989bb44dc99e67085138026f3ed2b214697e0fc750ed2
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\42B813E58F5ED89F03B27BD58A8AA557079F1824
der
MD5: d7e4c38fe039b93401567964997302f4
SHA256: 6fcd7b86aa98fab76e4dff477a72c45a39135f9237887ae470a8f457afeb5eef
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\72AE98B0FC1954493E49DDCDE2DED29E5A1D922E
der
MD5: d57c92604ba48fe60bb5a5e8cc42777c
SHA256: 292ba398644c406542d29bd730231bffa72b62b675edd842944acbe28c18f797
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\EE197B20CAB0419D1C0BD23EE03034F880EDC296
image
MD5: c0e301113ba0248c9708792793b217ae
SHA256: 8b4adfd6d4a4450bf678f032992068358d923779601432b4c1128e6a8bbbe686
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\54194B29C2C4E628892EAC034FD1B445ECE4BAA5
image
MD5: 5e31eb1733098c8f2a59a5aabf1f77b8
SHA256: 1ab1f124e52adc9ea681750b70a42b252cd1bf503c457d5ffbfe7db2b73ad47c
4004
firefox.exe
C:\Users\admin\AppData\Local\Temp\mz_etilqs_DeAtVIO5bXd54HP
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\BE0CCFDEED023C83BCD6BAB4E7FA39C986B3EA5A
ini
MD5: 759713b6a85ae4c2ea301766123d3105
SHA256: d0fa7c5d29639e3696efdfc1e5002ae84be929a22750890bb4205026b64db0ce
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\doomed\1619
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\default\https+++www.google.com\idb\548905059db.sqlite-wal
binary
MD5: bdf4e9e2ac28d0f59f6e21646f7166fd
SHA256: ebc347e38b12a51e51c1ee813eb27d5de9ff72e10d305b711764af3c5d2ff5c0
4004
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\default\https+++www.google.com\idb\548905059db.sqlite
sqlite
MD5: d11d25ff40f41ab9a93ec3fc90cfd399
SHA256: ffe9cde43c3456d1b013e056ae156db4caeb97929c1d9f588166b32d5718a1a9
4004
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\default\https+++www.google.com\idb\548905059db.sqlite-shm
binary
MD5: f767b4555a703bf6c9dd827262ca275c
SHA256: 76fcfee3131402570624ba1b0a7ec41eda3b623224eb3a4213217ba56ed25a12
4004
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\default\https+++www.google.com\.metadata-v2
binary
MD5: 2fc15f4643a29f4af9f18a1bbbc1fdd1
SHA256: e750fd7d13c3eb06c3b365eb4e85b5fe55a70006a013e901ec888a3e68e88a79
4004
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\default\https+++www.google.com\idb\548905059db.sqlite-journal
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\default\https+++www.google.com\.metadata-v2-tmp
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\ED6B7270349691DB81E8891A9F42F2043E7C7BC8
compressed
MD5: d3f39e1ebdcf880dc27788daa420a99a
SHA256: 0ae1a66da5cf2f9ac884b8f1e128dbaff690d34e9eb9ba37d32d281aa1e24c9d
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\33E92AE8AB986CF22F9F5CFDBA3B976C77484E8E
compressed
MD5: beae875eeeb7068e902ea4888a795e07
SHA256: be77ea8a6c295e14860c704131c94a1d630db04974b164e2e1bfbd0ebb21f753
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\ED6B7270349691DB81E8891A9F42F2043E7C7BC8
compressed
MD5: 89eb9a9e9e597e58901300a11eb385e1
SHA256: 56376a66b98bd81923a5dc3700b9d40d059a87fb3926a8481bb6ad42f105e108
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\CB5A4F33D4F9F4B6BA8DD50F46634FF3303B0DF1
woff2
MD5: 356eff7e621658d8eba1bfefc8d8e985
SHA256: 8974c5de08e6f3a29dac14537ae609a64d19ef62a80abc9804cb0435656b98d4
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\D24E942781941358EC3E97EC9D44915FEF481940
compressed
MD5: a0accb666bb8004bf80732f8dbcf17de
SHA256: e6ebb64bb5097bcb9f5e17d0a83615d0e313bbc508ba3528707133c5214698a8
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\A82DC149B61EB6F2F1D8C615A224B5DBEEF7ACE8
compressed
MD5: 78744bf68874039124ca1b44ad3f063e
SHA256: c265c0f9e8a3d00f01d7b2b0556c2748fd81abf22f93631a05247f799acba501
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\8B1DFB2D1BF61CA0366C797106DF4E0A7BB3F11F
image
MD5: 7a5e6d96c7384ff2302a308463218d06
SHA256: 4749cca89d8ddb3817278ed2c5247bfaa286bc34815091da80080429071a0ce1
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\33E92AE8AB986CF22F9F5CFDBA3B976C77484E8E
compressed
MD5: d383a204529c13851be366a0d9ac6f19
SHA256: 86cc8187874bf250821e102ab378515c81819cdb2fa113920bde47c06da84d9c
4004
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.jsonlz4
jsonlz4
MD5: 45f0deef6377c1efe3f8c71e4e53e224
SHA256: f2dd98dd6094069cc11b3fde5aaccd74e1322de99cd91fb39c7714f366ceadb5
4004
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.baklz4
jsonlz4
MD5: a474d7557bb5033ac628db649faae98d
SHA256: 50048e62461d125f1690e0c18ec6fcae7322f739a7a67d789eee0a2a9ba47bd5
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\A6076B7FD4BF4DFCC1AF163681BC51A58A4508FD
compressed
MD5: 36c55858e6c62e0c55d895f70f86cb9a
SHA256: 3da1b2e4cd17e9467a3d6c9ad15e26d7800a0476da79d8d13612cc719d163250
4004
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 97739ff81e54420519b80f8d206eb106
SHA256: 408a12092cff6a85d4c1b0d526c3ff346e88e424ff2830f778b8d92c0895914c
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-backup
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto.vlpset
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto.metadata
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto-1.vlpset
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.vlpset
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto-1.vlpset
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.metadata
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto-1.vlpset
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto.vlpset
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto.metadata
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-phish-proto-1.vlpset
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-phish-proto.vlpset
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-phish-proto.metadata
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\00CD1D671EFA0BB2950B62490443B87B9FBA20A2
image
MD5: 11c31ba080121b813934a76322056204
SHA256: 555f9b0c02597b4634c25fba761637e92c9fdbecfb3264d39de8b21a4ad59d77
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\FA6F82E93290E16D48F8C8F599336B20A25E6518
binary
MD5: 5d61d611d23a5ec0224a0dda75ded1d8
SHA256: b0859939dc48d601d6408e2a266ee32679b2b01d725929d0d5cd206392de6206
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\A6076B7FD4BF4DFCC1AF163681BC51A58A4508FD
compressed
MD5: 572f71760a4c2e1dc951a73416b97f57
SHA256: 80a219afa13d1f8b2a9f49bf0b87e8d9211fe05a67893c052ac6183d84631fcd
4004
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1451318868ntouromlalnodry--epcr.sqlite-shm
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3561288849sdhlie.sqlite-shm
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\permissions.sqlite-journal
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\FA388C52E5EE8DDE23161FA1C526BF615BDAA194
der
MD5: 9f3b2d09f071be4f8fdea6cd32bafd79
SHA256: eec32175c80de72e7396d9089f6883095435145a7518ff433ec75edd36aa6395
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\5E4954707B44E5A4B4ACF5F22B52219A1DCA477F
compressed
MD5: d90dac3f458c7b3be821921a4ee97bdd
SHA256: d660006bc9d3f2be73a09c1d4bf054a4913d2de2b5aa876967e551d6bf5c51cc
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\doomed\5386
compressed
MD5: edbc955db241e686927f59eefe933e91
SHA256: 2b6696a84440061a87452302a2c9d335358bf498b5469ebf6b17e078c8999d6b
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\ED6B7270349691DB81E8891A9F42F2043E7C7BC8
compressed
MD5: 6af6f02dfd40d60847022edbb20847f7
SHA256: a969eadfa14bc7386dd48f57c1d9a97bac8d12a9ad17bafbd8f17bcb295e67a4
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\8EE7360DE906AADC7C9900FE93A10C06F4483D2F
der
MD5: b3debad95437229f3c6dd6f32fb4f1ac
SHA256: e2b50d51023b89db4eed03e8081b474b07bda65da34367015dd6a8659399e6f4
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\AA0D1901D8B2B67CE84F2495AD287A17ED56E939
compressed
MD5: 0471e05e0bad211701a2a516101e4eec
SHA256: b3a1721bf12ff869c66f9440cfa0b5058858e3e3a9c3676c114ac3bc506a6afa
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\6AE1B07A2B1AE05897B77289B25C9453FE7E8A60
compressed
MD5: e19db2ad4857aecede4d77923f409668
SHA256: fcff5c599865a3088a67e591e54ac59a2b4265f79e6cc123295a87ff6967f580
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\B68227E5E2F3B6A89097B26A2D209091A7D68DA3
compressed
MD5: ae4b69a44ec5289f9cc1edc45f6a2a40
SHA256: aeb3503208054cf0f012745acaadf4adaddcfa0c7dcd1a00660a41c7bbbd0a9e
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\1286D320A52CB890C38E772A7BC1AE0CC0FAB09F
ini
MD5: 082fb4c92e98a6105893853de08b22c7
SHA256: 8daaf91ab91074fac67d8ad5e86cf9d440b0ba954d1920eab351f2de8e751ed8
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\02B87C0B1F8B7521E46AC03AB1CB819FCDF7C551
ttf
MD5: 578cbc9ac8d73d09b4552bc057b314c5
SHA256: c6758fa03ef50e4b7b4992d4f6696ef13189357d92d87fe0378b0dc1560c1cd1
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\83EAD3B4FDE2DA216EEC7936C0BBC15E5169D47C
der
MD5: f7eb3049c2210eae0389cff826ab6db5
SHA256: 322ad0fe674d161b56fb6ec3dcbc988424a86578bfe50b2412af58271b8ee8d5
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\B13A714441C11853FE6BA40EFF6C7097378009F7
compressed
MD5: 56af47501e607fc4563e44eee4d1572c
SHA256: dafd0c6a6c2c0534f09dde8010b79a58aa84d8597fa85f2d7fc3786a3dc936be
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\097ADF7E8F7441C864FD42F820921CB913479AB1
der
MD5: b7521f3ddb8583f95506515e0b169d1d
SHA256: 52c1a7c3a3c5919a7c5c41381ac2c3956087d5127d62fb08c2e839294c81da3e
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\F12920655161D466E2D95526CEF0A1C4445D1C5B
der
MD5: a1b4204b2e18783ca6e5642233caf884
SHA256: f05a56380d6fc7c334e1ea8f0c90c0455b1cf1de56660872a1ed0cfd296f79cc
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache-child.bin
binary
MD5: bd09ae31284f5f39c9a1bcc966ee4992
SHA256: 5bff27b82aed4dfefa851620f78a7b6ce97825e32ddaa8e4f96b9bb950801760
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache-child-new.bin
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache.bin
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache-new.bin
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\urlCache.bin
binary
MD5: e040078bcf9d8f18844c4776f5070e8f
SHA256: faa802fce3715d528a3acf141c056f1d3db46d5b36caf24b3bbb970b58af8ea8
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\urlCache-new.bin
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\8BA97E0794C6108677AC8595A34BDE5B36D3275B
compressed
MD5: 6c150ec8414e5ddaa75c991f2390f75b
SHA256: 9e5094577268fef1638af5fb927aceb55871310f9b8d19c7c392791997200588
4004
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 56436a1f7314a4d5ce67dd453cc51787
SHA256: 5e19635ea610028abff2a666654c3987fb7be7288470d46e9ef28eaf341686c1
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\B597DA2E9B2D181DF7F2FB8D2BAEC133C8DBA0A3
compressed
MD5: 50eca1ff58ad5a0aaba7a8cb055bfa87
SHA256: 3719ad2d90bcf51cb082af567c584748e13604e93747a9db98c72255764016db
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\B5442DFFDCF1FBFB27536B04CF56A34F1E26E3AC
compressed
MD5: 98243c2d7b2d9dacbd5f6eafb7959083
SHA256: 61ca83a221a5a4809827ad0176e570979b6bf220f8754a8e0a1bf4b35e46fbf8
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\F4B8AFB32C25E968AC3BEC02DB780893C187B822
der
MD5: 50c1cd01dab6bc2ba7b24f3256bc5ffc
SHA256: 04db165ecd677e49698d8f7fe47fcbaf3fc250238f3fd6cea7784a866380fd61
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozstd-trackwhite-digest256.sbstore
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozstd-trackwhite-digest256.pset
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozstd-trackwhite-digest256-1.sbstore
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\base-track-digest256.pset
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\base-track-digest256.sbstore
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\base-track-digest256-1.sbstore
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-unwanted-simple.sbstore
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-unwanted-simple.pset
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\social-track-digest256.sbstore
binary
MD5: 78dcec0cca3c5d108fda713905cb017d
SHA256: c2bcbf8269fd25481a15d67d990137ccb72e4c9af75b0aeabc884218c1105f6e
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozstd-trackwhite-digest256.sbstore
binary
MD5: 9582c7d247c75c190135b8f9770b90bd
SHA256: 9936c7df1950b74f63bb7da12e40d95b20e0b8f867737442ee508945aa741ebd
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\social-track-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.vlpset
binary
MD5: a0d98e41cf47e18aeb027270391b654e
SHA256: a8aa67e2aae4ffa27d0d01c4f5f477bd438ce9c30613bf6d8ff1ea0538ca01e0
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.metadata
binary
MD5: 91c0ab2883765716a7b4b67a1b7984eb
SHA256: d0266e9dfeb1d4acd6a0f6fad2071c8018478afc9b066f55db799f98106e21b2
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto.vlpset
binary
MD5: 0a1724b561a79357476b2916f3940c96
SHA256: 830c94214030f04511eadfaaca87d3ea51af1589984ce3e5f4ab2b63b062155d
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-phish-proto.metadata
binary
MD5: 1318e0de5997d5de5140698db0294d74
SHA256: 335655bd49f08e07bfb9d873bb38e6e98a394fd7a16e69f9c4aa8f662b391ec4
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\F69108ED5AE79C1BB87C9EC4EC0B4E3909F0AE57
image
MD5: d44b18c25fbd1c5d839c5df808671b1a
SHA256: ec63b683e7961c575d18b2f3a479c898d17c914fd72b53befb9e9343dc889815
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto.metadata
binary
MD5: bfa672c63c8d40c15475acd2fd1d5610
SHA256: b4af8f01db345963f88a6512fce1d0071ac1547347dd6385b0de67909e2cb007
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto.vlpset
binary
MD5: f494f3d83e1eb20ae3a5f99bd48b9219
SHA256: 96095475f28964d2631058e30061cc5e0eee1da37464bb06b8e7995f5e93c3b0
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\E87BCE03C4A753476D5E330C125A3A3D7A30C348
compressed
MD5: 22d2a8a6a6ed3bd0075c9c6e9bb4a73f
SHA256: 923d951330db9e5e2d4af3d2d697edc290f31868c1e37c107b48a8bb5b2b1d50
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto.metadata
binary
MD5: 43c68538f4da0c505e74a9b048b9de61
SHA256: 3a4d7143ead05475c636ed60e573d4ed2d743b29b146d81674a3c36c92a20219
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\content-track-digest256.sbstore
binary
MD5: 9702c14e80e6dd390a450909a81d2c8f
SHA256: 92c485c737f5b403bcea9f344de23fd8a8f3ea3629b244f9499e8dad77f3d6d5
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\62E01D48D74521D8ACA812AD51CBE37DA99AAAB8
ttf
MD5: 7584ca23e9aa975b52154d51523585c0
SHA256: 84712a52885db4a34c6901993ebb45fbd8477e13e9f7633631f50c6bb0502594
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\content-track-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\analytics-track-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\analytics-track-digest256.sbstore
binary
MD5: 5da8f75ca7d284f87d29a9b3de7f3305
SHA256: 6f612171da4d86018ba74e660239493084b520d7f67227e9b800e6453ef8e3c5
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\base-track-digest256.sbstore
binary
MD5: 2615ed123b3eb63c61ef0455bb2b34e3
SHA256: a7a21ff9e31b468739b472de3621d3f6d34493be2dc88885cbe526343be20783
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\ads-track-digest256.sbstore
binary
MD5: 6e2df5e8f8fb96e4fbb3af02337dcef6
SHA256: afeae83272c9467d7407c516759977393a17d9a332a3c4786fdf6cbeb0888960
4004
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\crashes\store.json.mozlz4
jsonlz4
MD5: a6338865eb252d0ef8fcf11fa9af3f0d
SHA256: 078648c042b9b08483ce246b7f01371072541a2e90d1beb0c8009a6118cbd965
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\B1481FF19A9491BB78CCC2663275F1C6C0C99F93
compressed
MD5: b473de4ec75d3434267e40d0e9f3f36e
SHA256: e78a4fe450728faf15f6e5460930f9fd8bf1218dc8518d147de9f24680f3df68
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\8EFC9B895256B63FA0737F23D52D2559EDF17B3B
compressed
MD5: 4ee31b58f8fd44e96c0834aee0d745e2
SHA256: ac80072cf23154a065daeccd7663b81238caa6129a6b922f988f2cc9878c6ef2
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\4402C6D128BDC55F540D78B3DCC0C63725A76644
compressed
MD5: 291529f17a9d0d66e01517bdeb275651
SHA256: edb88ca5a1151bd7c9513a162fc73bd46609c53d1da97049588d397952f7072f
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\ads-track-digest256.sbstore
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\ads-track-digest256.pset
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\content-track-digest256.sbstore
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\content-track-digest256.pset
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\social-track-digest256.pset
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\social-track-digest256.sbstore
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-trackwhite-simple.pset
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\analytics-track-digest256.pset
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\analytics-track-digest256.sbstore
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-trackwhite-simple.sbstore
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-track-simple.pset
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-phish-simple.sbstore
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-track-simple.sbstore
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-harmful-simple.sbstore
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-phish-simple.pset
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-malware-simple.pset
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-malware-simple.sbstore
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-block-simple.sbstore
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-harmful-simple.pset
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozplugin-block-digest256.sbstore
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-block-simple.pset
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozplugin-block-digest256.pset
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-downloadwhite-proto.pset
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-downloadwhite-proto.metadata
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashsubdoc-digest256.sbstore
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashallow-digest256.sbstore
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashsubdoc-digest256.pset
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashallow-digest256.pset
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flash-digest256.sbstore
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\CA9F370776901A18B035DD0779DBA61A1FBAEF64
compressed
MD5: b4957a7eb6579913ea4a4045c31e4329
SHA256: de9cae61e4f017f9bc2d8df0800280268bfb131145a225f396c701202f1e19a8
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\B1481FF19A9491BB78CCC2663275F1C6C0C99F93
compressed
MD5: 4c655e56740e751078ecfa1992059e21
SHA256: 13342ac1d14602cbc535d9d73ba3b27a10233e72cec993593253dca26d73d850
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\E2CAC95F91C573A3DEE9D36CBD1044A97BFEEFA4
compressed
MD5: 920759251da9f1726d3e50af99d31e35
SHA256: 98e5365c673e3ae92a5fdfd8dac003bba7a5de5d247ce1136f8cd949df82f0aa
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\EFFD4594377A34D66D7089B4E54192101DBFEF28
compressed
MD5: 483b032b8936968877065590dbc27395
SHA256: b51e072b1428ded81d375cd1f1702654ebf039a7d5c5c98a5f75c1ce6b290d48
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\72ED8EA0DEC09480D2C5A2A0DF623A9EFF492C6D
compressed
MD5: ba0fdaaf22587b121b496f88e07f7c27
SHA256: 00a37925b750eecef86a3b3ad0438c24786e4b0ffd0487b89f7a611c69f3c546
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\91FDC6F308AD0EEF4642A365E7613A18BA190AD7
compressed
MD5: 7bec332a3c63805e9458c0e0c38793bd
SHA256: ff1aabd1809a7666ad80036fdeff562f1a3f16337168d11d6312067a888e75c4
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\D60EE3FDFE22FA3F6E8C7F455B8011379F69F7C6
compressed
MD5: 6ec594cce1aa707f78c6bb9cc84cf7fd
SHA256: b5b4ca49a995560a5cb9e3e4635aecf389a19f94ef5427818c5f37bf1c10df36
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\3E982AB63EEDA20F0DB386C8B69E0BB9ECD31F49
compressed
MD5: 7eb1943663607adc38311c9a2156f2a7
SHA256: f2a54c9e8fa04542c2239c9216d1f235235521f90e0fc0a606c7c23d50c1ebad
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\57DAF1CDD275F148D24619201DB8C6FE45A167F7
compressed
MD5: 36ddb256760cc7fb6a49e40fc656ee47
SHA256: 0471e3cc626367ebaa427f665d44a12e97fa096e3dabe46ac2e4e99f42c88c7d
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\2F0A2BA8AB07D30EE708722773508C0B630641D9
compressed
MD5: dbf67c129c8712649dbe43a836f785cd
SHA256: c4c66c21be2cd847da3483c847b9cf2c62efc5dfe24da012318362968227738b
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\B0E05428E333DBFDC97F61587D70ED2F43F99958
compressed
MD5: 2950dfc406d8d95bf2be64786174808e
SHA256: c473193411da7420905836b21722acfa615a1850a441f4534af7d06f274fe309
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\461560BFB5AB80FAEB8EF0050F1117622F74FC7C
compressed
MD5: 5853e68bb0074d3db8063eb50feb9336
SHA256: cfda9c180a595f2e3ab2431983a7effaf666ae752b2eaca3c288eda107bcf83f
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\8DE73929EF89FC25AC4021293DEAD32FA000A619
compressed
MD5: 68c3056bb1ce11b1f957d9b557b6a812
SHA256: da216bc11c29bdcf680e58cf649ed9df9fca88805276753b8ce05625fed42bd4
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\95B821011627AB3796A26E33FB78D17DA9FD5FBC
compressed
MD5: c34de2cb9261ebbaeb6317fe6eef3e92
SHA256: 24b436504a36154cc7a4baa4e52a22d89e98bb356cc64d9390ff3516f4386d52
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\14FF56D1D65E43DAC16441C1C1753B45CEA1CACC
compressed
MD5: e6646e9fc91b415b8f4633a54b736a1f
SHA256: 9b480afd8555a271cb6ede1e98b54ff5a47ed2dee9118461ac369c2730acfe60
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\F09BE3C83D64F46DBB6A6EC0439E63FA18E7BA94
compressed
MD5: 42b11b1e2424d966e8f02dd4e9ea7976
SHA256: 8c84c03c746198b84b322bda000ed077992bf622a185ce163f977d56ba432d2a
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\FA262D38238B19E2DE620C7B2F774A387F426BEE
compressed
MD5: 2b6ae11d896330edff09285a58478cd4
SHA256: f22d105d09be29fa6786007ff66d678fb2686402de4bb6c2a11988aaaf0d20b8
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\17246EE5D384065A1A0C32C2D15183112EBD110A
compressed
MD5: 4196e0272f9a67777f58bd6021f21273
SHA256: 82a66259a0a420b7fc1a476460efbb77444e9aeb5e4bde15c23d9b0094127131
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\B90AAB6BDC09D96B1926853486FD719D8F862B15
compressed
MD5: 2f892abb4f8f4192247034de9b596321
SHA256: 986335cb58214051708ec7d62ab66779f0ba4ec188950c3d67c17555df4c1f32
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\70B054AFF36CB630DBC566619BB85F417764574B
compressed
MD5: 7822c204fad552ab910dab0215455626
SHA256: ba840f7f1afdb08b1e9a6ab25fe23755aa73139310d704662ba0b37ac1799d47
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\F396DE99065B0CB8AF26A5F85BD2B72F0A179DFB
compressed
MD5: eaa7f5f0092c2a100375b23c84cda3df
SHA256: 45b0fecde3ef1d31e0d121568be8c80565ce88cfb771e1be4488e87ea7de2978
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\89AA31B43F56F89F6495991E50332531F8AD3A03
compressed
MD5: 943d2b1340cf50ab2e03bb1b4dcb8c31
SHA256: 522e2cae3b47f1f4adfbbd43a0a82dd1c66fff13c6f1fe908bce7cc09d4df400
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\0ACBE273A080A7DBC1D72A29C4E9E9779F340A0E
compressed
MD5: cb7747a724838348b7351c04f287f1a0
SHA256: e1271f3ccd440329fbfdbda841f9b4d20084670883075da78220eb97dc5086db
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\BB3E8F13E10E3A8E284ACA24A847A503013440A3
compressed
MD5: 332e43b172463c523de850beb2497eaa
SHA256: c1c6a2fe0479aac2e708c05a720eb32d13ca627fa09f5d97eebefa6a46b2e8b5
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\334E15C4C03D80517374D3AB3CA492D16ECA0AC5
compressed
MD5: 2c3103580e57e1d8a41fe9a378ebdd6c
SHA256: 311612b40c9104d1085db6142cdfba277b6a51400c27d05e178c96a5a125d675
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\7A8014C39272AE7367D889B584F1E34114C3523B
compressed
MD5: bf38e69d1b701d4f667184726cf7e178
SHA256: d5c0185bb31ecae2e68b275c79b98f90bf83fcc51d6061973bd9a30b1a2aaba1
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\D4AF964EDCFC2742B8166EB4D33C043124C17195
compressed
MD5: 8f39ddbed703c9d6be3fdadf6c725ab8
SHA256: 5678bac2c1bdf91eeacb019d493594a2f08e787df8b416c3c6864aac390ce32e
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\1B15BBC272F916042B8B3C82325C3B31B97874E3
compressed
MD5: 22adcc9df12ad443f57452c8b72c5cdb
SHA256: 7a6388321f274816e75549ab60c2922ec401a08c8565b6d3271b46a0bd25f9aa
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\689BB455EA499075C8B1209F4409C4ADDAF1D3FF
compressed
MD5: 96ad564a2a0607c230a1baa6c7717331
SHA256: 9db8887c9dcc1b6702eb6a6109e97811c3e2ce67ad502e5a6682995f7ca02248
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\F792471638EEA53CE3F64A83126F64ED1C16A77C
compressed
MD5: c7271e55b131404966b56b1e0173f1e4
SHA256: b480ba359dbd6260aacde8427977e064725c57eaea9e5a053840ea3681b21a3b
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\E2733F83EC24A9F000880DAEFFFC77E6DC25EE9E
compressed
MD5: 1e3ddb968dd3078204f0ec69d333d1dc
SHA256: dafc52761d39ebd0d069708ff3e093f5e60a269573b72f15911c36c14aebe6a9
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\5CAA0912D186D5B7979E154B48BB241CFC6856C1
compressed
MD5: 538aab678151e9b91b71c9645f08621f
SHA256: cdf02e2cc2f63077f49291cee43586d0a58a19d3e49162adbcb92a2a1c959bc8
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\A6076B7FD4BF4DFCC1AF163681BC51A58A4508FD
compressed
MD5: 850037b4c308603c19b460299495d68b
SHA256: a8a08dc14ba756354c85eb4703a1da74c6be592ce275b6b3d9f171f831ae1c77
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\B6C8B7FC414455ACFEA3BE9CA037937A524F7F00
der
MD5: 09ca6173167468f8677e6c24f049d0a9
SHA256: 6312cf9100266efc0b9542fe72c7e4d05688292d6d00751cc7a863c1b326f0a9
4004
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 04a293a4aaa7966c9edcb0e495dbe97f
SHA256: 3fe1e57be7d0412bdc2aefde3106befc9c6f46bc78a7e1eb255829ea2dd756a3
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-unwanted-simple.sbstore
binary
MD5: a5695cc64d77967232b0c1344c6e72b3
SHA256: 042a22b8681d754671d2018ba109b31a53ee3728d48c6379043f8e3394e7fbad
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-unwanted-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-trackwhite-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-trackwhite-simple.sbstore
binary
MD5: 65e942614eee70680464ac4be75019fc
SHA256: 34395085da32c8b4efe9959e3b0d756b43ffed17694d66f39b966cd331bd9a94
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\0820A827FE90B50397980FCE1EF859B97F27132F
binary
MD5: b654dc3d266c9855819780b13793fd13
SHA256: 7c5b07613b4b823f61e64f198ac020e6d9ee1840d9bc8c5d8fe6bbace035f4a2
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\DB4CBF8392EBD19BD797C891E53BEFCAEB890005
bs
MD5: 8cc3ea6c02920fd7a7562d149151f75f
SHA256: 7e0687cb71c444f1f109d14745935ec3ce3c5931be123e6e819340184f12114b
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\9A3EF8133F0FA6C3DE8D839A13E7E624CC01FBCC
binary
MD5: 3dd052d04013c05b7d6f80c3da3534b0
SHA256: cc33feafa9d4dfdb1b8c79fbcc198a8e4dc96be93fdc932bfa531e5a17cf9e93
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\11575FAC92EF74FD848AAE93AB91113A4E413077
binary
MD5: 41f420e2cbff4730bc633eeee1ac7d76
SHA256: b39de236a7c2a1f109f53a010fdaa33ce2989d315af9f4a5d620770f43ddcfbd
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\A6076B7FD4BF4DFCC1AF163681BC51A58A4508FD
binary
MD5: 56e137ae0dbf47b34b489b0b01e0f007
SHA256: 5d3665bce47fe0b9514499af606137f404222e73035e38fe7d5ceecc9ed0e20c
4004
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\previous.jsonlz4
jsonlz4
MD5: da5a84a2615e68822fa04e81e66ea403
SHA256: 1c43e3fbd8cf850c863bba57a263da38355b9021b4a9bcc9f1d59ecaf9841ce9
4004
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.jsonlz4
jsonlz4
MD5: a474d7557bb5033ac628db649faae98d
SHA256: 50048e62461d125f1690e0c18ec6fcae7322f739a7a67d789eee0a2a9ba47bd5
4004
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\addonStartup.json.lz4
jsonlz4
MD5: 65a8568f72fdf05a592210c52784c82a
SHA256: 353279aec0402d3777cd400ecfa22ece3e3e882cb1e57056965db44bd1306465
4004
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\addonStartup.json.lz4.tmp
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\8B5C1CD589650FA9672AE04FCCF5BFCCE876E589
der
MD5: e6d965d3d2f9e808e864012773148fba
SHA256: 75be25a62bd2d131e3bff833d48df8624271b67cf51603ac9a73311a735c3a4f
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-trackwhite-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-block-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-harmful-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-track-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-unwanted-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-malware-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-phish-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-phish-simple.sbstore
binary
MD5: 3d1ce5e50208f0cb3b979186043a548f
SHA256: 1e13d05d482c3d533dc6035af2b2d6e84749412a5748d1435b70cec8b312340b
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-phish-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-track-simple.sbstore
binary
MD5: 95f28ede25c301301f25fbbd9a3c56ec
SHA256: 87763df78772f7d750b0fa5a31eec23e931fd3bd1cbb33beddfc61889da36478
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-track-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-malware-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozstd-trackwhite-digest256.sbstore
binary
MD5: 2ad4445da23a8e50d667c09150cf1876
SHA256: c1550f9dc8f675c7ff2c896ee91c839e4e2b243e759d71c128521c17f53e91b1
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-block-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-block-simple.sbstore
binary
MD5: e2cf527ca7550b7e7bdf7311e483a2c3
SHA256: f1e07b1d717433f47073dc54a7d98e3e87b3d0fa88e53466f93ea544af885d11
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-malware-simple.sbstore
binary
MD5: 3675254e341df799d4307c1f59109185
SHA256: 23d108134bed6099793f7dd6b8b6e62081ec3b945efdbc7c5e0e779fd9b82f98
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-harmful-simple.sbstore
binary
MD5: 051fb32dece757ba112ac36dc72e3a91
SHA256: 0806d98fb3de55f75d7c0b17e26146567e08c483031526659a4a35d09b97ef19
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-harmful-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozstd-trackwhite-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozplugin-block-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.vlpset
binary
MD5: d9e28d043d05a069ac7962f181a05337
SHA256: efbb9ada8e5f662779444e4de88ce944036b7c73d61acfb70239f809dd153aa1
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozplugin-block-digest256.sbstore
binary
MD5: d6acf2573e12afdd7939568804d3fcc1
SHA256: 5525cbf8f8dc41d19ac632ed324e55293a510ae0eeba16d0e3f33c707aa58a0c
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.metadata
binary
MD5: 6ee2fe4d5c3460929a4eec3138d76e8e
SHA256: 1bd0d3301b97fe608243e61c8fa114cc1ae9b69c0622a10cafe5cc1814df3b7a
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-phish-proto.metadata
binary
MD5: f57521d4d31b44fbbb74ba8f2441f52f
SHA256: fd6f2adcf2bce0ac48f15b6a67110e24ec8d24a566422512df2269f2cfac7a0d
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto.vlpset
binary
MD5: 8996548565a96f6ba34bc8317fb4f09e
SHA256: f760f51c58a91fcc264b8d27f610372ad510209eae6d0911e0ac236e7405fdc8
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-downloadwhite-proto.pset
binary
MD5: 7655fffe7cfbe1ebf96afea5fe2e1376
SHA256: ff2f663c4e453706b7817109f6a43e8b3389e8cfb1b7d64aace2bfba45f3a359
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-downloadwhite-proto.metadata
binary
MD5: 498dae4e538658a57f464748f2dabfda
SHA256: 8778f52cd9cb4f4787bf7ba18006d212f8c3004652d163f7786556a8eef3a067
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto.metadata
binary
MD5: c0ff29e2429d6a67594d829b166b9d0b
SHA256: a8ab69af442ae86af43f2a3bf22b91341377be23874762de01e3e71ef08f0318
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashsubdoc-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto.vlpset
binary
MD5: 93fdf288da71b455cfcb53f9e78add2a
SHA256: 017ed2622f8e5e1d72df4bc872bcf81ccfea9681aede1afdc7f3ddac800b0cf5
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashallow-digest256.sbstore
binary
MD5: 6f85bc4b2ecb49e26b0bd83a821065d0
SHA256: c0b3bc9b3dc507ab654caf72d13c3aefa58c9b13b1e4d14dd8816712d80a7e54
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto.metadata
binary
MD5: b4d69f529bf6d261075d04c6a5c56158
SHA256: 2794c0426aa721104df6a8615d57a251af30a79865cc69e369ed41cae4ea4ee8
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashsubdoc-digest256.sbstore
binary
MD5: ba0009932844173bc8f9af264229df24
SHA256: 66d1c00c04d86e313e9a02775cdf906b1be8d4cd6bef423a1b9e21cc4e9f50c1
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flashsubdoc-digest256.sbstore
binary
MD5: 04824a1f92353f43ebb9e7f74b7476fd
SHA256: b48e58ebab82e4c376f16150a3fff850c1111ff1f5985d68819cfd6f0db159d2
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashallow-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flash-digest256.sbstore
binary
MD5: c921d8e98fa01b4f303481e112202e92
SHA256: 4ef1038730ec8bc7206713c29a936768831b922c5e6c83355fd62d7401d8c1dc
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flash-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flash-digest256.sbstore
binary
MD5: 0e8fe60ccd7e9b4c32589a5743a95302
SHA256: 2b124d4026850a3cffd28dbacb58aec28f7dcd4d40bc14e52bbe96d60ce4e749
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flashsubdoc-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flash-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\base-track-digest256.sbstore
binary
MD5: 4a1220fc03e11726f09e9981834345db
SHA256: 6ae7fc0fdbe217104f4034bf6a580a461106b50309abccff6e309124dca5ef39
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\base-track-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\allow-flashallow-digest256.sbstore
binary
MD5: d886a47c89d9c49c795da345bc236990
SHA256: a03c5e2656d2f292bf5794c8eeb8d223cd6ba4f4bfb2ed1f325460e879d0bcf7
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\allow-flashallow-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
4004
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3561288849sdhlie.sqlite-shm
binary
MD5: b7c14ec6110fa820ca6b65f5aec85911
SHA256: fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb
4004
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 1f355ac92be38434fd323fb6bedd980c
SHA256: 7755fbcdca9b7a5f8296d7905d523245179f173050d8672e25c6157bd358237b
4004
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\search.json.mozlz4
jsonlz4
MD5: 6d378e0d40b6eaca22c8bce899a1c5c1
SHA256: ada2467b2477aceff837ac7820c435ad1ebbe844b2da31c7ab9ae8d010c7a639
4004
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionCheckpoints.json
text
MD5: c4ab2ee59ca41b6d6a6ea911f35bdc00
SHA256: 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2
4004
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionCheckpoints.json.tmp
––
MD5:  ––
SHA256:  ––
4004
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1451318868ntouromlalnodry--epcr.sqlite-shm
binary
MD5: b7c14ec6110fa820ca6b65f5aec85911
SHA256: fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb
4004
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\2918063365piupsah.sqlite-shm
binary
MD5: b7c14ec6110fa820ca6b65f5aec85911
SHA256: fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb
4004
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 354459382f30b8994109c88659dfa1f3
SHA256: e3e8e2b7e7eeca231620d83c70fa5a926e8b9ce74c51f595f71191dc0b50527e
4004
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\cookies.sqlite-shm
binary
MD5: b7c14ec6110fa820ca6b65f5aec85911
SHA256: fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache-child-current.bin
binary
MD5: 5027177f513cdae07db2330e1ded5934
SHA256: 0c53f16051e738287a4612f68e296238087627e594cfd6ddfa1fecc2e998328b
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\urlCache-current.bin
binary
MD5: de9496aca551ade408ef6466a11833a1
SHA256: 8f9c7fdb3e0bc01024e43a8e242468fc4dd4f74c725e32a883571635203dc10a
4004
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache-current.bin
––
MD5:  ––
SHA256:  ––

Find more information of the staic content and download it at the full report

Network activity

HTTP(S) requests
11
TCP/UDP connections
58
DNS requests
108
Threats
2

HTTP requests

PID Process Method HTTP Code IP URL CN Type Size Reputation
4004 firefox.exe POST 200 172.217.22.3:80 http://ocsp.pki.goog/gts1o1 US
binary
der
whitelisted
4004 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
whitelisted
4004 firefox.exe POST 200 172.217.22.3:80 http://ocsp.pki.goog/gts1o1 US
binary
der
whitelisted
4004 firefox.exe POST 200 172.217.22.3:80 http://ocsp.pki.goog/gts1o1 US
binary
der
whitelisted
4004 firefox.exe POST 200 172.217.22.3:80 http://ocsp.pki.goog/gts1o1 US
binary
der
whitelisted
4004 firefox.exe POST 200 172.217.22.3:80 http://ocsp.pki.goog/gts1o1 US
binary
der
whitelisted
4004 firefox.exe POST 200 172.217.22.3:80 http://ocsp.pki.goog/gts1o1 US
binary
der
whitelisted
4004 firefox.exe POST 200 52.85.182.143:80 http://ocsp.sca1b.amazontrust.com/ US
binary
der
whitelisted
4004 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
whitelisted
4004 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
whitelisted
4004 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
whitelisted

Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID Process IP ASN CN Reputation
4004 firefox.exe 104.47.2.28:443 Microsoft Corporation IE whitelisted
4004 firefox.exe 2.16.186.112:80 Akamai International B.V. –– whitelisted
4004 firefox.exe 52.35.182.58:443 Amazon.com, Inc. US unknown
4004 firefox.exe 54.213.71.156:443 Amazon.com, Inc. US malicious
4004 firefox.exe 35.161.239.106:443 Amazon.com, Inc. US unknown
4004 firefox.exe 143.204.101.27:443 US unknown
4004 firefox.exe 172.217.18.170:443 Google Inc. US whitelisted
4004 firefox.exe 40.115.39.174:443 Microsoft Corporation NL unknown
4004 firefox.exe 172.217.22.3:80 Google Inc. US whitelisted
4004 firefox.exe 52.88.59.72:443 Amazon.com, Inc. US unknown
4004 firefox.exe 93.184.220.29:80 MCI Communications Services, Inc. d/b/a Verizon Business US whitelisted
4004 firefox.exe 143.204.101.56:443 US suspicious
4004 firefox.exe 216.58.210.8:443 Google Inc. US whitelisted
4004 firefox.exe 172.217.16.164:443 Google Inc. US whitelisted
4004 firefox.exe 216.58.206.8:443 Google Inc. US whitelisted
4004 firefox.exe 216.58.207.35:443 Google Inc. US whitelisted
4004 firefox.exe 151.101.2.110:443 Fastly US suspicious
4004 firefox.exe 151.101.1.195:443 Fastly US malicious
4004 firefox.exe 172.217.21.238:443 Google Inc. US whitelisted
4004 firefox.exe 52.85.182.143:80 Amazon.com, Inc. US whitelisted
4004 firefox.exe 54.186.143.44:443 Amazon.com, Inc. US unknown
4004 firefox.exe 172.217.23.131:443 Google Inc. US whitelisted
4004 firefox.exe 104.47.1.28:443 Microsoft Corporation AT whitelisted
4004 firefox.exe 2.16.186.50:80 Akamai International B.V. –– whitelisted
4004 firefox.exe 52.89.218.39:443 Amazon.com, Inc. US unknown
4004 firefox.exe 54.186.225.209:443 Amazon.com, Inc. US unknown
4004 firefox.exe 143.204.101.25:443 US unknown
4004 firefox.exe 143.204.101.106:443 US suspicious
4004 firefox.exe 54.191.170.25:443 Amazon.com, Inc. US unknown
4004 firefox.exe 54.230.229.78:443 Amazon.com, Inc. US unknown
4004 firefox.exe 99.84.55.54:443 AT&T Services, Inc. US unknown
4004 firefox.exe 52.33.139.34:443 Amazon.com, Inc. US unknown
4004 firefox.exe 54.230.229.70:443 Amazon.com, Inc. US unknown

DNS requests

Domain IP Reputation
eur01.safelinks.protection.outlook.com 104.47.2.28
104.47.1.28
whitelisted
detectportal.firefox.com 2.16.186.112
2.16.186.50
whitelisted
a1089.dscd.akamai.net 2.16.186.50
2.16.186.112
whitelisted
search.services.mozilla.com 52.35.182.58
35.164.109.147
52.89.218.39
whitelisted
search.r53-2.services.mozilla.com 52.89.218.39
35.164.109.147
52.35.182.58
whitelisted
push.services.mozilla.com 54.213.71.156
whitelisted
autopush.prod.mozaws.net 54.213.71.156
whitelisted
tiles.services.mozilla.com 35.161.239.106
34.223.160.244
54.186.225.209
35.162.117.80
35.166.89.106
35.155.128.5
54.68.132.173
54.69.207.70
whitelisted
snippets.cdn.mozilla.net 143.204.101.27
143.204.101.106
143.204.101.25
143.204.101.115
whitelisted
tiles.r53-2.services.mozilla.com No response whitelisted
d228z91au11ukj.cloudfront.net 143.204.101.115
143.204.101.25
143.204.101.106
143.204.101.27
malicious
safebrowsing.googleapis.com 172.217.18.170
whitelisted
5e3fc561-8c29-41e5-b4cf-7753f31467f9.cloudapp.net 40.115.39.174
unknown
app-eu.whitesourcesoftware.com 40.115.39.174
unknown
ocsp.pki.goog 172.217.22.3
whitelisted
pki-goog.l.google.com 172.217.22.3
whitelisted
shavar.services.mozilla.com 52.88.59.72
52.33.55.70
52.33.139.34
52.33.61.229
52.27.36.44
35.165.44.141
35.155.241.126
52.89.48.8
whitelisted
shavar.prod.mozaws.net 52.89.48.8
35.155.241.126
35.165.44.141
52.27.36.44
52.33.61.229
52.33.139.34
52.33.55.70
52.88.59.72
whitelisted
ocsp.digicert.com 93.184.220.29
whitelisted
cs9.wac.phicdn.net 93.184.220.29
whitelisted
tracking-protection.cdn.mozilla.net 143.204.101.56
143.204.101.95
143.204.101.88
143.204.101.101
whitelisted
d1zkz3k4cclnv6.cloudfront.net 143.204.101.101
143.204.101.88
143.204.101.95
143.204.101.56
whitelisted
www.ebay.de 72.247.226.12
whitelisted
www.youtube.com 172.217.18.174
172.217.23.142
172.217.22.14
216.58.205.238
172.217.21.238
172.217.23.174
172.217.16.206
216.58.210.14
172.217.22.110
172.217.22.78
172.217.22.46
172.217.16.142
172.217.23.110
216.58.207.46
172.217.18.110
216.58.206.14
whitelisted
www.facebook.com 157.240.20.35
whitelisted
youtube-ui.l.google.com 216.58.206.14
172.217.18.174
172.217.23.142
172.217.22.14
216.58.205.238
172.217.21.238
172.217.23.174
172.217.16.206
216.58.210.14
172.217.22.110
172.217.22.78
172.217.22.46
172.217.16.142
172.217.23.110
216.58.207.46
172.217.18.110
whitelisted
dyna.wikimedia.org 91.198.174.192
whitelisted
www.reddit.com 151.101.1.140
151.101.65.140
151.101.129.140
151.101.193.140
whitelisted
www.wikipedia.org 91.198.174.192
whitelisted
star-mini.c10r.facebook.com 157.240.20.35
whitelisted
e11847.g.akamaiedge.net 72.247.226.12
whitelisted
www.mozilla.org.cdn.cloudflare.net 104.16.143.228
104.16.142.228
whitelisted
reddit.map.fastly.net 151.101.193.140
151.101.129.140
151.101.65.140
151.101.1.140
whitelisted
www.mozilla.org 104.16.142.228
104.16.143.228
whitelisted
ssl.google-analytics.com 216.58.210.8
whitelisted
ssl-google-analytics.l.google.com 216.58.210.8
whitelisted
www.google.com 172.217.16.164
whitelisted
www.googletagmanager.com 216.58.206.8
whitelisted
www-googletagmanager.l.google.com 216.58.206.8
whitelisted
www.gstatic.com 216.58.207.35
whitelisted
www.google-analytics.com 172.217.21.238
whitelisted
www-google-analytics.l.google.com 172.217.21.238
whitelisted
fast.appcues.com 151.101.2.110
151.101.66.110
151.101.130.110
151.101.194.110
whitelisted
dualstack.f4.shared.global.fastly.net 151.101.194.110
151.101.130.110
151.101.66.110
151.101.2.110
suspicious
my.appcues.com 151.101.1.195
151.101.65.195
malicious
api.appcues.net 54.186.143.44
34.215.168.98
52.40.157.208
54.213.210.74
54.149.101.209
54.191.95.29
52.27.133.176
54.218.98.189
unknown
s-cert-3.firebaseapp.com No response malicious
ocsp.sca1b.amazontrust.com 52.85.182.143
52.85.182.217
52.85.182.58
52.85.182.124
whitelisted
fonts.gstatic.com 172.217.23.131
whitelisted
gstaticadssl.l.google.com 172.217.23.131
whitelisted
firefox.settings.services.mozilla.com 54.230.229.78
54.230.229.13
54.230.229.30
54.230.229.61
whitelisted
d2k03kvdk5cku0.cloudfront.net No response whitelisted
prod-tp.sumo.mozit.cloud 34.213.134.214
34.209.95.119
whitelisted
support.mozilla.org 34.209.95.119
34.213.134.214
whitelisted
content-signature-2.cdn.mozilla.net 99.84.55.54
99.84.55.43
99.84.55.114
99.84.55.89
whitelisted
d2nxq2uap88usk.cloudfront.net No response whitelisted
aus5.mozilla.org 54.230.229.70
54.230.229.21
54.230.229.125
54.230.229.119
whitelisted
balrog-cloudfront.prod.mozaws.net 54.230.229.119
54.230.229.125
54.230.229.21
54.230.229.70
whitelisted

Threats

PID Process Class Message
–– –– Potentially Bad Traffic ET INFO Observed DNS Query to .cloud TLD
–– –– Potentially Bad Traffic ET INFO Observed DNS Query to .cloud TLD

Debug output strings

No debug info.