General Info

URL

http://logicalgold.club/?u=1gnpae3&o=0lpkqzc&t=mw4m&cid=27s0rp1jp1bgqdn07seoo1

Full analysis
https://app.any.run/tasks/aaf5fe30-c8d4-48fc-996d-bdc019ac3a6b
Verdict
Malicious activity
Analysis date
9/11/2019, 08:44:00
OS:
Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Indicators:

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distored by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

Software environment set and analysis options

Launch configuration

Task duration
60 seconds
Additional time used
none
Fakenet option
off
Heavy Evaision option
off
MITM proxy
off
Route via Tor
off
Network geolocation
off
Privacy
Public submission
Autoconfirmation of UAC
on

Software preset

  • Internet Explorer 8.0.7601.17514
  • Adobe Acrobat Reader DC MUI (15.023.20070)
  • Adobe Flash Player 26 ActiveX (26.0.0.131)
  • Adobe Flash Player 26 NPAPI (26.0.0.131)
  • Adobe Flash Player 26 PPAPI (26.0.0.131)
  • Adobe Refresh Manager (1.8.0)
  • CCleaner (5.35)
  • FileZilla Client 3.36.0 (3.36.0)
  • Google Chrome (75.0.3770.100)
  • Google Update Helper (1.3.34.7)
  • Java 8 Update 92 (8.0.920.14)
  • Java Auto Updater (2.8.92.14)
  • Microsoft .NET Framework 4.7.2 (4.7.03062)
  • Microsoft Office Access MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Access Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Excel MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office OneNote MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Outlook MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office PowerPoint MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Professional 2010 (14.0.6029.1000)
  • Microsoft Office Proof (English) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (French) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (Spanish) 2010 (14.0.6029.1000)
  • Microsoft Office Proofing (English) 2010 (14.0.6029.1000)
  • Microsoft Office Publisher MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Single Image 2010 (14.0.6029.1000)
  • Microsoft Office Word MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (9.0.30729.6161)
  • Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (10.0.40219)
  • Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (12.0.30501.0)
  • Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.21.27702 (14.21.27702.2)
  • Microsoft Visual C++ 2019 X86 Additional Runtime - 14.21.27702 (14.21.27702)
  • Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.21.27702 (14.21.27702)
  • Mozilla Firefox 68.0.1 (x86 en-US) (68.0.1)
  • Notepad++ (32-bit x86) (7.5.1)
  • Opera 12.15 (12.15.1748)
  • Skype version 8.29 (8.29)
  • Update for Microsoft .NET Framework 4.7.2 (KB4087364) (1)
  • VLC media player (2.2.6)
  • WinRAR 5.60 (32-bit) (5.60.0)

Hotfixes

  • Client LanguagePack Package
  • Client Refresh LanguagePack Package
  • CodecPack Basic Package
  • Foundation Package
  • IE Troubleshooters Package
  • InternetExplorer Optional Package
  • KB2534111
  • KB2999226
  • KB4019990
  • KB976902
  • LocalPack AU Package
  • LocalPack CA Package
  • LocalPack GB Package
  • LocalPack US Package
  • LocalPack ZA Package
  • ProfessionalEdition
  • UltimateEdition

Behavior activities

MALICIOUS SUSPICIOUS INFO

No malicious indicators.

No suspicious indicators.

Reads CPU info
  • firefox.exe (PID: 3644)
Creates files in the user directory
  • firefox.exe (PID: 3644)
Application launched itself
  • firefox.exe (PID: 3644)

Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report

Screenshots

Processes

Total processes
38
Monitored processes
6
Malicious processes
0
Suspicious processes
0

Behavior graph

+
start firefox.exe no specs firefox.exe firefox.exe no specs firefox.exe firefox.exe firefox.exe
Specs description
Program did not start
Integrity level elevation
Task сontains an error or was rebooted
Process has crashed
Task contains several apps running
Executable file was dropped
Debug information is available
Process was injected
Network attacks were detected
Application downloaded the executable file
Actions similar to stealing personal data
Behavior similar to exploiting the vulnerability
Inspected object has sucpicious PE structure
File is detected by antivirus software
CPU overrun
RAM overrun
Process starts the services
Process was added to the startup
Behavior similar to spam
Low-level access to the HDD
Probably Tor was used
System was rebooted
Connects to the network
Known threat

Process information

Click at the process to see the details.

PID
2768
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" "http://logicalgold.club/?u=1gnpae3&o=0lpkqzc&t=mw4m&cid=27s0rp1jp1bgqdn07seoo1"
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
No indicators
Parent process
––
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Mozilla Corporation
Description
Firefox
Version
68.0.1
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll

PID
3644
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" http://logicalgold.club/?u=1gnpae3&o=0lpkqzc&t=mw4m&cid=27s0rp1jp1bgqdn07seoo1
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
Parent process
firefox.exe
User
admin
Integrity Level
MEDIUM
Version:
Company
Mozilla Corporation
Description
Firefox
Version
68.0.1
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\kbdus.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\psapi.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\wship6.dll
c:\windows\system32\wbem\wbemprox.dll
c:\windows\system32\wbemcomn.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\winsta.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\wbem\wbemsvc.dll
c:\windows\system32\wbem\fastprox.dll
c:\windows\system32\ntdsapi.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\mscms.dll
c:\windows\system32\wpc.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\samcli.dll
c:\windows\system32\samlib.dll
c:\windows\system32\netutils.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\audioses.dll
c:\windows\system32\d2d1.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\wininet.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\iertutil.dll
c:\program files\mozilla firefox\softokn3.dll
c:\program files\mozilla firefox\freebl3.dll
c:\windows\system32\sspicli.dll
c:\progra~1\mozill~1\nssckbi.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\explorerframe.dll
c:\windows\system32\duser.dll
c:\windows\system32\dui70.dll
c:\windows\system32\actxprxy.dll
c:\program files\adobe\acrobat reader dc\reader\acrord32.exe
c:\program files\mozilla firefox\mozavutil.dll
c:\program files\mozilla firefox\mozavcodec.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\mf.dll
c:\windows\system32\atl.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\dxva2.dll
c:\windows\system32\evr.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\msmpeg2adec.dll
c:\windows\system32\slc.dll
c:\windows\system32\msmpeg2vdec.dll
c:\windows\system32\sqmapi.dll
c:\windows\system32\bcrypt.dll

PID
2824
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3644.0.1209772159\1450506228" -parentBuildID 20190717172542 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 3644 "\\.\pipe\gecko-crash-server-pipe.3644" 1164 gpu
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
No indicators
Parent process
firefox.exe
User
admin
Integrity Level
MEDIUM
Version:
Company
Mozilla Corporation
Description
Firefox
Version
68.0.1
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\mf.dll
c:\windows\system32\atl.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\dxva2.dll
c:\windows\system32\evr.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\wship6.dll
c:\windows\system32\wshqos.dll

PID
3632
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3644.3.1631032610\700455295" -childID 1 -isForBrowser -prefsHandle 1684 -prefMapHandle 1680 -prefsLen 1 -prefMapSize 191824 -parentBuildID 20190717172542 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 3644 "\\.\pipe\gecko-crash-server-pipe.3644" 1704 tab
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
Parent process
firefox.exe
User
admin
Integrity Level
LOW
Version:
Company
Mozilla Corporation
Description
Firefox
Version
68.0.1
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\wship6.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\mscms.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\audioses.dll
c:\windows\system32\wpc.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\samcli.dll
c:\windows\system32\samlib.dll
c:\windows\system32\netutils.dll
c:\program files\mozilla firefox\softokn3.dll
c:\program files\mozilla firefox\freebl3.dll
c:\program files\mozilla firefox\mozavutil.dll
c:\program files\mozilla firefox\mozavcodec.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\mf.dll
c:\windows\system32\atl.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\dxva2.dll
c:\windows\system32\evr.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\msmpeg2vdec.dll
c:\windows\system32\slc.dll
c:\windows\system32\sqmapi.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\mp3dmod.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\msmpeg2adec.dll

PID
460
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3644.13.1110991345\671911562" -childID 2 -isForBrowser -prefsHandle 2864 -prefMapHandle 2868 -prefsLen 5997 -prefMapSize 191824 -parentBuildID 20190717172542 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 3644 "\\.\pipe\gecko-crash-server-pipe.3644" 2880 tab
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
Parent process
firefox.exe
User
admin
Integrity Level
LOW
Version:
Company
Mozilla Corporation
Description
Firefox
Version
68.0.1
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\wship6.dll
c:\windows\system32\mscms.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\audioses.dll
c:\program files\mozilla firefox\softokn3.dll
c:\program files\mozilla firefox\freebl3.dll

PID
2484
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3644.20.1329126083\1725202971" -childID 3 -isForBrowser -prefsHandle 3760 -prefMapHandle 3744 -prefsLen 7130 -prefMapSize 191824 -parentBuildID 20190717172542 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 3644 "\\.\pipe\gecko-crash-server-pipe.3644" 3784 tab
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
Parent process
firefox.exe
User
admin
Integrity Level
LOW
Version:
Company
Mozilla Corporation
Description
Firefox
Version
68.0.1
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\shell32.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\wship6.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\mscms.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\audioses.dll

Registry activity

Total events
383
Read events
378
Write events
5
Delete events
0

Modification events

PID
Process
Operation
Key
Name
Value
2768
firefox.exe
write
HKEY_CURRENT_USER\Software\Mozilla\Firefox\Launcher
C:\Program Files\Mozilla Firefox\firefox.exe|Launcher
755DA23601000000
3644
firefox.exe
write
HKEY_CURRENT_USER\Software\Mozilla\Firefox\Launcher
C:\Program Files\Mozilla Firefox\firefox.exe|Browser
196BA53601000000
3644
firefox.exe
write
HKEY_CURRENT_USER\Software\Mozilla\Firefox\Launcher
C:\Program Files\Mozilla Firefox\firefox.exe|Telemetry
1
3644
firefox.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings
ProxyEnable
0
3644
firefox.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
SavedLegacySettings
4600000092000000010000000000000000000000000000000000000000000000C0E333BBEAB1D301000000000000000000000000020000001700000000000000FE800000000000007D6CB050D9C573F70B000000000000006D00330032005C004D00530049004D004700330032002E0064006C000100000004AA400014AA4000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000C0A8016400000000000000000000000000000000000000000800000000000000805D3F00983740000008000002000000000000600000002060040000B8A94000020000008802000060040000B8A9400004000000F8010000B284000088B64000B84B400043003A000000000000000000000000000000000000000000

Files activity

Executable files
0
Suspicious files
75
Text files
34
Unknown types
51

Dropped files

PID
Process
Filename
Type
3644
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\cert9.db-journal
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\53AD76E5F13EB3CD6F4A915B071978A8768260B1
txt
MD5: b3d45b0257633821bc2f6e882e11b1c0
SHA256: baafa35a0bb6dd1c66be531b16a9ed65642f8b2ed2445b02964c192b6e0629f1
3644
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\cert9.db
sqlite
MD5: 8d5d4e264f1105cdd6b7227c5aa3afdd
SHA256: 5a52f16fdca14f1faf8f9526a06ac905ebbb88ce8be5ed65b3cbdd2dda6956bf
3644
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\cert9.db
sqlite
MD5: a3d63e1f5e566889f88f163bcdffa11b
SHA256: ded5a992b893579ea4b828c7d17f8eb1b9f83673f46f6402393fcf3889566298
3644
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: b483c43e3626e73caa30c287504d92cd
SHA256: 05aee3ca487e56d64c205b46bc3c79fb65666ce06f8f3882cc64debb4911890f
3644
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs-1.js
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 2ae3471ece4190547598888d57db9e51
SHA256: 332e157fe6a947bad8a982778a7b40be5defb300a1c94260c6dfa674b131603f
3644
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\extensions.json
text
MD5: 9cf5e9e40b5f764838f42c8f2721957f
SHA256: ad9889206f043a9d31af59d6db2a74d9680930c009a560e8cd158bafa271af8f
3644
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\extensions.json.tmp
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\broadcast-listeners.json.tmp
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 8a2c1a675a19de177b8fdadcaf3ca1b0
SHA256: 26e7addf8cba892bf8bcd94d02f6c0db5729d4fe4a8a37dc1e5859719664b455
3644
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 6c40155326d63092e2cc13d040c48c7e
SHA256: 2dbb0d5a3eb70584d0ce1c7f20f9eea189a73d34dd372749f0c9f60b5ad48e7e
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-backup
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto.vlpset
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto-1.vlpset
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto.metadata
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto-1.vlpset
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.metadata
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.vlpset
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto.metadata
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto.vlpset
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto-1.vlpset
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-phish-proto.vlpset
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-phish-proto.metadata
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-phish-proto-1.vlpset
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite
sqlite
MD5: 0143f025a050e4c6f836b5ccb135ba97
SHA256: f588145a15883481a84548aa9a9840a9954e0d8e26a3e5c7a6b0c8fbc21c957b
3644
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite-wal
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite-shm
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\social-track-digest256.sbstore
binary
MD5: 3e1de68d2cb28095453a94cfd04ed4b9
SHA256: 540e836bcbbeb8f2bb9ce1e0a6f4aa2643bb9dfd63308f9ff196c4add8169790
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.vlpset
binary
MD5: 56d8a800c5b6f01bb432b088f1e6c7d6
SHA256: b44d2de74a25abc9535e42ece10493ea96ef1dd003fb277b16b8f8b04120ccf2
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\social-track-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.metadata
binary
MD5: a451b48f88a58b89bee46fef1810a3e9
SHA256: 625185f2caa2537ba0c05265df30c9fd23f96a2bd42745525239ecc36005ec7f
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-phish-proto.metadata
binary
MD5: 1b7e5680ab9412c01ff29fa9e4681502
SHA256: 724055b7a519535d211d7f38ce5ec4caaf0d91ec27c9b0c538c1e4968a324741
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto.metadata
binary
MD5: e84f0f287e42b10b086cc76d0cf0f6a2
SHA256: cc18e7d07766e479d74b644f761881cfe1c43e2df1d9a6ef25859e85a4846e67
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto.vlpset
binary
MD5: e6f4ef878796a846daf4382504b24db2
SHA256: 2c8fbb14894ead3317659025c446e07feea2f77a4828c3fe1c31e1431e3f6c83
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto.vlpset
binary
MD5: 3e85d7a0ce9a46fa735598958601be13
SHA256: 88409d24bcb3851af2993d9e3b29a3984d9f7daf823feb7a66fcaca70366bfb4
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto.metadata
binary
MD5: b2f470bc864acb72fce4409405d1948b
SHA256: f5b9bf76c5c516129fbb021deb8ea79fd66ced2452811fa2769eb3269ea47880
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\content-track-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\content-track-digest256.sbstore
binary
MD5: 9702c14e80e6dd390a450909a81d2c8f
SHA256: 92c485c737f5b403bcea9f344de23fd8a8f3ea3629b244f9499e8dad77f3d6d5
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\analytics-track-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\analytics-track-digest256.sbstore
binary
MD5: a9204496a61bae22a46f09c64f5ba714
SHA256: 60a19593c0b926880a1778634151338a24fdbf0b741396e279281c3ce4aa1c2d
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\ads-track-digest256.sbstore
binary
MD5: 95dfeb0dda5ded36de9cace11803ca4d
SHA256: 5d55af164cfb767c45ea754a98e696407a2b31f902bb2f4fbb212d566ab4c907
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\ads-track-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3644
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\2918063365piupsah.sqlite-shm
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite-shm
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1451318868ntouromlalnodry--epcr.sqlite-shm
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3561288849sdhlie.sqlite-shm
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache-child.bin
binary
MD5: bd09ae31284f5f39c9a1bcc966ee4992
SHA256: 5bff27b82aed4dfefa851620f78a7b6ce97825e32ddaa8e4f96b9bb950801760
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache-child-new.bin
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\urlCache.bin
binary
MD5: 28e9e92c2f95bd4dfa35215ecbce227b
SHA256: d574ae2d0002fe482f35f552c7f737dcb5600d0edd3ca1682f9411d1b7622735
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\urlCache-new.bin
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\broadcast-listeners.json
text
MD5: 87a46c8b2cb02a1a1b78bef6448f3f5e
SHA256: d9f12cc020d1ba8a754a64daf0baa55066b6f711967c32ff42b665958cc7279f
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\ads-track-digest256.pset
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\ads-track-digest256.sbstore
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\social-track-digest256.sbstore
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\social-track-digest256.pset
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\analytics-track-digest256.pset
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\analytics-track-digest256.sbstore
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\content-track-digest256.pset
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\content-track-digest256.sbstore
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-unwanted-simple.sbstore
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-unwanted-simple.pset
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-trackwhite-simple.sbstore
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-trackwhite-simple.pset
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-track-simple.sbstore
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-track-simple.pset
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-phish-simple.sbstore
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-phish-simple.pset
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-malware-simple.sbstore
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-malware-simple.pset
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-harmful-simple.sbstore
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-harmful-simple.pset
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-block-simple.sbstore
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-block-simple.pset
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozstd-trackwhite-digest256.sbstore
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozstd-trackwhite-digest256.pset
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozplugin-block-digest256.sbstore
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozplugin-block-digest256.pset
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-downloadwhite-proto.pset
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-downloadwhite-proto.metadata
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashsubdoc-digest256.sbstore
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashsubdoc-digest256.pset
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashallow-digest256.sbstore
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashallow-digest256.pset
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flash-digest256.sbstore
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flash-digest256.pset
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flashsubdoc-digest256.sbstore
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flashsubdoc-digest256.pset
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flash-digest256.sbstore
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flash-digest256.pset
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\base-track-digest256.sbstore
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\base-track-digest256.pset
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\allow-flashallow-digest256.sbstore
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\allow-flashallow-digest256.pset
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\67F9EAF0E696AA391AC2022F83D62F3CC36D2794
der
MD5: 6ef36f3f7e1c882554134000dda3157c
SHA256: 00d2169a46f65267f698ff99edda6ba7fdabbcf35227ab556e04953e184a040a
3644
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 5001baecc6c8463bf1d51aab7bb5aebd
SHA256: 098fd889059e7280427611bad507b79037d85f493e84ddc34e1cc616aeb5a18f
3644
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: af005f36eab620d83ad729bde88b4344
SHA256: b80849a916082e70c4275f5918675ca7c21cdff55ba21c3cb136f4cbd1958bcb
3644
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite-wal
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\F8761FB1B9A43DD547C8BACF6FAA5C82EFED2584
cer
MD5: 579d4932db1a4096fdd6d9c472b5865e
SHA256: 7a7117b85693152a1a2b4db4390900decd157242f715d59d309927afe972eb18
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\28CD555C8F67F41397D93F6119AF6A2902BC6057
binary
MD5: 78b881a44047e5502ca0d09c24858c5c
SHA256: bde053da01da47d44a54ffdcae3a909bb8fcd5bfba192eab4633afa8994d743e
3644
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\revocations.txt
text
MD5: cf59fbba88594e980d2efa14bdabfc40
SHA256: 5016ca6475337fe001866af2f1ad61fdd5bcf1374e8e27d16041b2a2209910eb
3644
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\revocations-1.txt
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\B0EE9FB06231955AF31564FDBCE69B18C9A0910D
cer
MD5: b93d8b26a06273ea26552225caf35751
SHA256: 8f6ac9c585c5c408348bd407e2329342981858c75354398cd8aef7f64d084309
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\A79ABE54000ADDC6EDAAB0417341A46E56F84C8A
binary
MD5: 1f84093d1be8ff8297401813a73bee8b
SHA256: 7e7020b7bbd57d882b531460b9842ee2e26129fc7fc04e477e99371f3c424640
3644
firefox.exe
C:\Users\admin\AppData\Local\Temp\mz_etilqs_iqDmWYx9f8GXBEE
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: cbb291fd8a90df36f75c6f73cdfa18fe
SHA256: 7d8244d2234434639511b8d735a95187f02f03491d9ea9c38a55e1b4b87a6ca7
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-harmful-simple.sbstore
binary
MD5: 051fb32dece757ba112ac36dc72e3a91
SHA256: 0806d98fb3de55f75d7c0b17e26146567e08c483031526659a4a35d09b97ef19
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-harmful-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-block-simple.sbstore
binary
MD5: e2cf527ca7550b7e7bdf7311e483a2c3
SHA256: f1e07b1d717433f47073dc54a7d98e3e87b3d0fa88e53466f93ea544af885d11
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-block-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3644
firefox.exe
C:\Users\admin\AppData\Local\Temp\mz_etilqs_xhIectkGBMxq0ZH
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 4eea86db51af8b499bcb7445a2d81cdd
SHA256: 3eb59f829640e2b6ddc6d61eb9bfab9ad8980c37ce94d9fc8d4c9bfc31f15ab7
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\F8761FB1B9A43DD547C8BACF6FAA5C82EFED2584
cer
MD5: 45839e306f531de3de2fa1651995901e
SHA256: 41bcf23b72626f17456c7e4ffe91b89db613ee457f61df99a97d2dd66b89bf48
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\6CA02F12E9B9A902AB1874867F8264943AFBDD17
binary
MD5: 1ef43a927edc88ae3ef347e2e9d11654
SHA256: 701e953c8cf9c6403a2edcabd16d5eb46abbd85655c4cbe3a6d07ad11125918b
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\F8761FB1B9A43DD547C8BACF6FAA5C82EFED2584
cer
MD5: 12d02c2508a41a76210e387dc45d49c8
SHA256: eda1040f957afae7b9f8b617dc73192df236662e0436f09dd06469048ec14e20
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\9A3EF8133F0FA6C3DE8D839A13E7E624CC01FBCC
binary
MD5: 2cd0d81cced6239a488bc4fb34a5e6b2
SHA256: 4889e3feca06180544b1da6b4785c809e23d8c95a1baf4931c7e2266ba6577bb
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\F8761FB1B9A43DD547C8BACF6FAA5C82EFED2584
binary
MD5: ef4800695c00bbee6639fb647872685b
SHA256: dc5415ab7814885683a4246dd84c53936462b1ad8e030722eb733e94180cafee
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\F5E9C4989CBEC6542F51879D88A6F50B07FE01DE
binary
MD5: 80ea586cf334f3e84461b882bbfa14c3
SHA256: db6804cc74164d2d0ad08b251ed37dedb9319256d37067f8291c5e3460d2e1ab
3644
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\cert9.db
sqlite
MD5: b3044adc9f5a1e27a96023755756c98e
SHA256: ea91a0199e42c23fbf36cdb2103dce49e2cf1a3e001159fb7a31dd099506d14a
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\D433872E1B2B77057DFAF539063A739C578FB4DC
binary
MD5: e6edda324f85381c43bb5624d4471d43
SHA256: cf397564ec46f093a043a96366d0adafa3e7f4ed7891be13d5a38cd0e19b8d9b
3644
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.jsonlz4
jsonlz4
MD5: e0706ac9f3665c261652d3db71da8ba8
SHA256: 3d00245011462e0c45c5da87abd974641e2c0547bc6e974b37e5225bf8450a95
3644
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.jsonlz4.tmp
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\previous.jsonlz4
jsonlz4
MD5: da5a84a2615e68822fa04e81e66ea403
SHA256: 1c43e3fbd8cf850c863bba57a263da38355b9021b4a9bcc9f1d59ecaf9841ce9
3644
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\search.json.mozlz4
jsonlz4
MD5: e228514ef4225e5d424d989c4900233b
SHA256: 238c876e69a82fa0204904d1905b929fd629d76be86f88258c6bacefd56b6c61
3644
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\search.json.mozlz4.tmp
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\A5D93CC48B83C8124FEB6A2E9448677EACA5BA86
binary
MD5: d147183c159d46da6a46c35654a0d426
SHA256: eedae6a5a3a7941a573cfacbf24b591173b1955431fae8b96334a1c8a73b356f
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\doomed\23662
binary
MD5: a57eac8c4e0d59d6d62c92b05e210c46
SHA256: ba0e89eca0b891a962786df3685c27588ad196a7c42c5218c3e2fa6873f31e89
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\A908F34B23DC59523787265DC54F32004C34AC32
mp3
MD5: 293afc783a5356396e1992cc1f30e9e9
SHA256: 0f4ec90bfd23be2e07741edde27c60cb8062662721afcf825c4945315a202479
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\103598574FF0C5BEE474E72487E416B8BC7F363C
der
MD5: 6a5329d40ad6dbcda88f91984da64ec0
SHA256: bc9d66b48f3cba1f1555e6ef190a7fb82acbc2077d70e1a9a50b0af14c88ddba
3644
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 35c631e841213f9cf86bbf8275e0023c
SHA256: 9e35119ad2742857977a228899a8d390fd8d15fb7ee117620f927b2b3a383b3a
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\66E5AF953871211165C2BE3C3BEA1CB61AF9542B
htm
MD5: 8b83c3686856eb0405b6a146e17adb2a
SHA256: 07f44224c6e0fe659f723a2ba1686229b772152f19b5caf69477b943ca7723ac
3644
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\addonStartup.json.lz4
jsonlz4
MD5: 65a8568f72fdf05a592210c52784c82a
SHA256: 353279aec0402d3777cd400ecfa22ece3e3e882cb1e57056965db44bd1306465
3644
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\addonStartup.json.lz4.tmp
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\38FE41FF6249DA7F9D57928049FA50C22F84293E
image
MD5: 3e2b2afb5d372d2f302262f23a5a2d74
SHA256: 94a76fba0f722a30cd918b30c020a79ecc0885e5d2f416ec5908077ef98dcd85
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\3D4B9EBC2F2B66BE23AF7D0BAFECE524B5C28920
txt
MD5: 6c00f2b4a7cd3b9884f95a707621048f
SHA256: ea17831f67c2a976c1e06fd4ec585e09de87339d0f8b7bd4c36d4be18f8349cc
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\0F61B6E02120C859FA74375B4828943F8FACCE11
binary
MD5: ced6c5ddf32e1a76986156d104ce4635
SHA256: 4dbea5b868004ed66ab51035a3b67569ca1938e9740f86b53f01d8fc76722fcc
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\EE197B20CAB0419D1C0BD23EE03034F880EDC296
image
MD5: 906c176705943ed7dfef9c4ef4ab67df
SHA256: f372cff3d25dacaa2c7c3b95f7be99623d9def23e239d5233dde10742bde8c4d
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\3428896C8A9132471F5989C455A8C13637750A24
image
MD5: c44fb7916a726cf9a410b6759749ec2b
SHA256: 93b2627a97988c831050195d5397cb62574433d0093d567f45f7880e917b5258
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\8B5FACAB687A192FC47CC5E08119F6C6DBD9EDC2
der
MD5: af5552f89a96088472f9c91be4546f8b
SHA256: 4b99cba0672182a9152b71e610c2907c66c518e9a66e18bb6c00942270225f8b
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\6D363E0249886424034F1BE59FAED037BB9F8F33
binary
MD5: 6af57ac5e4933ee087f14b4c13ee5964
SHA256: 9138621d5105baec4f7ce390dddf4f59c9a4e3a5ecc506bd8bd6f715220a61df
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\37E0B8CA25D02D3D97F718E18874328202C055FF
image
MD5: 5bda1bec0cdf002de87324186605f2ed
SHA256: e302a565464abdf364332ce66020fbe17440dd2617d3d2a77caeec25610a3ec5
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\9ADBD878E12319CA0515A50172FB1B33FB135DEF
image
MD5: adb9ca15c86c30df01ec46f301d1141e
SHA256: 26c25af24173d384ffaac004e6262effbaf0a43382a4f74e06749bdbca4d3b32
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\B4C9CE7269C23F7A0A6866321307D90E0C45BEF8
image
MD5: 6d68f1ff8a399c1cd0a8c4f9d521c7a4
SHA256: 3c08540ad1562daf2bef52d379ef4f863826167a923762144fc7c5385a754859
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\36095245BBA35A841A4DA601831B418B35ACE6AF
image
MD5: 977a3fb420d174eac2e2d1211b2f948a
SHA256: 681a0f17ce82a59c0430f97ee3d58345cb832c94337c004f75122e447101e8e6
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\21DC67F62F1D861543F869313A967B0FBFE041CC
image
MD5: 5c351c50631239bff9c1dab6cdf59d98
SHA256: a66b8f937244f92a0e17d281804d0428292937ee98c4d2cfb35856138ffa293b
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\676E214FD2CB4509A1156A975F9A23939A752971
image
MD5: afeaa27dfd33c1361237d54b18d3df22
SHA256: 30a88085ddd252c0dcd8554b3b3d909dd80f912417ec58ea9af347af265e75cd
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\67D8511C1463152B4BC3C13C55CB9178192764B4
image
MD5: ce2d7175446d98d0f8f72c5a76f31968
SHA256: ec402230b54ec6bd5dd9fb9ec86f9dc95376ffdfeceb0a99d8d5ed491a5b3f7f
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\70A88E3E20F00DA62F01304C3EBC78427A0F1E9A
image
MD5: 31be1b4f04a76c5a533f67d3feab3a75
SHA256: 6324ce44a1477e64b38740a4cee7a91de4c7356c8212580d0095bd54eef02257
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\1DA2FA050B87BCC4A5D641E428BD28ABB2767E70
image
MD5: a137cdadb00cd43566160f271cce5f1b
SHA256: 5a096dc33768647398fb7ed9af837054e4d1acfffad837b63704ebfd86ae66ee
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\7B4D181B88BC1BD08E6A5818EFF034F534637350
image
MD5: fa6e89b5b804e7a32ee42f2676430163
SHA256: 407fcaf7fd5efe802d3a542e46cdd7dea627f1da3bd990b43ab994485e077e93
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\C0A1F04A7C7FCA71BBC206151AEEFAF047CBEB79
image
MD5: 0426e58652f6e2b7b41922022ccb4825
SHA256: 594ecfe6d1aafd37858229593a983e3d62a8d9113806045e0758d0a12a7f967a
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\0E6EB0D051E869E0C8359F8DFF4C7143AAE1B0BC
binary
MD5: cb3e393739e7bf597ea944317797040a
SHA256: 788cca4f12892f7e807b41e9508526689aeee488cff0b9fdf1c2c4614a64b2fd
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\E691B44112E7FC2B17CBCA93F608FB8DD35B0C93
image
MD5: c6269064fc89d586fb972d6ecd169544
SHA256: bd2300dd182e1e5bf79f26b4e848ec899e28698c8322b0f9904e11b9af7af36b
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-block-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\FD2BCEE7D13F7D10CE5DD1C0DD95D0C2D2A44B3A
image
MD5: cfba97ec8f73a4cddc08b32c860e6604
SHA256: bba8fb1328aff07e7db7443b3ee96c410db2f435db28d66728fba49e49384a2d
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-trackwhite-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-trackwhite-simple.sbstore
binary
MD5: 65e942614eee70680464ac4be75019fc
SHA256: 34395085da32c8b4efe9959e3b0d756b43ffed17694d66f39b966cd331bd9a94
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-trackwhite-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\5F023446BD5AA854710F916B54EF62075FF5EED6
binary
MD5: 504b527b39c9615bfc95cc016e487732
SHA256: a53a3d23f1770ea32945146a6455334a23cdd9ae7e49ac874327cd672acd1e29
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\55EC7FDC1AAA97B6A1D708511AA1864CC7AD6709
binary
MD5: c5deddc445daa15f18ea0903734db494
SHA256: 55eedc65b3afecb129d4c07dfc3ac1f6572e15b656ce72bc89bad6fb44184f47
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\1D75C427CB172821E102E5A1E70483709235D32E
binary
MD5: c45b9153c0acbf3a3b821e6a8f75d934
SHA256: c1c57f526048e11a827915ad27de8be801e0d2098a1db30f853d21553ae2e218
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-track-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-track-simple.sbstore
binary
MD5: 95f28ede25c301301f25fbbd9a3c56ec
SHA256: 87763df78772f7d750b0fa5a31eec23e931fd3bd1cbb33beddfc61889da36478
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-track-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\2FBE2353347605B3B3DF72E033696F0C5DDCA73A
binary
MD5: c57d825257b97d3b1e6cfddcef8a569b
SHA256: 77a0b4ade2dc887017ff98ea3e9c169b1dde915f88fb69f1236fc5a4173cd3f8
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\A17B4426D2F39D730BBB8BA37CAB06F1C064CE95
binary
MD5: e4f3c4a34d85ba28ac770a1fe34e78f6
SHA256: d6888c4b832ad17301e5e00d07d6fccb3e9b39bd0c630b03a74291de0abb2829
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\846AEBFFBCE0C8FEEFA962FCC2F44779AFA74414
binary
MD5: 8c40c03ad993c84579a8f81a43b29770
SHA256: 0adeed6f1bf3af25f1c74a8fbe3b1b79f01b007f58079aef78fdb59f639dda1c
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\022A9D7CA4CC427B64473D43676F24D22793C47D
s
MD5: 6477aca927ac93e53878e1a8371ae2a6
SHA256: a5ad45d6a0137a48872684cb7ccc198dead44fc818bbe76b395c85f3d3a00dfe
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\82B171104C1AAF4F72A41C577436BEB76EEC34FF
binary
MD5: 318f9e5a57feb77ac41daf62d2e16f61
SHA256: 82878f8a78bdfde47bf16cdd1e80c46a36410672ea3e848873d08f0f0db3cd63
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-harmful-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\DF1612338F3411F4618D6650F732B7CCD68BE41F
binary
MD5: d29c87246dc5187c3290c20ea3438460
SHA256: 61207d572e9010ce3f161fb0e8cd1cbc6bcc8d77949405ee8fcbe549e6ddfd3b
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\74B8D977B8848E2F4A8DC3A80C534171588F64F6
compressed
MD5: ccfb2a153d395650640185e31dd68d40
SHA256: f56830ab07d0c4fb8501e28c504a5ffe060d1b9a44074ddf22f126a59ba0ad2e
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\84BDF0277B842CA3F69A8115FA2432A52E62508F
binary
MD5: b6145d7447766627e3cea9607b610d77
SHA256: dbb98738a2b79cb05f809877c8694e4da239b27a8e8e975374c844145f644713
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\C197F364872417B149A3BCB229A1559265F7582E
der
MD5: 5d317006d0fa11a34547ab8380915856
SHA256: 08cb007579fcdb6a32e7d4bd55e0433498fa09dcbe80d80aae58ebfc18e5f93c
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\DFD01B55745C1F620BAF0C49B1829A6645C08788
der
MD5: d77eaa8b2785830b23bb2566bc8e0e46
SHA256: df5df4ccb6898fbe5e56121babe48759782fb542554a5091d9c888b9ca49fa96
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-unwanted-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-unwanted-simple.sbstore
binary
MD5: a5695cc64d77967232b0c1344c6e72b3
SHA256: 042a22b8681d754671d2018ba109b31a53ee3728d48c6379043f8e3394e7fbad
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-unwanted-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\3F94E39E3F3842999A1086CF471B5A61BDC8FAC8
s
MD5: 918285bfe2d440ca8013f7789ee34d5a
SHA256: d25b88bfdaa6a46faf5f38e485767172a0a356fe74f339848702c3c1becf8ca3
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-phish-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-phish-simple.sbstore
binary
MD5: 3d1ce5e50208f0cb3b979186043a548f
SHA256: 1e13d05d482c3d533dc6035af2b2d6e84749412a5748d1435b70cec8b312340b
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-phish-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\D1E8BD43EB1BDF6D5B7B5BF45AFA04E1F5798AED
binary
MD5: eb0623b3b7512562f1ebaeaa9f3a5335
SHA256: 8a07cab71e947009a877f043ef2ce263e5775ff5ddf560f029afa7194151f854
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\417FCC16DC2D75513230F19AA699B3AC9F1253FA
s
MD5: 2ad653056c491ccbe40bf56e9360baa0
SHA256: d18dc6d990739fcfbb770866f9a338e8ba6a290780b17b5d8d2697640f424401
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\9C5A5C421ED36661756B1343D380B0EEFB40E2D3
binary
MD5: 75697a865844a68efe419bf2df8ac8a0
SHA256: 7eea15beb5987a6fa4919f9bfcdf5720ab3f81a7bfe3ba483a861ed63e0fd14f
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\B9FAEBE834A00AA8B2C3A31EF26C6126272EFD64
binary
MD5: 95bef8282248de00b91c30ad5b117cee
SHA256: 7dde5b4f010c6bb72f19854165feb1db29807ed8caa1d84b0c1209dbd768f193
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\4756692950682FE4D580B20923195FAB7AD468EE
binary
MD5: f72a595b9d382d748267fc47f8256d5d
SHA256: a981bd5af7f82ffbb994b9a82655260b5652695c63778e3e1ce85fbda2daf01f
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-malware-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\F4356449361C08BB75F8694718868DA922683E8E
s
MD5: 4ec48a248d60e627737eb8345da3fc42
SHA256: bcbb4e493df2857b752827909a5f54e720c49690bd6c15c3310e803638bc1646
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\DC6396FF74EB6ECDC7A2C8E6F09039828315BA2D
binary
MD5: 8e5636bc845c56563e1940c08ab250be
SHA256: 77c473dfcd17e5f1821be0fae82057630794f08471151acddae78cae83a890ac
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\B1ABC73A29AB5BC02B2804DC9C139E1846C017EE
s
MD5: a5af53e8d1a5a59bbc7e4fb0ba290de6
SHA256: 6e92624de007cc7c4d981fc48bd92c71fbc2441a8b730f52e233e6c8bbfc639b
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-malware-simple.sbstore
binary
MD5: 3675254e341df799d4307c1f59109185
SHA256: 23d108134bed6099793f7dd6b8b6e62081ec3b945efdbc7c5e0e779fd9b82f98
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-malware-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\53AD76E5F13EB3CD6F4A915B071978A8768260B1
txt
MD5: 7f73edc520d71b1fa53bcb9fe261a822
SHA256: 3fbb9a1bc0c72741cb9fcf8933104fd6ef70b4300263fdfe0573ac1ef0d9f38a
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozstd-trackwhite-digest256.sbstore
binary
MD5: 2ad4445da23a8e50d667c09150cf1876
SHA256: c1550f9dc8f675c7ff2c896ee91c839e4e2b243e759d71c128521c17f53e91b1
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozstd-trackwhite-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozplugin-block-digest256.sbstore
binary
MD5: d6acf2573e12afdd7939568804d3fcc1
SHA256: 5525cbf8f8dc41d19ac632ed324e55293a510ae0eeba16d0e3f33c707aa58a0c
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.metadata
binary
MD5: 6ee2fe4d5c3460929a4eec3138d76e8e
SHA256: 1bd0d3301b97fe608243e61c8fa114cc1ae9b69c0622a10cafe5cc1814df3b7a
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozplugin-block-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.vlpset
binary
MD5: d9e28d043d05a069ac7962f181a05337
SHA256: efbb9ada8e5f662779444e4de88ce944036b7c73d61acfb70239f809dd153aa1
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-phish-proto.metadata
binary
MD5: f57521d4d31b44fbbb74ba8f2441f52f
SHA256: fd6f2adcf2bce0ac48f15b6a67110e24ec8d24a566422512df2269f2cfac7a0d
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto.vlpset
binary
MD5: 8996548565a96f6ba34bc8317fb4f09e
SHA256: f760f51c58a91fcc264b8d27f610372ad510209eae6d0911e0ac236e7405fdc8
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto.metadata
binary
MD5: c0ff29e2429d6a67594d829b166b9d0b
SHA256: a8ab69af442ae86af43f2a3bf22b91341377be23874762de01e3e71ef08f0318
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-downloadwhite-proto.pset
binary
MD5: 7655fffe7cfbe1ebf96afea5fe2e1376
SHA256: ff2f663c4e453706b7817109f6a43e8b3389e8cfb1b7d64aace2bfba45f3a359
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-downloadwhite-proto.metadata
binary
MD5: 498dae4e538658a57f464748f2dabfda
SHA256: 8778f52cd9cb4f4787bf7ba18006d212f8c3004652d163f7786556a8eef3a067
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto.vlpset
binary
MD5: 93fdf288da71b455cfcb53f9e78add2a
SHA256: 017ed2622f8e5e1d72df4bc872bcf81ccfea9681aede1afdc7f3ddac800b0cf5
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto.metadata
binary
MD5: b4d69f529bf6d261075d04c6a5c56158
SHA256: 2794c0426aa721104df6a8615d57a251af30a79865cc69e369ed41cae4ea4ee8
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashsubdoc-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashsubdoc-digest256.sbstore
binary
MD5: ba0009932844173bc8f9af264229df24
SHA256: 66d1c00c04d86e313e9a02775cdf906b1be8d4cd6bef423a1b9e21cc4e9f50c1
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashallow-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashallow-digest256.sbstore
binary
MD5: 6f85bc4b2ecb49e26b0bd83a821065d0
SHA256: c0b3bc9b3dc507ab654caf72d13c3aefa58c9b13b1e4d14dd8816712d80a7e54
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flashsubdoc-digest256.sbstore
binary
MD5: 04824a1f92353f43ebb9e7f74b7476fd
SHA256: b48e58ebab82e4c376f16150a3fff850c1111ff1f5985d68819cfd6f0db159d2
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flash-digest256.sbstore
binary
MD5: c921d8e98fa01b4f303481e112202e92
SHA256: 4ef1038730ec8bc7206713c29a936768831b922c5e6c83355fd62d7401d8c1dc
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flash-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flashsubdoc-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flash-digest256.sbstore
binary
MD5: 0e8fe60ccd7e9b4c32589a5743a95302
SHA256: 2b124d4026850a3cffd28dbacb58aec28f7dcd4d40bc14e52bbe96d60ce4e749
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flash-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\base-track-digest256.sbstore
binary
MD5: 4a1220fc03e11726f09e9981834345db
SHA256: 6ae7fc0fdbe217104f4034bf6a580a461106b50309abccff6e309124dca5ef39
3644
firefox.exe
C:\Users\admin\AppData\Local\Temp\mz_etilqs_hkV5GdvbjwsKpuI
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\60FE854E82FC29C0438A27CD9052E9A69CF28539
ini
MD5: 5763386f9cfe423bc9a53700542eb1b9
SHA256: 93d300b2d3a23462272dae58390187647af0bfd65d921f01f40aa0c00509cfa9
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\base-track-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\allow-flashallow-digest256.sbstore
binary
MD5: d886a47c89d9c49c795da345bc236990
SHA256: a03c5e2656d2f292bf5794c8eeb8d223cd6ba4f4bfb2ed1f325460e879d0bcf7
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\allow-flashallow-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\doomed\19271
binary
MD5: e2ad220e176539d8470f5661a7777caa
SHA256: 48f6f4550310d8a7a573960035008a92744fd448be98fc836612c5e9c5e51938
3644
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3561288849sdhlie.sqlite-shm
binary
MD5: b7c14ec6110fa820ca6b65f5aec85911
SHA256: fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb
3644
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite-shm
binary
MD5: b7c14ec6110fa820ca6b65f5aec85911
SHA256: fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb
3644
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 14fb8b8275db0b91b91d466ef641298f
SHA256: 001a9090f0998e4702476c9404e09d3f9f352364dce93c648f4b26fee2ea0e7f
3644
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\search.json.mozlz4
jsonlz4
MD5: 6d378e0d40b6eaca22c8bce899a1c5c1
SHA256: ada2467b2477aceff837ac7820c435ad1ebbe844b2da31c7ab9ae8d010c7a639
3644
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionCheckpoints.json
text
MD5: c4ab2ee59ca41b6d6a6ea911f35bdc00
SHA256: 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2
3644
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionCheckpoints.json.tmp
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite-shm
binary
MD5: b7c14ec6110fa820ca6b65f5aec85911
SHA256: fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb
3644
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1451318868ntouromlalnodry--epcr.sqlite-shm
binary
MD5: b7c14ec6110fa820ca6b65f5aec85911
SHA256: fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb
3644
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\2918063365piupsah.sqlite-shm
binary
MD5: b7c14ec6110fa820ca6b65f5aec85911
SHA256: fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb
3644
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionCheckpoints.json
text
MD5: ea8b62857dfdbd3d0be7d7e4a954ec9a
SHA256: 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da
3644
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 354459382f30b8994109c88659dfa1f3
SHA256: e3e8e2b7e7eeca231620d83c70fa5a926e8b9ce74c51f595f71191dc0b50527e
3644
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs-1.js
text
MD5: 354459382f30b8994109c88659dfa1f3
SHA256: e3e8e2b7e7eeca231620d83c70fa5a926e8b9ce74c51f595f71191dc0b50527e
3644
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\cookies.sqlite-shm
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache-current.bin
––
MD5:  ––
SHA256:  ––
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache-child-current.bin
binary
MD5: 5027177f513cdae07db2330e1ded5934
SHA256: 0c53f16051e738287a4612f68e296238087627e594cfd6ddfa1fecc2e998328b
3644
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\urlCache-current.bin
binary
MD5: de9496aca551ade408ef6466a11833a1
SHA256: 8f9c7fdb3e0bc01024e43a8e242468fc4dd4f74c725e32a883571635203dc10a

Find more information of the staic content and download it at the full report

Network activity

HTTP(S) requests
44
TCP/UDP connections
36
DNS requests
81
Threats
46

HTTP requests

PID Process Method HTTP Code IP URL CN Type Size Reputation
3644 firefox.exe GET 200 2.16.186.50:80 http://detectportal.firefox.com/success.txt unknown
text
whitelisted
3644 firefox.exe GET 302 104.28.15.23:80 http://logicalgold.club/?u=1gnpae3&o=0lpkqzc&t=mw4m&cid=27s0rp1jp1bgqdn07seoo1 US
html
suspicious
3644 firefox.exe GET 200 104.28.15.23:80 http://logicalgold.club/.well-known/http-opportunistic US
text
suspicious
3644 firefox.exe GET 200 185.89.102.8:80 http://prize1810.simplerdr188.life/4086881658/?u=1gnpae3&o=0lpkqzc&t=mw4m&cid=27s0rp1jp1bgqdn07seoo1&f=1 UA
html
suspicious
3644 firefox.exe GET 200 185.89.102.8:80 http://prize1810.simplerdr188.life/media/mainstream/dk/wap/mobsurvey/bootstrap.min.css UA
text
suspicious
3644 firefox.exe GET 200 185.89.102.8:80 http://prize1810.simplerdr188.life/media/mainstream/dk/wap/mobsurvey/font-awesome.css UA
text
suspicious
3644 firefox.exe GET 200 185.89.102.8:80 http://prize1810.simplerdr188.life/media/mainstream/dk/wap/mobsurvey/main.css UA
text
suspicious
3644 firefox.exe GET 200 185.89.102.8:80 http://prize1810.simplerdr188.life/media/mainstream/dk/wap/mobsurvey/modernizr-2.6.2-respond-1.1.0.min.js UA
html
suspicious
3644 firefox.exe GET 200 185.89.102.8:80 http://prize1810.simplerdr188.life/media/mainstream/jquery.js UA
text
suspicious
3644 firefox.exe GET 200 185.89.102.8:80 http://prize1810.simplerdr188.life/media/mainstream/dk/wap/mobsurvey/jquery-ui.min.js UA
text
suspicious
3644 firefox.exe GET 200 185.89.102.8:80 http://prize1810.simplerdr188.life/media/mainstream/dk/wap/mobsurvey/dk-en.js UA
text
suspicious
3644 firefox.exe GET 200 185.89.102.8:80 http://prize1810.simplerdr188.life/media/mainstream/dk/wap/mobsurvey/returnDate.dk.js UA
text
suspicious
3644 firefox.exe GET 200 185.89.102.8:80 http://prize1810.simplerdr188.life/util/utils-ms.js UA
text
suspicious
3644 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
whitelisted
3644 firefox.exe GET 200 185.89.102.8:80 http://prize1810.simplerdr188.life/media/mainstream/us/wap/mobsurvey/logo1.js UA
text
suspicious
3644 firefox.exe GET 200 185.89.102.8:80 http://prize1810.simplerdr188.life/media/mainstream/us/wap/mobsurvey/logo2.js UA
text
suspicious
3644 firefox.exe GET 200 185.89.102.8:80 http://prize1810.simplerdr188.life/media/mainstream/us/wap/mobsurvey/comment.js UA
text
suspicious
3644 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
whitelisted
3644 firefox.exe GET 200 185.89.102.8:80 http://prize1810.simplerdr188.life/media/mainstream/en/wap/confetti/confetti.js UA
text
suspicious
3644 firefox.exe GET 200 185.89.102.8:80 http://prize1810.simplerdr188.life/media/mainstream/dk/wap/mobsurvey/bootstrap.min.js UA
text
suspicious
3644 firefox.exe GET 200 185.89.102.8:80 http://prize1810.simplerdr188.life/media/mainstream/dk/wap/mobsurvey/main.js UA
text
suspicious
3644 firefox.exe GET 200 185.89.102.8:80 http://prize1810.simplerdr188.life/media/mainstream/js.cookie6_pure.js UA
text
suspicious
3644 firefox.exe GET 200 185.89.102.8:80 http://prize1810.simplerdr188.life/media/mainstream/bbms.js UA
text
suspicious
3644 firefox.exe GET 200 185.89.102.8:80 http://prize1810.simplerdr188.life/media/mainstream/exit_ms.js UA
text
suspicious
3644 firefox.exe GET 200 185.89.102.8:80 http://prize1810.simplerdr188.life/media/mainstream/js1.js UA
text
suspicious
3644 firefox.exe GET 200 185.89.102.8:80 http://prize1810.simplerdr188.life/media/mainstream/dk/wap/mobsurvey/logo_f01.png UA
image
suspicious
3644 firefox.exe GET 200 185.89.102.8:80 http://prize1810.simplerdr188.life/media/mainstream/dk/wap/mobsurvey/s10.png UA
image
suspicious
3644 firefox.exe GET 200 185.89.102.8:80 http://prize1810.simplerdr188.life/media/mainstream/dk/wap/mobsurvey/img1.jpg UA
image
suspicious
3644 firefox.exe GET 200 185.89.102.8:80 http://prize1810.simplerdr188.life/media/mainstream/dk/wap/mobsurvey/img2.jpg UA
image
suspicious
3644 firefox.exe GET 200 185.89.102.8:80 http://prize1810.simplerdr188.life/media/mainstream/dk/wap/mobsurvey/img3.jpg UA
image
suspicious
3644 firefox.exe GET 200 185.89.102.8:80 http://prize1810.simplerdr188.life/media/mainstream/dk/wap/mobsurvey/img4.jpg UA
image
suspicious
3644 firefox.exe GET 200 185.89.102.8:80 http://prize1810.simplerdr188.life/media/mainstream/dk/wap/mobsurvey/img5.jpg UA
image
suspicious
3644 firefox.exe GET 200 185.89.102.8:80 http://prize1810.simplerdr188.life/media/mainstream/dk/wap/mobsurvey/img6.jpg UA
image
suspicious
3644 firefox.exe GET 200 185.89.102.8:80 http://prize1810.simplerdr188.life/media/mainstream/dk/wap/mobsurvey/img7.jpg UA
image
suspicious
3644 firefox.exe GET 200 185.89.102.8:80 http://prize1810.simplerdr188.life/media/mainstream/dk/wap/mobsurvey/img8.jpg UA
image
suspicious
3644 firefox.exe GET 200 185.89.102.8:80 http://prize1810.simplerdr188.life/media/mainstream/dk/wap/mobsurvey/img9.jpg UA
image
suspicious
3644 firefox.exe GET 200 185.89.102.8:80 http://prize1810.simplerdr188.life/media/mainstream/dk/wap/mobsurvey/img10.jpg UA
image
suspicious
3644 firefox.exe GET 200 185.89.102.8:80 http://prize1810.simplerdr188.life/media/mainstream/dk/wap/mobsurvey/img11.jpg UA
image
suspicious
3644 firefox.exe POST 200 195.138.255.16:80 http://ocsp.int-x3.letsencrypt.org/ DE
binary
der
whitelisted
3644 firefox.exe GET 200 185.89.102.8:80 http://prize1810.simplerdr188.life/media/mainstream/us/wap/mobsurvey/ff.png UA
image
suspicious
3644 firefox.exe GET 404 185.89.102.8:80 http://prize1810.simplerdr188.life/favicon.ico UA
html
suspicious
3644 firefox.exe POST 200 172.217.16.131:80 http://ocsp.pki.goog/gts1o1 US
binary
der
whitelisted
3644 firefox.exe GET 200 185.89.102.8:80 http://prize1810.simplerdr188.life/media/mainstream/alert.mp3 UA
mp3
suspicious
3644 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
whitelisted

Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID Process IP ASN CN Reputation
3644 firefox.exe 104.28.15.23:80 Cloudflare Inc US suspicious
3644 firefox.exe 2.16.186.50:80 Akamai International B.V. –– whitelisted
3644 firefox.exe 52.26.8.178:443 Amazon.com, Inc. US unknown
3644 firefox.exe 35.166.229.101:443 Amazon.com, Inc. US unknown
3644 firefox.exe 143.204.97.178:443 US unknown
3644 firefox.exe 35.166.89.106:443 Amazon.com, Inc. US unknown
3644 firefox.exe 104.28.15.23:443 Cloudflare Inc US suspicious
3644 firefox.exe 185.89.102.8:80 LLHost Inc UA suspicious
3644 firefox.exe 93.184.220.29:80 MCI Communications Services, Inc. d/b/a Verizon Business US whitelisted
3644 firefox.exe 13.225.78.107:443 US unknown
3644 firefox.exe 185.50.248.72:443 LLHost Inc RO unknown
3644 firefox.exe 195.138.255.16:80 AS33891 Netzbetrieb GmbH DE suspicious
3644 firefox.exe 13.225.78.106:443 US unknown
3644 firefox.exe 172.217.22.42:443 Google Inc. US whitelisted
3644 firefox.exe 172.217.16.131:80 Google Inc. US whitelisted
3644 firefox.exe 54.149.19.17:443 Amazon.com, Inc. US unknown
3644 firefox.exe 143.204.101.101:443 US unknown
3644 firefox.exe 34.210.145.79:443 Amazon.com, Inc. US unknown
3644 firefox.exe 13.224.196.120:443 US unknown

DNS requests

Domain IP Reputation
logicalgold.club 104.28.15.23
104.28.14.23
suspicious
detectportal.firefox.com 2.16.186.50
2.16.186.112
whitelisted
a1089.dscd.akamai.net 2.16.186.112
2.16.186.50
whitelisted
search.services.mozilla.com 52.26.8.178
52.36.193.139
34.210.145.79
whitelisted
search.r53-2.services.mozilla.com No response whitelisted
autopush.prod.mozaws.net No response whitelisted
push.services.mozilla.com 35.166.229.101
whitelisted
snippets.cdn.mozilla.net 143.204.97.178
whitelisted
d228z91au11ukj.cloudfront.net No response unknown
tiles.services.mozilla.com 35.166.89.106
52.11.24.67
52.33.232.96
34.210.204.38
52.10.184.57
52.24.113.72
52.33.147.163
52.35.186.10
whitelisted
tiles.r53-2.services.mozilla.com No response whitelisted
prize1810.simplerdr188.life 185.89.102.8
suspicious
ocsp.digicert.com 93.184.220.29
whitelisted
cs9.wac.phicdn.net No response whitelisted
firefox.settings.services.mozilla.com 13.225.78.107
13.225.78.71
13.225.78.9
13.225.78.55
whitelisted
d2k03kvdk5cku0.cloudfront.net No response whitelisted
tdsjsext1.com 185.50.248.72
suspicious
ocsp.int-x3.letsencrypt.org 195.138.255.16
195.138.255.24
whitelisted
a771.dscq.akamai.net 195.138.255.24
195.138.255.16
whitelisted
content-signature-2.cdn.mozilla.net 13.225.78.106
13.225.78.78
13.225.78.8
13.225.78.104
whitelisted
safebrowsing.googleapis.com 172.217.22.42
whitelisted
d2nxq2uap88usk.cloudfront.net 13.225.78.104
13.225.78.8
13.225.78.78
13.225.78.106
whitelisted
ocsp.pki.goog 172.217.16.131
whitelisted
pki-goog.l.google.com No response whitelisted
support.mozilla.org 34.209.95.119
34.213.134.214
whitelisted
firefox.com 63.245.208.212
unknown
www.firefox.com 63.245.208.212
unknown
prod-tp.sumo.mozit.cloud No response malicious
www.facebook.com 185.60.216.35
whitelisted
e11847.g.akamaiedge.net No response whitelisted
www.youtube.com 216.58.206.14
216.58.207.78
172.217.16.174
216.58.208.46
172.217.16.142
172.217.22.46
172.217.16.206
172.217.18.110
172.217.23.174
172.217.21.206
216.58.205.238
172.217.21.238
172.217.22.14
172.217.18.14
172.217.18.174
172.217.23.142
whitelisted
star-mini.c10r.facebook.com 185.60.216.35
whitelisted
www.ebay.de 2.18.234.244
whitelisted
youtube-ui.l.google.com No response whitelisted
www.wikipedia.org 91.198.174.192
whitelisted
www.reddit.com 151.101.1.140
151.101.65.140
151.101.129.140
151.101.193.140
whitelisted
dyna.wikimedia.org 91.198.174.192
whitelisted
reddit.map.fastly.net No response whitelisted
www.mozilla.org 104.16.41.2
104.16.40.2
whitelisted
www.mozilla.org.cdn.cloudflare.net 104.16.40.2
104.16.41.2
whitelisted
shavar.services.mozilla.com 54.149.19.17
52.88.59.72
52.33.61.229
35.165.44.141
54.148.248.23
35.164.3.68
whitelisted
shavar.prod.mozaws.net No response whitelisted
tracking-protection.cdn.mozilla.net 143.204.101.101
143.204.101.95
143.204.101.56
143.204.101.88
whitelisted
d1zkz3k4cclnv6.cloudfront.net 143.204.101.88
143.204.101.56
143.204.101.95
143.204.101.101
whitelisted
aus5.mozilla.org 13.224.196.120
13.224.196.79
13.224.196.62
13.224.196.88
whitelisted
balrog-cloudfront.prod.mozaws.net 13.224.196.88
13.224.196.62
13.224.196.79
13.224.196.120
whitelisted

Threats

PID Process Class Message
–– –– Potentially Bad Traffic ET INFO Observed DNS Query to .life TLD
–– –– Potentially Bad Traffic ET INFO Observed DNS Query to .life TLD
–– –– Potentially Bad Traffic ET INFO Observed DNS Query to .life TLD
3644 firefox.exe Potentially Bad Traffic ET INFO HTTP Request to Suspicious *.life Domain
3644 firefox.exe Potentially Bad Traffic ET INFO HTTP Request to Suspicious *.life Domain
3644 firefox.exe Potentially Bad Traffic ET INFO HTTP Request to Suspicious *.life Domain
3644 firefox.exe Potentially Bad Traffic ET INFO HTTP Request to Suspicious *.life Domain
3644 firefox.exe Potentially Bad Traffic ET INFO HTTP Request to Suspicious *.life Domain
3644 firefox.exe Potentially Bad Traffic ET INFO HTTP Request to Suspicious *.life Domain
3644 firefox.exe Potentially Bad Traffic ET INFO HTTP Request to Suspicious *.life Domain
3644 firefox.exe Potentially Bad Traffic ET INFO HTTP Request to Suspicious *.life Domain
3644 firefox.exe Potentially Bad Traffic ET INFO HTTP Request to Suspicious *.life Domain
3644 firefox.exe Potentially Bad Traffic ET INFO HTTP Request to Suspicious *.life Domain
3644 firefox.exe Potentially Bad Traffic ET INFO HTTP Request to Suspicious *.life Domain
3644 firefox.exe Potentially Bad Traffic ET INFO HTTP Request to Suspicious *.life Domain
3644 firefox.exe Potentially Bad Traffic ET INFO HTTP Request to Suspicious *.life Domain
3644 firefox.exe Potentially Bad Traffic ET INFO HTTP Request to Suspicious *.life Domain
3644 firefox.exe Potentially Bad Traffic ET INFO HTTP Request to Suspicious *.life Domain
3644 firefox.exe Potentially Bad Traffic ET INFO HTTP Request to Suspicious *.life Domain
3644 firefox.exe Potentially Bad Traffic ET INFO HTTP Request to Suspicious *.life Domain
3644 firefox.exe Potentially Bad Traffic ET INFO HTTP Request to Suspicious *.life Domain
3644 firefox.exe Potentially Bad Traffic ET INFO HTTP Request to Suspicious *.life Domain
3644 firefox.exe Potentially Bad Traffic ET INFO HTTP Request to Suspicious *.life Domain
3644 firefox.exe Potentially Bad Traffic ET INFO HTTP Request to Suspicious *.life Domain
3644 firefox.exe Potentially Bad Traffic ET INFO HTTP Request to Suspicious *.life Domain
3644 firefox.exe Potentially Bad Traffic ET INFO HTTP Request to Suspicious *.life Domain
3644 firefox.exe Potentially Bad Traffic ET INFO HTTP Request to Suspicious *.life Domain
3644 firefox.exe Potentially Bad Traffic ET INFO HTTP Request to Suspicious *.life Domain
3644 firefox.exe Potentially Bad Traffic ET INFO HTTP Request to Suspicious *.life Domain
3644 firefox.exe Potentially Bad Traffic ET INFO HTTP Request to Suspicious *.life Domain
3644 firefox.exe Potentially Bad Traffic ET INFO HTTP Request to Suspicious *.life Domain
3644 firefox.exe Potentially Bad Traffic ET INFO HTTP Request to Suspicious *.life Domain
3644 firefox.exe Potentially Bad Traffic ET INFO HTTP Request to Suspicious *.life Domain
3644 firefox.exe Potentially Bad Traffic ET INFO HTTP Request to Suspicious *.life Domain
3644 firefox.exe Potentially Bad Traffic ET INFO HTTP Request to Suspicious *.life Domain
3644 firefox.exe Potentially Bad Traffic ET INFO HTTP Request to Suspicious *.life Domain
3644 firefox.exe Potentially Bad Traffic ET INFO HTTP Request to Suspicious *.life Domain
3644 firefox.exe Potentially Bad Traffic ET INFO HTTP Request to Suspicious *.life Domain
–– –– Potentially Bad Traffic ET INFO Observed DNS Query to .cloud TLD
–– –– Potentially Bad Traffic ET INFO Observed DNS Query to .cloud TLD
3644 firefox.exe Potentially Bad Traffic ET INFO HTTP Request to Suspicious *.life Domain
3644 firefox.exe Generic Protocol Command Decode SURICATA STREAM ESTABLISHED invalid ack
3644 firefox.exe Generic Protocol Command Decode SURICATA STREAM Packet with invalid ack

3 ETPRO signatures available at the full report

Debug output strings

No debug info.