General Info

URL

https://chocolatey.org/packages

Full analysis
https://app.any.run/tasks/0e4a16d0-2c9c-4512-9528-09f4dac4170f
Verdict
Malicious activity
Analysis date
4/15/2019, 10:37:51
OS:
Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Indicators:

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distored by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

Software environment set and analysis options

Launch configuration

Task duration
60 seconds
Additional time used
none
Fakenet option
off
Heavy Evaision option
off
MITM proxy
off
Route via Tor
off
Network geolocation
off
Privacy
Public submission
Autoconfirmation of UAC
on

Software preset

  • Internet Explorer 8.0.7601.17514
  • Adobe Acrobat Reader DC MUI (15.023.20070)
  • Adobe Flash Player 26 ActiveX (26.0.0.131)
  • Adobe Flash Player 26 NPAPI (26.0.0.131)
  • Adobe Flash Player 26 PPAPI (26.0.0.131)
  • Adobe Refresh Manager (1.8.0)
  • CCleaner (5.35)
  • FileZilla Client 3.36.0 (3.36.0)
  • Google Chrome (73.0.3683.75)
  • Google Update Helper (1.3.33.23)
  • Java 8 Update 92 (8.0.920.14)
  • Java Auto Updater (2.8.92.14)
  • Microsoft .NET Framework 4.6.1 (4.6.01055)
  • Microsoft Office Access MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Access Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Excel MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office OneNote MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Outlook MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office PowerPoint MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Professional 2010 (14.0.6029.1000)
  • Microsoft Office Proof (English) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (French) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (Spanish) 2010 (14.0.6029.1000)
  • Microsoft Office Proofing (English) 2010 (14.0.6029.1000)
  • Microsoft Office Publisher MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Single Image 2010 (14.0.6029.1000)
  • Microsoft Office Word MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (9.0.30729.6161)
  • Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (10.0.40219)
  • Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (12.0.30501.0)
  • Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (14.15.26706.0)
  • Microsoft Visual C++ 2017 x86 Additional Runtime - 14.15.26706 (14.15.26706)
  • Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.15.26706 (14.15.26706)
  • Mozilla Firefox 65.0.2 (x86 en-US) (65.0.2)
  • Notepad++ (32-bit x86) (7.5.1)
  • Opera 12.15 (12.15.1748)
  • Skype version 8.29 (8.29)
  • VLC media player (2.2.6)
  • WinRAR 5.60 (32-bit) (5.60.0)

Hotfixes

  • Client LanguagePack Package
  • Client Refresh LanguagePack Package
  • CodecPack Basic Package
  • Foundation Package
  • IE Troubleshooters Package
  • InternetExplorer Optional Package
  • KB2534111
  • KB2999226
  • KB976902
  • LocalPack AU Package
  • LocalPack CA Package
  • LocalPack GB Package
  • LocalPack US Package
  • LocalPack ZA Package
  • ProfessionalEdition
  • UltimateEdition

Behavior activities

MALICIOUS SUSPICIOUS INFO

No malicious indicators.

No suspicious indicators.

Reads CPU info
  • firefox.exe (PID: 2660)
Application launched itself
  • firefox.exe (PID: 2660)
Creates files in the user directory
  • firefox.exe (PID: 2660)

Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report

Screenshots

Processes

Total processes
35
Monitored processes
5
Malicious processes
0
Suspicious processes
0

Behavior graph

+
start firefox.exe firefox.exe no specs firefox.exe firefox.exe firefox.exe
Specs description
Program did not start
Integrity level elevation
Task сontains an error or was rebooted
Process has crashed
Task contains several apps running
Executable file was dropped
Debug information is available
Process was injected
Network attacks were detected
Application downloaded the executable file
Actions similar to stealing personal data
Behavior similar to exploiting the vulnerability
Inspected object has sucpicious PE structure
File is detected by antivirus software
CPU overrun
RAM overrun
Process starts the services
Process was added to the startup
Behavior similar to spam
Low-level access to the HDD
Probably Tor was used
System was rebooted
Connects to the network
Known threat

Process information

Click at the process to see the details.

PID
2660
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" https://chocolatey.org/packages
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
Parent process
––
User
admin
Integrity Level
MEDIUM
Version:
Company
Mozilla Corporation
Description
Firefox
Version
65.0.2
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\kernel32.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\kbdus.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\psapi.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\wbem\wbemprox.dll
c:\windows\system32\wbemcomn.dll
c:\windows\system32\wship6.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\winsta.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\wbem\wbemsvc.dll
c:\windows\system32\wbem\fastprox.dll
c:\windows\system32\ntdsapi.dll
c:\windows\system32\mscms.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\wpc.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\samcli.dll
c:\windows\system32\samlib.dll
c:\windows\system32\netutils.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\audioses.dll
c:\windows\system32\d2d1.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\wininet.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\iertutil.dll
c:\program files\mozilla firefox\softokn3.dll
c:\windows\system32\sspicli.dll
c:\program files\mozilla firefox\freebl3.dll
c:\progra~1\mozill~1\nssckbi.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\explorerframe.dll
c:\windows\system32\duser.dll
c:\windows\system32\dui70.dll
c:\windows\system32\actxprxy.dll
c:\program files\adobe\acrobat reader dc\reader\acrord32.exe

PID
300
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2660.0.561162642\1705982507" -parentBuildID 20190225143501 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - "C:\Users\admin\AppData\LocalLow\Mozilla\Temp-{ce348e4c-7d33-445e-89f9-60108c51bcaf}" 2660 "\\.\pipe\gecko-crash-server-pipe.2660" 1132 gpu
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
No indicators
Parent process
firefox.exe
User
admin
Integrity Level
MEDIUM
Version:
Company
Mozilla Corporation
Description
Firefox
Version
65.0.2
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\mf.dll
c:\windows\system32\atl.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\dxva2.dll
c:\windows\system32\evr.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\wship6.dll
c:\windows\system32\wshqos.dll

PID
1332
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2660.6.891118953\2101905713" -childID 1 -isForBrowser -prefsHandle 1612 -prefMapHandle 1620 -prefsLen 1 -prefMapSize 180950 -schedulerPrefs 0001,2 -parentBuildID 20190225143501 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 2660 "\\.\pipe\gecko-crash-server-pipe.2660" 1752 tab
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
Parent process
firefox.exe
User
admin
Integrity Level
LOW
Version:
Company
Mozilla Corporation
Description
Firefox
Version
65.0.2
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\wship6.dll
c:\windows\system32\mscms.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\audioses.dll
c:\windows\system32\wpc.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\samcli.dll
c:\windows\system32\samlib.dll
c:\windows\system32\netutils.dll
c:\program files\mozilla firefox\softokn3.dll
c:\program files\mozilla firefox\freebl3.dll
c:\program files\mozilla firefox\mozavutil.dll
c:\program files\mozilla firefox\mozavcodec.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\mf.dll
c:\windows\system32\atl.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\dxva2.dll
c:\windows\system32\evr.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\msmpeg2vdec.dll
c:\windows\system32\slc.dll
c:\windows\system32\sqmapi.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\mp3dmod.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\msmpeg2adec.dll

PID
3064
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2660.13.2031516601\1865538374" -childID 2 -isForBrowser -prefsHandle 2592 -prefMapHandle 2596 -prefsLen 216 -prefMapSize 180950 -schedulerPrefs 0001,2 -parentBuildID 20190225143501 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 2660 "\\.\pipe\gecko-crash-server-pipe.2660" 2608 tab
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
Parent process
firefox.exe
User
admin
Integrity Level
LOW
Version:
Company
Mozilla Corporation
Description
Firefox
Version
65.0.2
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\wship6.dll
c:\windows\system32\mscms.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\audioses.dll
c:\program files\mozilla firefox\softokn3.dll
c:\program files\mozilla firefox\freebl3.dll
c:\windows\system32\wpc.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\samcli.dll
c:\windows\system32\samlib.dll
c:\windows\system32\netutils.dll

PID
2476
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2660.20.1471137289\1578781100" -childID 3 -isForBrowser -prefsHandle 3352 -prefMapHandle 3356 -prefsLen 5824 -prefMapSize 180950 -schedulerPrefs 0001,2 -parentBuildID 20190225143501 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 2660 "\\.\pipe\gecko-crash-server-pipe.2660" 3488 tab
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
Parent process
firefox.exe
User
admin
Integrity Level
LOW
Version:
Company
Mozilla Corporation
Description
Firefox
Version
65.0.2
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\wship6.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\mscms.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\audioses.dll
c:\windows\system32\wpc.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\samcli.dll
c:\windows\system32\samlib.dll
c:\windows\system32\netutils.dll

Registry activity

Total events
527
Read events
525
Write events
2
Delete events
0

Modification events

PID
Process
Operation
Key
Name
Value
2660
firefox.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings
ProxyEnable
0
2660
firefox.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
SavedLegacySettings
4600000071000000010000000000000000000000000000000000000000000000C0E333BBEAB1D301000000000000000000000000020000001700000000000000FE800000000000007D6CB050D9C573F70B000000000000006D00330032005C004D00530049004D004700330032002E0064006C000100000004AA400014AA4000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000C0A8016400000000000000000000000000000000000000000800000000000000805D3F00983740000008000002000000000000600000002060040000B8A94000020000008802000060040000B8A9400004000000F8010000B284000088B64000B84B400043003A000000000000000000000000000000000000000000

Files activity

Executable files
0
Suspicious files
80
Text files
44
Unknown types
41

Dropped files

PID
Process
Filename
Type
2660
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\crashes\store.json.mozlz4.tmp
––
MD5:  ––
SHA256:  ––
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-trackwhite-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
2660
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 9c2df8b4efa5625a01063078015b6ce5
SHA256: 10f3ff0ac9a165293c3938c967392b28361cb324f1635e7d5b083442a8edfb65
2660
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs-1.js
––
MD5:  ––
SHA256:  ––
2660
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
sqlite
MD5: 8ad3779291169288a161d1bae31031c2
SHA256: 399c075ad10ef48e2f841993f61d96b1d1920bcbb9944c59680a264a61f3cfd5
2660
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite-shm
––
MD5:  ––
SHA256:  ––
2660
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite-wal
––
MD5:  ––
SHA256:  ––
2660
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 8678cdbd8fa7ba4f560f701ac15442e5
SHA256: c7b328467248502e11d674f7c9dc51257fe4425bfc5fb91e245f15c2871d3396
2660
firefox.exe
C:\Users\admin\AppData\Local\Temp\mz_etilqs_D0bPZHh6vqOHJf7
––
MD5:  ––
SHA256:  ––
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\491F289AD0B37F176E82D588C95524BD549E78FD
cer
MD5: a92aa118ca09e6935c350e120781d5a0
SHA256: e3d98df3548dc3005db06f3f662cf3384ad1759d56c97739c74610ece060dda6
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\D00A688072D5E651DFCBF1F615D0FF8CC68B8989
binary
MD5: 0e6967fb509d347fd467f2250e65adde
SHA256: fcf3af7c46d4444914c8022402fdb4844f7cc9b55eecbf931996be71ef5e620b
2660
firefox.exe
C:\Users\admin\AppData\Local\Temp\mz_etilqs_ZZx0kfxISdMPgZ8
––
MD5:  ––
SHA256:  ––
2660
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\revocations.txt
text
MD5: 7c6486e0e286739cb3bf14195b438d6a
SHA256: d3311f69feb662b1fe2a600c2fd4f7f3e3709d5a7af85a8259c88b80cea9841e
2660
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\revocations-1.txt
––
MD5:  ––
SHA256:  ––
2660
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 691ea7f9dbbc477e1032dd4eaf939737
SHA256: 072ed0ac3f7702f5b13ae64fb381cfd482cb4e0fd6379cb0683f0ea983784599
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\EAD4A64A0AF73119D9717809EB7339F0DEB17892
cer
MD5: ee87c86226a59387c0c896f6a8c2543c
SHA256: 517d3ccf7a2a43029cca969df1a67b5c0d157a902ade50d4e639928f794bf8fc
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\B8469062C8B9A5098D81A620DCDEBD69BE523333
binary
MD5: 2638396cbb485ac4449e1ce92567faaa
SHA256: 40b0af138e3a861056776fceacaf9471310afecf43dc7b198aa7a5e6f8ee64ef
2660
firefox.exe
C:\Users\admin\AppData\Local\Temp\mz_etilqs_Y1PoCE9xUUC5Nzy
––
MD5:  ––
SHA256:  ––
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\1E137CDCFC633D2DB96378E90D07058F8E2DD90C
cer
MD5: c432dee50a6be10a8f6488c0e0e54a6b
SHA256: 61409c68622d52ab160dc7b79afd85c88937992f7d1e6d03410424fce4b3b5dd
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\DE23B389EB6A29BF74711D30F79F0B21683DA2B7
binary
MD5: 56ec75d05b35baaed5ffd9b155f85e5a
SHA256: 941e122743eb0742e6d6b84138b689aed81fc5b004beab8b14f37c3f58069902
2660
firefox.exe
C:\Users\admin\AppData\Local\Temp\mz_etilqs_bdIIZgkta2x2MAG
––
MD5:  ––
SHA256:  ––
2660
firefox.exe
C:\Users\admin\AppData\Local\Temp\mz_etilqs_QAGvzAl15ofquTg
––
MD5:  ––
SHA256:  ––
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\1E137CDCFC633D2DB96378E90D07058F8E2DD90C
cer
MD5: 8d0199284037df4e5f04d27b9a3eecda
SHA256: e60d39290e1cc4fc04b6a343162e5e5b15586dbfcdcca3b60052223ee98c9f8a
2660
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 3d28120e498158ab08cd52b4a9ae57a0
SHA256: 299c0b7e4cd3a3843b448791c8d3c29d6cce8ca91f7a152db3074e7a37ba93d4
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\A62DAA8951D1736AA922A207513B2B70D523ABAF
binary
MD5: 8e0f167883d6f13628cbbf5d50638f9d
SHA256: 3544e868160fea8c662a739d32c130d64d3cc314e6bf4355089e404a7c0d56bf
2660
firefox.exe
C:\Users\admin\AppData\Local\Temp\mz_etilqs_rKOYl09HvJNndsU
––
MD5:  ––
SHA256:  ––
2660
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite-wal
binary
MD5: 14a798737c776743d3d5337bfb243e90
SHA256: 42419785d7b0fd7db1345fb66ad59aba5b5d27b95a0c304bbddb9794504fc131
2660
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
sqlite
MD5: 0d91bc2ff768ca8e51b03c35fa7e21a6
SHA256: dc17fbad0278bfc4ba6a8d59414ff575976925d8e67edfa4e81953a43174a1f6
2660
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite-journal
––
MD5:  ––
SHA256:  ––
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\2B8FB3A7C1E8990CE64886D66718692D2B2ED2BC
binary
MD5: 4c8c0d6eb191a69c4dad8b140f3945f2
SHA256: 98c6280467b8e726166f5b8da8200d25128116451d9ca72d010e1be11833fe5c
2660
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.jsonlz4
jsonlz4
MD5: 4bf9958bd4c7eb3344c13ae866674664
SHA256: 75bb1ac6a7b45721de7c54bb1575d0e9829102545df6079e2d7d5dd5b6c88473
2660
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.baklz4
jsonlz4
MD5: f80df4620909d6e4e3c4225ab4989a0d
SHA256: ee445855da22984b86a510858886d48e2e762dcb94e9d22441035636762c396d
2660
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.jsonlz4.tmp
––
MD5:  ––
SHA256:  ––
2660
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite
sqlite
MD5: 2eda9f6f4ee03cd2819f8f53b65fd7a4
SHA256: 9a893ebb819c02198365d6f18e484ef869c63e8ecfe7b82d2fe75dcefda7e3ef
2660
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite-shm
––
MD5:  ––
SHA256:  ––
2660
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite-wal
––
MD5:  ––
SHA256:  ––
2660
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1451318868ntouromlalnodry--epcr.sqlite-shm
––
MD5:  ––
SHA256:  ––
2660
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\2918063365piupsah.sqlite-shm
––
MD5:  ––
SHA256:  ––
2660
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3561288849sdhlie.sqlite-shm
––
MD5:  ––
SHA256:  ––
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache-child.bin
binary
MD5: c2ba7ccd62f1dcc8c790f61d36f3e11d
SHA256: 333ebb87526e4136b6a71f09f35791dfcab1f536b59ebd7fca0d26ac203b8a93
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache-child-new.bin
––
MD5:  ––
SHA256:  ––
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache-new.bin
––
MD5:  ––
SHA256:  ––
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache.bin
––
MD5:  ––
SHA256:  ––
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\urlCache.bin
binary
MD5: 76e6a6bc71416a77e720407c1d401c48
SHA256: c78a7fbf5c7b244ff23f9015f5be4164f975af001bf076a582f60969dcc2097c
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\urlCache-new.bin
––
MD5:  ––
SHA256:  ––
2660
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 89529ec396bd549458ce6c9d9040806a
SHA256: 5f2d85749737a582b3364708f9657f29cd8d8660714de89280a7f95765b9c665
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating
––
MD5:  ––
SHA256:  ––
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing
––
MD5:  ––
SHA256:  ––
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-backup
––
MD5:  ––
SHA256:  ––
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozstd-trackwhite-digest256-1.sbstore
––
MD5:  ––
SHA256:  ––
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\base-track-digest256.pset
––
MD5:  ––
SHA256:  ––
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\base-track-digest256.sbstore
––
MD5:  ––
SHA256:  ––
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\base-track-digest256-1.sbstore
––
MD5:  ––
SHA256:  ––
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.pset
binary
MD5: 579ce464847a8c0ead8a4d5c92b559c4
SHA256: 3d37097da2a7093a5089bf31b3d8f211d4615777199e08ba0b2bc10877fece87
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.metadata
binary
MD5: 8534d788e4ea79a478676e0dc403c04e
SHA256: 10b5a3e0218adb0e22d47a4a5115fae92c604ea0c197326bc82607a32e8c9b7b
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-phish-proto.pset
––
MD5:  ––
SHA256:  ––
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-phish-proto.metadata
binary
MD5: c1b61553a7fe0e00c52398676ae648f9
SHA256: a6ba63606e411f4bf3059200f47965d1cd7edcc544b7512a39a39338c6c04b0a
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto.pset
binary
MD5: c8425ad6a8f974e112b8ae1b9ce6994b
SHA256: a9dc6f7af09844482159fde3b7ef395af44d848385f13cb543fa9258748b2776
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto.metadata
binary
MD5: e3a8fbe2e994dc9f471e0d405a71caaf
SHA256: e86da6af23f407311aa89851d71e716d2f5fe38e8126f5a1859c6c787d7cacaf
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto.pset
binary
MD5: ba235f07b417b17bf0649113659b0f3e
SHA256: c30612b376264fe81270c63bc176431474e96bd3c7d36c0916c32a975285b9ba
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto.metadata
binary
MD5: b4d509fc336cff796fe3e625065267ed
SHA256: e50c3bf89be46931a1a6d536dbdacd6a3fb3b4efcd431f6a4451a41cfd880bc8
2660
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 02b2434bea855d9eaf05793923f83796
SHA256: a1f941f9e11c6954bcb612431c3f6de396e7237a959496d783d3bc5aef2cabeb
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\D8C9091FADB1D926D218905422942342283981B3
der
MD5: 0ef422fc629f167af1a21433b196c7f1
SHA256: 2297913319d3d298597a546ad90bfd5010a84fd5337a57c9560b20b650a3213a
2660
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\permissions.sqlite-journal
––
MD5:  ––
SHA256:  ––
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-trackwhite-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-trackwhite-simple.sbstore
binary
MD5: 65e942614eee70680464ac4be75019fc
SHA256: 34395085da32c8b4efe9959e3b0d756b43ffed17694d66f39b966cd331bd9a94
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-block-simple.sbstore
binary
MD5: e2cf527ca7550b7e7bdf7311e483a2c3
SHA256: f1e07b1d717433f47073dc54a7d98e3e87b3d0fa88e53466f93ea544af885d11
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-block-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\B2D65EE14ED1EB19E1A3B4C871D8C24A13F52918
binary
MD5: 71a35982d850cef332820271aaf0c699
SHA256: 604734ab26dd7f426794937f9d2843835cd79cb3db18dad122c545da471c8e59
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\8D5D00A939C63E3B35D03EBA6CD6BB3B4F122B08
compressed
MD5: 83ff6806a34da08ff9656e26158bbbf2
SHA256: ee52d5cf166d194041b9af86e6deb525faed2fc5e5c944a547319cb95595b505
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\789B8B77BF46F55C6EAD0BC86CF027FEA6B69868
compressed
MD5: df8f269aae7b9ed2c24472996ae8f9f8
SHA256: 18ccaf234dc793fd8fb65a9a3170eadd1f16169330e8e21a61d3ff00334e38db
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\25D9FE4CEA5B58770648CDAF3242ACDE286A6CBF
binary
MD5: 07d46aa17b6794610dcc9f77b3f42cc7
SHA256: 6e577f1d8d69355fdc0b505d839dab3da2504af21eb83fe0efaed3fc35e9bd10
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\A85C9E82F201A597C4A67D25F2169A8EC9C724D3
binary
MD5: 4a27370d710d66f5c40e7de87f7f0792
SHA256: 6e70faa119f889c972abcacd5ed29b4f40cd72050e19a8f6c2e47e363de4642d
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\25218EE79CFF5F3AC18C58CFDF44A674E3560C47
binary
MD5: 46d7b94fa022c7f0c0d4ce1e7387a825
SHA256: 54565ff412e82c65c9e0e00b92c25ffa2372e9e5ab34e314527ecea081f05389
2660
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.jsonlz4
jsonlz4
MD5: f80df4620909d6e4e3c4225ab4989a0d
SHA256: ee445855da22984b86a510858886d48e2e762dcb94e9d22441035636762c396d
2660
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\previous.jsonlz4
jsonlz4
MD5: 52e8bc6c145ebbc19b7a267158131fdf
SHA256: d9109ee83aa0203116411da7674ea657ba4a6a506bf9631127b76afd42bfea27
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\006309EAFFD4653F45B69F09BF6F930B6C5B394C
html
MD5: d95fb2a7e46da59e5ea94f82749b642f
SHA256: 14df2f3f58486c8a02a27f71f4789f7d3d80a0ed67c4142bf98d328c94cd9f72
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\354B93116F8C0CF2FA6B50A06AF4E0E2C51AA988
compressed
MD5: 869c87ef9571af9cd0053d6850d6af86
SHA256: e2b857587a9bfc550e5d47a78448492815cce895c7b1fc1e161bbba5a0f44be4
2660
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\addonStartup.json.lz4
jsonlz4
MD5: 7337d087ec76e87a76778b4eec5e8e63
SHA256: aa4398d1716aadeb35a4ddddc4e7d2429c71defd15cb45401938889f5b2f05e0
2660
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\addonStartup.json.lz4.tmp
––
MD5:  ––
SHA256:  ––
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\19AE0F43DA3528C6C3423A49A8C88E2268C93A9F
compressed
MD5: 45db707b0edb0bb5c8b99d8cb4b1cf60
SHA256: 3268182e72b633047e42792fe948669700c0237c75c28445e1678a4fd011cf9e
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\5D09941964FACEE57982A03FA8F832CFFBF7C277
compressed
MD5: 8669472aa6c3d43525f2f92bacec656d
SHA256: f68997bb9fea8b99bd96641944e5dfd19a213665150d2a0a3c43c62a3981f2da
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\8D5D00A939C63E3B35D03EBA6CD6BB3B4F122B08
compressed
MD5: a45dcf2b4479e45b4b29d7cdd4f797a4
SHA256: c88d0fc90588d00e18f44a47c7bc4a14ac0c4142d0f224e314852c6d36ab84ee
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\BB319A0128D54E796EA0665147737CDF4A80E944
der
MD5: 0016ed29f8b480aa0fc0c9e43ee2a88d
SHA256: 8615c9a5f8568fbc16381d3a4496510a418c4f7962b293de96baa6dc5b54aeca
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\B57A727F881EF5A0010F37049D1A570ED4E67934
compressed
MD5: a23409a0e0cb3029ef9ec0641fe8e05a
SHA256: a65b3062567521c862369f2737680012b7056166217876372685b7c7ffa8574c
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\E51241949C3DA714AD8BDA5A32D3C234B6AA1AA0
compressed
MD5: c8af371837556caaf419384a9a2abc82
SHA256: f30ad4cac15aacad5eeb5bb9d44db5213c143509cd750733a1eaf5b181083c5a
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\25BA5C2B3FD98507850409FC3A4FD981B4B57A95
compressed
MD5: ba10cd31ca293b66bec3707e61b0b0d2
SHA256: c8a6444b89c18654515ad249ac04c3900477a9f3e20326ec5925b83a3c640ed6
2660
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\cert9.db
sqlite
MD5: 587f97b3e75bbae896880010ae023bdd
SHA256: ee7484db29c8ebeaaa6ab7d1706ba9116b0ea9599ae9eb2174c1a7722ccade0a
2660
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\cert9.db-journal
––
MD5:  ––
SHA256:  ––
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\50A00E2DBB610C541A30A04711814369A710F781
der
MD5: 0a4758db2cb65c791972d3112e799ba1
SHA256: a9b7db8627a3ced13552da3fe06e872265ea566594615fb993753988f88c2104
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\7BA009141CB3B55D28F5AB25B9C70C33E243DA52
compressed
MD5: 818a7205862626442f3fd94e5f4bfc0d
SHA256: 8f239d7bfe7ac1a3003ca4f3a2afdbad51853127a9b6fa052fef80290ac54cfe
2660
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\search.json.mozlz4
jsonlz4
MD5: 4abc39c9d050575533dea2cefc3ec471
SHA256: 23aca6b0362ef1c87c244674f2a7998136765f37465973427a3d1be7e86fa244
2660
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\search.json.mozlz4.tmp
––
MD5:  ––
SHA256:  ––
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\152D678C534964AC2A823BFA4CA70743AD8831D5
image
MD5: b4e342e5e8bc71ff581d4722b6ec3ada
SHA256: 4aaf23db520ef7ee2fd0ef4ae7d355d6c621e436e766818dd12f9497ed38a387
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\491AA59119B6B3F4B76E45D8C02D04E61B11C1F8
image
MD5: c685e57f72990662330db2c6c7772392
SHA256: e5b44911e57bfcd63886108fecc91427453036a79e1347076ad62fe6bc384201
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\8DB4BCE7A8AEF94B803D64ED7C5C540DEA413276
image
MD5: 6c24eab2be34e6ee2db26601e2cf616d
SHA256: 4cddbd410c3b8bfc079fc0143f9fcba69bd295325c4c5e3a8992b9d0d0bfab17
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\913272CEE329DDB0D7999F85977328070548954F
image
MD5: b6a59c41e27e1e401cc3b242fe3f0ea3
SHA256: 99357d7d75ae94356e5e1025c705dde7be04d7c91683169b2bb81ad25a7cdf88
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\F80771030211C4E49E89070F9754B935C1A24E9E
image
MD5: ab290bcd81cf5bc243458088a3f1cc97
SHA256: 1309ae5a968c7ff1ecccda5142b8076c3777bc8dc4d881438b9c6dd3a24b119a
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\7177D9EAAE9678DFA55E0CFC99FD6A371F87C831
image
MD5: c25217a686e97d2946a0928d28436657
SHA256: 95c42d54468fa9ecb8cf2975c1afd19f2ef8bdb46db2542a60f23895803a6e7c
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\0F6BF9917A37C6640B87F5E35200C383F014D355
binary
MD5: 950a1f905e3815128daa56d4bff3c4fc
SHA256: dcf79911aa7544bff00e124e4a3d7991e6c9d4cc1f45ab41e3f6d499a97dd8be
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\5D57A4547386AF36BED182D2C2C810A6F4D2A1E7
compressed
MD5: 206f0ff8e199d76befb2b694a7aba6a4
SHA256: 8b45c2e8184113bddc24bee85101e2da31241cff55fb3a6ec3b3cb0683a8fc50
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-block-simple.sbstore
––
MD5:  ––
SHA256:  ––
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-block-simple.pset
––
MD5:  ––
SHA256:  ––
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-block-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\B597DA2E9B2D181DF7F2FB8D2BAEC133C8DBA0A3
compressed
MD5: 419dbd49eac6393e38555fb63a1e93ba
SHA256: e809e37c58d3243b54bb112434cac28dd7c7c7b0bdd57b50012b74fb0b388536
2660
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\crashes\store.json.mozlz4
jsonlz4
MD5: a6338865eb252d0ef8fcf11fa9af3f0d
SHA256: 078648c042b9b08483ce246b7f01371072541a2e90d1beb0c8009a6118cbd965
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-trackwhite-simple.pset
––
MD5:  ––
SHA256:  ––
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-trackwhite-simple.sbstore
––
MD5:  ––
SHA256:  ––
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-track-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-track-simple.sbstore
binary
MD5: 95f28ede25c301301f25fbbd9a3c56ec
SHA256: 87763df78772f7d750b0fa5a31eec23e931fd3bd1cbb33beddfc61889da36478
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-track-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-unwanted-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-harmful-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\18252F9080FBFF076CF8D8101E3E14307016CBDB
der
MD5: 4b9bf0c59f173d93f92de14053ab3fa4
SHA256: 125a237e87c45cfb2e511572e592e3491f2b28511c994dd69ffd451ee67433ff
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-harmful-simple.sbstore
binary
MD5: 051fb32dece757ba112ac36dc72e3a91
SHA256: 0806d98fb3de55f75d7c0b17e26146567e08c483031526659a4a35d09b97ef19
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-unwanted-simple.sbstore
binary
MD5: a5695cc64d77967232b0c1344c6e72b3
SHA256: 042a22b8681d754671d2018ba109b31a53ee3728d48c6379043f8e3394e7fbad
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-unwanted-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-harmful-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-phish-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-phish-simple.sbstore
binary
MD5: 3d1ce5e50208f0cb3b979186043a548f
SHA256: 1e13d05d482c3d533dc6035af2b2d6e84749412a5748d1435b70cec8b312340b
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-malware-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-phish-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\5F48DD1070FAD8360BDB26A01C8DA8DF85CBFCAD
ini
MD5: 9a2514dfc747d93d2716ae6a3bc4ef05
SHA256: 1ec52ccb284e9dbbd7c957d1298a409474751373fc1b92ee74d028481c6e952a
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-malware-simple.sbstore
binary
MD5: 3675254e341df799d4307c1f59109185
SHA256: 23d108134bed6099793f7dd6b8b6e62081ec3b945efdbc7c5e0e779fd9b82f98
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-malware-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\7CEF038B663A8CABD801E568D18724E13FD409DE
image
MD5: f2162640aaf16b2386428d4032280332
SHA256: 45239fba79229be43b240b8bca03f77c15eecddd3959ca034102e8a5172963d5
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\783712F435ED356418310CF208761EA1C2FB1550
der
MD5: 01d4a36376101c2ed45ecdd50c47c500
SHA256: eb14e6e88f2666d7e16200f41236e2af5760fe5a22ef21729c23c9e91c9a940f
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\507920DF7BD79A362C6D1EAAEB6CBBBA4895066E
compressed
MD5: 84b881eb9116a4d15c65b5f503b07879
SHA256: 7dd8ce32cde70f3dbaa3f608881946c4274029f2e1f102ca3bda6badef81e570
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\1294C58B93304CE95D9C2AB7BECB5858B4AF233F
image
MD5: 10489e994fd80d8128a2c60a079f472d
SHA256: 3b093da438c29d9829a4661ca054f233d3924a7e987c383c9abe3d1dda120edd
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\93D5CB1F2E7BDED688909E512C0616971CD25BB7
image
MD5: e8c42184a2edb70e8d90e700a2b13d86
SHA256: 9b77bff71259c2f229ca3a03bae2ba0a10e93231288f722eb48b83d41b2e5007
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\34D263EC17AA7CE807BC106DCBEFFD6EAD8E376E
image
MD5: 46c1710a9792052cacb959305b16d64c
SHA256: 72a46c45b4ccd5c605aa8b650249a85ac4228130d4ab55ad0d77ea019687369d
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\6074E6AAE918A38D0C33F0A2AAE3FF020A11CCC8
compressed
MD5: 7f21f07ee049bcc9a497295b038e2c8a
SHA256: c35311316f6a2c65af8216356c51173c46f9c640136ea8e2dd141877e8273bcf
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\F2809D6F91A2FFF3CFD03841D6107CC0B252FF0C
image
MD5: 7fd076de2538bf11a4beaea325aed7f9
SHA256: 0fed6c3751bb3a470895f4b911ba71b3e4bbf5d1ee12e65097c9d121940ff19b
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\8E20E00CA94446B0B16EF52C5832DCCB60800517
compressed
MD5: 79c40e9837274f2731b660665ae89567
SHA256: 5fec8d58332fc1804707018c6597e1bfd8d716035de5d5eb74f96bdef7102e06
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\CE3F02201C028BBB531CD94560C37418FF7B072F
image
MD5: 01d69619fba43b15948340feb50037e0
SHA256: 33f782032f11f36cdd87255a74b82f5d01de7f39a64cd93d99bf78cdcde41f81
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\2DEFB4CCF98B85BD4A19A2E520B3EE361E285A79
image
MD5: 3c68b79c1eb45c4b73fdda7aa42c508e
SHA256: c3fed26c283cadd5e188c7893c3e3726ed2c0210504b5813a910fa0967fc25c1
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\DFBE7966D9FABC4C854191ABF408A753A5B5CD98
image
MD5: ee178cf0c2c6df698a113121c758d0b4
SHA256: 1bb988760361b3191e0ddd6ace5b54b50041c565f06ff21fbd6273e2908396b2
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\6D8DF34CABF12A8513973820C039C1A7B48B69B1
compressed
MD5: 2e784d4a266d7f918930f697dc6c6ae0
SHA256: a388a4bfc3a378b22f33571e73e0d20d19f5cd3727877b186b6eddaa86fe4cef
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\B827DC11BEF0EB5FAF8EF014E724F87735E2E9E0
image
MD5: 4558976a9cb25c87a905723bcdf59745
SHA256: c3c887e8481c2692fa58c30b4fce06cad5b0ef7bce59005785b0d86f48c25b28
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\6465242B5CF9172C76EDA73EEF904DF742D7E482
image
MD5: 70a99be05a7753b74aa7913afd9a4c85
SHA256: b43f036eed0841bec494ab5eeef25cf9acfbb6817a8aa5b98f0a60faf5aa08c0
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\BC68577D5DDD951207A687EAE506A37E69AD3411
compressed
MD5: 5c003d2ad059bd99898a47fff91d5e5f
SHA256: 4f053da8b7956a7945a1c572248d37702a6ae5e99ed82e8d8df369f6c9af5394
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\26686E4658447A8904AA472A59272D581B6815EA
compressed
MD5: 76a255ef66b1a75584d09d51eb9cb71e
SHA256: 96a8b7748bfda37125f74d4d8b565ebe0ed512d62878f9905a028c860e77c027
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\2CC336B316F72D9CDA4A8CCEDB1DA9ED8271A7BE
compressed
MD5: 5dfeb1526be115d96c2496944af4e638
SHA256: 12a1ca60f9bcb2ac8804a020aa207f851bb99b894d2370bb18fc6e94f68714d6
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\DF8E6DCFC9BECBD5BE595FB4D250E422364C66B7
compressed
MD5: 92f87404e14374ebfa37a0f87313a125
SHA256: 868e42f7254942fd411a2dfc8c2b4c3e3c3d17d014aeccaaa2e16acc0bad38bb
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\5A70F4FDFF3BAFE99B45E3DE139608FAC287CE35
image
MD5: 3ba6e00c13bb410b44c7be958bc901e2
SHA256: 09225388cc900c66691786fde826dae60927acea4aefdc0e02a91e43dfdb0e33
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\0040E4CD421E781A1EA22686A46556BB66B7B27A
image
MD5: 51cbcc439047ce4551a4804fe01f5d1f
SHA256: 80d7df4be55181dda10b92630a3e34282f9398cc41e02a51cfb22408d35935ea
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\E3A159F44474B34D0D3E592695F829945D337360
compressed
MD5: 57140fa87f96920ea6ccc29f66f979c6
SHA256: 2f6c0c88669eef64c83f9581d9c27ed1d348e755e668df0c76a1accbbdbdcaff
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\3951728101018CCB07F5608023457A446F6FE74C
image
MD5: a28fd1533fecd301effb312d9c6c0c1a
SHA256: daa1953504d4388a84e873a4e5c0a584793317957b17377b93f4f99b9db3990c
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\CD764E02A83FDE9BED46AE4864326D67F3A4541E
image
MD5: 612f6dcb647d4a8be1ee661633b33735
SHA256: c4abe1fad24062f95f1a4b358fba17a982712382e82cd8ac4931c6ffd30ebe47
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozstd-trackwhite-digest256.sbstore
binary
MD5: d772261ff33497d3681e094f23282ffe
SHA256: 8ee76fa11d5a67f0c93766da3b1ac0c942020afba15b55a8750a896292cf4dce
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozstd-trackwhite-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.pset
binary
MD5: 72e2352f7976b0dd90f2a68047493b8c
SHA256: e0d74336b6c041b6087a697dd7f65fa1da7ea035e202e3d977cc6a7e5bdc13a8
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\CF53FC5B045537B5335570E1E510D7E8745BEC2D
compressed
MD5: d2725853cab5d4b9353bf430d19de432
SHA256: 2f1403ce534ad7f06d6143c5a3f7099375aa24933ef254a2f2635aaa1625c6a2
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\1FF695579B69D7AFEADB5BA859ECAD2A58D3915F
image
MD5: 9ad27a774c7830a336129907384a7ff8
SHA256: 74ed20b2207bfadf20d242d4f129ae7afd11e595ca57fa7649c0fa83bd5760ea
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\69AC9323FDF3F649BF118D6B75CEEDD90C090A77
compressed
MD5: d9ae6f5f54b1566b09ea7ebac76a37d1
SHA256: 0ab0708e5b812f7c9c424c8df8a86fb3284ee995abd4eafd2ffc5a1dddb7b18b
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozplugin-block-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\7844B13E6B349078721E3839C14677D2974E0810
image
MD5: 83076056e60e8569208f4bdfe7b107e4
SHA256: 78824836d3b4bf6906a2b98b6ddd6c5b312e524eb1e9cd468b1fbc8a3872274e
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\7750D6E99AA91EF1C7BA6B169B46E684CBAEC769
image
MD5: 70e7c6df51358a318cb248e109e0fd15
SHA256: 8deeb8f6266632b17f9679a60bea4732eaa2cc5c1d6fd42e477105455846d243
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozplugin-block-digest256.sbstore
binary
MD5: d6acf2573e12afdd7939568804d3fcc1
SHA256: 5525cbf8f8dc41d19ac632ed324e55293a510ae0eeba16d0e3f33c707aa58a0c
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\D2E57DECFB709FC577D7C2CCFFEADB76CEC1D99D
image
MD5: d1d5160351287a4aac2b3f3bb94c32aa
SHA256: 0d8b6befe49b3c0dd09a00d538a6f88172d3cf9edca2d81da9df1e288efe2bb2
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\39B3B9DC5AE986E85642A6107B69FBCAFB1AA464
image
MD5: 8e2ae72a56e1359af3f2e3fc9168527d
SHA256: 8722d1dca8390a6496ccc085fd08096c5199c52e0f8f9475d577ddfde2f8e2d1
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\2790D42EFF9F71BAC06F0F0C3D83CAD2C4EFB296
image
MD5: a42e079a90d394862c595d0dc4b19f19
SHA256: bdcc38f407915cf77bd8d7748f2268fe7dc21f328a5c6757e32b31cbca096565
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\C58E5EA0FF7731B3CE605D51D521737FF1A08E9B
image
MD5: 2dd5a36066a6ce80ab947f7ebe2b2cdb
SHA256: c831bf8cbbaca88858ac84e8aae2ba1c6f7895610eadc79a47b106e18cbd20de
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\39CD4148B6647F491F3ED75F898BD0A1F9E159AD
image
MD5: 371897e99e14dadb98c9f261f4fe9702
SHA256: 58dc59c7b9295c49e4aefd2b299d84a16aa04ab637dacb2faf76c31cd2eec8c6
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\36E4104305EE3D9EC6C52ABCF5A9AA3F295E9618
compressed
MD5: 12fc09c8d84d01f5df97673b44556992
SHA256: 9bfad448f830d172a4e39263c73c72daf28586404098a359f556370304d67774
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\42CCCAF9777C1D6946B1A393298CF23D31F362E9
image
MD5: 0762f5503fc7f91cee2bbecb58743db7
SHA256: 9721b8ac4f0a55195533c3d6aa11b556c9d5f9b4d8c8b9f253474ca71182c3f8
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\A58509538691495895B4817429C83EE2C06813CE
image
MD5: 5c6847e3373ffa540665f040f9a00c3a
SHA256: 022736202c3354c57657549de7f8279c03a8c1dad584827949afac5c08fb5f18
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.metadata
binary
MD5: eb744b05b13e9410146dab0bd459efa0
SHA256: bfde7f131200eb06c1d54b03d2ce1be1ff31062e8009c937243464712dcd2d50
2660
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\cert9.db
sqlite
MD5: 8e707f890879b1b6c362024e219812f9
SHA256: 3ee774954fea927dd7be35672e482bb3bf09aef87ce15c2c1a55513ad5413c6e
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\7268A2C120BCC6140B4D9CBB8A4554835553031C
image
MD5: 4279673e57af96ed97d61317a1998ccf
SHA256: e2b7721843f5fa0d6c9a5850119581a83196152bdc4b6aa1e00503d1754dc67d
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-phish-proto.metadata
binary
MD5: ddf263974b1925672d369bbcc8f830de
SHA256: 92a7323dd7eb199618a1e2e823a71919285a70196bfe627808c66cf1c1f3c8e3
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto.pset
binary
MD5: e608435b687616692a96462e1ac26756
SHA256: 6aa8ee3813d86411d8073a4c2f850b1e8e734c3759d860cbe54ec7f378a82a52
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto.metadata
binary
MD5: 704df61fa2e3f587b268ad85126bc689
SHA256: 7e97db3c9370a35f59a6a649e6cf608e4f5ed572f87f433ea652977ac2cc48d5
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-downloadwhite-proto.pset
binary
MD5: 7655fffe7cfbe1ebf96afea5fe2e1376
SHA256: ff2f663c4e453706b7817109f6a43e8b3389e8cfb1b7d64aace2bfba45f3a359
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-downloadwhite-proto.metadata
binary
MD5: 498dae4e538658a57f464748f2dabfda
SHA256: 8778f52cd9cb4f4787bf7ba18006d212f8c3004652d163f7786556a8eef3a067
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto.pset
binary
MD5: 844aff63a5f67cd54d9814b7b54abf18
SHA256: 8985970b72a7bcfcf54c4a2474c36ea9a911ab3672881ee299d58f5a4e64e690
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\49968F5AAF6C3D4E162E052C301E673D6E1D2552
binary
MD5: b0e5bbac49274bc65bf514ff0d2768c9
SHA256: 7e3ff633572a51985d8077613fd4a47560922d71f8b98550e88119fa740a5e56
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\3AFC65581F0B686F0061139B416C606725AC2246
compressed
MD5: d421655067af2f5081b8acf3a110ad55
SHA256: 409bde9e203c044609cf9200dcf88af0716b2cbf4b6773232969ab4bf3fff01e
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\35F99BBAD5894C3E4704830E49F53C801D831007
compressed
MD5: be430090ac64bd97d1df0dcaa5be71a3
SHA256: 7d9fd1784da01b8195b059f224bdc46c753f3eabbf6864fca2a3c19ac0e1ab12
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\675E24B59E407B8CE512A09DBB252576B23E61A6
compressed
MD5: 8259b9a1cf4e9542f4661aa263bce3c8
SHA256: c798b3ec3b894d183e1a6ff5a55360c875f26e05d6bbc19fbb25c481074803c9
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto.metadata
binary
MD5: 778202e2ee08f4b4073413c0b03e05fc
SHA256: 33147037ce75ec0a48b3da60d619bc76c2471f5f20c15f9d075671de2067cfb0
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashsubdoc-digest256.sbstore
binary
MD5: ba0009932844173bc8f9af264229df24
SHA256: 66d1c00c04d86e313e9a02775cdf906b1be8d4cd6bef423a1b9e21cc4e9f50c1
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashsubdoc-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashallow-digest256.sbstore
binary
MD5: 6f85bc4b2ecb49e26b0bd83a821065d0
SHA256: c0b3bc9b3dc507ab654caf72d13c3aefa58c9b13b1e4d14dd8816712d80a7e54
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashallow-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flash-digest256.sbstore
binary
MD5: c921d8e98fa01b4f303481e112202e92
SHA256: 4ef1038730ec8bc7206713c29a936768831b922c5e6c83355fd62d7401d8c1dc
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flashsubdoc-digest256.sbstore
binary
MD5: 04824a1f92353f43ebb9e7f74b7476fd
SHA256: b48e58ebab82e4c376f16150a3fff850c1111ff1f5985d68819cfd6f0db159d2
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flash-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flashsubdoc-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flash-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flash-digest256.sbstore
binary
MD5: 0e8fe60ccd7e9b4c32589a5743a95302
SHA256: 2b124d4026850a3cffd28dbacb58aec28f7dcd4d40bc14e52bbe96d60ce4e749
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\base-track-digest256.sbstore
binary
MD5: 23e438fd4af1829d4469ff8d0bc83854
SHA256: 96e0d7644aea81d26f039ae633eb405583e11b020363090dac5cad9b4b188846
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\base-track-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\allow-flashallow-digest256.sbstore
binary
MD5: d886a47c89d9c49c795da345bc236990
SHA256: a03c5e2656d2f292bf5794c8eeb8d223cd6ba4f4bfb2ed1f325460e879d0bcf7
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\allow-flashallow-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\789B8B77BF46F55C6EAD0BC86CF027FEA6B69868
compressed
MD5: a44f1434daecf190c7f09bfa7df2c2f5
SHA256: 7265f8f5fff689e1c69fdffc04f5c66c46fb291c8d6f9bda7c06b73d5d781c0f
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\24874A75B723E6D379F1E221C1C271740D8EDC8B
der
MD5: 2016660fbefad0c57c702702fd7d16f5
SHA256: 27e515c97632ddf50435ce8908b322cd67f9b2d3590dd596024e943e34c79b06
2660
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3561288849sdhlie.sqlite-shm
binary
MD5: b7c14ec6110fa820ca6b65f5aec85911
SHA256: fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb
2660
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\2918063365piupsah.sqlite-shm
binary
MD5: b7c14ec6110fa820ca6b65f5aec85911
SHA256: fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb
2660
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1451318868ntouromlalnodry--epcr.sqlite-shm
binary
MD5: b7c14ec6110fa820ca6b65f5aec85911
SHA256: fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb
2660
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 3e2c3e98cfbfeb800ed5e76416d57424
SHA256: 1a340924ccc66e0edfaaf54b362ee084f199375ccb18638c535703223b5927f5
2660
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\cert9.db
sqlite
MD5: f6d7f3c53b5fb2325674971208f125a4
SHA256: 2f61d66fc8f3d4b187b75f9b5e9e5b01ecf509303987b6e82931110a41a9e621
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\7F1464F2FE3D03CBB676D4123B6872D80B6CBA64
der
MD5: fa0ad73223160ea2dff8fb63e2e078a6
SHA256: 5fcc08d4f9c165165e36cff570f1f8d00030ce7e1e87ca94e67df40d5508695c
2660
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionCheckpoints.json
text
MD5: c4ab2ee59ca41b6d6a6ea911f35bdc00
SHA256: 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2
2660
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionCheckpoints.json.tmp
––
MD5:  ––
SHA256:  ––
2660
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionCheckpoints.json
text
MD5: ea8b62857dfdbd3d0be7d7e4a954ec9a
SHA256: 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da
2660
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: c52c31e2d546fc217645cd7f542cf3e0
SHA256: 73974f60357b038693803f51ca750e9ed609a3376548c88c117fa1fcbb328236
2660
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\cookies.sqlite-shm
binary
MD5: b7c14ec6110fa820ca6b65f5aec85911
SHA256: fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache-child-current.bin
binary
MD5: 82f61c08d68502377826ca7ea054cea7
SHA256: 85801bce5d7ce3a2abc14e3208151ac9d324a6ea82fb2ada1d10baa8ef58e7df
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\urlCache-current.bin
binary
MD5: 79262a046a800bc3c3125ff94893cc51
SHA256: ea78cb0e02ca9bd0dc9ae055b82486e63ed4643a53717970a20d5fed7d18a51e
2660
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache-current.bin
––
MD5:  ––
SHA256:  ––

Find more information of the staic content and download it at the full report

Network activity

HTTP(S) requests
8
TCP/UDP connections
28
DNS requests
60
Threats
0

HTTP requests

PID Process Method HTTP Code IP URL CN Type Size Reputation
2660 firefox.exe GET 200 2.16.186.50:80 http://detectportal.firefox.com/success.txt unknown
text
whitelisted
2660 firefox.exe POST 200 188.121.36.239:80 http://ocsp.godaddy.com/ NL
binary
der
whitelisted
2660 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
whitelisted
2660 firefox.exe POST 200 216.58.207.35:80 http://ocsp.pki.goog/GTSGIAG3 US
binary
der
whitelisted
2660 firefox.exe POST 200 216.58.207.35:80 http://ocsp.pki.goog/GTSGIAG3 US
binary
der
whitelisted
2660 firefox.exe POST 200 216.58.207.35:80 http://ocsp.pki.goog/GTSGIAG3 US
binary
der
whitelisted
2660 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
whitelisted
2660 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
whitelisted

Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID Process IP ASN CN Reputation
2660 firefox.exe 104.20.73.28:443 Cloudflare Inc US shared
2660 firefox.exe 2.16.186.50:80 Akamai International B.V. –– whitelisted
2660 firefox.exe 188.121.36.239:80 GoDaddy.com, LLC NL unknown
2660 firefox.exe 35.166.112.39:443 Amazon.com, Inc. US unknown
–– –– 104.20.73.28:443 Cloudflare Inc US shared
2660 firefox.exe 93.184.220.29:80 MCI Communications Services, Inc. d/b/a Verizon Business US whitelisted
2660 firefox.exe 54.186.163.246:443 Amazon.com, Inc. US unknown
2660 firefox.exe 13.32.159.2:443 Amazon.com, Inc. US unknown
2660 firefox.exe 172.217.23.142:443 Google Inc. US whitelisted
2660 firefox.exe 13.32.219.83:443 Amazon.com, Inc. US unknown
2660 firefox.exe 13.32.219.2:443 Amazon.com, Inc. US unknown
2660 firefox.exe 216.58.207.35:80 Google Inc. US whitelisted
2660 firefox.exe 172.217.18.104:443 Google Inc. US suspicious
2660 firefox.exe 172.217.21.234:443 Google Inc. US whitelisted
2660 firefox.exe 93.184.220.66:443 MCI Communications Services, Inc. d/b/a Verizon Business US whitelisted
2660 firefox.exe 104.244.42.200:443 Twitter Inc. US unknown
2660 firefox.exe 93.184.220.70:443 MCI Communications Services, Inc. d/b/a Verizon Business US whitelisted
2660 firefox.exe 54.201.6.28:443 Amazon.com, Inc. US unknown
2660 firefox.exe 13.32.219.20:443 Amazon.com, Inc. US unknown
2660 firefox.exe 52.43.91.152:443 Amazon.com, Inc. US unknown
2660 firefox.exe 13.32.219.249:443 Amazon.com, Inc. US unknown
2660 firefox.exe 13.32.219.181:443 Amazon.com, Inc. US unknown

DNS requests

Domain IP Reputation
detectportal.firefox.com 2.16.186.50
2.16.186.112
whitelisted
chocolatey.org 104.20.73.28
104.20.74.28
whitelisted
a1089.dscd.akamai.net 2.16.186.112
2.16.186.50
whitelisted
ocsp.godaddy.com 188.121.36.239
whitelisted
ocsp.godaddy.com.akadns.net 188.121.36.239
whitelisted
search.services.mozilla.com 35.166.112.39
34.213.175.109
52.88.150.81
whitelisted
search.r53-2.services.mozilla.com No response whitelisted
ocsp.digicert.com 93.184.220.29
whitelisted
cs9.wac.phicdn.net 93.184.220.29
whitelisted
tiles.services.mozilla.com 54.186.163.246
52.35.250.5
52.43.91.152
52.43.40.243
52.39.131.77
52.88.59.160
54.149.115.79
34.208.143.106
whitelisted
tiles.r53-2.services.mozilla.com 34.208.143.106
54.149.115.79
52.88.59.160
52.39.131.77
52.43.40.243
52.43.91.152
52.35.250.5
54.186.163.246
whitelisted
snippets.cdn.mozilla.net 13.32.159.2
whitelisted
www.feedburner.com 172.217.23.142
whitelisted
drcwo519tnci7.cloudfront.net 13.32.159.2
whitelisted
sidecar.gitter.im 13.32.219.83
13.32.219.104
13.32.219.173
13.32.219.222
whitelisted
cdn-images.mailchimp.com 13.32.219.2
whitelisted
www3.l.google.com 172.217.23.142
whitelisted
d1rxiua769frlh.cloudfront.net 13.32.219.222
13.32.219.173
13.32.219.104
13.32.219.83
malicious
dbhkt46el5ri0.cloudfront.net No response unknown
ocsp.pki.goog 216.58.207.35
whitelisted
pki-goog.l.google.com 216.58.207.35
whitelisted
ssl.google-analytics.com 104.244.42.200
104.244.42.72
104.244.42.136
104.244.42.8
whitelisted
ssl-google-analytics.l.google.com 172.217.18.104
whitelisted
platform.twitter.com 93.184.220.66
whitelisted
cs41.wac.edgecastcdn.net 93.184.220.66
suspicious
safebrowsing.googleapis.com 172.217.21.234
whitelisted
syndication.twitter.com No response whitelisted
cdn.syndication.twimg.com 93.184.220.70
whitelisted
cs45.wac.edgecastcdn.net 93.184.220.70
unknown
shavar.services.mozilla.com 54.201.6.28
52.35.215.194
54.187.176.55
52.32.141.83
34.223.203.249
54.186.120.41
52.88.72.192
34.212.119.231
whitelisted
shavar.prod.mozaws.net 34.212.119.231
52.88.72.192
54.186.120.41
34.223.203.249
52.32.141.83
54.187.176.55
52.35.215.194
54.201.6.28
whitelisted
tracking-protection.cdn.mozilla.net 13.32.219.20
13.32.219.16
13.32.219.91
13.32.219.178
whitelisted
d1zkz3k4cclnv6.cloudfront.net 13.32.219.178
13.32.219.91
13.32.219.16
13.32.219.20
whitelisted
firefox.settings.services.mozilla.com 13.32.219.249
13.32.219.222
13.32.219.155
13.32.219.65
whitelisted
d2k03kvdk5cku0.cloudfront.net No response whitelisted
content-signature.cdn.mozilla.net 13.32.219.181
13.32.219.120
13.32.219.90
13.32.219.41
whitelisted
d12uj65dsn9ho1.cloudfront.net No response whitelisted

Threats

No threats detected.

Debug output strings

No debug info.