General Info

URL

http://www.codetwo.com/email-signatures/?sts=2471

Full analysis
https://app.any.run/tasks/53b40af4-ec75-4af4-b7d5-6f31df942c40
Verdict
Malicious activity
Analysis date
4/15/2019, 10:03:45
OS:
Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Indicators:

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distored by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

Software environment set and analysis options

Launch configuration

Task duration
60 seconds
Additional time used
none
Fakenet option
off
Heavy Evaision option
off
MITM proxy
off
Route via Tor
off
Network geolocation
off
Privacy
Public submission
Autoconfirmation of UAC
on

Software preset

  • Internet Explorer 8.0.7601.17514
  • Adobe Acrobat Reader DC MUI (15.023.20070)
  • Adobe Flash Player 26 ActiveX (26.0.0.131)
  • Adobe Flash Player 26 NPAPI (26.0.0.131)
  • Adobe Flash Player 26 PPAPI (26.0.0.131)
  • Adobe Refresh Manager (1.8.0)
  • CCleaner (5.35)
  • FileZilla Client 3.36.0 (3.36.0)
  • Google Chrome (73.0.3683.75)
  • Google Update Helper (1.3.33.23)
  • Java 8 Update 92 (8.0.920.14)
  • Java Auto Updater (2.8.92.14)
  • Microsoft .NET Framework 4.6.1 (4.6.01055)
  • Microsoft Office Access MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Access Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Excel MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office OneNote MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Outlook MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office PowerPoint MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Professional 2010 (14.0.6029.1000)
  • Microsoft Office Proof (English) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (French) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (Spanish) 2010 (14.0.6029.1000)
  • Microsoft Office Proofing (English) 2010 (14.0.6029.1000)
  • Microsoft Office Publisher MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Single Image 2010 (14.0.6029.1000)
  • Microsoft Office Word MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (9.0.30729.6161)
  • Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (10.0.40219)
  • Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (12.0.30501.0)
  • Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (14.15.26706.0)
  • Microsoft Visual C++ 2017 x86 Additional Runtime - 14.15.26706 (14.15.26706)
  • Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.15.26706 (14.15.26706)
  • Mozilla Firefox 65.0.2 (x86 en-US) (65.0.2)
  • Notepad++ (32-bit x86) (7.5.1)
  • Opera 12.15 (12.15.1748)
  • Skype version 8.29 (8.29)
  • VLC media player (2.2.6)
  • WinRAR 5.60 (32-bit) (5.60.0)

Hotfixes

  • Client LanguagePack Package
  • Client Refresh LanguagePack Package
  • CodecPack Basic Package
  • Foundation Package
  • IE Troubleshooters Package
  • InternetExplorer Optional Package
  • KB2534111
  • KB2999226
  • KB976902
  • LocalPack AU Package
  • LocalPack CA Package
  • LocalPack GB Package
  • LocalPack US Package
  • LocalPack ZA Package
  • ProfessionalEdition
  • UltimateEdition

Behavior activities

MALICIOUS SUSPICIOUS INFO

No malicious indicators.

Executable content was dropped or overwritten
  • firefox.exe (PID: 2852)
Reads CPU info
  • firefox.exe (PID: 2852)
Application launched itself
  • firefox.exe (PID: 2852)
Dropped object may contain Bitcoin addresses
  • firefox.exe (PID: 2852)
Creates files in the user directory
  • firefox.exe (PID: 2852)

Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report

Screenshots

Processes

Total processes
37
Monitored processes
5
Malicious processes
0
Suspicious processes
0

Behavior graph

+
start firefox.exe firefox.exe no specs firefox.exe firefox.exe firefox.exe
Specs description
Program did not start
Integrity level elevation
Task сontains an error or was rebooted
Process has crashed
Task contains several apps running
Executable file was dropped
Debug information is available
Process was injected
Network attacks were detected
Application downloaded the executable file
Actions similar to stealing personal data
Behavior similar to exploiting the vulnerability
Inspected object has sucpicious PE structure
File is detected by antivirus software
CPU overrun
RAM overrun
Process starts the services
Process was added to the startup
Behavior similar to spam
Low-level access to the HDD
Probably Tor was used
System was rebooted
Connects to the network
Known threat

Process information

Click at the process to see the details.

PID
2852
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" http://www.codetwo.com/email-signatures/?sts=2471
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
Parent process
––
User
admin
Integrity Level
MEDIUM
Version:
Company
Mozilla Corporation
Description
Firefox
Version
65.0.2
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\kbdus.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\psapi.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\wbem\wbemprox.dll
c:\windows\system32\wbemcomn.dll
c:\windows\system32\wship6.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\wbem\wbemsvc.dll
c:\windows\system32\winsta.dll
c:\windows\system32\wbem\fastprox.dll
c:\windows\system32\ntdsapi.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\mscms.dll
c:\windows\system32\wpc.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\samcli.dll
c:\windows\system32\samlib.dll
c:\windows\system32\netutils.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\audioses.dll
c:\windows\system32\d2d1.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\wininet.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\iertutil.dll
c:\program files\mozilla firefox\softokn3.dll
c:\program files\mozilla firefox\freebl3.dll
c:\windows\system32\sspicli.dll
c:\progra~1\mozill~1\nssckbi.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\explorerframe.dll
c:\windows\system32\duser.dll
c:\windows\system32\dui70.dll
c:\windows\system32\actxprxy.dll
c:\program files\adobe\acrobat reader dc\reader\acrord32.exe
c:\program files\mozilla firefox\mozavutil.dll
c:\program files\mozilla firefox\mozavcodec.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\mf.dll
c:\windows\system32\atl.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\dxva2.dll
c:\windows\system32\evr.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\msmpeg2adec.dll
c:\windows\system32\slc.dll
c:\windows\system32\msmpeg2vdec.dll
c:\windows\system32\sqmapi.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\windowscodecs.dll
c:\windows\system32\ehstorshell.dll
c:\windows\system32\cscui.dll
c:\windows\system32\cscdll.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\imageres.dll
c:\windows\system32\icm32.dll

PID
3932
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2852.0.2043988810\512344834" -parentBuildID 20190225143501 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - "C:\Users\admin\AppData\LocalLow\Mozilla\Temp-{ce348e4c-7d33-445e-89f9-60108c51bcaf}" 2852 "\\.\pipe\gecko-crash-server-pipe.2852" 1100 gpu
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
No indicators
Parent process
firefox.exe
User
admin
Integrity Level
MEDIUM
Version:
Company
Mozilla Corporation
Description
Firefox
Version
65.0.2
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\windows\system32\shell32.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\mf.dll
c:\windows\system32\atl.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\dxva2.dll
c:\windows\system32\evr.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\wship6.dll
c:\windows\system32\wshqos.dll

PID
2748
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2852.6.181342058\1211746250" -childID 1 -isForBrowser -prefsHandle 1688 -prefMapHandle 1836 -prefsLen 1 -prefMapSize 180950 -schedulerPrefs 0001,2 -parentBuildID 20190225143501 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 2852 "\\.\pipe\gecko-crash-server-pipe.2852" 1640 tab
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
Parent process
firefox.exe
User
admin
Integrity Level
LOW
Version:
Company
Mozilla Corporation
Description
Firefox
Version
65.0.2
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\wship6.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\mscms.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\audioses.dll
c:\windows\system32\wpc.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\samcli.dll
c:\windows\system32\samlib.dll
c:\windows\system32\netutils.dll
c:\program files\mozilla firefox\softokn3.dll
c:\program files\mozilla firefox\freebl3.dll
c:\program files\mozilla firefox\mozavutil.dll
c:\program files\mozilla firefox\mozavcodec.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\mf.dll
c:\windows\system32\atl.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\dxva2.dll
c:\windows\system32\evr.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\msmpeg2vdec.dll
c:\windows\system32\slc.dll
c:\windows\system32\sqmapi.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\msmpeg2adec.dll

PID
2864
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2852.13.780894971\1542022406" -childID 2 -isForBrowser -prefsHandle 2584 -prefMapHandle 2588 -prefsLen 216 -prefMapSize 180950 -schedulerPrefs 0001,2 -parentBuildID 20190225143501 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 2852 "\\.\pipe\gecko-crash-server-pipe.2852" 2600 tab
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
Parent process
firefox.exe
User
admin
Integrity Level
LOW
Version:
Company
Mozilla Corporation
Description
Firefox
Version
65.0.2
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\usp10.dll
c:\windows\system32\lpk.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\wship6.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\mscms.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\audioses.dll
c:\program files\mozilla firefox\softokn3.dll
c:\program files\mozilla firefox\freebl3.dll
c:\windows\system32\wpc.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\samcli.dll
c:\windows\system32\samlib.dll
c:\windows\system32\netutils.dll

PID
3096
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2852.20.774333129\1839532295" -childID 3 -isForBrowser -prefsHandle 3316 -prefMapHandle 3320 -prefsLen 5824 -prefMapSize 180950 -schedulerPrefs 0001,2 -parentBuildID 20190225143501 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 2852 "\\.\pipe\gecko-crash-server-pipe.2852" 3332 tab
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
Parent process
firefox.exe
User
admin
Integrity Level
LOW
Version:
Company
Mozilla Corporation
Description
Firefox
Version
65.0.2
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\wship6.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\mscms.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\audioses.dll
c:\windows\system32\wpc.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\samcli.dll
c:\windows\system32\samlib.dll
c:\windows\system32\netutils.dll

Registry activity

Total events
558
Read events
556
Write events
2
Delete events
0

Modification events

PID
Process
Operation
Key
Name
Value
2852
firefox.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings
ProxyEnable
0
2852
firefox.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
SavedLegacySettings
460000006E000000010000000000000000000000000000000000000000000000C0E333BBEAB1D301000000000000000000000000020000001700000000000000FE800000000000007D6CB050D9C573F70B000000000000006D00330032005C004D00530049004D004700330032002E0064006C000100000004AA400014AA4000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000C0A8016400000000000000000000000000000000000000000800000000000000805D3F00983740000008000002000000000000600000002060040000B8A94000020000008802000060040000B8A9400004000000F8010000B284000088B64000B84B400043003A000000000000000000000000000000000000000000

Files activity

Executable files
1
Suspicious files
73
Text files
49
Unknown types
51

Dropped files

PID
Process
Filename
Type
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-widevinecdm\4.10.1146.0\widevinecdm.dll
executable
MD5: 7f636be36a85d45a148b0fe13bd311a5
SHA256: 5566c2c4b1839386e1b951b13eeb7aaceb1fb52e9f1cfdbc345c5e4f7b6d9745
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\urlCache-current.bin
gmc
MD5: 50c27fc71b8eb413f290e0a0e0a0f30e
SHA256: cac301e92bd8b54a2baf8dec1aa1f58707f5ad9fa4958b64eedd900dd667fe45
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\6F9A2ADDB61E81005082CAF9294393C8E5AD43C5
compressed
MD5: 38996d8916c1302fa453d21182cf4a09
SHA256: 8214bac310ce899b8dd380d46f84e0a129b27433a050433a0459c20edd14cba5
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\97C8669FAA0B985E69F72B61FCD1B05FAE653560
binary
MD5: ac51b1c624d1935b78bd8e72448aca9b
SHA256: d4b2757cb3186fecc0baf1cc3ce77ceb6f4bf88514d0357eb30ea43e914798dc
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\2B3B46C63AFD4FB508F767C8ECE0B6C8B65F15E7
binary
MD5: ec6a6b7ca3c0465c858de860c5562aa8
SHA256: 0c91e1085256952840b306f28435b2fc12a9b305c8bc001297b9eee710eec88e
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\6A72D2F9FFF7CCD5530E8ECBD80AD075AA235ACA
image
MD5: 3daf2aef77d7fa586c5ca458cdeaeab8
SHA256: 0085fdd826e3bf0146c81b11d72eb178865edb4a8dbb55391654b65c3f31fe62
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\FF0A312749692BFBAFD1621A5B0290FBE72C3B4A
image
MD5: 17a968213fe1805f707e2d86327f7597
SHA256: 1dce6147b11dc1deeb9bdce4b9a2dd09fe105c4e84e239a589d516da0a2d1d3a
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.jsonlz4
jsonlz4
MD5: bf5da4d6ed802e27ba2669f6981779bd
SHA256: ae67cc2ef9e1d34ec76d9d8c80a7125dc46c11bfb8ab77d83df426efe10f65c3
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.baklz4
jsonlz4
MD5: 379028dbd20b1624270d39ec40231f55
SHA256: b15a446de59caea3393b742367ad12dd360ea534b2eca1e382706c903a00d1bb
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.jsonlz4.tmp
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\7B818A01142ADA3514456406747CEEC6A04E757C
image
MD5: a4d2b589559a3b0aa66665a4ada26aeb
SHA256: 6281db494a5332a5fb97269c916b873a92725b4d2211f731a19f6ac2e0e14380
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\21DBF1665681C583F6216FA261AF273683694D9E
compressed
MD5: bd5170f0106bcad716a57b9c48e7d11c
SHA256: ec72ab70a77e300e60597749bc39df945f1550527c1e8fcd597f1f1214f5f9b7
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\doomed\18510
compressed
MD5: b3d171ff241f03cabeffc2f7b295518a
SHA256: f2c56a638572f52c8354a183a583860126c753d33f21a0b36cf184f4a81466f6
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\F8AC72083E334F70A553AE68455FBDF0E65C5221
compressed
MD5: 858d46c6dada3a00aa8bf40be270c24d
SHA256: ec3c94a4d8dc29afa35cfcf46421f09c42f48f42c51c9cbd7a42d78d144d5926
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\E8F9400FD28BF06E72E0D43481547BF8E5E1D34D
compressed
MD5: 2d87b1c134a03cf53d8f897a205c41b9
SHA256: 24263b5a2804c25c44cff6e87d926dcf17ffcb133c2ac54f79926464c41b5f28
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\5E4954707B44E5A4B4ACF5F22B52219A1DCA477F
compressed
MD5: d65b040652b48ea79c20d20b21c1b63f
SHA256: dbe40e03cb372eb59adb43cadc40715f9086c8aefe8e46c9f1b79befd3b4286e
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\permissions.sqlite-journal
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\154E9602D823AA7FA48F0B98C7354A9D520096B7
binary
MD5: 5a0572f4da7e1e89f6f93a2952c2c94a
SHA256: b0c80f1e95e95bd4c78f9f84593eeec71700a51b9ed1150d6720c62a8fba2c58
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\4007563E8F41FAF1C865F8D2E86362A913A3D497
compressed
MD5: 98877ad0d8f61d5d02615863d99d62d1
SHA256: 61d4e9f4d681982b9fe7505caffa9f8b4b6e0ea1adc8aa78f24f5042c178272e
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\10F321B9C46CE2F9ADC9CD4D54EA57A471CC68EF
image
MD5: 7722558612fdb205626b47f04824db4d
SHA256: b774dcd958b045fd9801e274f4459519b2b01d7c0eb4de592564a2992c20a9b3
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\E52D6D59B1CA543E7133709D0C31404E51371B94
ini
MD5: a8ec00b221eeb3bfe3897ce3a9ecb9a4
SHA256: 43f2f8a581fe13c92f501330d50cf491c10d3a234bde97a1768018a6f5cd0203
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\5F32561EC898A8745B9130FBD5A00792FAF0D311
image
MD5: 2ce1f4b2d8bb3a7feeb4741a8b03b123
SHA256: 7f39048a34b96280570f14799df7a43a41d5fc5a72c34682a1aa7137196f0ae0
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\DE266905B1ADE54B91965811C3A26E68AE78F3B5
binary
MD5: 18a4768b31d34ac01e945aee100dd433
SHA256: e5cb109a108c6369e080b25da749a5ba9e434b544c1fc161b95f8d3011173ad4
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\75C6A065A84633DD44B502C233536207C763FC63
image
MD5: c3f1aa0b11d08cf8962ed8618803fe9e
SHA256: 4fad6ed0207b1f3227b422170865db1cb9e34ff5479453201d3979937437efcb
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\0AA173FD4809D555A7996C0374620CF5F527C991
image
MD5: e994ab2fc1225e09180b49d9e932e870
SHA256: 3011a1674dcf317709ee356186e8c47b1c2523be365a738dcae9e9f78ce43475
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\895621B6091761271093D0ACFFA612539D949D94
image
MD5: b966041b3f6f7c0d1be23dfcff8baac5
SHA256: 53d98865e76c94aec2f86cd9aa22f3444f20946f51b51b74e15a48c8d873ce1d
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\8351D269BAB3466F87D045BD0EF8967F294DD693
image
MD5: 724899c7b5f8459df3ec50a13d73fcff
SHA256: 3553c81018bd5b201b4f2642367286bae254ad414346781e5d524cf199e163b9
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\59037A6FD3C50F6612D147BE2342BF90EFF6B9B3
image
MD5: 23190afb3b83807b15885ba61d7206f8
SHA256: 90db830081a1b44b7e56ae8413709fccdf3f710d4b6202cbbafe563b5d32927a
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\A4B2722086B28DE4347BBF3EC5D590A716EF5E1F
image
MD5: 03676c9edef0191685ea86e09bf37ef7
SHA256: e83a8b2b2b057dd6e2f38bf5e8dfaa93da3fc002e4a1a6403049c57af65fe5e7
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\84D9EF0EF453A46AF73D21AA08D6465ED9529BFC
image
MD5: b813297e71c6832206ce5481f6d09936
SHA256: 2bfd44d54babc27fc16d84e3d15e3ab36681beb62be772e8f2123f97adbfbc14
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\CB91095B20DA1426AE7BE062B2A46D3A1A377EDB
image
MD5: 19cb5780368fc01adf25af506326ea70
SHA256: d57bf092d0a02e1d53b0122177608e0ee5798ea87827c4a3616fefd9fae83cba
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 82a9a173062bc9922ae104573f026e56
SHA256: 8e924f80f14ca67ae7b5d5bba9f68106692d25c2a836f9625f9f71450aec19d6
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs-1.js
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\CDF6C6561B7E85DCE8FE65457B7F464E401329A2
compressed
MD5: 5a6bd042d65fb214e683cb0049a6e32b
SHA256: e5a2b1821c9622c4bccd821cf80fd42f7ccca6b32bb595ea029c9c185b524c7f
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\9EF090A87E3ECF815333652FD58780EB15F492CC
compressed
MD5: b71074f840b3f5424dfdec321170dc52
SHA256: 609b4e47563f21e257b4b93b9a8ffd70196a5019fa6f215cce1401fc0ce8c8ff
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\68B8E8125A0C10030CF7A7562FB4E62FE56EA642
compressed
MD5: d407169a715bf883da1b2a156c52d064
SHA256: 5bfc7e25d9cc292514517e6e8ff688775dc39a9ec43004711b820c83fd5f94c3
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\AC653CC711A61F83B49BDAB515DA240DE09C0634
compressed
MD5: f93276b84ac305713f8fcb80a647a6f1
SHA256: 1f8ed42cc1c433c265eabed37c5e7887491168c823f447c15b759f6c66fc2a07
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\E600559D82210F57EB9B7356D1C3DFEE1443DF27
binary
MD5: a3980b9966727c48b58cbb97e8af1697
SHA256: 8b8612a534d190fced949f01bc5ce8a1531fb2b6a498e070b4b477100831cf5f
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\2169C3A69FDFFE0151BA3D458889F17158F51AD2
compressed
MD5: 4acf9aa3d18bc7057c3c42799e2bc102
SHA256: a9a5ede08d4e7a4990bdc552255da351744966d84efea1224912d2b0418ae8ff
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\F4B526703E00EDBC18FDC95F6FBB865558EB1928
compressed
MD5: d053ab76ca07339e663a7bdd207284e6
SHA256: 18a053ec80c9f0e17e436e68d498525b286f860a7d597d412f5f898850034866
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\6F9A2ADDB61E81005082CAF9294393C8E5AD43C5
compressed
MD5: f2d0b81c7d7163b30d6a65390e2455fc
SHA256: 6fb210c9d502fb7a0b072137b35cfe86b4719178cd0adb3cb9a0d80951e51bbf
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3561288849sdhlie.sqlite-shm
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\2918063365piupsah.sqlite-shm
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\2918063365piupsah.sqlite-wal
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 8ef106363d875607efc859d4cd6bf79a
SHA256: db630c4e47a9faa39d997b81833265b841d742ba71cd8ba340c53740c178ffdc
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 8c97698523907257f79216cf4ebf74ee
SHA256: ed9b4743f41c8d9ac2b30ebe84958748f65ed78f8b1c6b79371b7c9bc87ca616
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
sqlite
MD5: 017080b03ac610a197f59b4632749417
SHA256: 4f5c8e57c7eb0de4c1ca9b3961898b9f37a5b66279b0741193bbf8d0da9f57f9
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite-wal
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite-shm
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\43B6655E5F16BC2535236452C6E5FF7FB6F2BD90
binary
MD5: d14d9cde139c038b7a277e06b975c8e2
SHA256: 4eb8f780afbf5657b38b689a34320b0fc20297fe310a03873694640948ff53e6
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\broadcast-listeners.json
text
MD5: 0d083c0f4d1848bc3dd006dab592f4c5
SHA256: 80357eabe202535c2d908400c2fac0d7580a878773eeadde61a08d89ea65abcb
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\broadcast-listeners.json.tmp
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: bfef3e4d90524c51912519eaa02755c2
SHA256: d93cd2ffbdb93714555ca0bb11676503fb381e2b9dc820440f024fcb8a1bfbb0
2852
firefox.exe
C:\Users\admin\AppData\Local\Temp\mz_etilqs_f7xwiRXLnfm3vfY
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\491F289AD0B37F176E82D588C95524BD549E78FD
cer
MD5: ac2eb297bf73a5686e9c3e48cf254b3b
SHA256: 6858ea3b28186b36490ebbe33ca10b984c35c33a38208c01c0e28a5b3e43914f
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\crashes\store.json.mozlz4
jsonlz4
MD5: a6338865eb252d0ef8fcf11fa9af3f0d
SHA256: 078648c042b9b08483ce246b7f01371072541a2e90d1beb0c8009a6118cbd965
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-widevinecdm\4.10.1146.0\widevinecdm.dll.sig
pi2
MD5: bba147013aa78944b2530f3e4acf231d
SHA256: 2347297ebdd087df38fad1acc207f625938ff575f0d7c0533c6c5572f042f6c9
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-widevinecdm\4.10.1146.0\widevinecdm.dll.lib
obj
MD5: 5a33e95804ea80f06f97453b1a163e27
SHA256: 33bb1b23908e20870aefd100fb10983753b3ffbb308c55316b7b9cb6c9f45a6a
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-widevinecdm\4.10.1146.0\widevinecdm.dll.sig.tmp
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-widevinecdm\4.10.1146.0\widevinecdm.dll.lib.tmp
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-widevinecdm\4.10.1146.0\widevinecdm.dll.tmp
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-widevinecdm\4.10.1146.0\LICENSE.txt
text
MD5: 49ddb419d96dceb9069018535fb2e2fc
SHA256: 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-widevinecdm\4.10.1146.0\manifest.json
text
MD5: 6489d53ce5fbfd0eba9deceb95323c61
SHA256: 1a8ce8afcfddd04cfb3dd743b0bcde8d439d9f86a1fe262d2f99fe6876631fc7
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\D00A688072D5E651DFCBF1F615D0FF8CC68B8989
binary
MD5: 70ca423ea1f811edef2decbaa46b6f88
SHA256: 6b4cc094346fd17393e3b83bbda96797640a620f72bf402cd6afa95bbbd5da38
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-widevinecdm\4.10.1146.0\manifest.json.tmp
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-widevinecdm\4.10.1146.0\LICENSE.txt.tmp
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Local\Temp\mz_etilqs_I51di9j1wjpPc7A
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\revocations.txt
text
MD5: 7c6486e0e286739cb3bf14195b438d6a
SHA256: d3311f69feb662b1fe2a600c2fd4f7f3e3709d5a7af85a8259c88b80cea9841e
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\revocations-1.txt
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Local\Temp\tmpaddon
compressed
MD5: c787e9b06b44e979c9aff51c8da64b4e
SHA256: 7e8db6c2e3e62999814d198745067e04e7c61c1580d75cf73534712540df5d9e
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\EAD4A64A0AF73119D9717809EB7339F0DEB17892
cer
MD5: cc6ed70516205790b48067e8c60b61cd
SHA256: c335c6e993a3a47ba47cb5740541de770869f8aee575005143d52ca73e6e78bf
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\DFBC0FBFC202399C902B02726E7388FF5C46BBA6
compressed
MD5: 894f1e8d096b26826e1cb9fb72f05eae
SHA256: 74024a490a89d7530a3f5e03742edd29f758f7848a369cb56bc6144c8c705d59
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\B8469062C8B9A5098D81A620DCDEBD69BE523333
binary
MD5: ea8f7b404f671021b282e57057d57eb9
SHA256: 0d2c4b5bcfa56b14ca0a8f9799c42af50f4f76ef1faad1e3bf39214c5cc55000
2852
firefox.exe
C:\Users\admin\AppData\Local\Temp\mz_etilqs_Lm8uf9PmjWJxHrL
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 478bb822be9788d236e28f84e0c5ef47
SHA256: cc4721f90685a5c5d45d846142279981d927c82dcb5da56eb83269530f129f28
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\1E137CDCFC633D2DB96378E90D07058F8E2DD90C
cer
MD5: bee9d21832aa40d769242cc30b941e8c
SHA256: 5cd8641968af0945d57b852f68f331f3622929f893b5ee5a3bc76f222fc97df1
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\DE23B389EB6A29BF74711D30F79F0B21683DA2B7
binary
MD5: 495d383dde4bb5ced74d907058db03e5
SHA256: 36f818c11b394aa065b5ccbbcf5ed656f4f3b40c95de3ca7d06d57815608e894
2852
firefox.exe
C:\Users\admin\AppData\Local\Temp\mz_etilqs_i2QEVEr80G5Ek9T
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Local\Temp\mz_etilqs_MxPOrE1OGfnadlD
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\1E137CDCFC633D2DB96378E90D07058F8E2DD90C
cer
MD5: f4277879c5f45619e502c5bc8feb5023
SHA256: 9cf9bd8ea63b680799f4292af88f1344d53adc20931306c4681f8b6effc13ac5
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: ee173da8fec2db645bec7da7016aa6a7
SHA256: c17ad4dacd2fa26144efc158921c98809cb9b8c0cb7436697e7e22f5556dced2
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\A62DAA8951D1736AA922A207513B2B70D523ABAF
binary
MD5: 5c29c6d2b91c31149289ab1693fc998f
SHA256: a507ec0d7f1fc51b7095b0256399125f2e46ab1f27609bbef3729e5c787bc8a3
2852
firefox.exe
C:\Users\admin\AppData\Local\Temp\mz_etilqs_t7CC3LlyJxQ9hMp
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
sqlite
MD5: 1c64631f27c04aeb7b8d923580cbc221
SHA256: 0ba346de99c83fccfd1addd4d640124e236a1f3383b86a5c5682319ebc5ec958
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite-wal
binary
MD5: ebd040765017ec25635af91dbcb1e4ec
SHA256: 4aec0bf6be7b41b195bd2a993ac2ff03f213367a0410bfaf465198cbaa093f29
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite-shm
binary
MD5: e503c5fb2d743cbc80f27e59c4d17ade
SHA256: 2f4abf77a586332b596ed68a9283423db66225361bad3062e5954ef21b01e508
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\broadcast-listeners.json
text
MD5: 72c95709e1a3b27919e13d28bbe8e8a2
SHA256: 9cf589357fceea2f37cd1a925e5d33fd517a44d22a16c357f7fb5d4d187034aa
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite-journal
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\A63F302D4AC817DC41AAF9E8D1E347445D22F536
binary
MD5: d02fcd5c3e090c568cd0eefa57e5f87b
SHA256: 15cfaf8ed6915b5ecd0abc97ce9668152d92e905e4b49fccd1a3a1e5e5487eb5
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 0e73b4fe7a081ef8542257b51f21ef8b
SHA256: 7b684b49e81a6752a5ef64e9e404341df7d129d1b672be12c7e0645d246516e8
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\E78CB1B3AD10222DF64C7037689A3AF61AD31F29
der
MD5: bd774edd3ecc4ca2779a4562038a0beb
SHA256: cbf6a708851e5072a1b6311217c1d8ad17b51dcca89b5ce90849596b5d7fde3e
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\A82FCF7B1DBB658F5E9FA99903DC49F035FF8F14
der
MD5: 49e1998ca0c093f481bd0bf1e5653e37
SHA256: 06711c9020be1d1748eecb74a10119f98ab2f4ffd2c8a1078e391b8930c8d89a
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\D13AEA2593035B7D0375BD1B5D1C1D5528D6B900
der
MD5: c5fe6f05936dd40e35eb9dba8128b593
SHA256: 9f494c0d5dc332cd4382ff22a219261ae1c00b1911a60ab901d818930bd66472
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 22ee80c75cb7979e254cd117f989cd83
SHA256: 2e76c9d605ea3896f9b97d0bda5bfa5ac784eb1f976122822cffab15367bebde
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite
sqlite
MD5: c3c734e669d754ec1ecdeedb550fd7f0
SHA256: c2e77a1ab2725c5f25ae7cc9b2f4617721cddc73ca5189a4ecdf663f84565fa7
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite-shm
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite-wal
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1451318868ntouromlalnodry--epcr.sqlite-shm
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache-child.bin
binary
MD5: 558efecb4cdb09a52b64b7737a278a26
SHA256: 660da5a16623cb99f05b166ef13dc4da9b481c5c73ad9d714bea1c9fca07d4d6
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache-child-new.bin
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache.bin
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache-new.bin
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\urlCache.bin
binary
MD5: ae9372bd836fab8be31655ebb36e269a
SHA256: d87e60954d8fc6fe071c91e202cc037483bf67168c2d23793e770945946f0de8
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\urlCache-new.bin
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: db58b4459319cd9aeb382305fa488797
SHA256: 06b899c1e399e4a0b5f6959faf0b307c62b79bc51251e8ce147c7d4d14bad70f
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flash-digest256.pset
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-backup
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flash-digest256.sbstore
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozplugin-block-digest256.pset
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\base-track-digest256.sbstore
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozplugin-block-digest256.sbstore
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\base-track-digest256.pset
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flashsubdoc-digest256.pset
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flashsubdoc-digest256.sbstore
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozstd-trackwhite-digest256.pset
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozstd-trackwhite-digest256.sbstore
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashsubdoc-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashsubdoc-digest256.sbstore
binary
MD5: ba0009932844173bc8f9af264229df24
SHA256: 66d1c00c04d86e313e9a02775cdf906b1be8d4cd6bef423a1b9e21cc4e9f50c1
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flash-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flash-digest256.sbstore
binary
MD5: c921d8e98fa01b4f303481e112202e92
SHA256: 4ef1038730ec8bc7206713c29a936768831b922c5e6c83355fd62d7401d8c1dc
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashallow-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashallow-digest256.sbstore
binary
MD5: 6f85bc4b2ecb49e26b0bd83a821065d0
SHA256: c0b3bc9b3dc507ab654caf72d13c3aefa58c9b13b1e4d14dd8816712d80a7e54
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\allow-flashallow-digest256.sbstore
binary
MD5: d886a47c89d9c49c795da345bc236990
SHA256: a03c5e2656d2f292bf5794c8eeb8d223cd6ba4f4bfb2ed1f325460e879d0bcf7
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\allow-flashallow-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.pset
binary
MD5: 5d72f14c70a9d3ce5e1be80a6a7a8895
SHA256: dcb74b6c44fe4bd24fa95a2998203534f569d0974405e126e9c68acacfa0c3f9
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.metadata
binary
MD5: 68a257dad832991a45238552c262dabd
SHA256: 03da2ed37888c25536abed2c07709bd95395c44445d85c54946dcaacd5a8190a
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-phish-proto.pset
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto.pset
binary
MD5: cf5b3ff6c4aefaab69bc2988836b5189
SHA256: 05a86ceabfe4e0e6952030240ca3f646c26c1f928f11000d7bdc1f914f3cd07d
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto.pset
binary
MD5: 91abfd1dd343b9703bfa16be38734586
SHA256: c7394adff8a690d8ee025b7a797aa11b0ef68b7b44f3605ce54212359cf97f4a
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-downloadwhite-proto.pset
binary
MD5: 7655fffe7cfbe1ebf96afea5fe2e1376
SHA256: ff2f663c4e453706b7817109f6a43e8b3389e8cfb1b7d64aace2bfba45f3a359
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto.metadata
binary
MD5: 1e0ac35f100c73f0385f58aeed6ea386
SHA256: 0c9d68e11698c6d1e82b1c92a6eb8d80732d9deea37c3df77c1dbeba03b7ad77
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-phish-proto.metadata
binary
MD5: 46fc16064a41501642c8113770022056
SHA256: cffd4741b53221f7bf79f78820b6b4c8032ccf4c8830c508d05d454a13a5ac43
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-downloadwhite-proto.metadata
binary
MD5: 1e9e39eb673bf071b15630af22e39e52
SHA256: 190c2342684585152490bc5ca3e4994fc622dfcf4ed4552eaba5d4740a4b6b99
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto.metadata
binary
MD5: 4f90ae80d91b50403455db747515112b
SHA256: 85e030ed0db7db37ff2ef596d9ab273a399ca86d72ff1b9ae71796474fa603fb
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\DFD40386CE48675D7993CFB884543414A59DF9DC
der
MD5: 971c0bacba47395bd2403aa295acfcbe
SHA256: f7016b8cf3651199369589b0d75693ec273357eb89535286e583c135d20f59ed
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 85abc5ab2c6763565a020773a0b8d957
SHA256: 21fc633c4d53c7ffe1bd68771c7236245315fc5655a43ae1b6a836f8834b4ba3
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-downloadwhite-proto.metadata
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto.metadata
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto.pset
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-downloadwhite-proto.pset
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.metadata
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.pset
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto.metadata
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto.pset
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-phish-proto.metadata
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-unwanted-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-trackwhite-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-trackwhite-simple.sbstore
binary
MD5: 65e942614eee70680464ac4be75019fc
SHA256: 34395085da32c8b4efe9959e3b0d756b43ffed17694d66f39b966cd331bd9a94
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-unwanted-simple.sbstore
binary
MD5: a5695cc64d77967232b0c1344c6e72b3
SHA256: 042a22b8681d754671d2018ba109b31a53ee3728d48c6379043f8e3394e7fbad
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-malware-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-track-simple.sbstore
binary
MD5: 95f28ede25c301301f25fbbd9a3c56ec
SHA256: 87763df78772f7d750b0fa5a31eec23e931fd3bd1cbb33beddfc61889da36478
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-phish-simple.sbstore
binary
MD5: 3d1ce5e50208f0cb3b979186043a548f
SHA256: 1e13d05d482c3d533dc6035af2b2d6e84749412a5748d1435b70cec8b312340b
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-track-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-harmful-simple.sbstore
binary
MD5: 051fb32dece757ba112ac36dc72e3a91
SHA256: 0806d98fb3de55f75d7c0b17e26146567e08c483031526659a4a35d09b97ef19
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-phish-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-malware-simple.sbstore
binary
MD5: 3675254e341df799d4307c1f59109185
SHA256: 23d108134bed6099793f7dd6b8b6e62081ec3b945efdbc7c5e0e779fd9b82f98
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-block-simple.sbstore
binary
MD5: e2cf527ca7550b7e7bdf7311e483a2c3
SHA256: f1e07b1d717433f47073dc54a7d98e3e87b3d0fa88e53466f93ea544af885d11
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-block-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-harmful-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\5BAB38AEC4B10F9F667A10E721227397604BF260
binary
MD5: a19e25cc1fb4ab9c21320d6aeb97371d
SHA256: f0c57907b1ed2eb7fd3447a469a12cbaa07065f7e3479040b03eddfff8295823
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\25218EE79CFF5F3AC18C58CFDF44A674E3560C47
binary
MD5: 16400ddc5f970faaafdb3ce192757abe
SHA256: 7e4384e72fd79edd9e19cc8fb8a4f056960a03a1782a9da0c359188ae53027d4
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\5565D3CB68658733F5D6A73587045CF15A8CE21A
binary
MD5: 05d677e583d0538a80715134b4e79eea
SHA256: 2f7d0e666df1bdedeee53cb7dab65b117768dc7a6c2553be784840b6f394f179
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.jsonlz4
jsonlz4
MD5: 379028dbd20b1624270d39ec40231f55
SHA256: b15a446de59caea3393b742367ad12dd360ea534b2eca1e382706c903a00d1bb
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\12E7D205D742833AB3FD5E724F92FE1C50D7EBF6
image
MD5: b64cd6ae0980cbef01ae3bb15782d371
SHA256: 0d0730d35ac4b5758c79755326377b07087b80381fde97ce64993898f8252752
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\A8681623B9977447A39AB8D013D905203DF699EF
der
MD5: cf2524fcdc41576d9ddac928ad0bb60a
SHA256: 4a13213f7e1bf509fbf932c49adba0f57e779a499da95e7920ce5df99ceef04e
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\10F321B9C46CE2F9ADC9CD4D54EA57A471CC68EF
image
MD5: 23c3fcebcf4da091796048efc7e9fbb1
SHA256: 32cdb47523c3283aea58cecb8984ec8d77e970da5af6ef84c32f69b40e63bcbc
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\03601C28CCA7067B5E995CA829EBACA444C8DE6C
image
MD5: ebe8ddd57bdbabe6eec22115a5e061c1
SHA256: b30851b6f79ddf391a63f977b3f7409e998c278beaefef2784188bd76ad7ca1a
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\807254D1AA56F6D7B4FC9493F42F224572AD0BA6
der
MD5: 2172a2ec9ab2e28952be8ca9f646f69d
SHA256: f5e3e9008a6bddfe9f77719066fd4a4a3494d688afbd9280819f45cd6a2aca45
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\DFBB5AC3782BEDBC01CA46EC231CD2589A565E37
binary
MD5: bb683782c915a47996f0178a356a9390
SHA256: b605f7dabd0718fb18af85577aa877ec79ba473d841b1239fe632204db3e534a
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\1E48A8F497AB072D013A2362D6130FAD24F2B17A
woff2
MD5: 1114ae443b586a4aef88bd81f4bf52bc
SHA256: 16c612138c9d3f9a8fdb4d2a0b431df59b797ffa7c03f49d8fe6e5eb3e8d9a02
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\4007563E8F41FAF1C865F8D2E86362A913A3D497
compressed
MD5: 0b3fc3271998dced61e42ff7f00fa2c4
SHA256: c31d0d7f7efcfd6953dd698ebe2323731e70b2c51845fb0622018518c6c44620
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\79D293C5F0ADB76B580647FFEF166FAC0B19FA24
der
MD5: bcf31d0bb9e0e84179ba9d3901e2037b
SHA256: 279d3a55659fb769c86693267ebcd3b69b22d26748084928f56b8991ab68a82e
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\21DBF1665681C583F6216FA261AF273683694D9E
compressed
MD5: b3d171ff241f03cabeffc2f7b295518a
SHA256: f2c56a638572f52c8354a183a583860126c753d33f21a0b36cf184f4a81466f6
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\9EB1333C80A4D06A65E7B62CB2F7240C7CD0F680
woff2
MD5: 58066b30d6828a0005d47c17a9735458
SHA256: 3f211d4edce52d0330493847a6183e32ea87b442eef97d05db57cd0713393ca5
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\DE266905B1ADE54B91965811C3A26E68AE78F3B5
binary
MD5: b7cccec71a46d9677968cc49b4319fa7
SHA256: c44ed453ed0d73a2bec97be8298aca0205deb25807018e49bc0a3baf90c47506
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\AA7A63E1FDE9089E6F025C5444F544113E585C56
image
MD5: 97dffd4217bea2f0bc1469a7811480a3
SHA256: 697396fce3d29609126752858c1cf572187074f621f03e372c48a211028b94d1
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\5C39B9B2EE4070509CCAEBF26AC2C447DA741593
image
MD5: eb33c043c74b9b441ad8f01fee38ba23
SHA256: 0d54e4ed22f894b8a65a248147c93618c1acb833a95285e913519effccbfa1a3
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\addonStartup.json.lz4
jsonlz4
MD5: 7337d087ec76e87a76778b4eec5e8e63
SHA256: aa4398d1716aadeb35a4ddddc4e7d2429c71defd15cb45401938889f5b2f05e0
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\addonStartup.json.lz4.tmp
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\009381C982E13BEFB367B7BF587F3259F3AE3AAC
image
MD5: c97846d9a6ac27abd174eecdce845efb
SHA256: da97797431c0f9987d863b90400202e1a6501680700aae4227dbb26b12ef4718
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\9480526FAB730D9B31CCC38EE6BF185D6A993748
image
MD5: 0949746def20e8162833abfda414364d
SHA256: 253dd1f3f27711d759bddceb3833900c54fc1cea2987500380dad00c6d4a108a
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\36D74D10F975E75CD1A2631C0BA9A35A9C7159B3
image
MD5: a1151037c0681aab24b2d2a721f9022b
SHA256: f4838a04db0da235b5896bde9f258b38f7f9366263928a1cf1e3cc163bf5b26c
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\C1CB94117BF8C3EED51C50ED521EEFC71146C93A
image
MD5: 66ced0ca9a1a13799eee33f82b80c5cf
SHA256: 55763f06b559d9c275677dc9ee68ee6f2c2c760dbe4a30c42f5cc2998252a063
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\F20A6FC1A6D83BC0636E3CDC5655663E3658E347
image
MD5: c67822c6c20edaeb44cf3376e41a0623
SHA256: b9fc742dd8cd3aeb51185a3c12b57b37388b3ceb97e8b841c73937adbe9b89ee
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\4928A80404C3B5F8DD8FE33F91B88424497754F2
image
MD5: b04285016641601dd748333ae1a34bd6
SHA256: 22dcae5376ad634aa038d50075bd469ee9a3aa354406214f1fa194a5b52d9bbd
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\E8F9400FD28BF06E72E0D43481547BF8E5E1D34D
compressed
MD5: 0d2e8a930b4c01a3b9f11da68c2f9ed5
SHA256: ce3ebce4eee4e87a271bcaba9d0fd1e768db8056bcdcb5c083c780334af8e38e
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\7B273DE091E41504A9AF82AFC6EA1AB3CBA3DD86
image
MD5: 1d28218425bb52ce1287409e6441df22
SHA256: 954c51a3c6c0cde0198ca59157cc921896f60faf516f4329bf5bf4c7f96dbd56
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\F8AC72083E334F70A553AE68455FBDF0E65C5221
compressed
MD5: 54b28091cd02842dc7f3a7723f95c47c
SHA256: 1297675bc36d23184f5ab4dc5e91614389acdcd23fde9b76f0c5e831728a49d6
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\914E3B094C1B4FE111C021D0B702C6730D503710
der
MD5: 8b9efc3203588521940912c82cc0787b
SHA256: 4fae04cbecac94e977200541297d847c397d1eef650c34d143fabc40a806de93
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\cert9.db
sqlite
MD5: 1db1d2e31ced25a5ebf9c895bb475f60
SHA256: 17af3e562b75a56dca571399b630c014314a6949e86bee73f4b7eec10fc57b25
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\cert9.db-journal
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\5E4954707B44E5A4B4ACF5F22B52219A1DCA477F
compressed
MD5: 24a8888cda4b4ff106b9e83c15fcb7e9
SHA256: 6f82a268ae23c51513db6442ac73d813da2b2357b32ecbaf298e207c92d06099
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\68B8E8125A0C10030CF7A7562FB4E62FE56EA642
compressed
MD5: d9173817ae7980055525d85f3a18e119
SHA256: 41b7c6ba1b587d1b62049a887bec0a8dccb97667717a7cec74b6a8138aee89a8
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\F4B526703E00EDBC18FDC95F6FBB865558EB1928
compressed
MD5: cc558066458a29a843eb70dc7a78eee7
SHA256: 4461e9b3d4143cabd0846c9d52686c3ae58d16c736d6e973c52c31c8bd40d52d
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\CDF6C6561B7E85DCE8FE65457B7F464E401329A2
compressed
MD5: e850c74656deedc00d7256145c02cbe2
SHA256: 7223e725502e0aee43204618ac4e846e74e884cfedaf860cd561c9994f504ff4
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\9EF090A87E3ECF815333652FD58780EB15F492CC
compressed
MD5: 3c7fa5d8bf2b9680e020d3caee6d8951
SHA256: dd3bbe969773cccf91c99d00b893dc9eb099003f276ee1301937763f7f2d0dd5
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\555118D004AD022CA4A46B70B41678B3426DB6A8
image
MD5: ab24265f9dc9ebd6d7594339f1310bc5
SHA256: 8a6b2574cecf8b7b59553ec75db613359c20c9b4e6f8adf861d87ac6ea3db3ae
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\B37467AF72151A1131FECBC0D39DDC37A5CAAA1D
image
MD5: 0b45727d156912aebccfce8e26423824
SHA256: c059d9bd15641657ec9e1c338e4efc227adc55d3fab76414a2f4e0f316d1b10b
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\E600559D82210F57EB9B7356D1C3DFEE1443DF27
binary
MD5: 90d1a18e2e63a38edc9051df9c90a1cf
SHA256: eee0ec51a4e62caad3ff51404ea8de038e1d46803639f36131762cc736481d63
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\E52D6D59B1CA543E7133709D0C31404E51371B94
ini
MD5: ec92d081801b5c25a55fe4c0ab5d202e
SHA256: 50c4df210057cb049fb927a99fdb8c8639de9353c47f4b40f2b8b94b659959c7
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\AC653CC711A61F83B49BDAB515DA240DE09C0634
compressed
MD5: 6fdbf792a4a86296352e990444730451
SHA256: b40ee73c19e087b5e2d92a6802b8929706abcc7c1319664a7dcd180c1d953895
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\2169C3A69FDFFE0151BA3D458889F17158F51AD2
compressed
MD5: a00d59271497dc2363d40365d61ff5c5
SHA256: 2ad7abedef264b575b37d6db557511609f956e29dbe94c4773f6d94cd897cfd7
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\C3888148267A738B6843D8EF256AFFBE4A8E478E
der
MD5: 88e060201ec88ebead4bca142655b62f
SHA256: c252505792219d042a3423003ba3f38e2d066ed95014fe128fb5ed5838cc05d9
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\8BFF9E87367EB40EA6B0F13A9638A82701BA52A2
der
MD5: c144e92523a4dbf3bf9074f97a3a7621
SHA256: e87ecfc9c609a00e21539b76274cbb8b08d52bbed88788aee119136f13c0f5ad
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\7635A4ED206FA23AD61947AA37A641CE1609E7AA
der
MD5: a67a8ad9a19f14b24597eac6a0eae2a7
SHA256: aed251740b6f3da4394299813dbff328e854803fd0c9c6bc60e4178eb81dd2d4
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\search.json.mozlz4
jsonlz4
MD5: 19142d6c5e75ad53271ebfd49fa699af
SHA256: 98eaf20f029b37c171dd1b594f430e09422723e225f958084e7dff2b33eb907e
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\search.json.mozlz4.tmp
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\D5F0B85D53E79EBECEEAF856F07058E8BD3C51F6
der
MD5: ccb37676a6288ca8598dde99a60ed3b6
SHA256: 0ba569be21b5b39c241657835f46d503295dbc710e7cf204796c745d25fc21d1
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\A0AF249441DF3D34BD9C3C02415EB7797B42EC43
der
MD5: 276896c9424e9f3d26e9cb4dfaacaf18
SHA256: fd5803b622a964e13b3e4717d256769202a942c67a3e78dfb07237b7627722de
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\9D7F030BE9A01CBDA25A05ECE179CE12EC741954
der
MD5: 604f361c05b6e3396462d64c3a128fbb
SHA256: db40db3986f26ccedda88f404e65907e1bdd782c4a5e41b25529942c47ad7643
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\6AECEA2898C76B06ECED381F74F08B1E2AD7BE30
binary
MD5: 0c92b640f63304224ad180b0209a236c
SHA256: e6949958cb9c3a8d6b03ad525fbe66c37cabe5b9b46f48db12dce955c29fa91b
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\cert9.db
sqlite
MD5: 719183da45a9c16c45e165aa4fe6135f
SHA256: d3b0593519cdb71828dc7fd3e70984b22456c621323bbded4ba68b1cfb192aac
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\F75A955920CD0B247BB7C7A1E39E556125A9D133
der
MD5: e089687f9d72ac9c63495994aa9ffff7
SHA256: 4c389a26139d94efba707b29487f45ad43295b7e5d62136412f884470b7b41cb
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\49968F5AAF6C3D4E162E052C301E673D6E1D2552
binary
MD5: c6ee79313fdecfcfde7693f2bec94624
SHA256: d702629f0bbb016aab58c818d0b1cc2ab53c500213944f366a943094afd0d14a
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\doomed\7175
binary
MD5: 00845cfa655570ede0374d9c0df85b59
SHA256: a421e6f7103b60091014b90f4118ae00b723d80599d4356e3e150b8f2be2359d
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\5F48DD1070FAD8360BDB26A01C8DA8DF85CBFCAD
ini
MD5: 4d1145d4c6ea3a2ec1b5d48576c3622b
SHA256: 980f07d0571dd80eaac45c9550d4c88cbe706c82341efc0158b61d5a62129e7a
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\033A5B6AB8B95D7D886611A69AF79AAEB7537DCF
der
MD5: 5397e9d7e0d648f670c9724e8d983c92
SHA256: b99356344053efb2d1ebfecaac70be43bd88ff7790e7690a2eb7c31f77afaaea
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-block-simple.pset
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-trackwhite-simple.pset
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-trackwhite-simple.sbstore
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-block-simple.sbstore
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-track-simple.pset
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-track-simple.sbstore
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\2918063365piupsah.sqlite-shm
binary
MD5: b7c14ec6110fa820ca6b65f5aec85911
SHA256: fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-harmful-simple.pset
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-phish-simple.pset
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-unwanted-simple.pset
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-harmful-simple.sbstore
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-unwanted-simple.sbstore
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: a1db710ac204d6ddbcf51759fa0e1426
SHA256: b99fde7fd9ab64919cda3674441e0872a60bc980c676338fc3bba54d213ad539
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1451318868ntouromlalnodry--epcr.sqlite-shm
binary
MD5: b7c14ec6110fa820ca6b65f5aec85911
SHA256: fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-malware-simple.sbstore
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-phish-simple.sbstore
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-malware-simple.pset
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionCheckpoints.json
text
MD5: c4ab2ee59ca41b6d6a6ea911f35bdc00
SHA256: 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionCheckpoints.json.tmp
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 8f89a5889e1615f65674daf6a01a2454
SHA256: f6d3fde91836d607a3311a6e0a12463c811f791a9f231d2ff8542d772fa22ed7
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\cookies.sqlite-shm
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\trash13961
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache-current.bin
––
MD5:  ––
SHA256:  ––
2852
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache-child-current.bin
gmc
MD5: eea17f67fd57174d29c5ede8dc944b42
SHA256: 807ad7cf5a6bb45426ca2ed79856ad4a141a11acbdde540fd4c10c8bbf01a687
2852
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\crashes\store.json.mozlz4.tmp
––
MD5:  ––
SHA256:  ––

Find more information of the staic content and download it at the full report

Network activity

HTTP(S) requests
22
TCP/UDP connections
48
DNS requests
107
Threats
0

HTTP requests

PID Process Method HTTP Code IP URL CN Type Size Reputation
2852 firefox.exe GET 200 2.16.186.50:80 http://detectportal.firefox.com/success.txt unknown
text
whitelisted
2852 firefox.exe GET 301 104.210.211.111:80 http://www.codetwo.com/email-signatures/?sts=2471 US
html
whitelisted
2852 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
whitelisted
2852 firefox.exe POST 200 188.121.36.239:80 http://ocsp.godaddy.com/ NL
binary
der
whitelisted
2852 firefox.exe POST 200 172.217.18.99:80 http://ocsp.pki.goog/GTSGIAG3 US
binary
der
whitelisted
2852 firefox.exe POST 200 2.16.106.50:80 http://ocsp.comodoca.com/ unknown
binary
der
whitelisted
2852 firefox.exe POST 200 2.16.106.50:80 http://ocsp.comodoca.com/ unknown
binary
der
whitelisted
2852 firefox.exe POST 200 172.217.18.99:80 http://ocsp.pki.goog/GTSGIAG3 US
binary
der
whitelisted
2852 firefox.exe POST 200 172.217.18.99:80 http://ocsp.pki.goog/GTSGIAG3 US
binary
der
whitelisted
2852 firefox.exe POST 200 172.217.18.99:80 http://ocsp.pki.goog/GTSGIAG3 US
binary
der
whitelisted
2852 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
whitelisted
2852 firefox.exe POST 200 172.217.18.99:80 http://ocsp.pki.goog/GTSGIAG3 US
binary
der
whitelisted
2852 firefox.exe POST 200 172.217.18.99:80 http://ocsp.pki.goog/GTSGIAG3 US
binary
der
whitelisted
2852 firefox.exe POST 200 172.217.18.99:80 http://ocsp.pki.goog/GTSGIAG3 US
binary
der
whitelisted
2852 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
whitelisted
2852 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
whitelisted
2852 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
whitelisted
2852 firefox.exe POST 200 172.217.18.99:80 http://ocsp.pki.goog/GTSGIAG3 US
binary
der
whitelisted
2852 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
whitelisted
2852 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
whitelisted
–– –– POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
whitelisted
2852 firefox.exe GET 200 2.16.186.50:80 http://detectportal.firefox.com/success.txt unknown
text
whitelisted

Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID Process IP ASN CN Reputation
2852 firefox.exe 104.210.211.111:80 Microsoft Corporation US whitelisted
2852 firefox.exe 2.16.186.50:80 Akamai International B.V. –– whitelisted
2852 firefox.exe 35.166.112.39:443 Amazon.com, Inc. US unknown
2852 firefox.exe 104.210.211.111:443 Microsoft Corporation US whitelisted
2852 firefox.exe 52.10.122.55:443 Amazon.com, Inc. US unknown
2852 firefox.exe 93.184.220.29:80 MCI Communications Services, Inc. d/b/a Verizon Business US whitelisted
2852 firefox.exe 52.222.173.224:443 Amazon.com, Inc. US unknown
2852 firefox.exe 188.121.36.239:80 GoDaddy.com, LLC NL unknown
2852 firefox.exe 172.217.16.202:443 Google Inc. US whitelisted
–– –– 172.217.18.99:80 Google Inc. US whitelisted
2852 firefox.exe 205.185.208.52:443 Highwinds Network Group, Inc. US unknown
2852 firefox.exe 172.217.22.72:443 Google Inc. US whitelisted
2852 firefox.exe 172.217.18.170:443 Google Inc. US whitelisted
2852 firefox.exe 2.16.106.67:443 Akamai International B.V. –– whitelisted
2852 firefox.exe 2.16.106.50:80 Akamai International B.V. –– whitelisted
2852 firefox.exe 172.217.18.99:80 Google Inc. US whitelisted
2852 firefox.exe 31.13.90.6:443 Facebook, Inc. IE whitelisted
2852 firefox.exe 172.217.23.142:443 Google Inc. US whitelisted
2852 firefox.exe 172.217.23.163:443 Google Inc. US whitelisted
2852 firefox.exe 204.79.197.200:443 Microsoft Corporation US whitelisted
2852 firefox.exe 74.125.71.157:443 Google Inc. US whitelisted
2852 firefox.exe 31.13.90.36:443 Facebook, Inc. IE whitelisted
2852 firefox.exe 216.58.205.228:443 Google Inc. US whitelisted
2852 firefox.exe 172.217.22.67:443 Google Inc. US whitelisted
2852 firefox.exe 34.212.119.231:443 Amazon.com, Inc. US unknown
–– –– 93.184.220.29:80 MCI Communications Services, Inc. d/b/a Verizon Business US whitelisted
2852 firefox.exe 52.222.162.38:443 Amazon.com, Inc. US unknown
2852 firefox.exe 52.34.225.30:443 Amazon.com, Inc. US malicious
2852 firefox.exe 34.214.241.105:443 Amazon.com, Inc. US unknown
–– –– 172.217.16.206:443 Google Inc. US whitelisted
2852 firefox.exe 194.9.24.79:443 ATM S.A. PL whitelisted
2852 firefox.exe 52.222.162.135:443 Amazon.com, Inc. US unknown
2852 firefox.exe 52.222.162.187:443 Amazon.com, Inc. US unknown
–– –– 52.89.179.237:443 Amazon.com, Inc. US unknown

DNS requests

Domain IP Reputation
www.codetwo.com 104.210.211.111
unknown
detectportal.firefox.com 2.16.186.50
2.16.186.112
whitelisted
a1089.dscd.akamai.net 2.16.186.112
2.16.186.50
whitelisted
codetwo.com 104.210.211.111
whitelisted
search.services.mozilla.com 35.166.112.39
52.88.150.81
34.213.175.109
whitelisted
search.r53-2.services.mozilla.com 34.213.175.109
52.88.150.81
35.166.112.39
whitelisted
tiles.services.mozilla.com 52.10.122.55
35.162.29.26
35.164.130.113
35.164.197.9
35.165.22.140
34.208.143.106
52.26.103.165
54.186.163.246
whitelisted
tiles.r53-2.services.mozilla.com No response whitelisted
snippets.cdn.mozilla.net 52.222.173.224
whitelisted
ocsp.digicert.com 93.184.220.29
whitelisted
cs9.wac.phicdn.net No response whitelisted
drcwo519tnci7.cloudfront.net 52.222.173.224
whitelisted
ocsp.godaddy.com 188.121.36.239
whitelisted
ocsp.godaddy.com.akadns.net 188.121.36.239
whitelisted
safebrowsing.googleapis.com 172.217.16.202
whitelisted
ocsp.pki.goog 172.217.18.99
whitelisted
pki-goog.l.google.com 172.217.18.99
whitelisted
www.googletagmanager.com 172.217.22.72
whitelisted
codetwocdn.azureedge.net 2.16.106.67
2.16.106.57
unknown
fonts.googleapis.com 172.217.18.170
whitelisted
code.jquery.com 205.185.208.52
whitelisted
cds.s5x3j6q5.hwcdn.net 205.185.208.52
whitelisted
www-googletagmanager.l.google.com 172.217.22.72
whitelisted
googleadapis.l.google.com 172.217.18.170
whitelisted
a1879.dscw14.akamai.net 2.16.106.57
2.16.106.67
whitelisted
ocsp.comodoca.com 2.16.106.50
2.16.106.113
whitelisted
a652.dscb.akamai.net No response whitelisted
www.google-analytics.com 172.217.23.142
whitelisted
connect.facebook.net 31.13.90.6
whitelisted
scontent.xx.fbcdn.net 31.13.90.6
whitelisted
www-google-analytics.l.google.com 172.217.23.142
whitelisted
fonts.gstatic.com 172.217.23.163
whitelisted
gstaticadssl.l.google.com No response whitelisted
bat.bing.com 204.79.197.200
13.107.21.200
whitelisted
dual-a-0001.a-msedge.net 13.107.21.200
204.79.197.200
whitelisted
stats.g.doubleclick.net 74.125.71.157
74.125.71.154
74.125.71.155
74.125.71.156
whitelisted
stats.l.doubleclick.net 74.125.71.156
74.125.71.155
74.125.71.154
74.125.71.157
whitelisted
www.facebook.com 31.13.90.36
whitelisted
star-mini.c10r.facebook.com 31.13.90.36
whitelisted
www.google.com 216.58.205.228
whitelisted
www.google.pl 172.217.22.67
whitelisted
shavar.services.mozilla.com 34.212.119.231
54.201.6.28
52.32.141.83
52.35.21.241
52.35.215.194
54.186.120.41
54.187.176.55
34.223.203.249
whitelisted
shavar.prod.mozaws.net 34.223.203.249
54.187.176.55
54.186.120.41
52.35.215.194
52.35.21.241
52.32.141.83
54.201.6.28
34.212.119.231
whitelisted
tracking-protection.cdn.mozilla.net 52.222.162.38
52.222.162.99
52.222.162.48
52.222.162.10
whitelisted
d1zkz3k4cclnv6.cloudfront.net No response whitelisted
push.services.mozilla.com 52.34.225.30
whitelisted
aus5.mozilla.org 34.214.241.105
34.218.159.169
54.148.138.18
35.163.20.157
52.32.77.100
54.148.123.234
35.164.82.230
54.186.118.41
whitelisted
autopush.prod.mozaws.net 52.34.225.30
whitelisted
balrog-aus5.r53-2.services.mozilla.com 54.186.118.41
35.164.82.230
54.148.123.234
52.32.77.100
35.163.20.157
54.148.138.18
34.218.159.169
34.214.241.105
whitelisted
redirector.gvt1.com No response whitelisted
r4---sn-5uh5o-f5f6.gvt1.com 194.9.24.79
whitelisted
r4.sn-5uh5o-f5f6.gvt1.com 194.9.24.79
whitelisted
firefox.settings.services.mozilla.com 52.222.162.135
52.222.162.126
52.222.162.6
52.222.162.155
whitelisted
d2k03kvdk5cku0.cloudfront.net 52.222.162.155
52.222.162.6
52.222.162.126
52.222.162.135
whitelisted
content-signature.cdn.mozilla.net 52.222.162.187
52.222.162.99
52.222.162.10
52.222.162.12
whitelisted
d12uj65dsn9ho1.cloudfront.net No response whitelisted
incoming.telemetry.mozilla.org 52.89.179.237
52.27.23.108
52.26.72.3
54.68.141.132
52.34.167.99
52.89.114.227
34.214.252.85
34.212.55.103
whitelisted
pipeline-edge-prod-25-561439127.us-west-2.elb.amazonaws.com 34.212.55.103
34.214.252.85
52.89.114.227
52.34.167.99
54.68.141.132
52.26.72.3
52.27.23.108
52.89.179.237
whitelisted

Threats

No threats detected.

Debug output strings

No debug info.