General Info

URL

https://aesoffice-my.sharepoint.com/:b:/g/personal/john_jmcoffice_co_uk/EV0dtAKUCUxMhEbjSnjO5xIBmiIPe55pwbuUQ_WsykU8VQ?e=UFBEqk

Full analysis
https://app.any.run/tasks/f9480578-715e-4f70-ab59-4c3cf714ffd2
Verdict
Malicious activity
Analysis date
7/11/2019, 16:52:01
OS:
Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Indicators:

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distored by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

Software environment set and analysis options

Launch configuration

Task duration
60 seconds
Additional time used
none
Fakenet option
off
Heavy Evaision option
off
MITM proxy
off
Route via Tor
off
Network geolocation
off
Privacy
Public submission
Autoconfirmation of UAC
on

Software preset

  • Internet Explorer 8.0.7601.17514
  • Adobe Acrobat Reader DC MUI (15.023.20070)
  • Adobe Flash Player 26 ActiveX (26.0.0.131)
  • Adobe Flash Player 26 NPAPI (26.0.0.131)
  • Adobe Flash Player 26 PPAPI (26.0.0.131)
  • Adobe Refresh Manager (1.8.0)
  • CCleaner (5.35)
  • FileZilla Client 3.36.0 (3.36.0)
  • Google Chrome (75.0.3770.100)
  • Google Update Helper (1.3.34.7)
  • Java 8 Update 92 (8.0.920.14)
  • Java Auto Updater (2.8.92.14)
  • Microsoft .NET Framework 4.7.2 (4.7.03062)
  • Microsoft Office Access MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Access Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Excel MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office OneNote MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Outlook MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office PowerPoint MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Professional 2010 (14.0.6029.1000)
  • Microsoft Office Proof (English) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (French) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (Spanish) 2010 (14.0.6029.1000)
  • Microsoft Office Proofing (English) 2010 (14.0.6029.1000)
  • Microsoft Office Publisher MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Single Image 2010 (14.0.6029.1000)
  • Microsoft Office Word MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (9.0.30729.6161)
  • Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (10.0.40219)
  • Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (12.0.30501.0)
  • Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.21.27702 (14.21.27702.2)
  • Microsoft Visual C++ 2019 X86 Additional Runtime - 14.21.27702 (14.21.27702)
  • Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.21.27702 (14.21.27702)
  • Mozilla Firefox 67.0.4 (x86 en-US) (67.0.4)
  • Notepad++ (32-bit x86) (7.5.1)
  • Opera 12.15 (12.15.1748)
  • Skype version 8.29 (8.29)
  • Update for Microsoft .NET Framework 4.7.2 (KB4087364) (1)
  • VLC media player (2.2.6)
  • WinRAR 5.60 (32-bit) (5.60.0)

Hotfixes

  • Client LanguagePack Package
  • Client Refresh LanguagePack Package
  • CodecPack Basic Package
  • Foundation Package
  • IE Troubleshooters Package
  • InternetExplorer Optional Package
  • KB2534111
  • KB2999226
  • KB4019990
  • KB976902
  • LocalPack AU Package
  • LocalPack CA Package
  • LocalPack GB Package
  • LocalPack US Package
  • LocalPack ZA Package
  • ProfessionalEdition
  • UltimateEdition

Behavior activities

MALICIOUS SUSPICIOUS INFO

No malicious indicators.

Executable content was dropped or overwritten
  • firefox.exe (PID: 2916)
Dropped object may contain Bitcoin addresses
  • firefox.exe (PID: 2916)
Application launched itself
  • firefox.exe (PID: 2916)
Reads CPU info
  • firefox.exe (PID: 2916)
Creates files in the user directory
  • firefox.exe (PID: 2916)

Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report

Screenshots

Processes

Total processes
39
Monitored processes
6
Malicious processes
0
Suspicious processes
0

Behavior graph

+
start firefox.exe firefox.exe no specs firefox.exe firefox.exe firefox.exe firefox.exe
Specs description
Program did not start
Integrity level elevation
Task сontains an error or was rebooted
Process has crashed
Task contains several apps running
Executable file was dropped
Debug information is available
Process was injected
Network attacks were detected
Application downloaded the executable file
Actions similar to stealing personal data
Behavior similar to exploiting the vulnerability
Inspected object has sucpicious PE structure
File is detected by antivirus software
CPU overrun
RAM overrun
Process starts the services
Process was added to the startup
Behavior similar to spam
Low-level access to the HDD
Probably Tor was used
System was rebooted
Connects to the network
Known threat

Process information

Click at the process to see the details.

PID
2916
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" https://aesoffice-my.sharepoint.com/:b:/g/personal/john_jmcoffice_co_uk/EV0dtAKUCUxMhEbjSnjO5xIBmiIPe55pwbuUQ_WsykU8VQ?e=UFBEqk
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
Parent process
––
User
admin
Integrity Level
MEDIUM
Version:
Company
Mozilla Corporation
Description
Firefox
Version
67.0.4
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\kbdus.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\psapi.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\wbem\wbemprox.dll
c:\windows\system32\wbemcomn.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\wship6.dll
c:\windows\system32\winsta.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\wbem\wbemsvc.dll
c:\windows\system32\wbem\fastprox.dll
c:\windows\system32\ntdsapi.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\mscms.dll
c:\windows\system32\wpc.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\samcli.dll
c:\windows\system32\samlib.dll
c:\windows\system32\netutils.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\audioses.dll
c:\windows\system32\d2d1.dll
c:\program files\google\update\1.3.34.11\npgoogleupdate3.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\wininet.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\iertutil.dll
c:\program files\mozilla firefox\softokn3.dll
c:\windows\system32\sspicli.dll
c:\program files\mozilla firefox\freebl3.dll
c:\progra~1\mozill~1\nssckbi.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\explorerframe.dll
c:\windows\system32\duser.dll
c:\windows\system32\dui70.dll
c:\windows\system32\actxprxy.dll
c:\program files\adobe\acrobat reader dc\reader\acrord32.exe
c:\program files\mozilla firefox\mozavutil.dll
c:\program files\mozilla firefox\mozavcodec.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\mf.dll
c:\windows\system32\atl.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\dxva2.dll
c:\windows\system32\evr.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\msmpeg2adec.dll
c:\windows\system32\slc.dll
c:\windows\system32\msmpeg2vdec.dll
c:\windows\system32\sqmapi.dll
c:\windows\system32\bcrypt.dll

PID
2404
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2916.0.867173589\1773753951" -parentBuildID 20190619235627 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 2916 "\\.\pipe\gecko-crash-server-pipe.2916" 1164 gpu
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
No indicators
Parent process
firefox.exe
User
admin
Integrity Level
MEDIUM
Version:
Company
Mozilla Corporation
Description
Firefox
Version
67.0.4
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\mf.dll
c:\windows\system32\atl.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\dxva2.dll
c:\windows\system32\evr.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\wship6.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\msimg32.dll

PID
3468
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2916.3.2136856058\1556151817" -childID 1 -isForBrowser -prefsHandle 1604 -prefMapHandle 1268 -prefsLen 1 -prefMapSize 188076 -parentBuildID 20190619235627 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 2916 "\\.\pipe\gecko-crash-server-pipe.2916" 836 tab
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
Parent process
firefox.exe
User
admin
Integrity Level
LOW
Version:
Company
Mozilla Corporation
Description
Firefox
Version
67.0.4
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\wship6.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\mscms.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\audioses.dll
c:\windows\system32\wpc.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\samcli.dll
c:\windows\system32\samlib.dll
c:\windows\system32\netutils.dll
c:\program files\mozilla firefox\softokn3.dll
c:\program files\mozilla firefox\freebl3.dll

PID
2372
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2916.13.2008955315\1443597694" -childID 2 -isForBrowser -prefsHandle 2740 -prefMapHandle 2744 -prefsLen 5842 -prefMapSize 188076 -parentBuildID 20190619235627 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 2916 "\\.\pipe\gecko-crash-server-pipe.2916" 2760 tab
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
Parent process
firefox.exe
User
admin
Integrity Level
LOW
Version:
Company
Mozilla Corporation
Description
Firefox
Version
67.0.4
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\wship6.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\mscms.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\audioses.dll
c:\program files\mozilla firefox\softokn3.dll
c:\program files\mozilla firefox\freebl3.dll
c:\windows\system32\wpc.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\samcli.dll
c:\windows\system32\samlib.dll
c:\windows\system32\netutils.dll

PID
3908
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2916.20.1987939786\426965730" -childID 3 -isForBrowser -prefsHandle 3476 -prefMapHandle 3480 -prefsLen 6726 -prefMapSize 188076 -parentBuildID 20190619235627 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 2916 "\\.\pipe\gecko-crash-server-pipe.2916" 3492 tab
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
Parent process
firefox.exe
User
admin
Integrity Level
LOW
Version:
Company
Mozilla Corporation
Description
Firefox
Version
67.0.4
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\wship6.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\mscms.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\audioses.dll
c:\windows\system32\wpc.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\samcli.dll
c:\windows\system32\samlib.dll
c:\windows\system32\netutils.dll
c:\program files\mozilla firefox\softokn3.dll
c:\program files\mozilla firefox\freebl3.dll

PID
2644
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2916.27.1859440444\718198728" -childID 4 -isForBrowser -prefsHandle 2964 -prefMapHandle 3756 -prefsLen 7124 -prefMapSize 188076 -parentBuildID 20190619235627 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 2916 "\\.\pipe\gecko-crash-server-pipe.2916" 2620 tab
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
Parent process
firefox.exe
User
admin
Integrity Level
LOW
Version:
Company
Mozilla Corporation
Description
Firefox
Version
67.0.4
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\sechost.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\wship6.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\mscms.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\audioses.dll
c:\windows\system32\wpc.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\samcli.dll
c:\windows\system32\samlib.dll
c:\windows\system32\netutils.dll

Registry activity

Total events
624
Read events
621
Write events
3
Delete events
0

Modification events

PID
Process
Operation
Key
Name
Value
2916
firefox.exe
write
HKEY_CURRENT_USER\Software\Mozilla\Firefox\Launcher
C:\Program Files\Mozilla Firefox\firefox.exe|Browser
0000000000000000
2916
firefox.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings
ProxyEnable
0
2916
firefox.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
SavedLegacySettings
4600000077000000010000000000000000000000000000000000000000000000C0E333BBEAB1D301000000000000000000000000020000001700000000000000FE800000000000007D6CB050D9C573F70B000000000000006D00330032005C004D00530049004D004700330032002E0064006C000100000004AA400014AA4000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000C0A8016400000000000000000000000000000000000000000800000000000000805D3F00983740000008000002000000000000600000002060040000B8A94000020000008802000060040000B8A9400004000000F8010000B284000088B64000B84B400043003A000000000000000000000000000000000000000000

Files activity

Executable files
2
Suspicious files
115
Text files
29
Unknown types
61

Dropped files

PID
Process
Filename
Type
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-widevinecdm\4.10.1146.0\widevinecdm.dll
executable
MD5: 7f636be36a85d45a148b0fe13bd311a5
SHA256: 5566c2c4b1839386e1b951b13eeb7aaceb1fb52e9f1cfdbc345c5e4f7b6d9745
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-gmpopenh264\1.8.1\gmpopenh264.dll
executable
MD5: d23f706f2eacc190f2d4b75b041670d5
SHA256: ced08ce5bc45dbe505fa94b3a4268c0830ccda016a23c0acb16dd7268cfa7a65
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\E4AD594127F84CF7CD08795F1F414850B761C65B
woff
MD5: 87496ebab20dafcc937c5969c47015ac
SHA256: ccb339a8833f80fdcb2443300fb65471cd44c03d4add2ee54c09a44022e15530
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs-1.js
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\43B6655E5F16BC2535236452C6E5FF7FB6F2BD90
pkr
MD5: cebfc643a7275b71c8812b00dcba9299
SHA256: e2b38c0d665caf60d36039ada126b4ceabba1398ae5496280d2f20efff59744d
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-widevinecdm\4.10.1146.0\widevinecdm.dll.lib
obj
MD5: 5a33e95804ea80f06f97453b1a163e27
SHA256: 33bb1b23908e20870aefd100fb10983753b3ffbb308c55316b7b9cb6c9f45a6a
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-widevinecdm\4.10.1146.0\widevinecdm.dll.sig
pi2
MD5: bba147013aa78944b2530f3e4acf231d
SHA256: 2347297ebdd087df38fad1acc207f625938ff575f0d7c0533c6c5572f042f6c9
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\crashes\store.json.mozlz4
jsonlz4
MD5: a6338865eb252d0ef8fcf11fa9af3f0d
SHA256: 078648c042b9b08483ce246b7f01371072541a2e90d1beb0c8009a6118cbd965
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-widevinecdm\4.10.1146.0\widevinecdm.dll.sig.tmp
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-widevinecdm\4.10.1146.0\widevinecdm.dll.lib.tmp
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-widevinecdm\4.10.1146.0\widevinecdm.dll.tmp
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-widevinecdm\4.10.1146.0\manifest.json
text
MD5: 6489d53ce5fbfd0eba9deceb95323c61
SHA256: 1a8ce8afcfddd04cfb3dd743b0bcde8d439d9f86a1fe262d2f99fe6876631fc7
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-widevinecdm\4.10.1146.0\LICENSE.txt
text
MD5: 49ddb419d96dceb9069018535fb2e2fc
SHA256: 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-widevinecdm\4.10.1146.0\manifest.json.tmp
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-widevinecdm\4.10.1146.0\LICENSE.txt.tmp
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Local\Temp\tmpaddon-312d04
compressed
MD5: c787e9b06b44e979c9aff51c8da64b4e
SHA256: 7e8db6c2e3e62999814d198745067e04e7c61c1580d75cf73534712540df5d9e
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\A6834FB4FC17BEC1D928EF8AC11EDBD60239414D
compressed
MD5: a2744f5dd8acabd70fce28e13921b1ad
SHA256: e5784c0361748413f36ca52df4ea13b0b83bb7fc7aed196d97d788a43e0cc3ff
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 0085631c0f3c9705507dbac2b5482318
SHA256: 10b56fd7a9c189fd1b6101f98732bf577def6e35bf2156c3ea636a60377e0fba
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\broadcast-listeners.json
text
MD5: 2dc73147868905f43f1f25bb63242fa2
SHA256: 604ca57228f728bd5d025591817d5b75f084528c130329c2648faf5ab15e9a76
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\broadcast-listeners.json.tmp
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\11A8444C1E0A4B86F1E2359691CEECD924F4C064
der
MD5: e1b1692e91d912202ca5f6c0b1d87e01
SHA256: b72bbf94f411a9498287024db0cbbe3854a4da00a4375e1f0525dc6b550abbeb
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: c475177127b4e44fc9cd25fd8d99e645
SHA256: 5edc91d7b067764066db1c1aa84461c7be35134d92519b72201e509c5e4d4c4c
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\ABB2BF1828B05BD6C3DFD67080C8B8EF42C7655F
der
MD5: 1dc94f9671ce76ebb537bc8fdf0fe7ad
SHA256: 70d1257b73e6e6d032dbcbd619b090b61f9c5e4abdff17b4ac4c10b055bce767
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-gmpopenh264\1.8.1\gmpopenh264.info
text
MD5: 3d33cdc0b3d281e67dd52e14435dd04f
SHA256: f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-gmpopenh264\1.8.1\gmpopenh264.info.tmp
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 034b3594f305933ac1ceb5adce1e5cc9
SHA256: 2c9f747771e6f9bfcd07bb67a7b152a3bc3bf80f29c1bb887acb17aeba30afb3
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-gmpopenh264\1.8.1\gmpopenh264.dll.tmp
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Local\Temp\tmpaddon
compressed
MD5: 29ddfd36f79eaae39627110a00ff8370
SHA256: 600552de4de554364152ed426d02264e97d76ae1f33afb1d845a0d25e5e5ba33
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\30DA536D4A5D56FF0D85DAA6CA4D6E70F41C5F38
compressed
MD5: d944e1f4a25c6096714875a85fa5330e
SHA256: 32ecd3e72aa0e13de887b37e425a28981d0045d918cf797938169017ca33b779
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: e6fc78ebc2749a4b2940c0b4a99b2ee8
SHA256: 189d02fa42b318a9fa85407d96cee55ed9a4948d9bafccf03ef6bc40985d93c4
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite-wal
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite-shm
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 92928ffade4ca1cecb5f62fedc519146
SHA256: 989dd8fdff6d295b76878b93c24b030a1c29e66a59d7cae8942a7c1a265a30f0
2916
firefox.exe
C:\Users\admin\AppData\Local\Temp\mz_etilqs_NA8kMgQLQ0olgrm
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 128682819f591ed1d8ff310dd49f8969
SHA256: 2c0699463accd9650dd313c8bcf284e208ca23b73d5cd854f34409b976473b47
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\EEAEA8AB98877B6DD1B0F31F837915B7FD47F46F
cer
MD5: 18f98fa7c06d1fcbdb6e7b4dba716d63
SHA256: 832ea6481bd4de26e17f621221b0045347e4aa9950be2ed8a465d90c403cd450
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\D00A688072D5E651DFCBF1F615D0FF8CC68B8989
binary
MD5: b82ed5f5882741c9551cd2350a832456
SHA256: 12c4273e9ec6059b3de1abc967ad500c697e32f12d405b4747820990bc953883
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\1836CC1ECC545FA7B1A59C8B19A2E984D0122ED4
cer
MD5: c0b44ceeb0d49587272e9ac1b35944cf
SHA256: acd547a4a31ac6e2f5950a71bb7db58c6401c22a4d6fd4acc406acf327d58627
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\7B230AB1AF8D8511EACCCB69C1917AB2C031B2FC
binary
MD5: 77ea9a21589da125a0294a7a119472ed
SHA256: 70474c5e50bf819fa9d07eba23289628c90fcbc73f836c87097a46bacffbbe0c
2916
firefox.exe
C:\Users\admin\AppData\Local\Temp\mz_etilqs_cVFUlf4YXxYydZz
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Local\Temp\mz_etilqs_1tA1rTo4IY9dVnu
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 0516de908652bf74cc8538ef0da0328a
SHA256: 89b8aeaef9cf6ff8b7b49a0df4766adf7b68b5424c0fb82b801099ba57142063
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\1836CC1ECC545FA7B1A59C8B19A2E984D0122ED4
cer
MD5: c620d0531caddb8ee0377aeaa0645247
SHA256: 3e47afb45d2cc902812556af613143678bae7001f904608b525f3bd416c021eb
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\7065E2D8071545DFA0260E9A938F2BD08B66173D
binary
MD5: fde689c44d64e20ce8db36add7dcbca9
SHA256: ce442dd6208bc550c61a3365c1914253cb64fc321c617455939a4e48f52319f3
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite-wal
binary
MD5: 48144716aa6d052035883b3b2218090b
SHA256: c88a1b701206304d85660b7cfe69c86a934560afeffe2c709e08e806d5a11156
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 2668f5b4fdebd02c8af7a3743848a6b4
SHA256: f7ecbf7b9c2ad01f252c61c0b8f883e67b5a24126bd24e60342d2553db1d8028
2916
firefox.exe
C:\Users\admin\AppData\Local\Temp\mz_etilqs_agngdsXFH6kS11a
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\1836CC1ECC545FA7B1A59C8B19A2E984D0122ED4
cer
MD5: 3de5e9a1cbd37af26780f40087cc412a
SHA256: ad469ab0335cef642a3e6d770ab367c8de31a86bf03c80592fe07e0ee6c161a1
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\D17FDEA053F042E7C1F46E73FEFE25911325753D
binary
MD5: 39f52987de3309a279638a837da7bf20
SHA256: 09f992ba91d9c755dc064bbb21b8f0167d693e39b895556d97c937c6a3cc3404
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\E9D9027DD5EBC260A0FE4C03CBFB18294F0D0E20
compressed
MD5: 439ca7fd8a69734fbbb40b15bb27fdf7
SHA256: 480b3a8cea4dc1e2b91620bbb342bb9ee01fed13708bbf2fcd14066066175eac
2916
firefox.exe
C:\Users\admin\AppData\Local\Temp\mz_etilqs_OSDaIoWeqH0oh0I
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\04E55B30B274BBCB2DDD23B3D92098BAD7C02F8C
cer
MD5: 0bcee6f6313f8a68102969ac2117af11
SHA256: 591b0792bcd1c9cb8a507b6c23c9be56d3c0e5008b2bd40331c278bb05bbe222
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\D14E89E9C0B1611A544D1BF058490F1AB052C547
text
MD5: 31a51562e900a444cd3844125882aadd
SHA256: 2a5ca090397a3abf1ba59028e767785ed4981803e779ece8c5809dae2eaf1f1b
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 50668231efa7b6ca34533fb3100fa5fc
SHA256: 06af72ab4e3f88b6b18a3bbc634c2dd519445e48b5e3ac77539b287ddf85d20a
2916
firefox.exe
C:\Users\admin\AppData\Local\Temp\mz_etilqs_vSxK5kvDsVoGrdq
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\1836CC1ECC545FA7B1A59C8B19A2E984D0122ED4
cer
MD5: fd88648a4813f4f9c0a139544d1f1e39
SHA256: f65a3c85d322c90b24aefc55fdc22f6177d309dbddcc9663a8fe3d6d399d1a47
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\5618649FF649547EADA90BBCB501703A456D3C2F
binary
MD5: 90fc32b515ab4a6e015f02cbeacf49dc
SHA256: 30a12fc1db0e3e24227f04e49b74a93bfe17a3c9a0f776ca2cfc141dd49be375
2916
firefox.exe
C:\Users\admin\AppData\Local\Temp\mz_etilqs_fBgZujPAoAY9rsd
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: b4e0a70edd1e871c119ba687b0b1f98d
SHA256: cb73d94a8ca293e6573caabb1c2d224e5d1c5b6369d532461294f1c27001a207
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\2B8FB3A7C1E8990CE64886D66718692D2B2ED2BC
binary
MD5: d27329ba3336be0c4f52b91061c06b54
SHA256: 04c079ad9d6eead1c3b6c23c6195d66c02894aabc270dfefb8d320946213a5a8
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.baklz4
jsonlz4
MD5: 90c51eaf2e274ba12d80f3dd74f69a81
SHA256: b571a44fca3037b083d5752208fe17330bc0b4eb09abbb4ef6e39ec188edea3b
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.jsonlz4
jsonlz4
MD5: 19c652391e9b73dd6db9f0ebbaa3a3bf
SHA256: a38dd80c48b1df201dd0e590d3953bb61ac956f6963033d6ba99bca1e7746f8d
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.jsonlz4.tmp
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\66E757E3CBE3815E89C63AE13CAAA79385CA1372
vc
MD5: a6ae3aec27d9487418e0cd8dd2501583
SHA256: fbcf31b9455caf8900283013eac47feb14f6a35c13d7534ced26a1d9d3c1b74d
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\49F0CBB5E23DE0D7501ACD7A09E15BB6D88C82F7
binary
MD5: e4ca87947810c9ce68a9ed1c50353f0c
SHA256: f5eb735207db96fa66cedf57f5813908b3678beed1ee5671ee66b72e7e27e251
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\E9D9027DD5EBC260A0FE4C03CBFB18294F0D0E20
compressed
MD5: c5829258c2f6151b50eb312daf7a8af0
SHA256: 382a97b1ce665990852ebddd4b58617afb60db941c850716dee03dba9b744aca
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\4030C591CFCF22FC0E089653E69DFBE8C2678C91
image
MD5: e02717d9e5de45966b16e72e72a53011
SHA256: 634b035f180a4940c177c1ae6cd611ce88bec0a47f8483ef919a90d429e45f1e
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\cert9.db
sqlite
MD5: 8ccd048e438e3a7680bf3d9d665df846
SHA256: 25a0b1cd92788e9edf01cd46b3e72e34b3adcb9a776144f35b740de5ac843672
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\cert9.db-journal
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite
sqlite
MD5: 7cebaa59a76f1305216ee58f634b0127
SHA256: 804dd7ee91710ec249f23b074107c949aad8cb754c18867a02f723f2751ee930
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite-wal
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite-shm
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\2918063365piupsah.sqlite-shm
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\7A358745169FC297889F929557B739B4EC8288F6
der
MD5: ef10b09bc179c536ef065b8893cd38a9
SHA256: aae6c408a2ad7880865f8b8986ff284a1660004dda189c6a22796b6f686a6946
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\permissions.sqlite-journal
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1451318868ntouromlalnodry--epcr.sqlite-shm
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3561288849sdhlie.sqlite-shm
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: b7265a15dc8055a73df23171d6b8e68c
SHA256: 722f4011395b4daac04f9449c7b7ecfd1efb49736d3222800162e65b1006164f
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-backup
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozstd-trackwhite-digest256.pset
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozstd-trackwhite-digest256.sbstore
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozstd-trackwhite-digest256-1.sbstore
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache-child.bin
binary
MD5: 377acc3af381683cce2a6e1f4e660333
SHA256: 6891da4af0da5eac3629387172668de8df38c4295ad58b846b187f703b8b8a0f
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache-child-new.bin
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache.bin
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\urlCache.bin
binary
MD5: 06bf7bc2ab42c44b54ac6a2f77c58200
SHA256: 8b665a7ffd6f385ed733732c1abe6eb8171d4f63390ca7bd71e9d3d055ce53d0
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache-new.bin
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\urlCache-new.bin
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\base-track-digest256.pset
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\base-track-digest256.sbstore
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\base-track-digest256-1.sbstore
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.vlpset
binary
MD5: b099a835e195014cb920002c8a61f562
SHA256: 5ee6722a4af5e25ca45653895733774eb3ad7ee6bd637bd0b8101cbe512f8a29
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.metadata
binary
MD5: 9ace57fcc68ef2354845644b6856ea42
SHA256: 73b618ba680d68ce18aa569d8e57e5d93fd06c7820146d19c3c3e32c0364a280
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-phish-proto.vlpset
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto.metadata
binary
MD5: 0eeb5c7c72fe3b3df63566f1b8dbb041
SHA256: eba828c126bf2c12ac6b2a0a936d48ab479b56fc8ca96d342886ba8320f7ba44
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto.vlpset
binary
MD5: b7c1222022b3d92a8b1ffefff3870bc3
SHA256: 5b8300be487a6b279997c8af39b99aa59dee4d27eec37acab152e7cf1ecad8c4
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto.metadata
binary
MD5: 269ad0aa76c8e03e028ee77276e5221c
SHA256: 85ca85091f175600267f032e3b9183483693cf125075358f41c93a9e24bf048b
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto.vlpset
binary
MD5: ab1aacdd3855d23ad1f4f50095bc4bf0
SHA256: ead1154b46447f8ac4e49d2f931c7a72a92cd52b42790e64264469a7c5244a2b
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: c6c6daa0940743b72538347139c014de
SHA256: b7aae988085382786a7f44020943e2a6cbadd59310e1f58aab129ae801fe504f
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\E9D9027DD5EBC260A0FE4C03CBFB18294F0D0E20
compressed
MD5: bf93a87dc8aa08300a31276e4cee2072
SHA256: a99d0d7424b2c130d2e15c5b26ff7604bf6bffd5c3e2ceaaafe6d1ac1075a36d
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\02820FC09D910BF841B8FA0DBD761A99E93DB495
binary
MD5: ab915349db3e7289cbb138a90a4f0d61
SHA256: 3de24eb059a93bc5a86f52a0c2b7b4de62cb8242310bc30958adaed873563c43
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\A6909CD484D5872497C65D1DD7682C412CD5808C
der
MD5: ecad1b90ec53a3e37df4568fbd75f2a4
SHA256: 6d539b14c80943e35baa591fe02cb9606359d957664e4ce280536990ff4421aa
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto.vlpset
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto.metadata
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\default\moz-extension+++a35bff6e-5489-4e10-95ce-0340b402ad38^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
sqlite
MD5: 76ad3b4fdcc301b35f7d0f3744dad4b1
SHA256: 94ad7acba1557313003ddda3cde441c79a8b51c0cce43797aaab0b5a46bdd9b8
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.metadata
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.vlpset
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\default\moz-extension+++a35bff6e-5489-4e10-95ce-0340b402ad38^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite-wal
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\default\moz-extension+++a35bff6e-5489-4e10-95ce-0340b402ad38^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite-shm
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto.metadata
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto.vlpset
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-phish-proto.metadata
binary
MD5: 6a2783f14a05f475b1ea7b019fbae014
SHA256: 99953872f9390f30f0961a7b3d05503894d6682ac31ee9c9676976463a48dec1
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\35130CB306F8F26861E949DBF9D1CBF306C4B301
woff
MD5: b1d818855c44ea5c7c3b9ec6942fbd41
SHA256: 1c42a05140172d2c1df14cecd7c09b77b92c47112fae0c8d161c8da6cac0491e
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\F27959AEEDFD6DF88233A6A664B43C7614B1F81B
pdf
MD5: dd68ed651aad530d10783c169016fdc7
SHA256: 1bd6a3d97a604b55144d093b5e22415c248eee4ab6076897aa72e8c5354bb6a1
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\E5BF4E631A7ACBBFE420A74B1AB3C001B2C5FC71
compressed
MD5: 35811779c01d678439aa757add6622cc
SHA256: ff2a4e4cdcced9c70d9d7c8e2c749a3ed2ab00b9e56a8f3a4b637c88aa1b1e9b
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\730BBC97275949ED79E6409A8574FD82BC7FA0EC
compressed
MD5: b4bcdaff1e95677807b0976198fb2151
SHA256: 30253f9e050d4dafcc5f241c7ab58376287ffb17333a9c631663d4840d0c87dc
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\959EB08B76C2CEDF559660C21693CF7D61B71132
compressed
MD5: 6f9e876257bd67ce5959bfadfcab5969
SHA256: 0368fd9a331613e55d8811eca96e597f7cb74dda20d2142d216202a1525bc1c0
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-unwanted-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-unwanted-simple.sbstore
binary
MD5: a5695cc64d77967232b0c1344c6e72b3
SHA256: 042a22b8681d754671d2018ba109b31a53ee3728d48c6379043f8e3394e7fbad
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-trackwhite-simple.sbstore
binary
MD5: 65e942614eee70680464ac4be75019fc
SHA256: 34395085da32c8b4efe9959e3b0d756b43ffed17694d66f39b966cd331bd9a94
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-track-simple.sbstore
binary
MD5: 95f28ede25c301301f25fbbd9a3c56ec
SHA256: 87763df78772f7d750b0fa5a31eec23e931fd3bd1cbb33beddfc61889da36478
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-track-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-phish-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-trackwhite-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-phish-simple.sbstore
binary
MD5: 3d1ce5e50208f0cb3b979186043a548f
SHA256: 1e13d05d482c3d533dc6035af2b2d6e84749412a5748d1435b70cec8b312340b
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\3B84D6EF102A19A735C81931CF5676CD63A76ABD
compressed
MD5: b4bf4042ae6d05927e18f032958fe5dc
SHA256: fc71f383f6312745a8785bc05a9eed6a1b8c049c247123b49907815f628c9abe
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-block-simple.sbstore
binary
MD5: e2cf527ca7550b7e7bdf7311e483a2c3
SHA256: f1e07b1d717433f47073dc54a7d98e3e87b3d0fa88e53466f93ea544af885d11
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-malware-simple.sbstore
binary
MD5: 3675254e341df799d4307c1f59109185
SHA256: 23d108134bed6099793f7dd6b8b6e62081ec3b945efdbc7c5e0e779fd9b82f98
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-harmful-simple.sbstore
binary
MD5: 051fb32dece757ba112ac36dc72e3a91
SHA256: 0806d98fb3de55f75d7c0b17e26146567e08c483031526659a4a35d09b97ef19
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-malware-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-harmful-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\D5D14E6F88329DD543A57FDB69D39FEA8E8ADAAF
compressed
MD5: 09c3ea782170e315743d673beb1af88c
SHA256: b6f09cad4cdb79fd0abeeeaf501243ec9109e570c69623aad40f6e1970d10b62
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-phish-proto.pset
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\3D16CC27D57F721854FDDA8FAA7C0DA6E9AAA9B5
compressed
MD5: 694dd8d9654c18008287609827ca0bc8
SHA256: 31456157c93d8627ada5c5425f3c54e25b512e0e21310fc3630f2ddb6089e273
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: d5c0395388ae4cdb5a26b93865dd09a0
SHA256: bcdced58035d8b8eea456b54d4ed4dae296d37735acf5be1633a91acc24abb23
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache-child-current.bin
binary
MD5: 6a1ef5c5ae2f682a0606848fa329072b
SHA256: 29312a09916820dec3eee29b40c503fee9569204e291320bd9c908b3386b1896
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\05A427D7E3E0AA0B43BB6742B50E978B546D845A
woff
MD5: 24b3eedab27e7d89caae7ca2a85e1adc
SHA256: 3639485e48fce92dc8f6d8ec18dc0fb89bc0249ec53700c09fde6172f3e527ba
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\EBBC97EC4403019C8009E8DE0E58BBD244AD6C32
woff
MD5: 1748248ee62ae9b6a9316204fff9dadd
SHA256: 109233c5d06d3e534c9897ed02d20f4811b5d0cf396bc8a5540691fb969bdd04
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\default\moz-extension+++a35bff6e-5489-4e10-95ce-0340b402ad38^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
sqlite
MD5: e1e66456d1ff292b82cb7b3a8ee538c9
SHA256: ae26bad034de42a3f87b2bf2861482361d17438f70c5d58979dc22d66aec7262
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\default\moz-extension+++a35bff6e-5489-4e10-95ce-0340b402ad38^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite-wal
binary
MD5: 9d620df2247e07efa85cbb1f2505214c
SHA256: 2393bd4a95f405aba6a469d6f0573ef930ca450c76a0c2d6f53764c70b4d07e0
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\default\moz-extension+++a35bff6e-5489-4e10-95ce-0340b402ad38^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite-shm
binary
MD5: 52f654b32aa965e7a23be9169c659a11
SHA256: ea3a095cfa83c035be66f61e601eb948822c3640e02978f15f4365543d286537
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\default\moz-extension+++a35bff6e-5489-4e10-95ce-0340b402ad38^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite-journal
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\default\moz-extension+++a35bff6e-5489-4e10-95ce-0340b402ad38^userContextId=4294967295\.metadata-v2
binary
MD5: 809f0f1579e9d0c0f084bf0111c3d36e
SHA256: d8c7d6fbdf4f1a518a73e439f66564dbc45d98d1ba2c0780884b1e948c9449b7
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\default\moz-extension+++a35bff6e-5489-4e10-95ce-0340b402ad38^userContextId=4294967295\.metadata
binary
MD5: cd5b76acd7dcb407d92286ba1d28cb37
SHA256: 136981546ea10a3a82f347c9ff7901ed64d7cfa4c80b1c270e097eed90e7ace8
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\default\moz-extension+++a35bff6e-5489-4e10-95ce-0340b402ad38^userContextId=4294967295\.metadata-v2-tmp
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\default\moz-extension+++a35bff6e-5489-4e10-95ce-0340b402ad38^userContextId=4294967295\.metadata-tmp
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\05AD38307AE04A5A8E230CD1BCCB3491C1D1F12B
compressed
MD5: 9bd7b21bb4f2fa76a12b01d669d2381a
SHA256: c7c196bbf113c4031cbb835c0495062381e8bf201e2ae5e39453774f7b96b094
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\0DEA0589297C0D47A542CE08235F656DFCD181B6
compressed
MD5: eda217dc60b51dce7a563712639b4ccc
SHA256: 1c13cd8962711a01e777462d638865f617446ce1ed0e59f00b62051f0da67c5b
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\E2BC5139762CE25757C0C97ED62EA259AC33D37A
image
MD5: 5ace318ae461c47dabadfaf730ab8b53
SHA256: 78469e8f868abc960fa1d455dbfa8353d17f11315d8dec875d6603a856db00e7
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\67B1C2D7C094CF70A902F5166D9983C2BCB6DCB2
image
MD5: ff0c719850215e543f58965b29678a82
SHA256: e4a20eb763e7c3e1d3b9a4e4a7cbff66cfd2494f8c3d2bc7748b03e250265b63
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\62777E4CFC0715FAC805AB5361B448E09EAA94C2
compressed
MD5: 27e417fe8b8b51901d60a4b6b708261e
SHA256: 20d87f972a44e2ea75927219c4abc4bfade566d4646b7003a2bc249e47875730
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\75A1DADA95F3B0A6267079BA174C9BB324019E11
binary
MD5: 69e01a3157211125cad78012f88122da
SHA256: 880f625f5022dffabcc5b1adb3c9c539f331b725044f5842e89a52048b9ec34c
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\0B69BB77BFE58F65E4D48A2302DF6D9D09028076
compressed
MD5: c58aea0899648276f3e7037447727f29
SHA256: b4d7b259e49720b2008b83c0bb695e98a9e9207790bd6896e4dac6ceca109558
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\268780135FDC68E4D788ACF346EA11C3E5D4AB70
compressed
MD5: 7dc28306b9ddc849a16891c505cb0f4a
SHA256: f6fd7222c9eb7648eb33dee19699a54b781cd7cbfb65972adce1d2757b69968d
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\9677836FC43286657B0C87FF73673272ED5910C7
compressed
MD5: 577da78acdf9c2125155ddcd58285c8a
SHA256: 26f29cf93f5d95702d99caf04ed7407dfada97c16bbd378c1d384c82a712cf70
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\991AE86708897131546231063A53CFD5BDC60176
compressed
MD5: b6a05df2f06edac0253bc99d9b147c83
SHA256: dabd78bb44d69d36d0021ff6666297e979495d41538a472328e5b901169cbd03
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\9F0F80299399CC03DDFF1226F4D3EB25AC1DDA21
compressed
MD5: 063077ad3c388273d7b306181166b462
SHA256: e8b82ccba991f4beeab382a7987045b0788fa95ff1862f373c4195df276172b1
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\C1C50B9CA1BCA8B859347B822F046690B6811FAE
compressed
MD5: 5db455848d066fada2082a19093e0681
SHA256: abd31309b6b71d184d298dbccde7aaf693379907d76f85b804f6174fa8327d62
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\9EF70CE62A588C0A8217C3CB6C2D95C808166A74
compressed
MD5: c05d099d158d57ea11137c49c6c622c1
SHA256: 0f60c9dc861c0c02855a23654aa6786304a8e1a2eabb906ac2f496f9d48ac988
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\A21D9302EBF23E7020E40E0C578BF3E242A95795
compressed
MD5: a19fd94dcf39ddb37354c4cf1fcb16a6
SHA256: 65c57442451e28b9a82b68e18526ebdaa428fac5865975a92fef1e427e7a5c0e
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\6D547DAA1E9A6DD44836375E2EFC2BCC531A18AE
compressed
MD5: 44a9e88330a4a9caecf419abc72ceb6f
SHA256: 911e2e837bc7c60b6d91edcf026ed79e1c71e945e2ff8eaa55025e4098048108
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\doomed\6943
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\02820FC09D910BF841B8FA0DBD761A99E93DB495
binary
MD5: 87edef33defbabfddff02f5632cfd29d
SHA256: a010abd8d159b6f2523d556005a5d2f26e9213cc5188f6df127b253559d7d225
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\4067DAF0AE5B033E92B6F2B562349F78FAC48EBD
binary
MD5: afe328351f6075f940a38129bbdede2d
SHA256: 1943dea657a67487f98a030dd53ff05f29b81d2419461178142943f1fe086296
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\0D30688BF651C03AFA6F8CBE3644D2C1FFC71232
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\73EC376F7D3C17DB6CB3E26CA399C94B399619DF
binary
MD5: 5389638b3ce110e66181251059659108
SHA256: c2fdad71bdc9a786bef3c7c5630f5cab6492253831df453d39fb363cc08fa03f
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\E9D9027DD5EBC260A0FE4C03CBFB18294F0D0E20
compressed
MD5: 8b09280f931e5441492426418b5d31c6
SHA256: b631e77f5c1a2130bd7bd8795482fcb248fb13634995356883fcc202c7d512a0
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\A353DEF1AF280F013622D52D560BB31866A43FB5
binary
MD5: f1bdbe7a1ee284f9ce9ffd1c4148a19b
SHA256: 0956b6e02b07233c7c5e70cc153ef57d691d8b4968826cd7f6b9863978bd0db0
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\1B34F7E7E746BA261D56DDD805D272166E88B1AE
compressed
MD5: 6cd596b9c1c3244b41731afb7c36aa94
SHA256: 785ba7d0ac7f20f8b4bb61e8ea2363d44c81fcb37fca2dd5fc5b00ebcd3cd8ae
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.jsonlz4
jsonlz4
MD5: 90c51eaf2e274ba12d80f3dd74f69a81
SHA256: b571a44fca3037b083d5752208fe17330bc0b4eb09abbb4ef6e39ec188edea3b
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\previous.jsonlz4
jsonlz4
MD5: d282be26272e1e2a33d64d5be0e55f51
SHA256: 8e09de9b62723612ca98aca7137289dd00e19fa0d3a81a167341cc8020e310d1
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\4853FA4BDA346205FD1FC88217343FE1B0822B11
compressed
MD5: 8f86769921197de4c7c637aef7547d30
SHA256: f23506a198f1fe460710a9110a21a14843ca7451b490f857382bec445c04a17b
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\FC3008D530B5D63D37C214521ADCA80CDAA7FDB1
compressed
MD5: 70b50b43cf2b9fa70f1cf5ae728773dc
SHA256: 0bfc40c565304ee8cd02fc290982e230d28c34c55a3ad356d90e6fe02f613d28
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\D4C79A36FF5D80ABA146C691970810B80BACE5B5
compressed
MD5: 77d219c4d61317063892d0da88c101bf
SHA256: 7d88b4d5e26fc93afbcf9b527bbf2ca3b36b0df285fabdc28684b94d96eb788b
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\835427A1CC770553494C1149E52CE336D00B2C32
compressed
MD5: 921e348dc5a534ef2ac242cc5623c9bc
SHA256: b56c287f47363f0c5e75545c01b2c7351840fb41d71b025b1dd47cae22c2c624
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\cert9.db
sqlite
MD5: 0413f2191e97c61dffd57fb4ae1a8da8
SHA256: 14c6fe73056808f3e1f0d961b1928935700ba1f637d0996071c4416389f2fe3d
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\673B7DD7F804B36F49C956ADD2462D4C787771BA
der
MD5: fe32df1e02c641d83fcbf4caa168cc4a
SHA256: fe7372b49c09f856a937624183017f5d514c88bcf6d991554daa75889c911b69
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\A3B2CF19796E4F542737A58B4F9D524AC3FC6B1C
compressed
MD5: cf9b3b563b84c905e0c1493149da4bdc
SHA256: ebe43c38fd8d5e20ce9ae6d96cd8780a8a3cd42ad8b83c496177f9680a23bba1
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\24AE40A18BF48E3BE49139684D8FDDC9B427E0DC
compressed
MD5: 6f5f8fc392defb9fc373a000e50bd1a6
SHA256: ebcfc594ae165bef4b8b558c357a6165071a5ea851ebd1ee5e98193132eb6d42
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\BE4C3A086FED2D143ADACB0DC4877794A62ABC0A
compressed
MD5: ec0ab1f5ff3624b5ee03dc2270269a0c
SHA256: ecc69b873833ff0ebb63224de2e88b01d2a73ae1ff7c60e96a73096cf0f9cc5c
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\3BE4CFD2FBAE9F5F96BCA06434A913FC8338E74C
compressed
MD5: f8f33d512b565794be3d258619ff1495
SHA256: dff496a97c4bbfb3310462eccbe4ec699f94f40c9325c9aff6e45b1ed456638c
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\C7487395EA5043259B57689E318DFB1EE0ABB15B
compressed
MD5: 37c083e0ca15edbfe3cd6c826b7ed23c
SHA256: 1dfc06269f98cf489bff084be23b6f74748b7eada641897640ca8a57f131fdaf
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\CA4315590F2302021B929E82289D98DB3CBD2D84
compressed
MD5: 8e8654719d69627a7c1346275c1a6fe5
SHA256: 530e896c6a540a3abe556cb16da28a04fb68a4cbeb882391d47662a71a437c80
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\698EF1D16747D2753B2A8F07D4F72E7BEFA06A1E
compressed
MD5: b1dfc119aa8104b5ac40b6b26dafe9d2
SHA256: 11ed10970835a8b29ffc2dcbc3a355d358c99fe1409ac78eab1fb89f4412a469
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\addonStartup.json.lz4
jsonlz4
MD5: 351583f788997971d6d0e40152cefd23
SHA256: fa70ea6714bd13f2e974400187afcd659c62a52712444e8f32e48320ea47d3a7
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\addonStartup.json.lz4.tmp
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\DBADE43CA2FA7EAB2B74D1700DDC0376CDFE84A0
compressed
MD5: 53c94cc4817d8a921588cab06430d5c2
SHA256: 31719785685c1bec94b1b2ffd0512d6913fb65636677dc0861e4d2fffa2b24cf
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\A41D06564A2B844CB515B859116B14A3189FC7B2
compressed
MD5: 51dbd082fe339cbb0617de6f69caaacc
SHA256: f31740d4415b2db24fa8c9da060a519a9d456426718a56a294ec62a04225c33f
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\DA17F00C6643E17EA8F1C589CE02D20C4D1EE6DB
compressed
MD5: 3402fa3a90724f69ec754c66c86d55fd
SHA256: 033e95dad3292118c662faed8d117f00af5fefd43d3efaf109d160132d68f124
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\3B39F116F0C75063B6531100EE5160A11E67C0B7
compressed
MD5: 33f26e29af5d7de83593b2d52e5e9236
SHA256: 0945b36a4a5154fcf60d429c05d0f50a7ed5dadfc3cf8eb72c828c7817f69566
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\4D8CB425D2C581EF3F34CDCEC7242D53FA5249AB
compressed
MD5: c438ab669f9e17960f7104c2c231ffcf
SHA256: a9f719f2e1e4affe15d626aadf142e81ea89162b3d51b59ab4229f50fa9fa3a6
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\E41AB4FC86E24939A427AC932305316414BA4606
compressed
MD5: e8894c118a1da6fcdb9e01b4dc0a97c4
SHA256: 8b09e04eb83699cc0f9a9406a6ba449e4a1677a9ecb6decdf914b246c15f4bcd
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\cert9.db
sqlite
MD5: 98587449ddc606fac93b882d8f43c78e
SHA256: 0d6ea0139584c9408b753a2d4459f2323adccc9aa4c424575ec59efc36ae962c
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\E2FEA4F7835F6438A2B322F7C97CDC00103DF8F3
compressed
MD5: aa050ed68a885b94b5a1757e5f1d6266
SHA256: 9717f9a9df1c5d8c624705e6ff16b1a74f39e72952a24433ce3be982f94b845f
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\cert9.db
sqlite
MD5: e799411bc58521c29b2ea5d544de2fca
SHA256: b8b723524c03b14dfdddfd2ed513dfe1ba43d399c9360fbcbe338806ce86cae2
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\cert9.db-journal
binary
MD5: 469c881445c1aa4cf80ec5bdbe21649a
SHA256: 486440d3a9986e66b6eb712acda81dcd8d1fc463233e9eb3996914b0a012da02
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\4A9B16CABE76CB1BCB7ADC521FB871B382B4D5C5
compressed
MD5: 420269b720f02fe0c7e1657f9b9d036a
SHA256: 2164caced47a6cc4b51d935d938439297b8418be6396a68dbca3e1c7c9c4bfa2
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\CACB991973B8CAE1C799A148B33E54EA718C7AF6
der
MD5: e1b3f3e08aa0c9c4209eebb97655e508
SHA256: 9dbe185ed91ba28402b6bdf0eea07a553023a6a6349110ac417cba8fbcdd2fac
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\E9D9027DD5EBC260A0FE4C03CBFB18294F0D0E20
compressed
MD5: dffec6d0b5d86164a6a825a5c1bc4201
SHA256: 40c15124c147d00b792089855f2da7f0c8901134dfe518720d5170f95b89c3b1
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 745a8ce2c2c7790737e2f068effdf62b
SHA256: c2f846d542cfd37a9bb24f998e858d5eaa7938c467a0e46af70305d0fd3ec501
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-block-simple.pset
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-block-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-trackwhite-simple.pset
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-block-simple.sbstore
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-trackwhite-simple.sbstore
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\673030390BAA6260A66266710A063775A101F326
binary
MD5: 70f2c52817c8112e1ad1f0abd054f495
SHA256: 79dec28c7593c8fd013d0a86192bd6f12b42c460e1f819f8e7372c0ea9e2a2d6
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\search.json.mozlz4
jsonlz4
MD5: 1a34beee811b75b89ed479320dab8d9b
SHA256: 734fc37e8a9a39dcc89bc80ee6a96e01ba242b133e711aa90e1d0b7850a2243b
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-track-simple.sbstore
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\search.json.mozlz4.tmp
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-track-simple.pset
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-trackwhite-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-track-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\808D2B3A0E287F050738D13803F370036BDA9CA6
binary
MD5: 37ca1f2ec936e6d528f73ed97c64f4f7
SHA256: 403338bce80879520067df6008513e109c9914aec80221946a35861a7f166cd3
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-harmful-simple.sbstore
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-harmful-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-harmful-simple.pset
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-unwanted-simple.pset
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-unwanted-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-unwanted-simple.sbstore
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-phish-simple.pset
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-phish-simple.sbstore
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 3103037a1c8083e95dfe786838391bf3
SHA256: cd43f860bab4081c7f2c894af45b036239244f4880f76df249e4b2b797aa4673
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-malware-simple.pset
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-phish-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-malware-simple.sbstore
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-malware-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\2F7866F1022957CAC46AE54C8F2A336F4CBEA98B
der
MD5: 2ac6172544ba0ebeb58fffb71dd70d08
SHA256: a552d491a6f66f342377ec08aea37579710c469053cec5939fe729f526d6fdca
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\B8B05262B45AE1105AEDBF755B8FE8D3D51606BD
der
MD5: 30b15766b7e76f7ccfa006c6c00daa13
SHA256: 40df77b86471bc1bffea1dabfe6402fbd875888e54c1aabcd930e27a0623d2bb
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-block-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozstd-trackwhite-digest256.sbstore
binary
MD5: d772261ff33497d3681e094f23282ffe
SHA256: 8ee76fa11d5a67f0c93766da3b1ac0c942020afba15b55a8750a896292cf4dce
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\DF64E2728DC7FC38F35B2643B7567DEEA4AD68B7
ini
MD5: 11d418cb52aec9d9f29aaeff272675fe
SHA256: f549e23d4a7181f588f46496375805377409b468ca5e74c68c172a330a7f6c5f
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozstd-trackwhite-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozplugin-block-digest256.sbstore
binary
MD5: d6acf2573e12afdd7939568804d3fcc1
SHA256: 5525cbf8f8dc41d19ac632ed324e55293a510ae0eeba16d0e3f33c707aa58a0c
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozplugin-block-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.pset
binary
MD5: 72e2352f7976b0dd90f2a68047493b8c
SHA256: e0d74336b6c041b6087a697dd7f65fa1da7ea035e202e3d977cc6a7e5bdc13a8
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.metadata
binary
MD5: eb744b05b13e9410146dab0bd459efa0
SHA256: bfde7f131200eb06c1d54b03d2ce1be1ff31062e8009c937243464712dcd2d50
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-phish-proto.metadata
binary
MD5: ddf263974b1925672d369bbcc8f830de
SHA256: 92a7323dd7eb199618a1e2e823a71919285a70196bfe627808c66cf1c1f3c8e3
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto.pset
binary
MD5: e608435b687616692a96462e1ac26756
SHA256: 6aa8ee3813d86411d8073a4c2f850b1e8e734c3759d860cbe54ec7f378a82a52
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto.pset
binary
MD5: 844aff63a5f67cd54d9814b7b54abf18
SHA256: 8985970b72a7bcfcf54c4a2474c36ea9a911ab3672881ee299d58f5a4e64e690
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-downloadwhite-proto.pset
binary
MD5: 7655fffe7cfbe1ebf96afea5fe2e1376
SHA256: ff2f663c4e453706b7817109f6a43e8b3389e8cfb1b7d64aace2bfba45f3a359
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto.metadata
binary
MD5: 704df61fa2e3f587b268ad85126bc689
SHA256: 7e97db3c9370a35f59a6a649e6cf608e4f5ed572f87f433ea652977ac2cc48d5
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-downloadwhite-proto.metadata
binary
MD5: 498dae4e538658a57f464748f2dabfda
SHA256: 8778f52cd9cb4f4787bf7ba18006d212f8c3004652d163f7786556a8eef3a067
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto.metadata
binary
MD5: 778202e2ee08f4b4073413c0b03e05fc
SHA256: 33147037ce75ec0a48b3da60d619bc76c2471f5f20c15f9d075671de2067cfb0
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashsubdoc-digest256.sbstore
binary
MD5: ba0009932844173bc8f9af264229df24
SHA256: 66d1c00c04d86e313e9a02775cdf906b1be8d4cd6bef423a1b9e21cc4e9f50c1
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashsubdoc-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashallow-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashallow-digest256.sbstore
binary
MD5: 6f85bc4b2ecb49e26b0bd83a821065d0
SHA256: c0b3bc9b3dc507ab654caf72d13c3aefa58c9b13b1e4d14dd8816712d80a7e54
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flash-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flashsubdoc-digest256.sbstore
binary
MD5: 04824a1f92353f43ebb9e7f74b7476fd
SHA256: b48e58ebab82e4c376f16150a3fff850c1111ff1f5985d68819cfd6f0db159d2
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flash-digest256.sbstore
binary
MD5: c921d8e98fa01b4f303481e112202e92
SHA256: 4ef1038730ec8bc7206713c29a936768831b922c5e6c83355fd62d7401d8c1dc
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flash-digest256.sbstore
binary
MD5: 0e8fe60ccd7e9b4c32589a5743a95302
SHA256: 2b124d4026850a3cffd28dbacb58aec28f7dcd4d40bc14e52bbe96d60ce4e749
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flashsubdoc-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flash-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\base-track-digest256.sbstore
binary
MD5: 23e438fd4af1829d4469ff8d0bc83854
SHA256: 96e0d7644aea81d26f039ae633eb405583e11b020363090dac5cad9b4b188846
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\base-track-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\allow-flashallow-digest256.sbstore
binary
MD5: d886a47c89d9c49c795da345bc236990
SHA256: a03c5e2656d2f292bf5794c8eeb8d223cd6ba4f4bfb2ed1f325460e879d0bcf7
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\allow-flashallow-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\cert9.db
sqlite
MD5: 6da3af783e639472fee6da08a0236fce
SHA256: 31d79fa03d1412510f7b293f59df1ae5ee0a026330d0397e9b168c51aaaecba3
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\39DBA729711576014F2A12A54353B204C37B221B
der
MD5: d7c0a977f9380e8dd243e6912ccda85e
SHA256: 8fda38f099617e3051050f4853cf5de2f15598d3ca98c7f15566a139499d439e
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3561288849sdhlie.sqlite-shm
binary
MD5: b7c14ec6110fa820ca6b65f5aec85911
SHA256: fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\search.json.mozlz4
jsonlz4
MD5: 03e22f63ea4be5add7aef9050d485611
SHA256: 0b5a2bcd1edf7ee6252f04b41403e0bc21f2eedf7cbaa6565f6562238c771c13
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 61e04f058e592438993dcc5c8087b674
SHA256: 39d3b68fb7d143fe276c1e9ad89d9b4f0aa38e95788fca8278d73407e7e3b51f
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionCheckpoints.json
text
MD5: c4ab2ee59ca41b6d6a6ea911f35bdc00
SHA256: 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionCheckpoints.json.tmp
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\2918063365piupsah.sqlite-shm
binary
MD5: b7c14ec6110fa820ca6b65f5aec85911
SHA256: fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1451318868ntouromlalnodry--epcr.sqlite-shm
binary
MD5: b7c14ec6110fa820ca6b65f5aec85911
SHA256: fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite-shm
binary
MD5: b7c14ec6110fa820ca6b65f5aec85911
SHA256: fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\pluginreg.dat
text
MD5: 37818d9b7248f34395c2db3c0bd4b07f
SHA256: ff229e03d2ab696e81957957ea8d71280b5800a2b0f70ea77998c3fa4e98a8a6
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\pluginreg.dat.tmp
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: d65b2bd591a1d6cc666241e6eef1afe7
SHA256: 1b94f69a3bf3cb9f7349fe274ca82166c22d675f9b043b19f2770d044ae9bd16
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\cookies.sqlite-shm
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache-current.bin
––
MD5:  ––
SHA256:  ––
2916
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\urlCache-current.bin
binary
MD5: fd4ac055b608cf2c11c9b2c796a4fe1a
SHA256: 1d8a349613f7dcb71bf648c8c7f780f3953a2bc53435846289101fd77d8887af
2916
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\crashes\store.json.mozlz4.tmp
––
MD5:  ––
SHA256:  ––

Find more information of the staic content and download it at the full report

Network activity

HTTP(S) requests
12
TCP/UDP connections
40
DNS requests
117
Threats
0

HTTP requests

PID Process Method HTTP Code IP URL CN Type Size Reputation
2916 firefox.exe GET 200 2.16.106.209:80 http://detectportal.firefox.com/success.txt unknown
text
whitelisted
2916 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
whitelisted
2916 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
whitelisted
2916 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
whitelisted
2916 firefox.exe POST 200 216.58.206.3:80 http://ocsp.pki.goog/GTSGIAG3 US
binary
der
whitelisted
2916 firefox.exe POST 200 104.18.24.243:80 http://ocsp.msocsp.com/ US
binary
der
whitelisted
2916 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
whitelisted
2916 firefox.exe POST 200 151.139.128.14:80 http://ocsp.comodoca4.com/ US
binary
der
whitelisted
2916 firefox.exe GET –– 46.59.102.201:80 http://bodycontakt.net/wp-content/plugins/Office365-K/Microsoftdocs/ SE
––
––
unknown
2916 firefox.exe GET 200 2.16.106.208:80 http://ciscobinary.openh264.org/openh264-win32-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip unknown
compressed
malicious
2916 firefox.exe POST 200 172.217.23.131:80 http://ocsp.pki.goog/GTSGIAG3 US
binary
der
whitelisted
2916 firefox.exe POST 200 172.217.23.131:80 http://ocsp.pki.goog/GTSGIAG3 US
binary
der
whitelisted

Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID Process IP ASN CN Reputation
2916 firefox.exe 2.16.106.209:80 Akamai International B.V. –– unknown
2916 firefox.exe 52.18.148.152:443 Amazon.com, Inc. IE unknown
2916 firefox.exe 13.107.136.9:443 Microsoft Corporation US whitelisted
2916 firefox.exe 52.10.239.220:443 Amazon.com, Inc. US unknown
2916 firefox.exe 93.184.220.29:80 MCI Communications Services, Inc. d/b/a Verizon Business US whitelisted
2916 firefox.exe 52.43.91.152:443 Amazon.com, Inc. US unknown
2916 firefox.exe 99.86.121.58:443 AT&T Services, Inc. US unknown
2916 firefox.exe 34.215.70.240:443 Amazon.com, Inc. US unknown
2916 firefox.exe 216.58.208.42:443 Google Inc. US whitelisted
2916 firefox.exe 216.58.206.3:80 Google Inc. US whitelisted
2916 firefox.exe 2.16.186.40:443 Akamai International B.V. –– whitelisted
2916 firefox.exe 2.19.34.64:443 Akamai International B.V. –– unknown
2916 firefox.exe 104.18.24.243:80 Cloudflare Inc US shared
2916 firefox.exe 52.114.74.44:443 Microsoft Corporation NL whitelisted
2916 firefox.exe 13.107.136.13:443 Microsoft Corporation US unknown
2916 firefox.exe 52.27.116.77:443 Amazon.com, Inc. US unknown
2916 firefox.exe 99.86.122.28:443 AT&T Services, Inc. US unknown
2916 firefox.exe 104.20.218.42:443 Cloudflare Inc US shared
–– –– 104.20.218.42:443 Cloudflare Inc US shared
2916 firefox.exe 151.139.128.14:80 Highwinds Network Group, Inc. US suspicious
2916 firefox.exe 46.59.102.201:80 Bahnhof Internet AB SE unknown
2916 firefox.exe 13.224.196.123:443 US unknown
2916 firefox.exe 99.86.122.88:443 AT&T Services, Inc. US unknown
2916 firefox.exe 99.86.122.59:443 AT&T Services, Inc. US unknown
2916 firefox.exe 2.16.106.208:80 Akamai International B.V. –– suspicious
–– –– 216.58.206.14:443 Google Inc. US whitelisted
–– –– 172.217.23.131:80 Google Inc. US whitelisted
–– –– 74.125.155.232:443 Google Inc. US whitelisted

DNS requests

Domain IP Reputation
detectportal.firefox.com 2.16.106.209
2.16.106.152
whitelisted
a1089.dscd.akamai.net 2.16.106.152
2.16.106.209
whitelisted
location.services.mozilla.com 52.18.148.152
34.251.59.153
34.243.21.190
whitelisted
locprod1-elb-eu-west-1.prod.mozaws.net 34.243.21.190
34.251.59.153
52.18.148.152
whitelisted
aesoffice-my.sharepoint.com 13.107.136.9
unknown
push.services.mozilla.com 52.10.239.220
malicious
spo-0004.spo-msedge.net 13.107.136.9
unknown
autopush.prod.mozaws.net 52.10.239.220
whitelisted
ocsp.digicert.com 93.184.220.29
whitelisted
cs9.wac.phicdn.net 93.184.220.29
whitelisted
tiles.services.mozilla.com 52.43.91.152
52.42.232.148
52.27.87.181
52.26.166.58
52.35.96.157
52.25.71.236
52.26.103.165
52.34.132.219
whitelisted
tiles.r53-2.services.mozilla.com 52.34.132.219
52.26.103.165
52.25.71.236
52.35.96.157
52.26.166.58
52.27.87.181
52.42.232.148
52.43.91.152
whitelisted
snippets.cdn.mozilla.net 99.86.121.58
whitelisted
drcwo519tnci7.cloudfront.net 99.86.121.58
whitelisted
search.services.mozilla.com 34.215.70.240
52.11.30.237
54.190.222.97
whitelisted
search.r53-2.services.mozilla.com 54.190.222.97
52.11.30.237
34.215.70.240
whitelisted
safebrowsing.googleapis.com 216.58.208.42
whitelisted
ocsp.pki.goog 216.58.206.3
whitelisted
spoprod-a.akamaihd.net 2.16.186.40
2.16.186.25
whitelisted
pki-goog.l.google.com 216.58.206.3
whitelisted
a1531.g2.akamai.net No response whitelisted
static2.sharepointonline.com 2.19.34.64
whitelisted
e1780.g.akamaiedge.net 2.19.34.64
whitelisted
ocsp.msocsp.com 104.18.24.243
104.18.25.243
whitelisted
ocsp.globalsign.cloud 104.18.25.243
104.18.24.243
malicious
browser.pipe.aria.microsoft.com 52.114.74.44
whitelisted
pipe.cloudapp.aria.akadns.net 52.114.74.44
unknown
ukwest1-mediap.svc.ms 13.107.136.13
unknown
spo-0008.spo-msedge.net 13.107.136.13
unknown
shavar.services.mozilla.com 52.27.116.77
54.200.216.59
52.41.192.187
52.41.213.214
35.161.86.234
54.201.35.95
whitelisted
shavar.prod.mozaws.net 54.201.35.95
35.161.86.234
52.41.213.214
52.41.192.187
54.200.216.59
52.27.116.77
whitelisted
tracking-protection.cdn.mozilla.net 99.86.122.28
99.86.122.47
99.86.122.42
99.86.122.6
whitelisted
d1zkz3k4cclnv6.cloudfront.net 99.86.122.6
99.86.122.42
99.86.122.47
99.86.122.28
whitelisted
tinyurl.com 104.20.218.42
104.20.219.42
shared
t3j2g9x7.stackpathcdn.com 151.139.128.14
malicious
ocsp.comodoca4.com 151.139.128.14
whitelisted
bodycontakt.net 46.59.102.201
unknown
www.youtube.com 172.217.22.110
172.217.22.46
172.217.16.142
216.58.207.46
172.217.23.142
172.217.18.174
172.217.22.14
172.217.21.206
172.217.18.110
172.217.16.206
216.58.210.14
whitelisted
www.facebook.com 31.13.92.36
whitelisted
www.wikipedia.org 91.198.174.192
whitelisted
youtube-ui.l.google.com 216.58.210.14
172.217.22.110
172.217.22.46
172.217.16.142
216.58.207.46
172.217.23.142
172.217.18.174
172.217.22.14
172.217.21.206
172.217.18.110
172.217.16.206
whitelisted
www.reddit.com 151.101.1.140
151.101.65.140
151.101.129.140
151.101.193.140
whitelisted
star-mini.c10r.facebook.com 31.13.92.36
whitelisted
dyna.wikimedia.org No response whitelisted
twitter.com 104.244.42.129
104.244.42.1
whitelisted
reddit.map.fastly.net 151.101.193.140
151.101.129.140
151.101.65.140
151.101.1.140
whitelisted
www.mozilla.org 104.16.41.2
104.16.40.2
whitelisted
www.mozilla.org.cdn.cloudflare.net No response whitelisted
en-us.phish-error.mozilla.com 63.245.208.212
unknown
safebrowsing.google.com 172.217.22.14
whitelisted
www.antiphishing.org 52.41.3.203
whitelisted
redirects.public.mdc1.mozilla.com 63.245.208.212
unknown
support.mozilla.org 34.208.233.116
52.39.170.29
whitelisted
prod-tp.sumo.mozit.cloud No response unknown
developers.google.com 172.217.21.206
whitelisted
www3.l.google.com 172.217.21.206
whitelisted
sb.l.google.com 172.217.22.14
whitelisted
firefox.settings.services.mozilla.com 13.224.196.123
13.224.196.28
13.224.196.51
13.224.196.69
whitelisted
d2k03kvdk5cku0.cloudfront.net 13.224.196.69
13.224.196.51
13.224.196.28
13.224.196.123
whitelisted
content-signature.cdn.mozilla.net 99.86.122.88
99.86.122.97
99.86.122.64
99.86.122.63
whitelisted
d12uj65dsn9ho1.cloudfront.net No response whitelisted
aus5.mozilla.org 99.86.122.59
99.86.122.37
99.86.122.99
99.86.122.112
whitelisted
balrog-cloudfront.prod.mozaws.net 99.86.122.112
99.86.122.99
99.86.122.37
99.86.122.59
suspicious
ciscobinary.openh264.org 2.16.106.208
2.16.106.209
malicious
a19.dscg10.akamai.net 2.16.106.209
2.16.106.208
whitelisted
redirector.gvt1.com 216.58.206.14
whitelisted
r2---sn-p5qs7n7d.gvt1.com 74.125.155.232
whitelisted
r2.sn-p5qs7n7d.gvt1.com 74.125.155.232
whitelisted

Threats

No threats detected.

Debug output strings

No debug info.