General Info

File name

fannieae.txt

Full analysis
https://app.any.run/tasks/56de553b-36a1-4cec-b88b-cfa609215724
Verdict
Malicious activity
Analysis date
6/12/2019, 01:43:06
OS:
Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Indicators:

MIME:
text/plain
File info:
ASCII text, with no line terminators
MD5

09cfcc0b8fff906e9baab5833d57f3f6

SHA1

d3dba26a5f17924491ba21e7cf27c26ed9f16aa6

SHA256

952059d0ca44fc5ab3b221188a7c6bcbb953825e75d53460c37da122564b8f07

SSDEEP

3:O0EL4hhn:OpWhn

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distored by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

Software environment set and analysis options

Launch configuration

Task duration
300 seconds
Additional time used
240 seconds
Fakenet option
off
Heavy Evaision option
off
MITM proxy
off
Route via Tor
off
Network geolocation
off
Privacy
Public submission
Autoconfirmation of UAC
on

Software preset

  • Internet Explorer 8.0.7601.17514
  • Adobe Acrobat Reader DC MUI (15.023.20070)
  • Adobe Flash Player 26 ActiveX (26.0.0.131)
  • Adobe Flash Player 26 NPAPI (26.0.0.131)
  • Adobe Flash Player 26 PPAPI (26.0.0.131)
  • Adobe Refresh Manager (1.8.0)
  • CCleaner (5.35)
  • FileZilla Client 3.36.0 (3.36.0)
  • Google Chrome (73.0.3683.75)
  • Google Update Helper (1.3.33.23)
  • Java 8 Update 92 (8.0.920.14)
  • Java Auto Updater (2.8.92.14)
  • Microsoft .NET Framework 4.6.1 (4.6.01055)
  • Microsoft Office Access MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Access Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Excel MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office OneNote MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Outlook MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office PowerPoint MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Professional 2010 (14.0.6029.1000)
  • Microsoft Office Proof (English) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (French) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (Spanish) 2010 (14.0.6029.1000)
  • Microsoft Office Proofing (English) 2010 (14.0.6029.1000)
  • Microsoft Office Publisher MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Single Image 2010 (14.0.6029.1000)
  • Microsoft Office Word MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (9.0.30729.6161)
  • Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (10.0.40219)
  • Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (12.0.30501.0)
  • Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (14.15.26706.0)
  • Microsoft Visual C++ 2017 x86 Additional Runtime - 14.15.26706 (14.15.26706)
  • Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.15.26706 (14.15.26706)
  • Mozilla Firefox 65.0.2 (x86 en-US) (65.0.2)
  • Notepad++ (32-bit x86) (7.5.1)
  • Opera 12.15 (12.15.1748)
  • Skype version 8.29 (8.29)
  • VLC media player (2.2.6)
  • WinRAR 5.60 (32-bit) (5.60.0)

Hotfixes

  • Client LanguagePack Package
  • Client Refresh LanguagePack Package
  • CodecPack Basic Package
  • Foundation Package
  • IE Troubleshooters Package
  • InternetExplorer Optional Package
  • KB2534111
  • KB2999226
  • KB976902
  • LocalPack AU Package
  • LocalPack CA Package
  • LocalPack GB Package
  • LocalPack US Package
  • LocalPack ZA Package
  • ProfessionalEdition
  • UltimateEdition

Behavior activities

MALICIOUS SUSPICIOUS INFO

No malicious indicators.

Executable content was dropped or overwritten
  • firefox.exe (PID: 3576)
Creates files in the program directory
  • firefox.exe (PID: 3576)
Application launched itself
  • firefox.exe (PID: 3576)
Reads settings of System Certificates
  • firefox.exe (PID: 3576)
Manual execution by user
  • firefox.exe (PID: 3576)
Dropped object may contain Bitcoin addresses
  • firefox.exe (PID: 3576)
Reads CPU info
  • firefox.exe (PID: 3576)
Creates files in the user directory
  • firefox.exe (PID: 3576)

Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report

Static information

Screenshots

Processes

Total processes
37
Monitored processes
6
Malicious processes
0
Suspicious processes
0

Behavior graph

+
start notepad.exe no specs firefox.exe firefox.exe no specs firefox.exe firefox.exe firefox.exe
Specs description
Program did not start
Integrity level elevation
Task сontains an error or was rebooted
Process has crashed
Task contains several apps running
Executable file was dropped
Debug information is available
Process was injected
Network attacks were detected
Application downloaded the executable file
Actions similar to stealing personal data
Behavior similar to exploiting the vulnerability
Inspected object has sucpicious PE structure
File is detected by antivirus software
CPU overrun
RAM overrun
Process starts the services
Process was added to the startup
Behavior similar to spam
Low-level access to the HDD
Probably Tor was used
System was rebooted
Connects to the network
Known threat

Process information

Click at the process to see the details.

PID
3320
CMD
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\admin\AppData\Local\Temp\fannieae.txt
Path
C:\Windows\system32\NOTEPAD.EXE
Indicators
No indicators
Parent process
––
User
admin
Integrity Level
MEDIUM
Version:
Company
Microsoft Corporation
Description
Notepad
Version
6.1.7600.16385 (win7_rtm.090713-1255)
Modules
Image
c:\windows\system32\notepad.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\shlwapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\shell32.dll
c:\windows\system32\winspool.drv
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\version.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\clbcatq.dll

PID
3576
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe"
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
Parent process
––
User
admin
Integrity Level
MEDIUM
Version:
Company
Mozilla Corporation
Description
Firefox
Version
65.0.2
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\kbdus.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\psapi.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\wbem\wbemprox.dll
c:\windows\system32\wbemcomn.dll
c:\windows\system32\wship6.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\winsta.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\wbem\wbemsvc.dll
c:\windows\system32\wbem\fastprox.dll
c:\windows\system32\ntdsapi.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\mscms.dll
c:\windows\system32\wpc.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\samcli.dll
c:\windows\system32\samlib.dll
c:\windows\system32\netutils.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\audioses.dll
c:\windows\system32\d2d1.dll
c:\windows\system32\msimg32.dll
c:\program files\mozilla firefox\softokn3.dll
c:\program files\mozilla firefox\freebl3.dll
c:\progra~1\mozill~1\nssckbi.dll
c:\windows\system32\wininet.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\explorerframe.dll
c:\windows\system32\duser.dll
c:\windows\system32\dui70.dll
c:\windows\system32\actxprxy.dll
c:\program files\adobe\acrobat reader dc\reader\acrord32.exe
c:\program files\mozilla firefox\mozavutil.dll
c:\program files\mozilla firefox\mozavcodec.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\mf.dll
c:\windows\system32\atl.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\dxva2.dll
c:\windows\system32\evr.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\msmpeg2adec.dll
c:\windows\system32\slc.dll
c:\windows\system32\msmpeg2vdec.dll
c:\windows\system32\sqmapi.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\linkinfo.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\ncrypt.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\gpapi.dll

PID
2832
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3576.0.1491389032\1622747598" -parentBuildID 20190225143501 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - "C:\Users\admin\AppData\LocalLow\Mozilla\Temp-{ce348e4c-7d33-445e-89f9-60108c51bcaf}" 3576 "\\.\pipe\gecko-crash-server-pipe.3576" 1128 gpu
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
No indicators
Parent process
firefox.exe
User
admin
Integrity Level
MEDIUM
Version:
Company
Mozilla Corporation
Description
Firefox
Version
65.0.2
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\shell32.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\mf.dll
c:\windows\system32\atl.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\dxva2.dll
c:\windows\system32\evr.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\wship6.dll
c:\windows\system32\wshqos.dll

PID
932
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3576.6.1995306759\233697120" -childID 1 -isForBrowser -prefsHandle 1264 -prefMapHandle 1564 -prefsLen 1 -prefMapSize 180950 -schedulerPrefs 0001,2 -parentBuildID 20190225143501 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 3576 "\\.\pipe\gecko-crash-server-pipe.3576" 1744 tab
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
Parent process
firefox.exe
User
admin
Integrity Level
LOW
Version:
Company
Mozilla Corporation
Description
Firefox
Version
65.0.2
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msctf.dll
c:\windows\system32\imm32.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\wship6.dll
c:\windows\system32\mscms.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\audioses.dll
c:\program files\mozilla firefox\softokn3.dll
c:\program files\mozilla firefox\freebl3.dll
c:\windows\system32\wpc.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\samcli.dll
c:\windows\system32\samlib.dll
c:\windows\system32\netutils.dll
c:\program files\mozilla firefox\d3dcompiler_47.dll
c:\program files\mozilla firefox\libglesv2.dll
c:\windows\system32\d3d9.dll
c:\windows\system32\d3d8thk.dll
c:\program files\mozilla firefox\libegl.dll
c:\windows\system32\d3d10warp.dll

PID
2464
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3576.13.1101328626\2065260777" -childID 2 -isForBrowser -prefsHandle 2588 -prefMapHandle 2592 -prefsLen 216 -prefMapSize 180950 -schedulerPrefs 0001,2 -parentBuildID 20190225143501 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 3576 "\\.\pipe\gecko-crash-server-pipe.3576" 2604 tab
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
Parent process
firefox.exe
User
admin
Integrity Level
LOW
Version:
Company
Mozilla Corporation
Description
Firefox
Version
65.0.2
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\wship6.dll
c:\windows\system32\mscms.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\audioses.dll
c:\program files\mozilla firefox\softokn3.dll
c:\program files\mozilla firefox\freebl3.dll
c:\windows\system32\wpc.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\samcli.dll
c:\windows\system32\samlib.dll
c:\windows\system32\netutils.dll

PID
2592
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3576.20.2033764110\2015061080" -childID 3 -isForBrowser -prefsHandle 3416 -prefMapHandle 3420 -prefsLen 5824 -prefMapSize 180950 -schedulerPrefs 0001,2 -parentBuildID 20190225143501 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 3576 "\\.\pipe\gecko-crash-server-pipe.3576" 3432 tab
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
Parent process
firefox.exe
User
admin
Integrity Level
LOW
Version:
Company
Mozilla Corporation
Description
Firefox
Version
65.0.2
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\kernel32.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\wship6.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\mscms.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\audioses.dll
c:\windows\system32\wpc.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\samcli.dll
c:\windows\system32\samlib.dll
c:\windows\system32\netutils.dll

Registry activity

Total events
1043
Read events
1031
Write events
12
Delete events
0

Modification events

PID
Process
Operation
Key
Name
Value
3576
firefox.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings
ProxyEnable
0
3576
firefox.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
SavedLegacySettings
4600000071000000010000000000000000000000000000000000000000000000C0E333BBEAB1D301000000000000000000000000020000001700000000000000FE800000000000007D6CB050D9C573F70B000000000000006D00330032005C004D00530049004D004700330032002E0064006C000100000004AA400014AA4000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000C0A8016400000000000000000000000000000000000000000800000000000000805D3F00983740000008000002000000000000600000002060040000B8A94000020000008802000060040000B8A9400004000000F8010000B284000088B64000B84B400043003A000000000000000000000000000000000000000000
3576
firefox.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\62\52C64B7E
LanguageList
en-US

Files activity

Executable files
1
Suspicious files
98
Text files
34
Unknown types
74

Dropped files

PID
Process
Filename
Type
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-widevinecdm\4.10.1146.0\widevinecdm.dll
executable
MD5: 7f636be36a85d45a148b0fe13bd311a5
SHA256: 5566c2c4b1839386e1b951b13eeb7aaceb1fb52e9f1cfdbc345c5e4f7b6d9745
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache-current.bin
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\2918063365piupsah.sqlite-shm
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: c9e75b2b498c727004d6ec3c584b04a7
SHA256: 1ec41a48fd2228fe85222085bfe331ef9664d3265b50d620147813ac01e71771
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3345959086bslnoocdkdlaiFs2t%s.sqlite
sqlite
MD5: 9f2b825960ae71c488c7a6956f3ae4a2
SHA256: 8ea1a3adcd1421833b57018d91108101b354b047f3cbf2a54e8e105d98a63ef2
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\727688008bsleotcakcliifsittsr%.sqlite
sqlite
MD5: 7456128c572d43abde6d9151939738e5
SHA256: 686dae513ecd09976f566f3eda7c6229b4c29775612a6aa1a56b2229f64cc4f3
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3345959086bslnoocdkdlaiFs2t%s.sqlite-wal
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3345959086bslnoocdkdlaiFs2t%s.sqlite-shm
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\727688008bsleotcakcliifsittsr%.sqlite-wal
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\727688008bsleotcakcliifsittsr%.sqlite-shm
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite-shm
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1059394878bslnoicgkullipsFt2s%.sqlite
sqlite
MD5: c47ef5a729b7f6ae35adb06f3efbb209
SHA256: 43725d65028be4276bec87c9b9dc6a158196133d078caabd66dc39eaf5f42376
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1059394878bslnoicgkullipsFt2s%.sqlite-wal
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1059394878bslnoicgkullipsFt2s%.sqlite-shm
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1725441852bxlfogcFk2l%isst.sqlite
sqlite
MD5: 72b3458ea25628cc564ddfa156f82ce8
SHA256: cf2e9f7b9c1ad383e36ec1b04b3024ec49d79624a2b6a1fe148319ab51f8cec6
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1725441852bxlfogcFk2l%isst.sqlite-wal
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1725441852bxlfogcFk2l%isst.sqlite-shm
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\default\about+newtab\idb\3312185054sbndi_pspte.sqlite-shm
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\default\about+home\idb\3312185054sbndi_pspte.sqlite-shm
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3899588440psinninpiFn2g%.sqlite-shm
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: ec54851979942732aab2ce066a5c1158
SHA256: 5222b3a89c299b6f345a8e8e76a7b6e03daba497a6a2f18328dbaec67a9a9f01
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
binary
MD5: 7d8e54b805b001e81ed7d5382e3bfa28
SHA256: 25392e070eb5a694d211c87aea1aec62408fc950d4194ada1dea8ae7aed8db16
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms~RF15edb5.TMP
binary
MD5: 7d8e54b805b001e81ed7d5382e3bfa28
SHA256: 25392e070eb5a694d211c87aea1aec62408fc950d4194ada1dea8ae7aed8db16
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\9Z585FT6WRBC0TWV052D.temp
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\startupCache.4.little
compressed
MD5: 88a21335cfdd5235a1fd30422578270a
SHA256: e5a5507715ac5c6d58868f529bc3b2c187d6515b5066275d462c62fdfb1a6581
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\datareporting\archived\2019-06\1560296785130.b0d814de-b4ad-459c-bcb0-8732a14dede3.modules.jsonlz4
jsonlz4
MD5: 8baa749c2c4c45a92b8d9341289e9802
SHA256: 510710bbcee928d6845ca53a52cb70ae77a12885e2694c1dfd3c3bec2d05d038
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\datareporting\archived\2019-06\1560296785130.b0d814de-b4ad-459c-bcb0-8732a14dede3.modules.jsonlz4.tmp
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: d146d1ff73b46de7b401ce9d287e0d13
SHA256: 460f04dd171b98774574c78c60c44fecffdb3de7efe857a50f17d24c5ece314e
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3561288849sdhlie.sqlite-shm
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\jumpListCache\pV+3TL7Nu3EP5juvr_gPjg==.ico
image
MD5: 847cf8580806fda649b20afc264f4736
SHA256: 0697b6004d8408ab86ccee76bb59eb07a9012e6f3e7adbc01f6e390f5c9b8836
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\jumpListCache\FyIfWsxToJ7C+3NcbZgKmw==.ico
image
MD5: 012111c480290d97c36079a025c7e272
SHA256: 840d34f7508683fda7ab7de97cfd5acafe847bb34b7a1f754a6bbe99b5b7a39f
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\jumpListCache\NZ25c8nxXfI0WczfdW84Hw==.ico
image
MD5: 012111c480290d97c36079a025c7e272
SHA256: 840d34f7508683fda7ab7de97cfd5acafe847bb34b7a1f754a6bbe99b5b7a39f
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
binary
MD5: 85c6ff47b714177e1e096e33b1f3cb07
SHA256: 2a5ad4e6500786ab7de56e32a7f18fd3ac9ba778ae1666c46b613fef7a885d45
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms~RF1419b0.TMP
binary
MD5: 85c6ff47b714177e1e096e33b1f3cb07
SHA256: 2a5ad4e6500786ab7de56e32a7f18fd3ac9ba778ae1666c46b613fef7a885d45
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\WUDX60MNYCGZVSKUVAI3.temp
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\2918063365piupsah.sqlite-wal
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\43B6655E5F16BC2535236452C6E5FF7FB6F2BD90
binary
MD5: 12d9edaa369f1f1a0d0b99692baab969
SHA256: 3dd8632b86b10d8d340ebe298064ce857af929a6828be1903412e58637589a7e
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 0543a296e1d37fb7fde45b188d036414
SHA256: 620f19c980be689fe7130f7fd37a52accaf5c3cdefe8b303ab0f8bcd7dc2c95c
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-widevinecdm\4.10.1146.0\widevinecdm.dll.lib
obj
MD5: 5a33e95804ea80f06f97453b1a163e27
SHA256: 33bb1b23908e20870aefd100fb10983753b3ffbb308c55316b7b9cb6c9f45a6a
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-widevinecdm\4.10.1146.0\widevinecdm.dll.sig
pi2
MD5: bba147013aa78944b2530f3e4acf231d
SHA256: 2347297ebdd087df38fad1acc207f625938ff575f0d7c0533c6c5572f042f6c9
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-widevinecdm\4.10.1146.0\widevinecdm.dll.sig.tmp
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-widevinecdm\4.10.1146.0\widevinecdm.dll.lib.tmp
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 6209c1d04d8dfc9392ea752e90e924cf
SHA256: 395e8ff786e80c06b54a4a99ab14e1811e69e7266ff8dbaf60d7be1799960947
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-widevinecdm\4.10.1146.0\widevinecdm.dll.tmp
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-widevinecdm\4.10.1146.0\manifest.json
text
MD5: 6489d53ce5fbfd0eba9deceb95323c61
SHA256: 1a8ce8afcfddd04cfb3dd743b0bcde8d439d9f86a1fe262d2f99fe6876631fc7
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-widevinecdm\4.10.1146.0\LICENSE.txt
text
MD5: 49ddb419d96dceb9069018535fb2e2fc
SHA256: 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-widevinecdm\4.10.1146.0\manifest.json.tmp
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-widevinecdm\4.10.1146.0\LICENSE.txt.tmp
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Local\Temp\tmpaddon
compressed
MD5: c787e9b06b44e979c9aff51c8da64b4e
SHA256: 7e8db6c2e3e62999814d198745067e04e7c61c1580d75cf73534712540df5d9e
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\3C8817EF240A56D8EF58E8B3919D4DE90FE437EF
compressed
MD5: 99399a9a9d5d81396b8c49c48b7ad7da
SHA256: 2c44de362f0debf9e272b71e5e77f77251cf9d9b4d70a2b3743513561c6578b3
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\broadcast-listeners.json
text
MD5: 0ac40829a7bccd8c518a7fca670bbaaf
SHA256: b8b76f397320e68f7f715db335571d329850dbdfce50ab084752bae584943e1b
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\broadcast-listeners.json.tmp
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 307e04905d6004208aaebc6531749b29
SHA256: 4a8840d08a4c4642794bc974f72d46a1d580d8ce6d5ae55e57faf7d80f6bcc14
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\AC0F206C8D178153F2C36FA9754526FCAF4CF325
der
MD5: dd5df6225c9846496dc00b455377af84
SHA256: e206a860240596b4ba8bef29c6355cb56b1441bbb47a567856611fedf0c13faa
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\082DE49F3C0AE7B67BD26936806F3F524A5FC5EA
der
MD5: 794f13e803be18c52c486d81456e6e1d
SHA256: ef4ee4f496ce72506fa37fc0a6e1dabc469fceef9710e563616d30efac97bd23
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 82082093d2ca292006394d1bf77db78d
SHA256: ab1a89ef3a1892f8209b5036116699b130cab43c74a46147f440c0aff137bff0
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\5B65B1AF998D2F0FE5BDB04F38F4746B09B69E9F
der
MD5: 6d911e582e0e1efacc51e94c120851f4
SHA256: 99c85be3d3cd058b34a252b019f6b02db64afd8b245a42d070a794888732510a
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\17C7868AC8C642ECD61DBC9D1A424805A69A9FE9
der
MD5: 9d099f397ee489be12b7b5304441f04a
SHA256: 95f42ad47c09222ae8fb290cbf11007b048c946117d661a44192b04389f58f60
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\56641CAEF5D201BEF14EFFB0AD42936D9328F24F
der
MD5: adb190acebb17f81149ce5be267eccce
SHA256: e98131a0e116978594d46a089f6b1ab792a2a5af8330319671452682e1b68668
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\datareporting\aborted-session-ping
text
MD5: b0ba1ece5fff40f9fa541ca165a1d3c2
SHA256: 30fb342dc8c000c4458d3d1ac6be9126d3271aff3066c468810ec158863ff410
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\datareporting\aborted-session-ping.tmp
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\datareporting\session-state.json
text
MD5: 2056736155002f59f584d8abc60fa6ee
SHA256: d32d02051316459ec1636724e5167b83f7ba3dd28c5e80bfd777d3ba1166b762
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\datareporting\session-state.json.tmp
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\crashes\store.json.mozlz4
jsonlz4
MD5: a6338865eb252d0ef8fcf11fa9af3f0d
SHA256: 078648c042b9b08483ce246b7f01371072541a2e90d1beb0c8009a6118cbd965
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\crashes\store.json.mozlz4.tmp
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\F36F3A999291B9D0DFDA8CB9F75DB2BDEAFEC6CC
html
MD5: b2ca54a023e71161d2baed81eb4a40ec
SHA256: 1ad50adef51316d8a3905196418f2dc772aa435712633452541616f92f184544
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\79DEB21ED526C39F57FB5363BA2918FBB8173D8A
binary
MD5: d5a2237e6a8ec602020fe935ae443af0
SHA256: 00ef99ef9c5fa7e31db308e0b4a62381e529d74cab920295a1c8f38150c9a8ca
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\7985035E556ABA3B16D8D23BD485129685F1F34D
compressed
MD5: 831437fad21835957bce1f95dcb2a4ba
SHA256: 4216719477e294d49e89ea3e8b96df276b40d8396caee94b3363b44ebba4ea5b
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\531D75A5AE0F1CB1851D3EBC3F1CD68682C740AB
binary
MD5: 0ef0e2d9e2313ffed66b4c996f090a29
SHA256: bc9df03cf30b9ccd624d8c018ec6044a49c33e36f43c4299c7ee855f64d711eb
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.baklz4
jsonlz4
MD5: 87086eb02113d41fc436fc923052c2ef
SHA256: 6ecc1e7e9ed6f95d2b600dff283e11c881563a3d5a67d7aa50b1307dbdf25b22
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.jsonlz4
jsonlz4
MD5: eabbc6ab0afd77586c75782c6752b072
SHA256: 02de4bf2cdbaba482155a573eca26a914ad50cc51c5552367c824be13ffcf751
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.jsonlz4.tmp
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\B09373A2A54570F293DEA6BA252A99CFCD615165
compressed
MD5: 17ed5896f0c80d091fb40000406eb535
SHA256: cd4b7e9c900d3847788bc5c4dcccebc129d4226983bff3474c747ec7fb5ddec8
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\11B85D8C07CF982BE9CFE61752970F2D1DE351C2
compressed
MD5: ae3172395b45e0299115c39cd761f2d9
SHA256: 4f4b3254b915106898ab3a290cbedf20fdffb5aa6346feedae5062be212e0476
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\02A452BAAB355DA492944B3114A67A1FBAA9B63E
compressed
MD5: 028fdf41c26b425a0de0ed32e5b4f49d
SHA256: 538861bc15019793640d5e48b0a67e60a4b043719e24a651ed334f3382098377
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\AA3C62A4E6EB9853EB0D298E71D19AD132E3F926
compressed
MD5: 3d8d4fdafdaa15cdcf740fcd2ce1da49
SHA256: a16f94fcb4a4c3913058910716724d14710c58cf3b767bd5ebd7c1d770949af2
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\D127F9A8417744721DFCED59451AD16E8BDF251B
compressed
MD5: cf7881f5bafec77c5b17c44a4377077f
SHA256: 9efa4de6c041a79a4a0b1a0e51a16b0251fc16a72ed27e451bf3349336a71097
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\8B9CBF23267CD732ECFF67B458EA1B9210CB7159
image
MD5: f4ef2ce1edee7d2cc98c1a04299253fa
SHA256: 888dbdb313dc4fa4323db417b1e2d4ab8f2ede9a4cc73435965696b71b0491a4
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\D703AB582D234A6E9D4B7D0243A96BDE601DA5CA
compressed
MD5: 22e40173fbc839894686651092a72add
SHA256: 2fbbb3e9c6bc5fc1adaa809638eac019121cc35d794fd8f6518a2c4994f6f16c
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\7985035E556ABA3B16D8D23BD485129685F1F34D
compressed
MD5: 74d4f6b7d162201283b96a5c5c290e00
SHA256: 3e9c23b1324b2069c0eb61fcbdd1dda2536c20e8047a3853245fbc3624af4bd2
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\6CB5F2D3088D8A0FAA91E8B84749F4E68BEACD15
compressed
MD5: 44f6500c58d56832939138980580406a
SHA256: a1de267a5e1f1d64e17c73a9cd936339f2b6e62d544ce3d54eed35ad28fa0617
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\B973092E2F10DCCDC741C16BA37422A7144058DC
txt
MD5: 5041b7289940e4cf360820e2269bdc26
SHA256: 30c4fecca825872b56084615a3ccc20cea40e14bc298d0613d834f7e5216ecec
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\95E65DD475B3C095BED2F0277376967503CCB2B1
compressed
MD5: 9401138d75994c2cbcdfeae7b1833f3b
SHA256: 2233abeec4932e74214741ef6d3ffe4c21b80a53c38e64be916aa69c919b85bb
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\FAA0A10E709C209A138F247A7340D3A20EF78D24
html
MD5: 25f9adec7ab6cd9970300592934fd663
SHA256: e73d0286854facd271a830033514f1728b980b3a0f415bcd242432026fbe46c3
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\19493B7339364CFFA7C4DA24E546CF467AAC83BE
compressed
MD5: 2cdebb609848385e93a5bce12b56b55b
SHA256: 610702471a10578304e613a9d69a2164b68d42e239a232270d916feb66c887e1
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\F36F3A999291B9D0DFDA8CB9F75DB2BDEAFEC6CC
html
MD5: ce06f54ef19a05a19fa4ea73ff000c04
SHA256: db596fcde5ec1f774a20e6db4396240c6a36650eab1460ead12e6338c734602c
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 33af4e15464e4abc3a68466403ef0426
SHA256: 8356804a75eac8d02161533bf3c58050bbacc6adb58d1961cb0b4efc7d5e59a4
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: e7a54a7efc1adafbf49b2514f97e736e
SHA256: cc13d8d4e3ec6ae516988c992ea3866e6dfe22ee1af12f82b2cd73c460ec5ae2
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\permissions.sqlite-journal
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
sqlite
MD5: ecab16d3b0485e8e892958a77c0336b0
SHA256: 4ff5bf14f84cb29775f625e3a2c80ca822e9353450036efdfd5b4be647377f8c
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite-wal
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.jsonlz4
jsonlz4
MD5: 87086eb02113d41fc436fc923052c2ef
SHA256: 6ecc1e7e9ed6f95d2b600dff283e11c881563a3d5a67d7aa50b1307dbdf25b22
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.baklz4
jsonlz4
MD5: e7a7154a757394270dd0bdf047b2bf42
SHA256: 68162c4faf294e87502237aad601120a4921bb912d58ce6cb1bc23e19f28b749
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 91bb532803f2ba4396fbdc70e32f27ad
SHA256: 86f01fffb401408d7e7f75f908e5fa1246ada75e7fb3358aa6f317c2856a6a66
3576
firefox.exe
C:\Users\admin\AppData\Local\Temp\mz_etilqs_gmDEzUNVhWAjtdz
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: ce989985d9561d80a3570aa87c58899b
SHA256: 89ae72123d81355a25e06c6d6f9b86b34f407acc1083cf845497fde816822231
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\1D015190C6E9AF106093FE0E23CADFE7DCE5C0D6
cer
MD5: 8105b1aca02a8f1e00e9c29c5921724f
SHA256: 048712991efbae633f105fa82c85d0c29f60d2dfad26dd2338210744820a8c1c
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\D00A688072D5E651DFCBF1F615D0FF8CC68B8989
binary
MD5: f1e1a8c0c93c6ded2c0f14d19db1c850
SHA256: 79f026356b824583870889f304afdd62470fe8b096f1ffa750729af64eb16b5e
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\1EA7BF89DC6525298C79732BA96F91FE6B33F206
cer
MD5: a1cb1dc38fdb44c8c02c21cecf4d52f6
SHA256: d9cc92e3bb67a2e7d036accc10496410886664809dc43598c3a08b420562c7e7
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\C7BF762EDFF44AD7B5A6EE80EA52F7A62A020A23
binary
MD5: 3f20d593a1c75825606e189e80cbe353
SHA256: 2f4d1b4eb9df89b9f3468da956623c8e97b12f178534409700572019714e4b07
3576
firefox.exe
C:\Users\admin\AppData\Local\Temp\mz_etilqs_gwMOT0GS22w2Ivo
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\revocations.txt
text
MD5: 7ae76cdeba8d24fb60f2c0ea2ab3daa3
SHA256: b68e311a619088cf2ae3bfc0595bc579f6e339a702d8f958792dfb5485ee4093
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\revocations-1.txt
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Local\Temp\mz_etilqs_qW5QWcdbib5DJrc
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\F70D8C9D3E7D30072A56F7D30E16FE61B9E6338A
cer
MD5: 4ec762e4d98edceec751e02ca196b0d7
SHA256: eb91f5438f8a63de96c2a54d443984384fa4be7db58533d7ce7815e530458c72
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\B7C00C358947CB0687ECB87477D4E9526C9B4A02
binary
MD5: 7d71699c44136c517fdec677da2476d0
SHA256: 24b8a79e2bf34133eaa1298f08e116fbf2d4e449a32594b1c6203d3131e81bab
3576
firefox.exe
C:\Users\admin\AppData\Local\Temp\mz_etilqs_sbUgdpYiErSTIPe
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: adbc8d95b575d4d52bd06f3285b06cc1
SHA256: 78a9229c49b4ed465d96b8f68201025ad549dc9f61bd4d3aa0ca235983ee57c1
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\1EA7BF89DC6525298C79732BA96F91FE6B33F206
cer
MD5: 649b6e069bc1dc33944022be7f967c48
SHA256: 450fcc8217b73068fa061125d95e551992e933b11d29746a26db348946e3083c
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\6F618D9BE823CA6E365C6E938F07FDE5CD12D418
binary
MD5: 8d6b22abf21d74b97a2230cad491a92c
SHA256: 48fcd6d946737dbfb6a6e2f36335b1c115ad8c3579b48cf2b6f99ff8829c55aa
3576
firefox.exe
C:\Users\admin\AppData\Local\Temp\mz_etilqs_9FZLwgVSpy6Ns6s
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Local\Temp\mz_etilqs_mCVjfMr2zXoj6De
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\1EA7BF89DC6525298C79732BA96F91FE6B33F206
cer
MD5: 741466b6fe4b64c972f33ff5c1b046e3
SHA256: 4046a8d4db248ed8666b328fc8582153e26cdd1051a2e97b17689940de0093db
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\B386B2083F32B24ADA3AE7E57DBEFEB417F64F22
binary
MD5: 97721349863b1fcc03e1556da1d78903
SHA256: b138b0a3208ec1661d6bb398ac1193e381bbfee9506cbc76639c5a24965d5d36
3576
firefox.exe
C:\Users\admin\AppData\Local\Temp\mz_etilqs_KsoRRPBmVY5C77R
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 1b5e044a3615a6d99d015faeb4ea4463
SHA256: e2d91f5359330e70b657a3de42b6b48e88ea8f56f224a4831cf62749e62db293
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite-wal
binary
MD5: 4152799e18e1bb68f449a18737320390
SHA256: 8b087af0f4dd5a17707ac9c735f31c507e4b7b7ae3e90544d5a6d2bb75db9665
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
sqlite
MD5: 69835c42e02fe2f6ca42ec6e427e1fd3
SHA256: e91dc4541c1c6ee7c42004eb11d3462a2b24f9e6c3f4463fd6726881c6de9073
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite-journal
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\2B8FB3A7C1E8990CE64886D66718692D2B2ED2BC
binary
MD5: 7d1437106ffa4daedcc6b0f799ddfa9a
SHA256: 529987d1db2ac0d507238d698ad8d0271ea4a0a6b20171e82af4a3aa62c586b5
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\doomed\6797
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\214C226EAFC17BAFED01F197D63B72713B426A42
compressed
MD5: 7f0b7f09979882090d4bf3e62a6aa40a
SHA256: adb192bc4899169a4c506dd72af31a45cd1b7eb16fbaf9bcdff837a91fb6c64c
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\F2CBC8BA68101865B5DB7F881140A337EBF232A9
html
MD5: e258d17cc5c84fdf45f646dfa2ee8d3f
SHA256: 072d0a664f45a4901a9b82ee276a75c8ea22202c8168dd4f9e3faf373e7a211f
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\79DEB21ED526C39F57FB5363BA2918FBB8173D8A
binary
MD5: b0d0cf7613496a30c1ad6fbbf5880653
SHA256: ad7671e8081d420999eca75202b128d8a59ca42a3aacc6a6e0fa3c7e72adad42
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\4A3C37EF1F685F6A57932AFE76C7309244A4B6B3
binary
MD5: 702beefda4ece3d5ff849c70677fd242
SHA256: c877eebab2578ea28a98938832133b4fdd0b2345209124dbda4093fdec798244
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\35F14C74EB43CBFBC0CB93150EF3934FD907EE36
binary
MD5: b1f083d28dcf01c8beae3e03405a57ff
SHA256: 95025739b6f9225934b9577194fe97422795c65f41200be32e8ddc175c6e161d
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\746CF1235FADB937039E412B27B980D83FDDCB17
binary
MD5: d4049e0cc4bc6f8254701f4d3adfd1a7
SHA256: a5238b739c7cd02e265e3d251951b0379f230f936d554b310714c16f01820798
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\7985035E556ABA3B16D8D23BD485129685F1F34D
compressed
MD5: 112a21ce6a5d852d6e4977e583a9676c
SHA256: 7b819325f029021140626ee9eec0b65a97eedfe30573be9f4b66009948517065
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\F36F3A999291B9D0DFDA8CB9F75DB2BDEAFEC6CC
html
MD5: 43f5a434deb16e3f24219a2693b68383
SHA256: 2e1c686eae0ec2aa1c1cd52f37d25c6eab458877e2b26dab1c1c178bedf8693f
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\DEA439552D63163DAB6745E7BBE716C46053E5E9
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\D2A3953444AFC126E0697F3CA2BC42D356F33BF6
compressed
MD5: 48c626d082c8d8ca887d1b5aa642398a
SHA256: 26f87a5a1ba7411eee0ad121334914194c981a932d2c9eca5e229fa766b2a904
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\5384A098FFB46C4A92BB0E82536E49116D54FB10
compressed
MD5: c79376905198a3fa8ad8cbca6597e84c
SHA256: 4905aa82a6712057d18ea550bcbe2c427daa26410cd09b438e22b588323692f1
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\2592AF0C62CC6EDCED019CAAC4B395911642464C
compressed
MD5: 3ed56fe3bdcf5cc3e5f1459fec84e519
SHA256: c2162377e68e48aff69553ba4b4df3dbbc8289ea68a2ee25a0d06938aef7fc70
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\FDD6E1A677F2ECD324F7F8CFA615C0AB6A432310
binary
MD5: cfac48a8522a3e17a5522f938b64315f
SHA256: bf39a7a8a864fe7eb173a54fe1c15bb026ac0eab19c7a75915a8c9b73157a361
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\cert9.db
sqlite
MD5: d687a2ef0608d0b57c8c3347121d91b2
SHA256: dcd76bf6634ada7ec4bd2d0b2f8d88dfdc84e1d92062b05a57fd7fbf289903c2
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\cert9.db-journal
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\7FF32EB3FF129AC4D1147CB09A45EB4C3F78E3E8
compressed
MD5: 00e62c4bfea03d6bad795a71b804dca3
SHA256: 56d31317162d39970c606357bf9c668a606b0cafe8687a8eae34b781eb0dc5bb
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\B00B3EA3BE7C6D7605BF4B39A66E08A1A06AE61F
der
MD5: 0216a59e40ec4807017af063c490e0d8
SHA256: 0c3ec7629e9c087d8d54bc24f06b877574987a7ee0d13e4e702f82da7cc13615
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\2EEF460AC2546B8010E2E7251D0514CB2BD9DC07
der
MD5: 61bfb5bad27e6610255409f43e859762
SHA256: ea52e42ce49bb28c16700ca8c1d6ede346640e6e4cd44d05c10d1824d21d4930
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\D703AB582D234A6E9D4B7D0243A96BDE601DA5CA
compressed
MD5: f98bd41612e90d8622d785d535735fc5
SHA256: d1cb4c9df54e13e17278d97e9add92848ca2598aa8fe59e7608a76072c0a2d99
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\7985035E556ABA3B16D8D23BD485129685F1F34D
compressed
MD5: f6182fb676f32f76f94702126ffd7c71
SHA256: 983e81b4676b89f6badd3082239785680dd4667c757d48ca0b674a30a9fb0027
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\3CFE742653D4B82581B00FAD88E09DFF7C1F9517
txt
MD5: d2c635a825cd7d8b37b53dcc62d6b350
SHA256: 666f18da8c3936c6818ff298f64e555a2168f4bb2525968c65996195fd97fa9f
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\D622F991B8103E7D5CF82A2043FA130FE05CAB57
compressed
MD5: ede6a52566fa0250b6ace60c4f517f73
SHA256: 59b0c38ff23254ef400639fd787bc79465e48f02c34224bbb1fc89c80ac2c8d5
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\cert9.db
sqlite
MD5: 047285987273a211d9072c5915ebd135
SHA256: 56ebaa396f04b37c341453774802dbbd7dde55bc3f8f4185c486fd8b76d2d539
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.baklz4
jsonlz4
MD5: 8b2e19040c9c24110b6715ab53a04518
SHA256: 202e3bdf33882ad7caa3cd93e1c6872f166aa088cf7ee92b89885548ed1d2902
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.jsonlz4
jsonlz4
MD5: e7a7154a757394270dd0bdf047b2bf42
SHA256: 68162c4faf294e87502237aad601120a4921bb912d58ce6cb1bc23e19f28b749
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\95E65DD475B3C095BED2F0277376967503CCB2B1
compressed
MD5: 278ea957e1e2bb884a45a3f94f8dce75
SHA256: 358868ba274851772984b339d7e7ff4f3c4fa52e726deb9227f5df65fda73381
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\ACF80FCDEDD1291C3F8D4017043CDF1D41B73698
binary
MD5: fa74fdbac33d813373e7d518cd7b2b92
SHA256: 9bf25c6e40d9c1b384b2fa5368e32d098d45538878a316f67d1d260b9e9d0b09
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\19493B7339364CFFA7C4DA24E546CF467AAC83BE
compressed
MD5: e00d04a832489779b3c3651af977cb7c
SHA256: fd8a94dea41c23a91298bbbe306abc360e977c87facda7d5beefdeab57b06a19
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\FAA0A10E709C209A138F247A7340D3A20EF78D24
html
MD5: 64feea5a20169a6d7632df32467f0e8a
SHA256: fb5ba1881183e1cf3a1040dec696ba2db0ca84285360ae62815be345e63684db
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\F36F3A999291B9D0DFDA8CB9F75DB2BDEAFEC6CC
html
MD5: cd07fabfce52ab7605f05b43a450abfd
SHA256: 76eb15f47832405f49d38cc2877827baf27a6dcdffed18fce75c94c980072e90
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\C18DF774A9655A63B2FBB1E1FA35DFDC6E6D4A97
der
MD5: f6400f90a47f4513453567c0926773cd
SHA256: 104d611d626df0c9ed177c5202b42ca9b56f456b2f5f488e8f51b37f1bcd57fd
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\13937932A23F6B44D2CA8A5185DA268056035757
der
MD5: 8bc2a09fa8683bb70e2a0bad87a0c7ce
SHA256: 85f2f0bcea14f5060eaa4c20af755298a32df8af1d1ed1f86cf602b3403835e3
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\49B0982EB276E610C999A259A83BAC7EAC9A2600
binary
MD5: be295cea0ad733d1c629e1bb3a1e81c2
SHA256: a3cbb04245298b8a567aee3448df46a64417ee5fe2300b692f2df29d580f642f
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\223DACB313E5A0B453145BB8930A970D42D08296
der
MD5: 39f8ceb0cf2ec4b73e790acc4b1b44a1
SHA256: 653710ee8c56b0f767a33bdbfa33af1d24a71a3d5347689bf85228426322e3dc
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\4D9A5B563757E34B2FEA0DC4DF53A3A85596C332
html
MD5: c08979dbce67603fcb58ba5760b14a28
SHA256: 62c8aeb1a2ec7a028c608310514d715d5d505f023a799b9d9d2c06f9f796cbef
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\8F5E297623D5AF00B4B5417724B9FE119413F8B0
image
MD5: 9f9b45cb746a1fbaf431662a99833e86
SHA256: 9359e7cb2c3a2fa60b4f9ef8e4ddc592c8330250f06018aeddeb40ac1fe1388c
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\156B63ADA89E440D120F9B66A65A924E72DD3AED
compressed
MD5: 5010a5cf5dc1cba059431fe1c2f2e5bb
SHA256: 18affbb2b043e9c707417c3d126d524895966b38640785970bc2f3d9222997f0
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\E0E138FDE87774B0FC019A036C4951E01579551D
binary
MD5: f91ef88302a097e2bd7ee2f3728e2b4e
SHA256: 2534653073e3d45f4b59d3d6a29c610983c854d20af66dde947324a3846c29d3
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\ACA1A069C7BCE460EF793AF48BC1073CF5BFFF7D
image
MD5: 08434fc110053c54a815e79ee26a9009
SHA256: dd00fd94cc1088b232f8181e7f9ad2e326c9a35fb6d31cc47650ecffb17b9a04
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\F2CBC8BA68101865B5DB7F881140A337EBF232A9
html
MD5: 2c6d400376bc099521daf2a34dd514ff
SHA256: 9bd892e789eb4ba6b135110e973eb6daeda4b9874078912e8dfcf125da025114
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: b7b89ae2f7b03fcfdee9e994138ee470
SHA256: 1d74797b8d5d19beadde9a3087ca3122f1d18a20a98a5d0a4f070386c549792d
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite
sqlite
MD5: 8ac66b460b7a04658e9100b141754a03
SHA256: 62b2b803df08a59705cfb1fc423e7d6590bb6ce9bcd868e53f5d62165198f697
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite-wal
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite-shm
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1451318868ntouromlalnodry--epcr.sqlite-shm
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: e068696d977773e9bbf054677473aa8c
SHA256: 403543a258b3e1bd5ccc1ff9274a90dced14993656f154742abb5c98d6fe0b98
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache-child.bin
binary
MD5: 72b95eef8cdccb0891c737f3d2a0be22
SHA256: e60cbc1071b622e08c935dbec02b1a8f064d4aee894c04bca3f3d8ad13bc8b40
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache-child-new.bin
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache.bin
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache-new.bin
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\urlCache.bin
binary
MD5: 24583610253291890e3a6ee7b9af1ef9
SHA256: c80884e84dba81ba08c50f616dde24f220e20f0a2bd067e131bbdf41cde00c99
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\urlCache-new.bin
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-backup
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozstd-trackwhite-digest256-1.sbstore
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\base-track-digest256-1.sbstore
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.pset
binary
MD5: bc5e7287b991940b28dcd645957502ca
SHA256: e38cc3f5fa14aaf6d2626595c1c2cc501b7cfc489600eae637468e1424e26cc6
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.metadata
binary
MD5: 5c6fbb3f730e0ceb6a0ae27d35c2fc51
SHA256: 52cd79079ee4436aeb9e057c31932541676147752d56d82a1c1b763041e00741
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-phish-proto.pset
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto.metadata
binary
MD5: 8f882c4d679ca43b8d7f561ded6a12f5
SHA256: d21da3882285911e46c6df58560bd901c040314311b189c400c19ff9042011a8
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto.pset
binary
MD5: b4a133883c1bc23feeff8bdff141670e
SHA256: 60c8dc6e6aee692cfda92c26bd934a4c44d58149d7c4394a2c8cbe87457eb111
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto.pset
binary
MD5: 1b07a811172ac58d4891d41ada10af5c
SHA256: 57abc7a2a2538170f0d48f0fba95130120c335a60fc939d8557eaeaabc5ddb70
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-phish-proto.metadata
binary
MD5: cc1591e8662d6f08983362ec096d1942
SHA256: 4ea6319cf9a18420367810fa4c8d515cb595172c13c8400cb83c3824bb2ed023
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto.metadata
binary
MD5: 33e22bf5bc70bebb23aed940b76787a2
SHA256: 2489a4372113234cc09cb274d08d69cd719811c85ce0e1b8f93c57ed90fb500e
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 72ea2385c13aa7c68543db14841377d7
SHA256: 4afb2bd30e47a12463aef32aa4e2fad3fa2c8231e77b06a1b5ed608128bc3c09
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\6BEFC3994C2A30FEACB714FFD0E867F90E54B2E9
der
MD5: 2248402954aa2e59251a464c35f8d553
SHA256: 6f02100abf2c93c595d58bad430dc3565c30a91a000cd98b6823ecf4619cfa43
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto.pset
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto.metadata
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.metadata
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.pset
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto.metadata
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto.pset
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-phish-proto.metadata
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\25218EE79CFF5F3AC18C58CFDF44A674E3560C47
binary
MD5: cc50437dcf21690e27426493414df98a
SHA256: 99b9fc389c06f1257a5c7e4df79e2752babdfdd21a0cdcac042bfb6c34e2979a
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\addonStartup.json.lz4
jsonlz4
MD5: 7337d087ec76e87a76778b4eec5e8e63
SHA256: aa4398d1716aadeb35a4ddddc4e7d2429c71defd15cb45401938889f5b2f05e0
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\addonStartup.json.lz4.tmp
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.jsonlz4
jsonlz4
MD5: 8b2e19040c9c24110b6715ab53a04518
SHA256: 202e3bdf33882ad7caa3cd93e1c6872f166aa088cf7ee92b89885548ed1d2902
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\previous.jsonlz4
jsonlz4
MD5: 97ce580459a943b304de43f2fca70c48
SHA256: 368f3d7911e0ade59c90b08a226f57ecf4de77421063d0478b44615a4f7c9f2f
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\5059BACB93BB05E682A010DA9C5D3C75537308C1
der
MD5: cffa3986af0cc9ee5cca7a624bb66a08
SHA256: 19dccbe660a52b2a870f788b38b984dd4d8a47525b2ef8d6051e5f3ad7ed45a3
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\search.json.mozlz4
jsonlz4
MD5: c97eaac1ef896819be39f159a475833e
SHA256: 79d075724a723cf8fd38bd38f5bfe1ac6350bcb5f0d51cdc2a951b5f41abd129
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\search.json.mozlz4.tmp
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-block-simple.sbstore
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-block-simple.pset
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-block-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-trackwhite-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-trackwhite-simple.sbstore
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-trackwhite-simple.pset
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-track-simple.pset
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-track-simple.sbstore
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-track-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-harmful-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-harmful-simple.sbstore
binary
MD5: 051fb32dece757ba112ac36dc72e3a91
SHA256: 0806d98fb3de55f75d7c0b17e26146567e08c483031526659a4a35d09b97ef19
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-harmful-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-unwanted-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-unwanted-simple.sbstore
binary
MD5: a5695cc64d77967232b0c1344c6e72b3
SHA256: 042a22b8681d754671d2018ba109b31a53ee3728d48c6379043f8e3394e7fbad
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\430A42F0B01821F1C3BD5976B84590B97080A140
binary
MD5: ca41330b40fcb509493ab1e93a01f3f6
SHA256: 0731e475415169a0323ee06e4f0e197d0ae12cba869b7be938e7f2095b2ed9d8
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-unwanted-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-phish-simple.sbstore
binary
MD5: 3d1ce5e50208f0cb3b979186043a548f
SHA256: 1e13d05d482c3d533dc6035af2b2d6e84749412a5748d1435b70cec8b312340b
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-phish-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-phish-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\16A24D9DBE3BFAA442136FA22052DCA7EB422A55
ini
MD5: d669e8882479e8842412d40ee4d29217
SHA256: 6c356bb7fa195ce23e6d2687647d6e3271d12f4cfe8dd6f3766da56c021e477f
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-malware-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-malware-simple.sbstore
binary
MD5: 3675254e341df799d4307c1f59109185
SHA256: 23d108134bed6099793f7dd6b8b6e62081ec3b945efdbc7c5e0e779fd9b82f98
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-malware-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\doomed\4305
binary
MD5: 502ce89d9b0148f0378b5a280a8bfe80
SHA256: b7234aba0038b402c9f82172b236db7e1532ec45a5e74b485db756457e2cdada
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-trackwhite-simple.sbstore
binary
MD5: 65e942614eee70680464ac4be75019fc
SHA256: 34395085da32c8b4efe9959e3b0d756b43ffed17694d66f39b966cd331bd9a94
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-trackwhite-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-track-simple.sbstore
binary
MD5: 95f28ede25c301301f25fbbd9a3c56ec
SHA256: 87763df78772f7d750b0fa5a31eec23e931fd3bd1cbb33beddfc61889da36478
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-track-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-block-simple.sbstore
binary
MD5: e2cf527ca7550b7e7bdf7311e483a2c3
SHA256: f1e07b1d717433f47073dc54a7d98e3e87b3d0fa88e53466f93ea544af885d11
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-block-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozstd-trackwhite-digest256.sbstore
binary
MD5: d772261ff33497d3681e094f23282ffe
SHA256: 8ee76fa11d5a67f0c93766da3b1ac0c942020afba15b55a8750a896292cf4dce
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\49968F5AAF6C3D4E162E052C301E673D6E1D2552
binary
MD5: 4c1c6e8b57bac90242fd7aee5113e27f
SHA256: 3b429aa38a7f51a6d59bce7e07839070cc3ec1b51baf3ebcaf4b952a3756526f
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozplugin-block-digest256.sbstore
binary
MD5: d6acf2573e12afdd7939568804d3fcc1
SHA256: 5525cbf8f8dc41d19ac632ed324e55293a510ae0eeba16d0e3f33c707aa58a0c
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozstd-trackwhite-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozplugin-block-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.metadata
binary
MD5: eb744b05b13e9410146dab0bd459efa0
SHA256: bfde7f131200eb06c1d54b03d2ce1be1ff31062e8009c937243464712dcd2d50
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.pset
binary
MD5: 72e2352f7976b0dd90f2a68047493b8c
SHA256: e0d74336b6c041b6087a697dd7f65fa1da7ea035e202e3d977cc6a7e5bdc13a8
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\doomed\14763
binary
MD5: 00845cfa655570ede0374d9c0df85b59
SHA256: a421e6f7103b60091014b90f4118ae00b723d80599d4356e3e150b8f2be2359d
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto.pset
binary
MD5: e608435b687616692a96462e1ac26756
SHA256: 6aa8ee3813d86411d8073a4c2f850b1e8e734c3759d860cbe54ec7f378a82a52
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-phish-proto.metadata
binary
MD5: ddf263974b1925672d369bbcc8f830de
SHA256: 92a7323dd7eb199618a1e2e823a71919285a70196bfe627808c66cf1c1f3c8e3
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto.metadata
binary
MD5: 704df61fa2e3f587b268ad85126bc689
SHA256: 7e97db3c9370a35f59a6a649e6cf608e4f5ed572f87f433ea652977ac2cc48d5
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto.pset
binary
MD5: 844aff63a5f67cd54d9814b7b54abf18
SHA256: 8985970b72a7bcfcf54c4a2474c36ea9a911ab3672881ee299d58f5a4e64e690
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-downloadwhite-proto.metadata
binary
MD5: 498dae4e538658a57f464748f2dabfda
SHA256: 8778f52cd9cb4f4787bf7ba18006d212f8c3004652d163f7786556a8eef3a067
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-downloadwhite-proto.pset
binary
MD5: 7655fffe7cfbe1ebf96afea5fe2e1376
SHA256: ff2f663c4e453706b7817109f6a43e8b3389e8cfb1b7d64aace2bfba45f3a359
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto.metadata
binary
MD5: 778202e2ee08f4b4073413c0b03e05fc
SHA256: 33147037ce75ec0a48b3da60d619bc76c2471f5f20c15f9d075671de2067cfb0
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashsubdoc-digest256.sbstore
binary
MD5: ba0009932844173bc8f9af264229df24
SHA256: 66d1c00c04d86e313e9a02775cdf906b1be8d4cd6bef423a1b9e21cc4e9f50c1
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashsubdoc-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashallow-digest256.sbstore
binary
MD5: 6f85bc4b2ecb49e26b0bd83a821065d0
SHA256: c0b3bc9b3dc507ab654caf72d13c3aefa58c9b13b1e4d14dd8816712d80a7e54
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashallow-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flash-digest256.sbstore
binary
MD5: c921d8e98fa01b4f303481e112202e92
SHA256: 4ef1038730ec8bc7206713c29a936768831b922c5e6c83355fd62d7401d8c1dc
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flash-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flashsubdoc-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flashsubdoc-digest256.sbstore
binary
MD5: 04824a1f92353f43ebb9e7f74b7476fd
SHA256: b48e58ebab82e4c376f16150a3fff850c1111ff1f5985d68819cfd6f0db159d2
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flash-digest256.sbstore
binary
MD5: 0e8fe60ccd7e9b4c32589a5743a95302
SHA256: 2b124d4026850a3cffd28dbacb58aec28f7dcd4d40bc14e52bbe96d60ce4e749
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\441F37FF068B1CB5FE2FE080871A67724CA2629D
der
MD5: fe0ce78f21a973c1d914635e6a1d0afd
SHA256: 723c3272d6ebeadffd0edd798a06858d18c420a8f3b14c7d8b3db88bdd1cd9e8
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flash-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3561288849sdhlie.sqlite-shm
binary
MD5: b7c14ec6110fa820ca6b65f5aec85911
SHA256: fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\base-track-digest256.sbstore
binary
MD5: 23e438fd4af1829d4469ff8d0bc83854
SHA256: 96e0d7644aea81d26f039ae633eb405583e11b020363090dac5cad9b4b188846
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\base-track-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\2918063365piupsah.sqlite-shm
binary
MD5: b7c14ec6110fa820ca6b65f5aec85911
SHA256: fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\allow-flashallow-digest256.sbstore
binary
MD5: d886a47c89d9c49c795da345bc236990
SHA256: a03c5e2656d2f292bf5794c8eeb8d223cd6ba4f4bfb2ed1f325460e879d0bcf7
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\allow-flashallow-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1451318868ntouromlalnodry--epcr.sqlite-shm
binary
MD5: b7c14ec6110fa820ca6b65f5aec85911
SHA256: fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\A4F58CBF6889E0B35C633F4612D52C30FADF3B72
der
MD5: 22dbbebecd8d1dbf7d7ff6fbc15d4994
SHA256: acb8a7e3b2eb5a0ef80e983d1b345c0321f05b42c7744c615b32d5eb2fff96f2
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionCheckpoints.json.tmp
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionCheckpoints.json
text
MD5: c4ab2ee59ca41b6d6a6ea911f35bdc00
SHA256: 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 21422ad353db47c68ad06cd84a9e3a3c
SHA256: 7fe9d79bca6de8adc596869c98173c96d4cd64046955d42b349855c101c25973
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionCheckpoints.json
text
MD5: ea8b62857dfdbd3d0be7d7e4a954ec9a
SHA256: 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 8f89a5889e1615f65674daf6a01a2454
SHA256: f6d3fde91836d607a3311a6e0a12463c811f791a9f231d2ff8542d772fa22ed7
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\cookies.sqlite-shm
binary
MD5: b7c14ec6110fa820ca6b65f5aec85911
SHA256: fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\trash5087
––
MD5:  ––
SHA256:  ––
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\urlCache-current.bin
binary
MD5: 6c32cb3fd01869207e7aae8b28598f29
SHA256: 4f8ecf8007f6cc603991256aacf38224adba7d0a16685706072d1aadc0604303
3576
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache-child-current.bin
binary
MD5: 82f61c08d68502377826ca7ea054cea7
SHA256: 85801bce5d7ce3a2abc14e3208151ac9d324a6ea82fb2ada1d10baa8ef58e7df
3576
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs-1.js
––
MD5:  ––
SHA256:  ––

Find more information of the staic content and download it at the full report

Network activity

HTTP(S) requests
53
TCP/UDP connections
63
DNS requests
142
Threats
0

HTTP requests

PID Process Method HTTP Code IP URL CN Type Size Reputation
3576 firefox.exe GET 200 88.221.144.128:80 http://detectportal.firefox.com/success.txt IT
text
whitelisted
3576 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
whitelisted
3576 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
whitelisted
3576 firefox.exe POST 200 172.217.23.131:80 http://ocsp.pki.goog/GTSGIAG3 US
binary
der
whitelisted
3576 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
whitelisted
3576 firefox.exe GET 302 103.224.182.252:80 http://12puvapp01.fannieae.com/ AU
––
––
malicious
3576 firefox.exe GET 200 199.59.242.151:80 http://ww25.12puvapp01.fannieae.com/ US
html
malicious
3576 firefox.exe GET 200 199.59.242.151:80 http://ww25.12puvapp01.fannieae.com/px.gif?ch=1&rn=6.04155432212345 US
image
malicious
3576 firefox.exe GET 200 199.59.242.151:80 http://ww25.12puvapp01.fannieae.com/px.gif?ch=2&rn=6.04155432212345 US
image
malicious
3576 firefox.exe GET 200 216.58.207.68:80 http://www.google.com/adsense/domains/caf.js US
text
whitelisted
3576 firefox.exe GET 404 199.59.242.151:80 http://ww25.12puvapp01.fannieae.com/favicon.ico US
html
malicious
3576 firefox.exe GET 200 199.59.242.151:80 http://ww25.12puvapp01.fannieae.com/glp?r=&u=http%3A%2F%2Fww25.12puvapp01.fannieae.com%2F&rw=1280&rh=720&ww=1280&wh=587 US
text
malicious
3576 firefox.exe POST 200 199.59.242.151:80 http://ww25.12puvapp01.fannieae.com/gzb US
text
text
malicious
3576 firefox.exe POST 200 172.217.23.131:80 http://ocsp.pki.goog/GTSGIAG3 US
binary
der
whitelisted
3576 firefox.exe POST 200 172.217.23.131:80 http://ocsp.pki.goog/GTSGIAG3 US
binary
der
whitelisted
3576 firefox.exe POST 200 172.217.23.131:80 http://ocsp.pki.goog/GTSGIAG3 US
binary
der
whitelisted
3576 firefox.exe GET 302 199.59.242.151:80 http://ww25.12puvapp01.fannieae.com/rz?u=http%3A%2F%2Fmediadiscovery.net&notadsafe US
text
text
malicious
3576 firefox.exe GET 200 199.59.242.168:80 http://mediadiscovery.net/ US
html
unknown
3576 firefox.exe GET 200 199.59.242.168:80 http://mediadiscovery.net/favicon.ico US
html
unknown
3576 firefox.exe GET 200 64.74.236.51:80 http://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1560296651133&sessionId=5297a95b-2cd6-3564-4b92-9b948fad7d71&url=mediadiscovery.net&cheqSource=1&cheqEvent=2 US
text
whitelisted
3576 firefox.exe GET 200 89.187.169.79:80 http://ob.cheqzone.com/placement_invocation?id=65349&idx=0 CZ
text
whitelisted
3576 firefox.exe GET 200 64.74.236.51:80 http://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1560296651643&sessionId=5297a95b-2cd6-3564-4b92-9b948fad7d71&url=mediadiscovery.net&cheqSource=1&cheqEvent=0&exitReason=3 US
text
whitelisted
3576 firefox.exe GET 200 151.101.2.2:80 http://odb.outbrain.com/utils/get?url=%20&settings=true&recs=true&widgetJSId=TF_6&key=NANOWDGT01&idx=0&version=01020806&apv=false&sig=7G3hNSP0&format=html&rand=70239&osLang=en-US&winW=1280&winH=587&scrW=1280&scrH=720&adblck=false&clid=5297a95b-2cd6-3564-4b92-9b948fad7d71&fdu=mediadiscovery.net&va=true&cmpStat=0&ref=http%3A%2F%2Fww25.12puvapp01.fannieae.com%2F US
compressed
whitelisted
3576 firefox.exe GET 200 2.18.234.190:80 http://widgets.outbrain.com/widgetOBUserSync/obUserSync.html unknown
html
whitelisted
3576 firefox.exe GET 307 34.95.92.78:80 http://idsync.rlcdn.com/420046.gif?partner_uid=IY2L3Fi3CoaRfFhPT9h31zcGZtpHKWB6gt1KWx9woepl8lKRLIYBann-ITOoQ5iZ US
––
––
whitelisted
3576 firefox.exe GET 200 2.16.186.51:80 http://b.scorecardresearch.com/beacon.js unknown
text
whitelisted
3576 firefox.exe GET 302 2.16.186.51:80 http://b.scorecardresearch.com/b?c1=7&c2=14320224&c3=26018&cs_ucfr=1&ns__t=1560296652315&ns_c=windows-1252&ns_if=1&cv=3.1&c8=&c7=http%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2FobUserSync.html%23pid%3D26018%26dmpenabled%3Dtrue%26filterDMP%3DOEN%26csenabled%3Dtrue%26d%3DIY2L3Fi3CoaRfFhPT9h31zcGZtpHKWB6gt1KWx9woepl8lKRLIYBann-ITOoQ5iZ%26gdpr%3D1%26cmpNeeded%3Dfalse&c9=http%3A%2F%2Fmediadiscovery.net%2F unknown
compressed
whitelisted
3576 firefox.exe GET 200 151.101.2.2:80 http://odb.outbrain.com/utils/get?url=http%3A%2F%2Fmediadiscovery.net%2F&settings=true&recs=true&widgetJSId=TF_1&key=NANOWDGT01&idx=1&version=01020806&apv=false&sig=7G3hNSP0&format=html&rand=67700&lsd=06ff7887-f989-4e06-bf69-4c2aa61ca8df&lsdt=1560296652109&osLang=en-US&t=MV9lMmUxMGQ4MjYwMDIzNDhmYjIwNDUxNTBlYjQ1OWEzMl8w&winW=1280&winH=587&scrW=1280&scrH=720&adblck=false&clid=5297a95b-2cd6-3564-4b92-9b948fad7d71&fdu=mediadiscovery.net&va=true&cmpStat=0&ref=http%3A%2F%2Fww25.12puvapp01.fannieae.com%2F US
compressed
whitelisted
3576 firefox.exe GET 204 2.16.186.51:80 http://b.scorecardresearch.com/b2?c1=7&c2=14320224&c3=26018&cs_ucfr=1&ns__t=1560296652315&ns_c=windows-1252&ns_if=1&cv=3.1&c8=&c7=http%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2FobUserSync.html%23pid%3D26018%26dmpenabled%3Dtrue%26filterDMP%3DOEN%26csenabled%3Dtrue%26d%3DIY2L3Fi3CoaRfFhPT9h31zcGZtpHKWB6gt1KWx9woepl8lKRLIYBann-ITOoQ5iZ%26gdpr%3D1%26cmpNeeded%3Dfalse&c9=http%3A%2F%2Fmediadiscovery.net%2F unknown
compressed
whitelisted
3576 firefox.exe POST 200 93.184.220.29:80 http://status.thawte.com/ US
binary
der
whitelisted
3576 firefox.exe POST 200 93.184.220.29:80 http://status.thawte.com/ US
binary
der
whitelisted
3576 firefox.exe GET 307 34.95.92.78:80 http://idsync.rlcdn.com/1000.gif?memo=CM7RGRJMCkgIARC-ngEaQElZMkwzRmkzQ29hUmZGaFBUOWgzMXpjR1p0cEhLV0I2Z3QxS1d4OXdvZXBsOGxLUkxJWUJhbm4tSVRPb1E1aVoQABoNCMz5gOgFEgUI6AcQAEIASgA US
––
––
whitelisted
3576 firefox.exe GET 204 107.178.254.65:80 http://pippio.com/api/sync?pid=5324&it=1&iv=a9d620488b33bdce2074d5f613718ad19abc0b3726ac42c9773a7beb90ed2be6791426b5417dce21&_=2 US
––
––
whitelisted
3576 firefox.exe GET 200 151.101.2.2:80 http://odb.outbrain.com/utils/get?url=http%3A%2F%2Fmediadiscovery.net%2F&settings=true&recs=true&widgetJSId=TF_2&key=NANOWDGT01&idx=2&version=01020806&apv=false&sig=7G3hNSP0&format=html&rand=40901&lsd=06ff7887-f989-4e06-bf69-4c2aa61ca8df&lsdt=1560296652109&osLang=en-US&t=MV9lMmUxMGQ4MjYwMDIzNDhmYjIwNDUxNTBlYjQ1OWEzMl8w&winW=1280&winH=587&scrW=1280&scrH=720&adblck=false&clss=KTPlkUv%2FBXWh2gc5fmH%2BMCSS8Nu9sIUG1XIScMZ2Nfd9mg6vsi9Uhlc%2BhozD0pUMVI6xB6hJ9n4p3A3u&va=true&cmpStat=0&ref=http%3A%2F%2Fww25.12puvapp01.fannieae.com%2F US
compressed
whitelisted
3576 firefox.exe GET 200 151.101.2.2:80 http://odb.outbrain.com/utils/get?url=http%3A%2F%2Fmediadiscovery.net%2F&settings=true&recs=true&widgetJSId=TF_3&key=NANOWDGT01&idx=3&version=01020806&apv=false&sig=7G3hNSP0&format=html&rand=71791&lsd=06ff7887-f989-4e06-bf69-4c2aa61ca8df&lsdt=1560296652109&osLang=en-US&t=MV9lMmUxMGQ4MjYwMDIzNDhmYjIwNDUxNTBlYjQ1OWEzMl8w&winW=1280&winH=587&scrW=1280&scrH=720&adblck=false&clss=KTPlkUv%2FBXWh2gc5fmH%2BMCSS8Nu9sIUG1XIScMZ2Nfd9mg6vsi9Uhlc%2BhozD0pUMVI6xB6hJ9n4p3A3u&va=true&cmpStat=0&ref=http%3A%2F%2Fww25.12puvapp01.fannieae.com%2F US
compressed
whitelisted
3576 firefox.exe GET 200 151.101.2.2:80 http://odb.outbrain.com/utils/get?url=http%3A%2F%2Fmediadiscovery.net%2F&settings=true&recs=true&widgetJSId=TF_4&key=NANOWDGT01&idx=4&version=01020806&apv=false&sig=7G3hNSP0&format=html&rand=45670&lsd=06ff7887-f989-4e06-bf69-4c2aa61ca8df&lsdt=1560296652109&osLang=en-US&t=MV9lMmUxMGQ4MjYwMDIzNDhmYjIwNDUxNTBlYjQ1OWEzMl8w&winW=1280&winH=587&scrW=1280&scrH=720&adblck=false&clss=KTPlkUv%2FBXWh2gc5fmH%2BMCSS8Nu9sIUG1XIScMZ2Nfd9mg6vsi9Uhlc%2BhozD0pUMVI6xB6hJ9n4p3A3u&va=true&cmpStat=0&ref=http%3A%2F%2Fww25.12puvapp01.fannieae.com%2F US
compressed
whitelisted
3576 firefox.exe GET 200 151.101.2.2:80 http://odb.outbrain.com/utils/get?url=http%3A%2F%2Fmediadiscovery.net%2F&settings=true&recs=true&widgetJSId=TF_5&key=NANOWDGT01&idx=5&version=01020806&apv=false&sig=7G3hNSP0&format=html&rand=70013&lsd=06ff7887-f989-4e06-bf69-4c2aa61ca8df&lsdt=1560296652109&osLang=en-US&t=MV9lMmUxMGQ4MjYwMDIzNDhmYjIwNDUxNTBlYjQ1OWEzMl8w&winW=1280&winH=587&scrW=1280&scrH=720&adblck=false&clss=KTPlkUv%2FBXWh2gc5fmH%2BMCSS8Nu9sIUG1XIScMZ2Nfd9mg6vsi9Uhlc%2BhozD0pUMVI6xB6hJ9n4p3A3u&va=true&cmpStat=0&ref=http%3A%2F%2Fww25.12puvapp01.fannieae.com%2F US
compressed
whitelisted
3576 firefox.exe GET 200 64.74.236.51:80 http://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1560296682662&sessionId=2216ee52-ffba-d641-6c19-5aef4d7580e0&url=mediadiscovery.net&cheqSource=1&cheqEvent=2 US
text
whitelisted
3576 firefox.exe GET 200 64.74.236.51:80 http://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1560296682833&sessionId=2216ee52-ffba-d641-6c19-5aef4d7580e0&url=mediadiscovery.net&cheqSource=1&cheqEvent=0&exitReason=4&responseTime=167 US
text
whitelisted
3576 firefox.exe GET 200 151.101.2.2:80 http://odb.outbrain.com/utils/get?url=%20&settings=true&recs=true&widgetJSId=TF_6&key=NANOWDGT01&lastPvTs=31189&idx=0&version=01020806&apv=false&sig=7G3hNSP0&format=html&rand=54288&lsd=06ff7887-f989-4e06-bf69-4c2aa61ca8df&lsdt=1560296652109&osLang=en-US&winW=1280&winH=618&scrW=1280&scrH=720&adblck=false&clss=Tc6wfrW7mot1ooIlHOq1BT9hbLOcawnDMuz0LWcOIhJUVcNEtxfCd%2FYTC9pPDZ%2BVLFIOgq%2BxXkqWYXlo&va=true&cmpStat=0&ref= US
compressed
whitelisted
3576 firefox.exe GET 204 2.16.186.51:80 http://b.scorecardresearch.com/b?c1=7&c2=14320224&c3=26018&cs_ucfr=1&ns__t=1560296683140&ns_c=windows-1252&ns_if=1&cv=3.1&c8=&c7=http%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2FobUserSync.html%23pid%3D26018%26dmpenabled%3Dtrue%26filterDMP%3DOEN%26csenabled%3Dtrue%26d%3DIY2L3Fi3CoaRfFhPT9h31zcGZtpHKWB6gt1KWx9woepl8lKRLIYBann-ITOoQ5iZ%26gdpr%3D1%26cmpNeeded%3Dfalse&c9=http%3A%2F%2Fmediadiscovery.net%2F unknown
compressed
whitelisted
3576 firefox.exe GET 200 40.113.136.100:80 http://px.powerlinks.com/user/sync/ssps?userId=IY2L3Fi3CoaRfFhPT9h31zcGZtpHKWB6gt1KWx9woepl8lKRLIYBann-ITOoQ5iZ&sourceId=9720221e-17c0-4db1-939f-9b2940f98506&rurl=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpowerlinks%26uid%3D%24%7BUSER%7D%26obUid%3D$D NL
image
whitelisted
3576 firefox.exe GET 200 151.101.2.2:80 http://odb.outbrain.com/utils/get?url=http%3A%2F%2Fmediadiscovery.net%2F&settings=true&recs=true&widgetJSId=TF_1&key=NANOWDGT01&idx=1&version=01020806&apv=false&sig=7G3hNSP0&format=html&rand=95045&lsd=06ff7887-f989-4e06-bf69-4c2aa61ca8df&lsdt=1560296652109&osLang=en-US&t=MV9lZDE0ZWM3MjNkMzhhYTY1Yzk2NjQ0M2I4Yzc4NDYwY18w&winW=1280&winH=618&scrW=1280&scrH=720&adblck=false&clss=Tc6wfrW7mot1ooIlHOq1BT9hbLOcawnDMuz0LWcOIhJUVcNEtxfCd%2FYTC9pPDZ%2BVLFIOgq%2BxXkqWYXlo&va=true&cmpStat=0&ref= US
compressed
whitelisted
3576 firefox.exe GET 200 151.101.2.2:80 http://odb.outbrain.com/utils/get?url=http%3A%2F%2Fmediadiscovery.net%2F&settings=true&recs=true&widgetJSId=TF_2&key=NANOWDGT01&idx=2&version=01020806&apv=false&sig=7G3hNSP0&format=html&rand=57289&lsd=06ff7887-f989-4e06-bf69-4c2aa61ca8df&lsdt=1560296652109&osLang=en-US&t=MV9lZDE0ZWM3MjNkMzhhYTY1Yzk2NjQ0M2I4Yzc4NDYwY18w&winW=1280&winH=618&scrW=1280&scrH=720&adblck=false&clss=Tc6wfrW7mot1ooIlHOq1BT9hbLOcawnDMuz0LWcOIhJUVcNEtxfCd%2FYTC9pPDZ%2BVLFIOgq%2BxXkqWYXlo&va=true&cmpStat=0&ref= US
compressed
whitelisted
3576 firefox.exe GET 200 151.101.2.2:80 http://odb.outbrain.com/utils/get?url=http%3A%2F%2Fmediadiscovery.net%2F&settings=true&recs=true&widgetJSId=TF_3&key=NANOWDGT01&idx=3&version=01020806&apv=false&sig=7G3hNSP0&format=html&rand=21357&lsd=06ff7887-f989-4e06-bf69-4c2aa61ca8df&lsdt=1560296652109&osLang=en-US&t=MV9lZDE0ZWM3MjNkMzhhYTY1Yzk2NjQ0M2I4Yzc4NDYwY18w&winW=1280&winH=618&scrW=1280&scrH=720&adblck=false&clss=Tc6wfrW7mot1ooIlHOq1BT9hbLOcawnDMuz0LWcOIhJUVcNEtxfCd%2FYTC9pPDZ%2BVLFIOgq%2BxXkqWYXlo&va=true&cmpStat=0&ref= US
compressed
whitelisted
3576 firefox.exe GET 200 151.101.2.2:80 http://odb.outbrain.com/utils/get?url=http%3A%2F%2Fmediadiscovery.net%2F&settings=true&recs=true&widgetJSId=TF_4&key=NANOWDGT01&idx=4&version=01020806&apv=false&sig=7G3hNSP0&format=html&rand=15419&lsd=06ff7887-f989-4e06-bf69-4c2aa61ca8df&lsdt=1560296652109&osLang=en-US&t=MV9lZDE0ZWM3MjNkMzhhYTY1Yzk2NjQ0M2I4Yzc4NDYwY18w&winW=1280&winH=618&scrW=1280&scrH=720&adblck=false&clss=Tc6wfrW7mot1ooIlHOq1BT9hbLOcawnDMuz0LWcOIhJUVcNEtxfCd%2FYTC9pPDZ%2BVLFIOgq%2BxXkqWYXlo&va=true&cmpStat=0&ref= US
compressed
whitelisted
3576 firefox.exe GET 200 151.101.2.2:80 http://odb.outbrain.com/utils/get?url=http%3A%2F%2Fmediadiscovery.net%2F&settings=true&recs=true&widgetJSId=TF_5&key=NANOWDGT01&idx=5&version=01020806&apv=false&sig=7G3hNSP0&format=html&rand=2324&lsd=06ff7887-f989-4e06-bf69-4c2aa61ca8df&lsdt=1560296652109&osLang=en-US&t=MV9lZDE0ZWM3MjNkMzhhYTY1Yzk2NjQ0M2I4Yzc4NDYwY18w&winW=1280&winH=618&scrW=1280&scrH=720&adblck=false&clss=Tc6wfrW7mot1ooIlHOq1BT9hbLOcawnDMuz0LWcOIhJUVcNEtxfCd%2FYTC9pPDZ%2BVLFIOgq%2BxXkqWYXlo&va=true&cmpStat=0&ref= US
compressed
whitelisted
3576 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
whitelisted
3576 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
whitelisted
3576 firefox.exe GET 200 88.221.144.128:80 http://detectportal.firefox.com/success.txt IT
text
whitelisted
3576 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
whitelisted
3576 firefox.exe POST 200 172.217.23.131:80 http://ocsp.pki.goog/GTSGIAG3 US
binary
der
whitelisted
3576 firefox.exe POST 200 172.217.23.131:80 http://ocsp.pki.goog/GTSGIAG3 US
binary
der
whitelisted

Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID Process IP ASN CN Reputation
3576 firefox.exe 52.34.120.127:443 Amazon.com, Inc. US unknown
3576 firefox.exe 88.221.144.128:80 Akamai International B.V. IT unknown
3576 firefox.exe 93.184.220.29:80 MCI Communications Services, Inc. d/b/a Verizon Business US whitelisted
3576 firefox.exe 54.190.222.97:443 Amazon.com, Inc. US malicious
3576 firefox.exe 35.164.130.113:443 Amazon.com, Inc. US unknown
3576 firefox.exe 143.204.173.62:443 US unknown
3576 firefox.exe 172.217.21.234:443 Google Inc. US whitelisted
3576 firefox.exe 172.217.23.131:80 Google Inc. US whitelisted
3576 firefox.exe 52.88.72.192:443 Amazon.com, Inc. US unknown
3576 firefox.exe 143.204.181.26:443 US unknown
–– –– 103.224.182.252:80 Trellian Pty. Limited AU malicious
3576 firefox.exe 199.59.242.151:80 Bodis, LLC US malicious
3576 firefox.exe 216.58.207.68:80 Google Inc. US whitelisted
3576 firefox.exe 172.217.22.42:443 Google Inc. US whitelisted
3576 firefox.exe 216.58.210.3:443 Google Inc. US whitelisted
3576 firefox.exe 199.59.242.168:80 Bodis, LLC US unknown
3576 firefox.exe 2.18.234.190:443 Akamai International B.V. –– whitelisted
3576 firefox.exe 2.18.232.28:443 Akamai International B.V. –– whitelisted
3576 firefox.exe 64.74.236.51:80 Internap Network Services Corporation US unknown
3576 firefox.exe 89.187.169.79:80 CZ unknown
3576 firefox.exe 35.172.132.19:443 Amazon.com, Inc. US unknown
3576 firefox.exe 151.101.2.2:80 Fastly US shared
3576 firefox.exe 64.74.236.51:443 Internap Network Services Corporation US unknown
3576 firefox.exe 2.18.234.190:80 Akamai International B.V. –– whitelisted
3576 firefox.exe 34.95.92.78:80 US malicious
3576 firefox.exe 2.16.186.51:80 Akamai International B.V. –– whitelisted
3576 firefox.exe 107.178.254.65:80 Google Inc. US whitelisted
3576 firefox.exe 143.204.181.109:443 US unknown
3576 firefox.exe 143.204.181.73:443 US unknown
3576 firefox.exe 40.113.136.100:80 Microsoft Corporation NL unknown
3576 firefox.exe 35.160.159.212:443 Amazon.com, Inc. US unknown
3576 firefox.exe 52.40.226.98:443 Amazon.com, Inc. US unknown
3576 firefox.exe 52.11.213.147:443 Amazon.com, Inc. US unknown
3576 firefox.exe 216.58.205.238:443 Google Inc. US whitelisted
3576 firefox.exe 173.194.183.103:443 Google Inc. US whitelisted
3576 firefox.exe 52.34.248.21:443 Amazon.com, Inc. US unknown

DNS requests

Domain IP Reputation
detectportal.firefox.com 88.221.144.128
88.221.144.105
whitelisted
aus5.mozilla.org 52.34.120.127
52.40.226.98
34.218.159.169
52.34.127.169
52.35.34.27
54.213.5.202
52.43.79.30
35.161.58.143
whitelisted
balrog-aus5.r53-2.services.mozilla.com 35.161.58.143
52.43.79.30
54.213.5.202
52.35.34.27
52.34.127.169
34.218.159.169
52.40.226.98
52.34.120.127
whitelisted
a1089.dscd.akamai.net 88.221.144.105
88.221.144.128
whitelisted
ocsp.digicert.com 93.184.220.29
whitelisted
cs9.wac.phicdn.net 93.184.220.29
whitelisted
search.services.mozilla.com 54.190.222.97
52.11.30.237
34.215.70.240
whitelisted
search.r53-2.services.mozilla.com 34.215.70.240
52.11.30.237
54.190.222.97
whitelisted
tiles.services.mozilla.com 35.164.130.113
52.26.103.165
34.210.151.118
34.208.138.0
54.186.163.246
52.25.71.236
34.213.89.114
34.209.86.85
whitelisted
tiles.r53-2.services.mozilla.com 34.209.86.85
34.213.89.114
52.25.71.236
54.186.163.246
34.208.138.0
34.210.151.118
52.26.103.165
35.164.130.113
whitelisted
snippets.cdn.mozilla.net 143.204.173.62
whitelisted
drcwo519tnci7.cloudfront.net 143.204.173.62
whitelisted
safebrowsing.googleapis.com 172.217.21.234
whitelisted
ocsp.pki.goog 172.217.23.131
whitelisted
pki-goog.l.google.com 172.217.23.131
whitelisted
www.youtube.com 172.217.23.174
172.217.21.206
216.58.205.238
172.217.21.238
172.217.22.14
172.217.18.14
172.217.18.174
172.217.23.142
216.58.206.14
216.58.207.46
172.217.16.174
172.217.16.142
172.217.22.46
172.217.22.78
216.58.210.14
172.217.18.110
whitelisted
www.amazon.de 143.204.180.137
whitelisted
www.facebook.com 185.60.216.35
whitelisted
star-mini.c10r.facebook.com 185.60.216.35
whitelisted
youtube-ui.l.google.com 172.217.18.110
216.58.210.14
172.217.22.78
172.217.22.46
172.217.16.142
172.217.16.174
216.58.207.46
216.58.206.14
172.217.23.142
172.217.18.174
172.217.18.14
172.217.22.14
172.217.21.238
216.58.205.238
172.217.21.206
172.217.23.174
whitelisted
djvbdz1obemzo.cloudfront.net 143.204.180.137
whitelisted
www.ebay.de 2.18.234.244
whitelisted
www.wikipedia.org 91.198.174.192
whitelisted
www.reddit.com 151.101.1.140
151.101.65.140
151.101.129.140
151.101.193.140
whitelisted
dyna.wikimedia.org 91.198.174.192
whitelisted
e11847.g.akamaiedge.net No response whitelisted
reddit.map.fastly.net 151.101.193.140
151.101.129.140
151.101.65.140
151.101.1.140
whitelisted
www.mozilla.org 104.16.41.2
104.16.40.2
whitelisted
www.mozilla.org.cdn.cloudflare.net 104.16.40.2
104.16.41.2
whitelisted
shavar.services.mozilla.com 52.88.72.192
54.187.176.55
34.212.119.231
54.186.120.41
52.32.141.83
54.201.35.95
whitelisted
shavar.prod.mozaws.net 54.201.35.95
52.32.141.83
54.186.120.41
34.212.119.231
54.187.176.55
52.88.72.192
whitelisted
tracking-protection.cdn.mozilla.net 143.204.181.26
143.204.181.70
143.204.181.28
143.204.181.69
whitelisted
d1zkz3k4cclnv6.cloudfront.net 143.204.181.69
143.204.181.28
143.204.181.70
143.204.181.26
whitelisted
12puvapp01.fannieae.com 103.224.182.252
unknown
ww25.12puvapp01.fannieae.com 199.59.242.151
malicious
parking.bodis.com 199.59.242.151
malicious
www.google.com 216.58.207.68
whitelisted
fonts.googleapis.com 172.217.22.42
whitelisted
googleadapis.l.google.com 172.217.22.42
whitelisted
fonts.gstatic.com 216.58.210.3
whitelisted
gstaticadssl.l.google.com 216.58.210.3
whitelisted
mediadiscovery.net 199.59.242.168
unknown
widgets.outbrain.com 2.18.234.190
whitelisted
e10883.g.akamaiedge.net 2.18.234.190
whitelisted
tcheck.outbrainimg.com 2.18.232.28
whitelisted
e15144.d.akamaiedge.net No response unknown
log.outbrainimg.com 64.74.236.51
whitelisted
ob.cheqzone.com 89.187.169.79
unknown
chidc2.outbrain.org 64.74.236.51
suspicious
cheqzone2.b-cdn.net 89.187.169.79
unknown
obs.cheqzone.com 35.172.132.19
34.199.113.27
35.171.140.6
35.172.95.54
35.172.2.249
34.238.225.193
unknown
odb.outbrain.com 151.101.2.2
151.101.66.2
151.101.130.2
151.101.194.2
whitelisted
prod.outbrain.map.fastlylb.net 151.101.194.2
151.101.130.2
151.101.66.2
151.101.2.2
whitelisted
idsync.rlcdn.com 34.95.92.78
whitelisted
b.scorecardresearch.com 2.16.186.51
2.16.186.80
whitelisted
a1294.w20.akamai.net 2.16.186.80
2.16.186.51
whitelisted
status.thawte.com 93.184.220.29
whitelisted
pippio.com No response whitelisted
firefox.settings.services.mozilla.com 143.204.181.109
143.204.181.101
143.204.181.124
143.204.181.81
whitelisted
d2k03kvdk5cku0.cloudfront.net 143.204.181.81
143.204.181.124
143.204.181.101
143.204.181.109
whitelisted
content-signature.cdn.mozilla.net 143.204.181.73
143.204.181.106
143.204.181.89
143.204.181.82
whitelisted
d12uj65dsn9ho1.cloudfront.net 143.204.181.82
143.204.181.89
143.204.181.106
143.204.181.73
whitelisted
px.powerlinks.com 40.113.136.100
whitelisted
pl-px.trafficmanager.net 40.113.136.100
unknown
incoming.telemetry.mozilla.org 35.160.159.212
35.166.68.10
52.27.128.21
35.165.148.158
35.161.6.28
52.13.225.74
35.162.26.63
52.27.23.108
whitelisted
pipeline-edge-prod-25-561439127.us-west-2.elb.amazonaws.com 52.27.23.108
35.162.26.63
52.13.225.74
35.161.6.28
35.165.148.158
52.27.128.21
35.166.68.10
35.160.159.212
shared
push.services.mozilla.com 52.11.213.147
whitelisted
autopush.prod.mozaws.net 52.11.213.147
whitelisted
redirector.gvt1.com 216.58.205.238
whitelisted
r2---sn-aigl6nek.gvt1.com 173.194.183.103
whitelisted
r2.sn-aigl6nek.gvt1.com 173.194.183.103
whitelisted

Threats

No threats detected.

Debug output strings

No debug info.