General Info

URL

http://www.walterbistro.com/

Full analysis
https://app.any.run/tasks/5a85072d-6608-46cd-ae34-6a76e687feb4
Verdict
Malicious activity
Analysis date
12/2/2019, 17:41:43
OS:
Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Indicators:

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distored by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

Software environment set and analysis options

Launch configuration

Task duration
120 seconds
Additional time used
60 seconds
Fakenet option
off
Heavy Evaision option
off
MITM proxy
off
Route via Tor
off
Network geolocation
off
Privacy
Public submission
Autoconfirmation of UAC
on

Software preset

  • Internet Explorer 8.0.7601.17514
  • Adobe Acrobat Reader DC MUI (15.023.20070)
  • Adobe Flash Player 26 ActiveX (26.0.0.131)
  • Adobe Flash Player 26 NPAPI (26.0.0.131)
  • Adobe Flash Player 26 PPAPI (26.0.0.131)
  • Adobe Refresh Manager (1.8.0)
  • CCleaner (5.35)
  • FileZilla Client 3.36.0 (3.36.0)
  • Google Chrome (75.0.3770.100)
  • Google Update Helper (1.3.34.7)
  • Java 8 Update 92 (8.0.920.14)
  • Java Auto Updater (2.8.92.14)
  • Microsoft .NET Framework 4.7.2 (4.7.03062)
  • Microsoft Office Access MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Access MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office Access MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office Access MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office Access MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office Access MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office Access MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office Access MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office Access MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office Access MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office Access Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Excel MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Excel MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office Excel MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office Excel MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office Excel MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office Excel MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office Excel MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office Excel MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office Excel MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office Excel MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office Groove MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office Groove MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office Groove MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office Groove MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office Groove MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office Groove MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office Groove MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office Groove MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office Groove MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office IME (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office IME (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office InfoPath MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office InfoPath MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office InfoPath MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office InfoPath MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office InfoPath MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office InfoPath MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office InfoPath MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office InfoPath MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office Language Pack 2010 - French/Français (14.0.4763.1000)
  • Microsoft Office Language Pack 2010 - German/Deutsch (14.0.4763.1000)
  • Microsoft Office Language Pack 2010 - Italian/Italiano (14.0.4763.1000)
  • Microsoft Office Language Pack 2010 - Japanese/日本語 (14.0.4763.1000)
  • Microsoft Office Language Pack 2010 - Korean/한국어 (14.0.4763.1000)
  • Microsoft Office Language Pack 2010 - Portuguese/Português (Brasil) (14.0.4763.1000)
  • Microsoft Office Language Pack 2010 - Russian/русский (14.0.4763.1000)
  • Microsoft Office Language Pack 2010 - Spanish/Español (14.0.4763.1000)
  • Microsoft Office Language Pack 2010 - Turkish/Türkçe (14.0.4763.1013)
  • Microsoft Office O MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office O MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office O MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office O MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office O MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office O MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office O MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office O MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office O MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office OneNote MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office OneNote MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office OneNote MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office OneNote MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office OneNote MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office OneNote MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office OneNote MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office OneNote MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office OneNote MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office OneNote MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office Outlook MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Outlook MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office Outlook MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office Outlook MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office Outlook MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office Outlook MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office Outlook MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office Outlook MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office Outlook MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office Outlook MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office PowerPoint MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office PowerPoint MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office PowerPoint MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office PowerPoint MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office PowerPoint MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office PowerPoint MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office PowerPoint MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office PowerPoint MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office PowerPoint MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office Professional 2010 (14.0.6029.1000)
  • Microsoft Office Proof (Arabic) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (Basque) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (Catalan) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (Dutch) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (English) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (French) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (Galician) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (German) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (Spanish) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office Proof (Ukrainian) 2010 (14.0.4763.1000)
  • Microsoft Office Proofing (English) 2010 (14.0.6029.1000)
  • Microsoft Office Proofing (French) 2010 (14.0.4763.1000)
  • Microsoft Office Proofing (German) 2010 (14.0.4763.1000)
  • Microsoft Office Proofing (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office Proofing (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office Proofing (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office Proofing (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office Proofing (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office Proofing (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office Proofing (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office Publisher MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Publisher MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office Publisher MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office Publisher MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office Publisher MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office Publisher MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office Publisher MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office Publisher MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office Publisher MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office Publisher MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office SharePoint Designer MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office SharePoint Designer MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office SharePoint Designer MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office SharePoint Designer MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office SharePoint Designer MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office SharePoint Designer MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office SharePoint Designer MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office SharePoint Designer MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office SharePoint Designer MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office Shared MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office Shared MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office Shared MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office Shared MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office Shared MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office Shared MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office Shared MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office Shared MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office Shared MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office Shared Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Single Image 2010 (14.0.6029.1000)
  • Microsoft Office Word MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Word MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office Word MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office Word MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office Word MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office Word MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office Word MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office Word MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office Word MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office Word MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office X MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office X MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office X MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office X MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office X MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office X MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office X MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office X MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office X MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (9.0.30729.6161)
  • Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (10.0.40219)
  • Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (12.0.30501.0)
  • Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.21.27702 (14.21.27702.2)
  • Microsoft Visual C++ 2019 X86 Additional Runtime - 14.21.27702 (14.21.27702)
  • Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.21.27702 (14.21.27702)
  • Mozilla Firefox 68.0.1 (x86 en-US) (68.0.1)
  • Notepad++ (32-bit x86) (7.5.1)
  • Opera 12.15 (12.15.1748)
  • Skype version 8.29 (8.29)
  • Update for Microsoft .NET Framework 4.7.2 (KB4087364) (1)
  • VLC media player (2.2.6)
  • WinRAR 5.60 (32-bit) (5.60.0)

Hotfixes

  • Client LanguagePack Package
  • Client Refresh LanguagePack Package
  • CodecPack Basic Package
  • Foundation Package
  • IE Troubleshooters Package
  • InternetExplorer Optional Package
  • KB2534111
  • KB2999226
  • KB4019990
  • KB976902
  • LocalPack AU Package
  • LocalPack CA Package
  • LocalPack GB Package
  • LocalPack US Package
  • LocalPack ZA Package
  • ProfessionalEdition
  • UltimateEdition

Behavior activities

MALICIOUS SUSPICIOUS INFO

No malicious indicators.

Creates files in the program directory
  • firefox.exe (PID: 3116)
Reads CPU info
  • firefox.exe (PID: 3116)
Application launched itself
  • firefox.exe (PID: 3116)
  • firefox.exe (PID: 1940)
Creates files in the user directory
  • firefox.exe (PID: 3116)

Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report

Screenshots

Processes

Total processes
40
Monitored processes
6
Malicious processes
0
Suspicious processes
0

Behavior graph

+
start firefox.exe no specs firefox.exe firefox.exe no specs firefox.exe firefox.exe firefox.exe
Specs description
Program did not start
Integrity level elevation
Task сontains an error or was rebooted
Process has crashed
Task contains several apps running
Executable file was dropped
Debug information is available
Process was injected
Network attacks were detected
Application downloaded the executable file
Actions similar to stealing personal data
Behavior similar to exploiting the vulnerability
Inspected object has sucpicious PE structure
File is detected by antivirus software
CPU overrun
RAM overrun
Process starts the services
Process was added to the startup
Behavior similar to spam
Low-level access to the HDD
Probably Tor was used
System was rebooted
Connects to the network
Known threat

Process information

Click at the process to see the details.

PID
1940
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" "http://www.walterbistro.com/"
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
No indicators
Parent process
––
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Mozilla Corporation
Description
Firefox
Version
68.0.1
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll

PID
3116
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" http://www.walterbistro.com/
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
Parent process
firefox.exe
User
admin
Integrity Level
MEDIUM
Version:
Company
Mozilla Corporation
Description
Firefox
Version
68.0.1
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\windows\system32\shell32.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\kbdus.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\psapi.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\wbem\wbemprox.dll
c:\windows\system32\wbemcomn.dll
c:\windows\system32\wship6.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\winsta.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\wbem\wbemsvc.dll
c:\windows\system32\wbem\fastprox.dll
c:\windows\system32\ntdsapi.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\mscms.dll
c:\windows\system32\wpc.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\samcli.dll
c:\windows\system32\samlib.dll
c:\windows\system32\netutils.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\audioses.dll
c:\windows\system32\d2d1.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\wininet.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\sspicli.dll
c:\program files\mozilla firefox\softokn3.dll
c:\program files\mozilla firefox\freebl3.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\sensapi.dll
c:\progra~1\mozill~1\nssckbi.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\explorerframe.dll
c:\windows\system32\duser.dll
c:\windows\system32\dui70.dll
c:\windows\system32\actxprxy.dll
c:\program files\adobe\acrobat reader dc\reader\acrord32.exe
c:\program files\mozilla firefox\mozavutil.dll
c:\program files\mozilla firefox\mozavcodec.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\mf.dll
c:\windows\system32\atl.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\dxva2.dll
c:\windows\system32\evr.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\msmpeg2adec.dll
c:\windows\system32\slc.dll
c:\windows\system32\msmpeg2vdec.dll
c:\windows\system32\sqmapi.dll
c:\windows\system32\bcrypt.dll

PID
2432
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3116.0.1412143891\2133892851" -parentBuildID 20190717172542 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 3116 "\\.\pipe\gecko-crash-server-pipe.3116" 1128 gpu
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
No indicators
Parent process
firefox.exe
User
admin
Integrity Level
MEDIUM
Version:
Company
Mozilla Corporation
Description
Firefox
Version
68.0.1
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\mf.dll
c:\windows\system32\atl.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\dxva2.dll
c:\windows\system32\evr.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\wship6.dll
c:\windows\system32\wshqos.dll

PID
284
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3116.3.359807676\427198039" -childID 1 -isForBrowser -prefsHandle 1300 -prefMapHandle 1628 -prefsLen 1 -prefMapSize 191824 -parentBuildID 20190717172542 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 3116 "\\.\pipe\gecko-crash-server-pipe.3116" 1692 tab
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
Parent process
firefox.exe
User
admin
Integrity Level
LOW
Version:
Company
Mozilla Corporation
Description
Firefox
Version
68.0.1
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\wship6.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\mscms.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\audioses.dll
c:\windows\system32\wpc.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\samcli.dll
c:\windows\system32\samlib.dll
c:\windows\system32\netutils.dll
c:\program files\mozilla firefox\softokn3.dll
c:\program files\mozilla firefox\freebl3.dll

PID
2752
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3116.13.1885360026\2107142397" -childID 2 -isForBrowser -prefsHandle 2832 -prefMapHandle 2836 -prefsLen 5997 -prefMapSize 191824 -parentBuildID 20190717172542 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 3116 "\\.\pipe\gecko-crash-server-pipe.3116" 2840 tab
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
Parent process
firefox.exe
User
admin
Integrity Level
LOW
Version:
Company
Mozilla Corporation
Description
Firefox
Version
68.0.1
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\wship6.dll
c:\windows\system32\mscms.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\audioses.dll
c:\program files\mozilla firefox\softokn3.dll
c:\program files\mozilla firefox\freebl3.dll

PID
2148
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3116.20.528962691\2097408404" -childID 3 -isForBrowser -prefsHandle 3672 -prefMapHandle 3684 -prefsLen 7298 -prefMapSize 191824 -parentBuildID 20190717172542 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 3116 "\\.\pipe\gecko-crash-server-pipe.3116" 3708 tab
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
Parent process
firefox.exe
User
admin
Integrity Level
LOW
Version:
Company
Mozilla Corporation
Description
Firefox
Version
68.0.1
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\shell32.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\wship6.dll
c:\windows\system32\mscms.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\audioses.dll

Registry activity

Total events
119
Read events
114
Write events
5
Delete events
0

Modification events

PID
Process
Operation
Key
Name
Value
1940
firefox.exe
write
HKEY_CURRENT_USER\Software\Mozilla\Firefox\Launcher
C:\Program Files\Mozilla Firefox\firefox.exe|Launcher
064EEB1803000000
3116
firefox.exe
write
HKEY_CURRENT_USER\Software\Mozilla\Firefox\Launcher
C:\Program Files\Mozilla Firefox\firefox.exe|Browser
9732FE1803000000
3116
firefox.exe
write
HKEY_CURRENT_USER\Software\Mozilla\Firefox\Launcher
C:\Program Files\Mozilla Firefox\firefox.exe|Telemetry
1
3116
firefox.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings
ProxyEnable
0
3116
firefox.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
SavedLegacySettings
4600000092000000010000000000000000000000000000000000000000000000C0E333BBEAB1D301000000000000000000000000020000001700000000000000FE800000000000007D6CB050D9C573F70B000000000000006D00330032005C004D00530049004D004700330032002E0064006C000100000004AA400014AA4000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000C0A8016400000000000000000000000000000000000000000800000000000000805D3F00983740000008000002000000000000600000002060040000B8A94000020000008802000060040000B8A9400004000000F8010000B284000088B64000B84B400043003A000000000000000000000000000000000000000000

Files activity

Executable files
0
Suspicious files
121
Text files
41
Unknown types
75

Dropped files

PID
Process
Filename
Type
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite-shm
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\8615E610BE4AA823B944D6B284EC65917644EE8C
binary
MD5: bcf3cfa694906e5c0efeb075a825ccd6
SHA256: d121e7c7a3be6ab1107300840ade83531e759d2d6a56c780cc28ba56e17f8fcf
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite-wal
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Local\Temp\mz_etilqs_aYoRwo0u0OcJe7a
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: fda7dfeb706d97b9077ae6816d501bcb
SHA256: 4dbaed5e9f5384952106bd26a57c0065ea78ce6deba2d2ec8e69c563f93da486
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs-1.js
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3345959086bslnoocdkdlaiFs2t%s.sqlite
sqlite
MD5: 4756c3b6fe6123e311bf155129ecb4bc
SHA256: ab4ab624cc95b7854c75343d6228dec55d90ce91932725f65bdf5ff2984bdd09
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3345959086bslnoocdkdlaiFs2t%s.sqlite-wal
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3345959086bslnoocdkdlaiFs2t%s.sqlite-shm
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\727688008bsleotcakcliifsittsr%.sqlite
sqlite
MD5: bce1f38cd45cff0554f8b54905700b78
SHA256: 480dbf89ed654306a96137faffaa040af4976cfa1f6a0c6d5a4c187d24353f42
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\727688008bsleotcakcliifsittsr%.sqlite-wal
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\727688008bsleotcakcliifsittsr%.sqlite-shm
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1059394878bslnoicgkullipsFt2s%.sqlite-shm
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\default\moz-extension+++a35bff6e-5489-4e10-95ce-0340b402ad38^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite-shm
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1725441852bxlfogcFk2l%isst.sqlite
sqlite
MD5: 9dbd6330f6b5d4aa1e955d890bdd8098
SHA256: c690ab34e7f302e67b76293d2a759d75204f61ea8292965c9e72d7f262cbc0d1
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\default\about+newtab\idb\3312185054sbndi_pspte.sqlite-shm
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1725441852bxlfogcFk2l%isst.sqlite-wal
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1725441852bxlfogcFk2l%isst.sqlite-shm
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\default\about+home\idb\3312185054sbndi_pspte.sqlite-shm
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3899588440psinninpiFn2g%.sqlite-shm
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 70c245f8d4e547450ac26bce0dd8f4df
SHA256: dba08f82637e711232f812708173dacfa88ddc852788d757a8d9af96fbe4adda
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\startupCache.4.little
compressed
MD5: d3377947d6acf5f9dab03f9ca7339544
SHA256: 006d6143c74efc81be53095d6add0416380b2ad13d243ebead70bf840bbc836b
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\cert9.db
sqlite
MD5: e26f973c0931b02c3f90905b0bfc81c2
SHA256: a847d75ca3c8f34ae57b64f9215841b14f254e071c871507d6f2d75a5d3e7d70
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\cert9.db-journal
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\cert9.db
sqlite
MD5: 440415c3947610629a95506c2dc8b0e6
SHA256: 3477e6f9b2d741010823e26060733c47cbc56d8a2a4f840e8763c25e6a5b7f59
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\cert9.db
sqlite
MD5: bfa1d819caf7a580ec7b7051b1f3c54f
SHA256: 4635ec76d8c9c0ae41300583437ac3d0b1b29186241e2e710c9c9b1f12b913fc
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\cert9.db
sqlite
MD5: 8fbc94777dfeadd396ea8d8869d5bd87
SHA256: eca9f1e1278d8c9538d124bef162d1750a3a25cd32c60679e235260dfcb945bf
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\cert9.db-journal
binary
MD5: 77d75a544594d3dc491141aebe803d5d
SHA256: 9c8f9e48c07e56956e7973684bb0151d2acdb8b9778c15e1636883bdce5da871
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\cert9.db
sqlite
MD5: f53c91d9af746b582bdd22361f2be5ea
SHA256: c348ab80fbf4e2b5cc8fd18d8209b33ffe4b08666d7d13ac3c8ec42a9b084d13
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\datareporting\aborted-session-ping.tmp
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\datareporting\aborted-session-ping
text
MD5: 21c0755e7e0da6275fb5069fa809c148
SHA256: b858b1954d99556c8e08ea0b9f30e7f9250b187bb77dca33ec0843ecd3d59999
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\datareporting\session-state.json
text
MD5: 11dd04e93224970ddd2a2c240f2cf773
SHA256: 03e76298a5647b87aacd4c18947b6c08448a24db9f9d17d4d8225daae32b1199
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\datareporting\session-state.json.tmp
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\crashes\store.json.mozlz4
jsonlz4
MD5: a6338865eb252d0ef8fcf11fa9af3f0d
SHA256: 078648c042b9b08483ce246b7f01371072541a2e90d1beb0c8009a6118cbd965
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\crashes\store.json.mozlz4.tmp
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 5e99f269357eb4ebac4b13878b03a259
SHA256: 4ed8e8c7357f1b31858d622f3be4e481403a440819aefae2cbabbe8a07b1ef03
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-backup
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto.metadata
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto.vlpset
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto-1.vlpset
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto-1.vlpset
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto-1.vlpset
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-phish-proto.vlpset
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-phish-proto-1.vlpset
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.vlpset
binary
MD5: d4600e300083a4d689286083d4a65b31
SHA256: 98c776844993007564319fdaa95df5d71c5c48cb1af09f25652c2236ca9a7056
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.metadata
binary
MD5: 50e8cbcc022953ffc8f1323c74a2fbd6
SHA256: af705dbf41df46605d255a58f6092fa624a6fda6ed9e49caeb09e163879b6833
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto.vlpset
binary
MD5: 34410abb95f9e0457dda12fe2ebe5b4e
SHA256: 737406ad85b643a5f051c8d8e272dd785e68b13d27b1d40158b995ce1110e556
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto.metadata
binary
MD5: ce44f7adb62022db3f257019606e54de
SHA256: 0478a48c08de262942caa05912a076aae36acd9aaea713e25650aaa6b214cebc
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: b04d74a68b13ce8e7b47e159ab3267ae
SHA256: f91902eb73524a779b58f4ae1777fd15e3a35feec4d595571a8aab703b3e0493
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\broadcast-listeners.json.tmp
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\broadcast-listeners.json
text
MD5: 9c88fdd8a268783c3ac6111e094d2abb
SHA256: 7c8f77345d26c73a90ef9366f5551a5b36ee73907e62bbd69dca236cfa9098d7
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.metadata
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.vlpset
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto.vlpset
binary
MD5: ac7d8a27405168c33ebed20eb4f5607e
SHA256: 68c83397afbebac6c6c800f3ad68c75d3279df05398e172a7e545757425b9b3d
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto.metadata
binary
MD5: 23720ead036b055d83513032f8ba18dd
SHA256: 2cf0639cd08808a5c891ead1bde675d44712eb6b9c3a42a3fc512b34ae7d7fcc
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-phish-proto.metadata
binary
MD5: a6ba36176a663b06cde6b9adc047b483
SHA256: 11f2baadd533c7cf770bcbe78df82583c88a3f65b36c30b16bf25d8d32f31e1a
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: feb9edf8462c4fe6a25ac7f6a949a85e
SHA256: 1db28a4308e610d4f525b63fd0441d67c3b3de0a73626d56a75c0ebce92d1a42
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\9177A730A75A3AED965C9E07E7094239DD45F8CA
cer
MD5: 057aff25e11610184ae5f0a63851c9ba
SHA256: dc5a590f370d133ef6f7129f1896fcd001bf6c5e5cd2a48e155eb57911f1fddd
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\ABEAA48B501FBD6A530EC9F222A741DA79987BC8
binary
MD5: d8477e2403771e1edb7d6937a38953ef
SHA256: dae34683f1d5f3a6aafea3ed036e680e8ac5f23f7de54c0b43cb970effdf4839
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 869be106ee4efeb13d32d3cb817c35ee
SHA256: 73f70e0d2d410d81c3108f689e6d3661edd52dd97cf40c787b657884182416f3
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\social-track-digest256.sbstore
binary
MD5: 473a35c3e90fb22fbdf7d61bf22c5452
SHA256: 071da003327b241e6049ae7ed68d9b8bf19af959c6c05fd57244200e7e5d31fa
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\social-track-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 8f241cf0d5cc239677ed869820a4a641
SHA256: c4dbbc739b23990ba86f8e830cd8f8101f1a8b15bba1ae60fdb2ea840552817b
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\9177A730A75A3AED965C9E07E7094239DD45F8CA
cer
MD5: f27dc69f71c7122fdc8a7c2452e80e9d
SHA256: 48d48fafff6883b46dd80782fde431df5263b68fa031953672ffca369dbaddf8
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\F36BA6E65505B424864C5907B9DCD4FA685F2145
binary
MD5: 26c78b40e934540fd5a06641d46295e8
SHA256: 55c30e5801a79a02ce349d0981e4904a164da69d7179fbed1b19c5d3a5e1b0fb
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\content-track-digest256.sbstore
binary
MD5: ef4d72277f21c3a42a11194258a6cf7c
SHA256: 264cc8402979ae471fa552ac03dc8d1b2c5e5254230d255a6090b9b7be4b3b18
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\content-track-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\ED4CE6DCD5C1EA4EBEB3F5CE4968C13FBFBA7575
binary
MD5: 4cb221f5f2b06ebae34a8c1c0f905e90
SHA256: c15d6ebbb39b220d0a835c61dc095ffa8309d0f75879ee540cb0f0e3735bd5e9
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\9177A730A75A3AED965C9E07E7094239DD45F8CA
cer
MD5: 63cce4906cfe06b838e8cfad5ceffe9f
SHA256: ec55273c0bc51ceffef59aad1790c6734e9460eb0cefb27912979dd5244e4a98
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: d4a2c6d2cb8bf43e5436ea586a211326
SHA256: 4b58239247f84224e980de5f94c3a9f7aa43e5cceba289b7bba0eac9aae0c2cc
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\analytics-track-digest256.sbstore
binary
MD5: 463ca0d823c5609f9ed1c8caae5db19b
SHA256: b567828310817a3225b8a26bea97ddc0f4ecc85088a8866a5f19cd2fef57054d
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\analytics-track-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\ads-track-digest256.sbstore
binary
MD5: 19fae276b1e794a9d32f8058de9b5d3a
SHA256: 817783dca327796b9a338f26de2b3d2356c81c5f2b35a331a8aaa31a91a13eec
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\ads-track-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\D909659D096B618920A8139341F2931C1EC2004C
compressed
MD5: ddb4528a5730b6a02a48335a97358a4f
SHA256: 567419ff38587916df04d9935a6609942a19cf273d9a4f1a407111eb1932a817
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\C599D314AD3213DC3EBA1CA16B4DC973AD7F56C2
binary
MD5: 4fc850164115f2310aecb52347b05390
SHA256: 5677c37ed0ea1173e5f85a1de6355f6f003912ba06b5bc263b9a44557665c498
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\49CD79EBC32ADAED73FAFDD4B81FFACCDA8DD5A5
binary
MD5: 90d78d24c1c57e10cf4e3426e75b91ec
SHA256: e61932af421f0477e3a9ab461ec91a79549882a3dfadeaf027936828be1cac02
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\9177A730A75A3AED965C9E07E7094239DD45F8CA
cer
MD5: ee8201cce9513165bf0e3cd7bc4891bc
SHA256: fc53442d037544e61e259811ccf87b9211176982a76e9829e68523251ddaebee
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\AB423DCD1B1F2AC64DFC45A9DF00554A51D532F5
binary
MD5: 903b101905c7ca7a1af67609dec594aa
SHA256: 10460ae6651491c7d648ee3de11e8e6e488d342bbc943e0656ec41d5eb4cde6d
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.baklz4
jsonlz4
MD5: b702b9c07b9c85dca4179e1c326c075d
SHA256: d30ae22aa5eef2d6c17ea809ad7b4eeb27a1b5a3c371644844378a1a16962a2e
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.jsonlz4
jsonlz4
MD5: edd148d2da1cbcba39d171feef022b75
SHA256: b81b6650c198b76e1be206cc61a6cf81a69fc4489d9d2633aca0eeed6a876bfc
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.jsonlz4.tmp
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\revocations.txt
text
MD5: b37801656a16f18b1c067fb7826b2737
SHA256: dd9ea1387fced5a4c5c833a5880e76f21dbacded51b84646e06cec778894532f
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\revocations-1.txt
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Local\Temp\mz_etilqs_QyR8ct7xKGKXcw3
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Local\Temp\mz_etilqs_ymPddcpFDYEO1Yy
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\doomed\17586
html
MD5: ffec4da23a5c720a98064aae3f5eb6a6
SHA256: 85c9ce92a6141920637147cc4370c32905335f9f98c72a2abdccde02c8571225
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\6A15D9EE0AAB3AD096D2E39460B8BC15DBE4CA15
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\008F0AB2E5A0009A35DD4B461744D8547D6269E1
image
MD5: 9048634fa6db67d1681fa2c3e16ff282
SHA256: ecd9f23b5601ac51504d7e51d676d32c2b5edfd6f4b73aabde948bf609882247
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\D909659D096B618920A8139341F2931C1EC2004C
compressed
MD5: 2d06df76ae71f56ce86e6f8b51d717d1
SHA256: 7a01aa7286a6f542c9f1ce48a555a1ff7a468fd98bf6751d220533741c0e690b
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\DBAADDBE936AB2F853A9CA618FF84448E7790B44
cer
MD5: 6a45b3d8877a5d3caf4347ad1938ac49
SHA256: d32f5b5d95fe747a4f62a76ec684df17d4854a1acade0455d5797b497f140860
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\1CE6805C4A837835BF7948B64882C749FC73520C
binary
MD5: dc727a3a5115df87b7c4d189a780bce6
SHA256: 12dbf04076e09d06857070c8110218fa2073ba792330ffa150740f7ad4fd5f75
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\extensions.json
text
MD5: 9cf5e9e40b5f764838f42c8f2721957f
SHA256: ad9889206f043a9d31af59d6db2a74d9680930c009a560e8cd158bafa271af8f
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\extensions.json.tmp
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\A3CFF2D37EB928F0E43B1AFF37605485FCF67CD2
der
MD5: 73b8a320f463177eb858ec4bef105b19
SHA256: 7b7bf1552e004229a6a9dee4422bf21c5514c79691be14c2d0cbad865331deea
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\7002278E8951A5B7FC1DBF7327B1F5BA6BC61985
der
MD5: e27e9b8793f65c97f645a1b8e45b99f5
SHA256: f9983bcc4c7763479523fa8ef4d357fd0ad4842ff1ad941c0e5497fcf3fc6c38
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\AC8F071F56237863E7EA706BE6252ADD439DF110
binary
MD5: 7d39de726092d12144ee60d5cf3de87b
SHA256: e296091be93d3cff12778d92b78901ffaee6cd19d2ae44d9e140d2637c96d125
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\1B5330E5AF6E14E8A700A6323F297D8BDAB33B01
compressed
MD5: ef9c15341f14424a417749be2ab47746
SHA256: a1bb540d8489f4adaef532652d10a4a7f8c52c7f6ba7bdf66747d80450ea86a9
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\49CD79EBC32ADAED73FAFDD4B81FFACCDA8DD5A5
binary
MD5: 807f3a765058d5f679cf440a28b5f3fa
SHA256: b08762ef57219fda339152e8bd6590ab0930c7bc72ab88dae4383dc91402ecad
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 0b30d6d1fdc10d6c8647dbbd1ed4f674
SHA256: 9595a319ea5380969d671776ded89ea2d89814298144d8c7dfce36b0ecd7bb45
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\doomed\8157
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\D94ACBE93498C48CBC6A8AE10A969690382C6A49
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\5F6CE6FC055004C1BC6A470C959348BC89D9D569
image
MD5: b03e9af83feed9a505ad136040f09019
SHA256: 996145486b5119e169d1739e874f04dfe1f18d042a4e5623588fdce04b82465e
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\DBAADDBE936AB2F853A9CA618FF84448E7790B44
cer
MD5: a5120fba95bea48170246e1658602e1c
SHA256: 15b075e6074878dee5d23c41a27d9cadbd99bb396629a6d414c0809493121b9b
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\DC062C35A069AEB9668B23460B4EBB5C2DF8490F
der
MD5: 1448d3102c4ed5b1acc3ba19d412ddf7
SHA256: 337fa80e9ed0b1b21c2b80ee3da49ccbd6c5287caef29ab83e372a454cb1d632
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\DC1BED99931D95F1B579835FC9F56E6BE518772E
binary
MD5: 9a00db1d04ddac2b00ed8481d1629227
SHA256: 5d283ceab305645fe0af5d763885d840eb2f0a8aa8fbaccfd922bce953393421
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\FE55CAC860F5EF321AA17168605F3E2025988647
der
MD5: 662ef05bd2be1a59d696458f7303c937
SHA256: 160bc70d377960695321eb79fdee55db3f86d22e3f002d1365998cef3b8fd85a
3116
firefox.exe
C:\Users\admin\AppData\Local\Temp\mz_etilqs_K0nDkLzGmflUfC5
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\5E3F13E9E8786CB49D9E81684BA887F88A5FFEF0
compressed
MD5: 0f7b50ef0a11f73ceacacbacae8f0421
SHA256: 8a3aeac6b310f6babdc498bfeb8d1d851064f5974f39346a26f7c68412aae81a
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\DC8B3844409A88E73944C397CA3AF6E4CFF2BDE6
image
MD5: 55405d4398c0dd0b20f9a0919ab29ca4
SHA256: eaa5e14bd85c43e40f1709cba0bb7786a874e3c25cff8605d87c67eb6c9c2c11
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\0C0809093F3DD2E4B6228AED44D5368B7A652664
image
MD5: 4d8049dc2c2780f0c251686e5787e844
SHA256: 6f62adf294c66ea2539323bbe17b36e8ebc178affa7749e4eebf5f3443284d70
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\ads-track-digest256.sbstore
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\ads-track-digest256.pset
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\content-track-digest256.pset
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\content-track-digest256.sbstore
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\base-track-digest256-1.sbstore
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\social-track-digest256.pset
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\social-track-digest256.sbstore
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\B1648166469AFF3BE07DE01E07F31C5D45B570D2
woff
MD5: 14b1cdd5c8db759c27ec3da67703f948
SHA256: 2922f6dc51ec605c1dde5acea8e6010801ff80f8d8c83b0786c014effbccfc9f
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozstd-trackwhite-digest256-1.sbstore
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\C07F46B9A84245F590C0AC8F5EF5235419586D09
compressed
MD5: ee978eb7097a703e3b26ec435f1f8afe
SHA256: eac643217af565d2fe8ce02a7b898d0d75db357e9b6aca572e3a46ebcef046aa
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\analytics-track-digest256.pset
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\analytics-track-digest256.sbstore
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozstd-trackwhite-digest256.sbstore
binary
MD5: 9582c7d247c75c190135b8f9770b90bd
SHA256: 9936c7df1950b74f63bb7da12e40d95b20e0b8f867737442ee508945aa741ebd
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\FAA93955DAF9FD1143180A2A8351F9CC5D650934
compressed
MD5: a7385bf2d2ccff7fba21ef781cddd208
SHA256: 64271c3a04a96c21f447c36d314734aece15d474b8f573d589a66a952b50e18f
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\5E4954707B44E5A4B4ACF5F22B52219A1DCA477F
compressed
MD5: d48ceb0710f5c68942391f4268f1c0a5
SHA256: 7d01f45728fde7b9ca9418526e842cce3734c2a06019a9f657cf0ed86010c383
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\D95FECBDB6431F888A4BB0E2A88A1FF2EA14630A
compressed
MD5: b5d95813be1da39f4558ef7bf6f612cd
SHA256: 1a6de61fe0027924cdd7a8b16f9c615f7c47f8d81ff2c9ab7091ba740775a856
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\91B05E1BAAE14DA9B28BF9ADECE92AFFD35553C8
der
MD5: 17e755ff4e07aa1cc02c120e8c1b40b7
SHA256: 02f7ebfba5bb154347ae38e9280f8aed978df1cafdfa196ca3d351d26eae15fd
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\C0C12CAD6615F727002B10B3325031F85D7483B2
compressed
MD5: 07223a50bc5205eaf1a3b38318e1e7d1
SHA256: 57771811e433ab6a6039c1da024a9f6dc7cd3296be5dfe30fc95e10ed6907d3d
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\doomed\17142
compressed
MD5: edbc955db241e686927f59eefe933e91
SHA256: 2b6696a84440061a87452302a2c9d335358bf498b5469ebf6b17e078c8999d6b
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite
sqlite
MD5: de4a7890171da0f0a9f804a9f3192326
SHA256: ce6c81c1a1ac219ee89376c56d77e214ef579ef4719d3476aa9fdab5452e934a
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite-wal
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite-shm
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\931D2891B7A27726DA23C8618DEB47885B7A0D98
compressed
MD5: f95cae33c63556dd5718586718d15cbe
SHA256: 4d831414b8c8bed7a695a7559547ac2d2f3e8a0717b8de9bbea72df1803772ad
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\CD2ABD2CF991C38259A50AFB5509AE583435156A
compressed
MD5: 81d3418b2b7be8025975461bdc1ebf40
SHA256: 66b51387a49c0be8fc0f86208367a76a4286cac1221b869a71b2b648048f878a
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: c6eb8322b2022e0dbb9f02cf900b9026
SHA256: 394d1e7af7fbe3df19903236d9051a57d01ae462f42b49637fcc44e8c0166127
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\32FD3D5878A52DE93A1B5662D261895085F14811
compressed
MD5: d01d915ac7f8d952c8a14c33c2bb0e16
SHA256: 16bd614b2ecceb95624591ff184b872b300c42899c7ba3fa40b62f97a3f95903
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\D407C6B4AF5ADE3C9479B78621F6467CBE0BB577
woff
MD5: 6bab5319caa049862e434d52aac1e7f3
SHA256: f55b6ccb79bc3087f632ba6a25e03192afdf8f8444ff97600929a10090d10d15
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\BCCA7C12DB6AD7721895C44AA9C5374274E930C5
woff
MD5: de482f1656bae54e428756db9bbe45d7
SHA256: a0045c459af608c6021066e4130f5715ef7c07f6b242e87dd4db187cc73d7b3b
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\8395782D8F90343EFA3181AECD7A9995882CC5B7
compressed
MD5: ada1a1ead423d9190b9724fa4a566aed
SHA256: 0d76d2e9367fa67829c9ec29ea1edbff5898dcc034c4a22991667db044b04339
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\E8F9400FD28BF06E72E0D43481547BF8E5E1D34D
compressed
MD5: 9758b951c20d65f6568d05b50eb2f5b5
SHA256: 9095401db8d9840504b180b6379924c8f419f8fe241169491885bab8dd72b345
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\E26C595991B46657FC6EDEFEE0601846D426621C
der
MD5: 53bdb68d5cbc6089e4ee5af62b5a485c
SHA256: 68097c7191e36b28f9677e01b5bcabe0293104851bd9c423e33d1c4b2731f634
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\1547B3B452CA1AFC434910A4DC12107588EF251D
compressed
MD5: eb3cbc8ac6c8311f6d3467a0cbb344b1
SHA256: 31baf1fab117146d189d6f34cc644879aa95e577fa9c4f44af819ee136cd8d89
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\1B5330E5AF6E14E8A700A6323F297D8BDAB33B01
compressed
MD5: f5953a00b5e3ab92ec2e072d60cc6a44
SHA256: d964baca3fb211ee5e8db402efb5609ffcd57ad6f23ce6dd3a8d652b1a209264
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\C599D314AD3213DC3EBA1CA16B4DC973AD7F56C2
binary
MD5: 6d4caa4567f1a7bf9ca75a8a6fef199a
SHA256: ce55d2971bc585902bab49399574a444ef4d2dfbcfb1f2ad8e5dd7be758c6eab
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\49CD79EBC32ADAED73FAFDD4B81FFACCDA8DD5A5
binary
MD5: 24fb903d030e61503945218a747c0a09
SHA256: d38418fc212148c42afbbe92f059130f75211cdaefde2d849b35ff2af97819d4
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\6A15D9EE0AAB3AD096D2E39460B8BC15DBE4CA15
binary
MD5: 52031d4d636664d3ea2db64c4f005ae5
SHA256: 30eaebe95c7c0859717cb483c2f70756db3d8b596d787a4702409da91f1d66c3
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\D909659D096B618920A8139341F2931C1EC2004C
compressed
MD5: f764f61ad43d40831980ef42532e3031
SHA256: fb6f733f8e56113d23da36ad95eee0a6e7959612770896091869fbcad0c816d8
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\base-track-digest256.sbstore
binary
MD5: f66b2e01d01ebc85c17331956d62088f
SHA256: 1ce0688aaf3c606633d24cf777edc89dcc35f7c8720fae87ffb5453693ab0d88
3116
firefox.exe
C:\Users\admin\AppData\Local\Temp\mz_etilqs_MD8HD7UVJ04C4jn
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: b568c465c2397f26ddde18d232f2b2be
SHA256: b356ca1a2fc85b39134905c091de4c312c35653f69f11636cf5610a4289bab16
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\AFC7829F45F7951C128E7C4430FBDCA05423B369
compressed
MD5: cb4de30660f446f3f8295b1cadd5aa23
SHA256: a91409f64c38188e35e954043ceed60afd0c5ebad69611490e8be9282be65bd6
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\2C8EE447CA7281EB316F4CBDD9F77B185F51E6D7
woff
MD5: 619ddbf8072e247183ea8356dd84daa5
SHA256: 8dc1ef9650c853a06f75a0c6b46c13ac5be73449c0c65bf14f26a7cbe6ffe0ae
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\broadcast-listeners.json
text
MD5: 0d6ef5bcc56779514e58ba5d0eb54976
SHA256: a5380befbc2476960b5d90b2483856996877a2e4e1661389854315139af0df27
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\553A45E3DD17D4CB813B02CF36FF9FBA93C38001
compressed
MD5: 0ec4e400d20e909e25ef436e99c3090e
SHA256: 14dc206ea6059cab1e1fb837519e1305b919657166c0356611505cc25a5c711b
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\6302218DF65FDEF3D20053B89497826D61C87CAF
binary
MD5: 45324a971139d4e321e8ff30ed262794
SHA256: 7326da72a319bbb2a2cf9dc7dea91ee9bd59e8530aadfaaddb3ef5f4c96caaca
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\F4F8A37AC8244FDF7649EE898C5974D4FE1C5867
der
MD5: 740d9c629601c86fc39911cb62192578
SHA256: 65096584b0a3c058f1ccc34b6af71f5590a545072bcd3e2f3ce4bce170cbd0d0
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\8FE2E2C6AD22641AC5D170293E50F27F4910A9DD
compressed
MD5: 529d5e44c634ef972791523b879ac783
SHA256: ab4ab4e0a9e005fa57524dfa87284c2bd6d840a29b86bd476f0e3ec516a105a6
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\C07F46B9A84245F590C0AC8F5EF5235419586D09
compressed
MD5: 4b206e3ab59c649628e66803cb133d68
SHA256: 232b34c9b5acd6a652bfd0c314572a84759930f6a303397c81f36711cdc7cb38
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\EA4EC8BB34435252D68CCBF0B6D319E650771642
compressed
MD5: e66331f56d06f2f73c877c5a992ecf9b
SHA256: dd47929574599dd2b6e890429ccb8cd8fe18ff37af92db228f25c30788983895
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\CB6E0620CE976CC9B09D11276B3171DA8B2A6996
image
MD5: 5f71cfa5c09a3a21f35361008dd8ef62
SHA256: 578e0a643476e6c0da946912ba077430966bcb258a467c386cf487906217d7ea
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\2918063365piupsah.sqlite-wal
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\2918063365piupsah.sqlite-shm
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\8055E21BFC693CA185E0D70D59B320CE0E7A897B
image
MD5: 6ca8bd8f59aa51c08a73a7c0c2288451
SHA256: 0dc23cff0665d3a73cc24e7c7567c7a0960244f83874a09c91347db561083cf7
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\A5DDEB0919F0D63568AC8DF569764F447F50E388
image
MD5: aaca999c27a74eb4c17bdb989cc61c12
SHA256: 7c45052b31faef2dd896e544b9cb270c318750ce9f613359d48b90baa661375d
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\1B5330E5AF6E14E8A700A6323F297D8BDAB33B01
compressed
MD5: 6aa88823a200fe9a35b8b11fc43ff8bd
SHA256: c269ac58b30486a1a4e6ed6eb1f364e9cd6c15179b01cbf59a0e04af25b6ab00
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\DD2B469395F15FD9B688D729C7C2FF39A20FBBDD
woff
MD5: 78bcae3ac404cfa372f86098e12301bf
SHA256: eb823a35880826b4f502a24361edc54de63315a4831d07af54ab46e37d18634b
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\E60F8F7236840B23A653A7CE5C03D0ED7A04A7C6
image
MD5: 1f985f8a837e53944ce1eb755140f37d
SHA256: 075c22d5bc1b9e80d5380aa68986cf6b59d12e606f7cf97a49455b6c6ed79192
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3561288849sdhlie.sqlite-shm
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1451318868ntouromlalnodry--epcr.sqlite-shm
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\5EB5B700E7E3FC6D39BB9B364E0CCBD897F6A1C1
image
MD5: e83d6f958e90f680b9b1f40795e645a5
SHA256: 6a912543f0cc92b2b318fdef37f5f080382062d761d7718129d06dc54a225099
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\247BA54D0D32DCF1A6423472827922389CBA00BB
compressed
MD5: d3e491bbc7c30cfa02bc8e01bc90828c
SHA256: 9c9fc40898305a712f3f73dd09fe1e201eff22a6f60ac9db218ac0b237085d4a
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\9EEBC11B10138E0192BC4F53582E03F48F405829
woff2
MD5: de05d9ac838dcbdfc8ca8b500a9aba56
SHA256: b3b4e6f79b214371502adc2441c20072b0f46879120b7c06bae209b05d209cba
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\A2448B3F3A3E9A7159CB7D2ED8DD3A0ADAF6B4E7
compressed
MD5: 08c8f88b09787c2bca184abc9b075506
SHA256: 30b6fcf0abc0af25d48402819903e8a8739f004261f5c023416d57af80d76bd6
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\6002203AF43BC8183B9BCA5DBCFAF6EA4B584BD6
compressed
MD5: 8e43ac4174425be06b1258c12f8d5f7d
SHA256: 7bced9cdbc2d8211bc5cd336f6e8098949cb10a27088129bc1070dafc5515130
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\291F3F762237FCF5B551A3FA22BF092D5B9F3244
compressed
MD5: 3cc7c36182ab279bc2d55f70a6e68369
SHA256: 09955be51e906327a96a1f5a7ce3291a2873260a198c907e434970af7fc837b2
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\14D781A1C12CFCB99CBFEE6E01E5DD44AF15C318
der
MD5: 19e1a05e0c4ce9fd8780085817bc4107
SHA256: adc2d0604e1310c8750cfcc45140aa2fbdd2363f542db0c8a46f330d7cd94fd6
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache-child.bin
binary
MD5: 66e4f53cc3b19de6c2a806bff6a80bc1
SHA256: 9f669b5c165e912775e087b69aab26aa69d96b423164c9c36995f2eec88bca08
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\043C2EE923055A353015D86F0D6839B25CC80315
woff2
MD5: 21f1d0ded6d00fec8b7393707511648c
SHA256: f0ec91c96f902443b4f81ea397929000b9f645cb822e818b2425ef913694351a
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\04004FD2D1FD2793FA25ADB8BA65C674E1B3284C
binary
MD5: 18190bfbb57b7bcb4fb70a7928df00f5
SHA256: d9f3103edeedc66cc029f427c48c61b9d27e385e7b148027bfcd36cdf3bf5988
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache-child-new.bin
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache.bin
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache-new.bin
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\C599D314AD3213DC3EBA1CA16B4DC973AD7F56C2
binary
MD5: 6141c132edb822064cfb75df7918f199
SHA256: 76109b51a026840b30a1c568380a4bd41f3bf725793be3af161d3d6d82b3b83a
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.jsonlz4
jsonlz4
MD5: b702b9c07b9c85dca4179e1c326c075d
SHA256: d30ae22aa5eef2d6c17ea809ad7b4eeb27a1b5a3c371644844378a1a16962a2e
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\9A3EF8133F0FA6C3DE8D839A13E7E624CC01FBCC
binary
MD5: 49636e40a004bdda81b1fd1f2f5597a8
SHA256: 4b080920db3d7707b21b960052088263b8f9c247c84939dde528f2082a2d523a
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\urlCache.bin
binary
MD5: 5738655a7738d770a2fee683b1a918c8
SHA256: dff6950ba1c12e960713e63200f58f58295003eaea4cec6790b9048eda3aa79d
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\previous.jsonlz4
jsonlz4
MD5: da5a84a2615e68822fa04e81e66ea403
SHA256: 1c43e3fbd8cf850c863bba57a263da38355b9021b4a9bcc9f1d59ecaf9841ce9
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\8615E610BE4AA823B944D6B284EC65917644EE8C
binary
MD5: bcf0dfc24c232107b764369d486aa771
SHA256: 6074b659a723aa9bfc771ba77d86460883eb9a4fbf27410f28b09240954f78b6
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\urlCache-new.bin
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\D909659D096B618920A8139341F2931C1EC2004C
compressed
MD5: 9829b2f84339a7a84b7fbe617d60b9f5
SHA256: 25565d308cfbb4ea1412b94842fe961111b5c302e0ed221c50594639c0a78d2b
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\C672D240CEA1E29AC647EF9A93E1A5E387820866
compressed
MD5: acd25500e5aeff0792815f6212a49c29
SHA256: 2ab9bf6a385d741c87af92faf0bcf6601e1e405c827ad317807ec9bb0f942937
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\E78938EE215FE5AFA0F1E7FF4455BF91705B4442
woff2
MD5: a7a99eb498a28dff29711496fad058c8
SHA256: 6b4c4b396dfaa9882015aff34cb99d6c24329ff4453c3ac3a5b8cb7524bf3511
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\1248A5141862A412840B87B3F26478B251778384
image
MD5: 828aa693f46a2dee958082f2cbce53f3
SHA256: 38e7996ed7bcf000d2175d69d9632fdcaf3ac692896cfaafee29346058753268
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\97A1F68523BAF5631D7CD6B16C4F77573AE1F626
image
MD5: 97e432f9792398489ad0438c2498aef5
SHA256: c3dd1f6d69f2adad48fd24ff83314f47e6dd2af6a27b66ebfe9e77da54071a2f
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\9177A730A75A3AED965C9E07E7094239DD45F8CA
cer
MD5: 2d7760a331e21e9dc5df53a9c21f6b75
SHA256: 8787bc84fe8a1c7d5f8799df9d281c7a5ca4aa3efe35fe414498f6e829675806
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\A99C6773D5A42D3F0A3DB1ADDADF7213599E2167
compressed
MD5: 8018c53f0e98978584d91143d68a993b
SHA256: 0671871e4b9c3fccdec286163b94dfe482d45b63838531b1372d2161695b88f4
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\1E6A0CC38788426F4682C2E4FB17C1C46DB75B57
compressed
MD5: 17d9dfba20bee1ddb26ae278bd47ecee
SHA256: 8de7e2abf9db0b56690bdf9bf2d79f768fe4cc61213189b2b4aa3483f68fbe93
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\857FEB31083ED80EA2043A4C3B262E25AD4ED40F
der
MD5: 9d517b87844b8aa3272bd8e4ca24db44
SHA256: 0b0636fac63fb96e2f1cd0b1f468687e1e4a8db38fc5f6f9f482dd31fb4aed83
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\AC30F8475DC59E5FA34E816A79BF3670D5E429AA
binary
MD5: dc089f2d1059f2cfdd25740dab9d5ca1
SHA256: 4c07aea88c0ff1678c4c20a60f37bfd67564ebcba569edc6df83ab2398fb83e1
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\BFEE239B0794E182B156786EF6AF0FF0298E3792
compressed
MD5: d12059d21f0c64f147a6980afe7bd12a
SHA256: 7c453221484061204b0f74984a100b04ddfe8af405d6ec96d2696ddd544c035d
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\C20C2BC1735CDC6800D2546BBBECF988EF43A5C2
compressed
MD5: 548865074eb968c4cfe8ccf5d5e7bb95
SHA256: a11cd247fec92e4b7bd5b494852ba02e012c4195dbb49795e41b8a2db6ad13b8
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 934ca9aaf7f170b6d1cc4bdc26727598
SHA256: 69ec29f50c14fc0ba50811625d68177d7291d828f7ade1ce3cdc2ff10f65da65
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\9F25166C605AF077E73AAB2E5713D961FF5FE13D
image
MD5: 82061756c0394ac3f3461a530d8b448d
SHA256: 2eba06233580abf352c2aca6151c382891c4c4a0d27a8940cd13c204d7af68bc
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\007C3946440C74254AECC2C3B2E301726D53DCD4
compressed
MD5: 0c0f500b3245356d831f92b6846865b8
SHA256: fdb8778164f6c0efbcd168dd6fe4d757041d34763228db88ff37864378bd80f4
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\BFE3D2C087057D0A978C94EEDE7216EA43940FA4
compressed
MD5: 008e3b81dc23b1fe2ba75d4c120cfd12
SHA256: 1c7724a9e4bfd6577f56f97b2d47f07b78c51774d24cc9e3860b01fa16b412ff
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\8D2075C94AF45A722A0CD6B65C33F9803522C0E7
compressed
MD5: 5ca6628ba161f12f514706ec1616a5f1
SHA256: 44e293d292891183f729361afc174c800c81274c48f900267c6989b4004c0a3c
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\35B897B92723FEF921907214F0A69AC5F1B15F64
compressed
MD5: 26ac7e471ee880158b829203a8036ffc
SHA256: a950bebdfc070ab0c75bee2ccbe650b6c68f1a6711e85cf4ff6d7a0362f737c7
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\82806ED64103DA9618506F9125C884AF017E8CA0
compressed
MD5: 69e053786d5d355f6f86ffc568d23824
SHA256: 5e5b834df604d3e358080c5201ba82d549d4d0871cb8211e785e57d9cb3d5161
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\A2FE048CEC4862C7DE08D31254201873C09DCAD2
compressed
MD5: 5783ca528d51cae626c3bb152ce16064
SHA256: 5bf8782d5431e831c7e8403cbef923a10fd27069ca185064c5b6b7537039c1f0
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\CA7D2F5845761780800BDA6598BF847995ED6FE0
compressed
MD5: 87428ff62ae838d9ee2dc7660abf3557
SHA256: 95c70b8b06a54ee39c46683846c29f2111703524eb0a2465eae380e7b18eae63
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\EB521E188E0250964CEE26087EA03BEF77561A0D
compressed
MD5: c515105dbdf56c8090fa25f4621544cc
SHA256: 7b15f30e8d8493b945935061fe59e44e74d012480d52c2134d603bb497c51b07
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\34D058E594C5B6D1543DA20B2B0AC97E3A01666D
compressed
MD5: f05a7a75926625bf23f767e73ba15667
SHA256: 995c64284ea921a95ad1809c3d85d2f06c302ccee0ec45b98b539552583d22f7
3116
firefox.exe
C:\Users\admin\AppData\Local\Temp\mz_etilqs_KQYq5XrZOoohpgR
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\4CDF44F54A02ABB1F969B1F7A8BBFDE5A9130C6F
compressed
MD5: f31fc475107c2e096c217f86deac8299
SHA256: 10c042ea003e4779a05d11b55f82368bb8cee771df8e22b3fe01abe76045ad22
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\52A3C4BD5BAE233DA15BDF89D6FF6951E461C363
compressed
MD5: 74a9962f826d4d9d2a4ec255df8225d8
SHA256: 60fa24d4221095d2ab43483c0b3bf39159853ffc55ec6eea904bb40687f2071c
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\0943B6983F492B224AABA257D7FBD304C2F16C52
image
MD5: 8090bdbcaa21d2e3a9726d1c83ccf7fa
SHA256: 886631ed349b44c97f3347a0b9702718b7a7fe4b7a814ecc980330441076568e
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\9177A730A75A3AED965C9E07E7094239DD45F8CA
cer
MD5: d0e379ea8f2a74c36ce80238386ea4ae
SHA256: cb6c87a5ed42ca71d47ee66e2db8f0ee29db935a00a4c402c791fe5edd2124a6
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\D909659D096B618920A8139341F2931C1EC2004C
compressed
MD5: 519561543806028fc68c671d58ef0ba8
SHA256: 7ea4bc7b4658befd7c64488941ea24d49a5e8288a713e009576df00f6856340e
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\6ECA0FEA78766CD8D68B17D920A922EA2331E265
binary
MD5: 994dc0c1daadc876df9a42636802a696
SHA256: e57e63795b28c343844b0cb186f80141363a890a1e5562dac4b92deae6af7692
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\A5D93CC48B83C8124FEB6A2E9448677EACA5BA86
binary
MD5: 2ab21bbc4ae65141ea8e12e594aed7a9
SHA256: 06af3b1bdfbc032836d26ac40f7c8af124d5191316283bb155dcc4463da9a1e0
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\search.json.mozlz4
jsonlz4
MD5: f10c62459e2966d1d89039006b625d21
SHA256: 6cf039704d809e63173080101aaa2edc1cd863f73c1ad18016ba900ea8f32242
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\search.json.mozlz4.tmp
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\BE0CCFDEED023C83BCD6BAB4E7FA39C986B3EA5A
ini
MD5: 074f27ff5253ae513294fadefc3a2aed
SHA256: 3ac68b64837070c3c06a7928b20b1026502a1a39c0f0296ccf06c0290adefde1
3116
firefox.exe
C:\Users\admin\AppData\Local\Temp\mz_etilqs_m9maqVxH5etNdW3
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-block-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\doomed\24735
binary
MD5: 2ab21bbc4ae65141ea8e12e594aed7a9
SHA256: 06af3b1bdfbc032836d26ac40f7c8af124d5191316283bb155dcc4463da9a1e0
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-trackwhite-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\doomed\25970
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-track-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-harmful-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-unwanted-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\9A3EF8133F0FA6C3DE8D839A13E7E624CC01FBCC
binary
MD5: 05bcc240c775798fafea6009892ad660
SHA256: a372ccb97b902001e2a5b226acd3d575d6f36af6bc113d7d2d871e14cf002e61
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-phish-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-malware-simple.sbstore
binary
MD5: 3675254e341df799d4307c1f59109185
SHA256: 23d108134bed6099793f7dd6b8b6e62081ec3b945efdbc7c5e0e779fd9b82f98
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-malware-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\addonStartup.json.lz4
jsonlz4
MD5: 65a8568f72fdf05a592210c52784c82a
SHA256: 353279aec0402d3777cd400ecfa22ece3e3e882cb1e57056965db44bd1306465
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-malware-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\addonStartup.json.lz4.tmp
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-unwanted-simple.sbstore
binary
MD5: a5695cc64d77967232b0c1344c6e72b3
SHA256: 042a22b8681d754671d2018ba109b31a53ee3728d48c6379043f8e3394e7fbad
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-unwanted-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-trackwhite-simple.sbstore
binary
MD5: 65e942614eee70680464ac4be75019fc
SHA256: 34395085da32c8b4efe9959e3b0d756b43ffed17694d66f39b966cd331bd9a94
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-trackwhite-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-track-simple.sbstore
binary
MD5: 95f28ede25c301301f25fbbd9a3c56ec
SHA256: 87763df78772f7d750b0fa5a31eec23e931fd3bd1cbb33beddfc61889da36478
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-track-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-phish-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-phish-simple.sbstore
binary
MD5: 3d1ce5e50208f0cb3b979186043a548f
SHA256: 1e13d05d482c3d533dc6035af2b2d6e84749412a5748d1435b70cec8b312340b
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-harmful-simple.sbstore
binary
MD5: 051fb32dece757ba112ac36dc72e3a91
SHA256: 0806d98fb3de55f75d7c0b17e26146567e08c483031526659a4a35d09b97ef19
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-harmful-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-block-simple.sbstore
binary
MD5: e2cf527ca7550b7e7bdf7311e483a2c3
SHA256: f1e07b1d717433f47073dc54a7d98e3e87b3d0fa88e53466f93ea544af885d11
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-block-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozstd-trackwhite-digest256.sbstore
binary
MD5: 2ad4445da23a8e50d667c09150cf1876
SHA256: c1550f9dc8f675c7ff2c896ee91c839e4e2b243e759d71c128521c17f53e91b1
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozstd-trackwhite-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozplugin-block-digest256.sbstore
binary
MD5: d6acf2573e12afdd7939568804d3fcc1
SHA256: 5525cbf8f8dc41d19ac632ed324e55293a510ae0eeba16d0e3f33c707aa58a0c
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozplugin-block-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.vlpset
binary
MD5: d9e28d043d05a069ac7962f181a05337
SHA256: efbb9ada8e5f662779444e4de88ce944036b7c73d61acfb70239f809dd153aa1
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.metadata
binary
MD5: 6ee2fe4d5c3460929a4eec3138d76e8e
SHA256: 1bd0d3301b97fe608243e61c8fa114cc1ae9b69c0622a10cafe5cc1814df3b7a
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-phish-proto.metadata
binary
MD5: f57521d4d31b44fbbb74ba8f2441f52f
SHA256: fd6f2adcf2bce0ac48f15b6a67110e24ec8d24a566422512df2269f2cfac7a0d
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto.vlpset
binary
MD5: 8996548565a96f6ba34bc8317fb4f09e
SHA256: f760f51c58a91fcc264b8d27f610372ad510209eae6d0911e0ac236e7405fdc8
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto.metadata
binary
MD5: c0ff29e2429d6a67594d829b166b9d0b
SHA256: a8ab69af442ae86af43f2a3bf22b91341377be23874762de01e3e71ef08f0318
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-downloadwhite-proto.pset
binary
MD5: 7655fffe7cfbe1ebf96afea5fe2e1376
SHA256: ff2f663c4e453706b7817109f6a43e8b3389e8cfb1b7d64aace2bfba45f3a359
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-downloadwhite-proto.metadata
binary
MD5: 498dae4e538658a57f464748f2dabfda
SHA256: 8778f52cd9cb4f4787bf7ba18006d212f8c3004652d163f7786556a8eef3a067
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto.vlpset
binary
MD5: 93fdf288da71b455cfcb53f9e78add2a
SHA256: 017ed2622f8e5e1d72df4bc872bcf81ccfea9681aede1afdc7f3ddac800b0cf5
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto.metadata
binary
MD5: b4d69f529bf6d261075d04c6a5c56158
SHA256: 2794c0426aa721104df6a8615d57a251af30a79865cc69e369ed41cae4ea4ee8
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashsubdoc-digest256.sbstore
binary
MD5: ba0009932844173bc8f9af264229df24
SHA256: 66d1c00c04d86e313e9a02775cdf906b1be8d4cd6bef423a1b9e21cc4e9f50c1
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashsubdoc-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashallow-digest256.sbstore
binary
MD5: 6f85bc4b2ecb49e26b0bd83a821065d0
SHA256: c0b3bc9b3dc507ab654caf72d13c3aefa58c9b13b1e4d14dd8816712d80a7e54
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashallow-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flash-digest256.sbstore
binary
MD5: c921d8e98fa01b4f303481e112202e92
SHA256: 4ef1038730ec8bc7206713c29a936768831b922c5e6c83355fd62d7401d8c1dc
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flash-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: f45929bc8ec8ff0e7ea9d4ce213a755a
SHA256: 5a883cb5b8bbd23c29d77f708a4fd8680ed4bf3782f747b4778150b9fc476bb3
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flashsubdoc-digest256.sbstore
binary
MD5: 04824a1f92353f43ebb9e7f74b7476fd
SHA256: b48e58ebab82e4c376f16150a3fff850c1111ff1f5985d68819cfd6f0db159d2
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flashsubdoc-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flash-digest256.sbstore
binary
MD5: 0e8fe60ccd7e9b4c32589a5743a95302
SHA256: 2b124d4026850a3cffd28dbacb58aec28f7dcd4d40bc14e52bbe96d60ce4e749
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flash-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\base-track-digest256.sbstore
binary
MD5: 4a1220fc03e11726f09e9981834345db
SHA256: 6ae7fc0fdbe217104f4034bf6a580a461106b50309abccff6e309124dca5ef39
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 02138b2f3b89b2829919a9d4ccc574f0
SHA256: 94f42199d3daf6b040cf5b6abcbfd65be9df7d102402dae80285f11bfea2ceb5
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\base-track-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite-shm
binary
MD5: b7c14ec6110fa820ca6b65f5aec85911
SHA256: fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\A48779CE33CCDC9D167462D8E4BF85329210B390
binary
MD5: d9ebbb28d6a2ff8f2ad2eaf81e1619f3
SHA256: 6294045c96b6d7f0938730984ca7fc75f61715c4709a90fd0a7df34b39ec367b
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\allow-flashallow-digest256.sbstore
binary
MD5: d886a47c89d9c49c795da345bc236990
SHA256: a03c5e2656d2f292bf5794c8eeb8d223cd6ba4f4bfb2ed1f325460e879d0bcf7
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\allow-flashallow-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\8190F311C30B04E0551D555D02302F4482D00ACD
binary
MD5: 7438df628d151ffc8b090fdfced59d9c
SHA256: b7636b8151e294463772886da0609c926af1f936f2ffdb4589371892385e5719
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\7FB573E31EA0C0FBD739B9839F324661ECE84F79
der
MD5: 2dd24b30b6cdaa34da565b2e450b40ea
SHA256: 0fe213593537e48f3ae03a95d22c9c204197e6c18ddf82c2b229e271d2816580
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\39B2AD5ABC293256303F0F958F7F76FFD7E777A6
der
MD5: fa9b929eed7069afdc1a52b585679d49
SHA256: 7f3ecaa0659b5c19f659942211ca185469a40e56d2c8954303938d6a2bda2e17
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\search.json.mozlz4
jsonlz4
MD5: 6d378e0d40b6eaca22c8bce899a1c5c1
SHA256: ada2467b2477aceff837ac7820c435ad1ebbe844b2da31c7ab9ae8d010c7a639
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionCheckpoints.json.tmp
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionCheckpoints.json
text
MD5: c4ab2ee59ca41b6d6a6ea911f35bdc00
SHA256: 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 9621ce14530df29a04da39b7343ac9f8
SHA256: 88948c5375aa8b2a4834c5b193e61357749a9291609690168ba31c0ca57064c3
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite-shm
binary
MD5: b7c14ec6110fa820ca6b65f5aec85911
SHA256: fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionCheckpoints.json
text
MD5: ea8b62857dfdbd3d0be7d7e4a954ec9a
SHA256: 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 945a3e0a2cdab1057fabc786dd7fafea
SHA256: 93a40cd2b7afb3a04659a89824d8b4fd394168cde217f5084e8a35c6e7813404
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs-1.js
text
MD5: 945a3e0a2cdab1057fabc786dd7fafea
SHA256: 93a40cd2b7afb3a04659a89824d8b4fd394168cde217f5084e8a35c6e7813404
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 354459382f30b8994109c88659dfa1f3
SHA256: e3e8e2b7e7eeca231620d83c70fa5a926e8b9ce74c51f595f71191dc0b50527e
3116
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\cookies.sqlite-shm
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache-current.bin
––
MD5:  ––
SHA256:  ––
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache-child-current.bin
binary
MD5: 5027177f513cdae07db2330e1ded5934
SHA256: 0c53f16051e738287a4612f68e296238087627e594cfd6ddfa1fecc2e998328b
3116
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\urlCache-current.bin
binary
MD5: de9496aca551ade408ef6466a11833a1
SHA256: 8f9c7fdb3e0bc01024e43a8e242468fc4dd4f74c725e32a883571635203dc10a

Find more information of the staic content and download it at the full report

Network activity

HTTP(S) requests
48
TCP/UDP connections
50
DNS requests
120
Threats
1

HTTP requests

PID Process Method HTTP Code IP URL CN Type Size Reputation
3116 firefox.exe GET 200 2.16.186.50:80 http://detectportal.firefox.com/success.txt unknown
text
whitelisted
3116 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
whitelisted
3116 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
whitelisted
3116 firefox.exe GET 200 166.62.108.43:80 http://www.walterbistro.com/ US
html
malicious
3116 firefox.exe GET 200 166.62.108.43:80 http://www.walterbistro.com/wp-includes/css/dist/block-library/style.min.css?ver=5.3 US
text
malicious
3116 firefox.exe GET 200 166.62.108.43:80 http://www.walterbistro.com/wp-content/themes/x/framework/dist/css/site/stacks/ethos.css?ver=6.1.6 US
text
malicious
3116 firefox.exe GET 200 166.62.108.43:80 http://www.walterbistro.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8 US
text
malicious
3116 firefox.exe GET 200 166.62.108.43:80 http://www.walterbistro.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 US
text
malicious
3116 firefox.exe GET 200 216.58.210.10:80 http://fonts.googleapis.com/css?family=Lato:700,700i|Pontano+Sans:400&subset=latin,latin-ext US
text
whitelisted
3116 firefox.exe GET 200 166.62.108.43:80 http://www.walterbistro.com/wp-content/themes/x/framework/legacy/cranium/dist/css/site/ethos.css?ver=6.1.6 US
text
malicious
3116 firefox.exe GET 200 166.62.108.43:80 http://www.walterbistro.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp US
text
malicious
3116 firefox.exe GET 200 166.62.108.43:80 http://www.walterbistro.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8 US
text
malicious
3116 firefox.exe GET 200 166.62.108.43:80 http://www.walterbistro.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8 US
text
malicious
3116 firefox.exe GET 200 166.62.108.43:80 http://www.walterbistro.com/wp-content/plugins/cornerstone/assets/dist/js/site/cs-head.js?ver=3.1.6 US
text
malicious
3116 firefox.exe GET 200 166.62.108.43:80 http://www.walterbistro.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.2 US
text
malicious
3116 firefox.exe GET 200 166.62.108.43:80 http://www.walterbistro.com/wp-content/plugins/cornerstone/assets/dist/js/site/cs-body.js?ver=3.1.6 US
text
malicious
3116 firefox.exe GET 200 166.62.108.43:80 http://www.walterbistro.com/wp-content/themes/x/framework/dist/js/site/x.js?ver=6.1.6 US
text
malicious
3116 firefox.exe GET 200 166.62.108.43:80 http://www.walterbistro.com/wp-includes/js/comment-reply.min.js?ver=5.3 US
text
malicious
3116 firefox.exe GET 200 166.62.108.43:80 http://www.walterbistro.com/wp-includes/js/wp-embed.min.js?ver=5.3 US
text
malicious
3116 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
whitelisted
3116 firefox.exe GET 200 166.62.108.43:80 http://www.walterbistro.com/wp-includes/js/wp-emoji-release.min.js?ver=5.3 US
text
malicious
3116 firefox.exe GET 200 166.62.108.43:80 http://www.walterbistro.com/wp-content/plugins/revslider/admin/assets/images/dummy.png US
image
malicious
3116 firefox.exe GET 200 166.62.108.43:80 http://www.walterbistro.com/wp-content/uploads/2016/05/Walter_Logo.png US
image
malicious
3116 firefox.exe GET 200 166.62.108.43:80 http://www.walterbistro.com/wp-content/uploads/2016/05/Walter-Bistro_Home_Photo.jpg US
image
malicious
3116 firefox.exe GET 200 172.217.16.163:80 http://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ.woff2 US
woff2
whitelisted
3116 firefox.exe GET 200 166.62.108.43:80 http://www.walterbistro.com/favicon.ico US
image
malicious
3116 firefox.exe GET 200 172.217.16.163:80 http://fonts.gstatic.com/s/pontanosans/v7/qFdD35GdgYR8EzR6oBLDHa3axT8N.woff2 US
woff2
whitelisted
3116 firefox.exe GET 200 166.62.108.43:80 http://www.walterbistro.com/wp-content/themes/x/framework/fonts/font_awesome/fontawesome-webfont.woff2?v=4.7.0 US
woff2
malicious
3116 firefox.exe POST 200 151.139.128.14:80 http://ocsp.comodoca.com/ US
binary
der
whitelisted
3116 firefox.exe GET 200 166.62.108.43:80 http://www.walterbistro.com/wp-content/uploads/2016/05/Walter-Bistro_BG.jpg US
image
malicious
3116 firefox.exe GET 200 166.62.108.43:80 http://www.walterbistro.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.slideanims.min.js?version=5.4.8 US
text
malicious
3116 firefox.exe GET 200 166.62.108.43:80 http://www.walterbistro.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.layeranimation.min.js?version=5.4.8 US
text
malicious
3116 firefox.exe GET 200 166.62.108.43:80 http://www.walterbistro.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.navigation.min.js?version=5.4.8 US
text
malicious
3116 firefox.exe GET 200 166.62.108.43:80 http://www.walterbistro.com/wp-content/plugins/revslider/admin/assets/images/transparent.png US
image
malicious
3116 firefox.exe GET 200 166.62.108.43:80 http://www.walterbistro.com/wp-content/uploads/2016/05/Header_3.jpg US
image
malicious
3116 firefox.exe GET 200 166.62.108.43:80 http://www.walterbistro.com/wp-content/uploads/2016/05/Header_2.jpg US
image
malicious
3116 firefox.exe GET 200 166.62.108.43:80 http://www.walterbistro.com/wp-content/plugins/revslider/public/assets/fonts/revicons/revicons.woff?5510888 US
woff
malicious
3116 firefox.exe GET –– 166.62.108.43:80 http://www.walterbistro.com/wp-content/uploads/2015/09/Header61.jpg US
––
––
malicious
3116 firefox.exe GET 200 166.62.108.43:80 http://www.walterbistro.com/wp-content/uploads/2016/05/Header_1.jpg US
image
malicious
3116 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
whitelisted
3116 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
whitelisted
3116 firefox.exe POST 200 172.217.22.67:80 http://ocsp.pki.goog/gts1o1 US
binary
der
whitelisted
3116 firefox.exe POST 200 172.217.22.67:80 http://ocsp.pki.goog/gts1o1 US
binary
der
whitelisted
3116 firefox.exe POST 200 172.217.22.67:80 http://ocsp.pki.goog/gts1o1 US
binary
der
whitelisted
3116 firefox.exe POST 200 172.217.22.67:80 http://ocsp.pki.goog/gts1o1 US
binary
der
whitelisted
3116 firefox.exe POST 200 172.217.22.67:80 http://ocsp.pki.goog/gts1o1 US
binary
der
whitelisted
3116 firefox.exe GET 200 166.62.108.43:80 http://www.walterbistro.com/wp-content/uploads/2016/05/Header_4.jpg US
image
malicious
3116 firefox.exe GET 200 2.16.186.50:80 http://detectportal.firefox.com/success.txt unknown
text
whitelisted

Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID Process IP ASN CN Reputation
3116 firefox.exe 2.16.186.50:80 Akamai International B.V. –– whitelisted
3116 firefox.exe 166.62.108.43:80 GoDaddy.com, LLC US malicious
3116 firefox.exe 35.164.109.147:443 Amazon.com, Inc. US unknown
3116 firefox.exe 52.35.244.72:443 Amazon.com, Inc. US malicious
3116 firefox.exe 52.89.51.22:443 Amazon.com, Inc. US unknown
3116 firefox.exe 52.222.158.124:443 Amazon.com, Inc. US unknown
3116 firefox.exe 93.184.220.29:80 MCI Communications Services, Inc. d/b/a Verizon Business US whitelisted
3116 firefox.exe 143.204.214.68:443 US unknown
3116 firefox.exe 52.222.169.2:443 Amazon.com, Inc. US unknown
3116 firefox.exe 35.167.176.126:443 Amazon.com, Inc. US unknown
3116 firefox.exe 216.58.210.10:80 Google Inc. US whitelisted
3116 firefox.exe 13.35.253.94:443 US suspicious
3116 firefox.exe 172.217.16.163:80 Google Inc. US whitelisted
3116 firefox.exe 34.237.203.145:443 Amazon.com, Inc. US unknown
3116 firefox.exe 151.139.128.14:80 Highwinds Network Group, Inc. US suspicious
3116 firefox.exe 143.204.208.145:443 US whitelisted
3116 firefox.exe 52.222.158.141:443 Amazon.com, Inc. US unknown
3116 firefox.exe 151.101.2.109:443 Fastly US unknown
3116 firefox.exe 151.101.0.176:443 Fastly US unknown
3116 firefox.exe 151.101.66.217:443 Fastly US unknown
3116 firefox.exe 172.217.16.142:443 Google Inc. US whitelisted
3116 firefox.exe 31.13.92.14:443 Facebook, Inc. IE whitelisted
3116 firefox.exe 69.171.250.25:443 Facebook, Inc. US suspicious
3116 firefox.exe 172.217.22.67:80 Google Inc. US whitelisted
3116 firefox.exe 157.240.20.35:443 Facebook, Inc. US whitelisted
3116 firefox.exe 172.217.18.170:443 Google Inc. US whitelisted
3116 firefox.exe 74.125.206.156:443 Google Inc. US whitelisted
3116 firefox.exe 52.35.182.58:443 Amazon.com, Inc. US unknown
3116 firefox.exe 172.217.18.4:443 Google Inc. US whitelisted
3116 firefox.exe 172.217.16.163:443 Google Inc. US whitelisted
3116 firefox.exe 52.222.158.80:443 Amazon.com, Inc. US unknown

DNS requests

Domain IP Reputation
www.walterbistro.com 166.62.108.43
unknown
detectportal.firefox.com 2.16.186.50
2.16.186.112
whitelisted
a1089.dscd.akamai.net 2.16.186.112
2.16.186.50
whitelisted
walterbistro.com 166.62.108.43
unknown
search.services.mozilla.com 35.164.109.147
52.89.218.39
52.35.182.58
whitelisted
search.r53-2.services.mozilla.com No response whitelisted
push.services.mozilla.com 52.35.244.72
whitelisted
autopush.prod.mozaws.net 52.35.244.72
whitelisted
tiles.services.mozilla.com 52.89.51.22
34.223.160.244
52.39.224.180
34.212.11.156
54.149.128.76
54.186.225.209
54.68.132.173
54.69.207.70
whitelisted
tiles.r53-2.services.mozilla.com 54.69.207.70
54.68.132.173
54.186.225.209
54.149.128.76
34.212.11.156
52.39.224.180
34.223.160.244
52.89.51.22
whitelisted
snippets.cdn.mozilla.net 52.222.158.124
52.222.158.66
52.222.158.80
52.222.158.131
whitelisted
d228z91au11ukj.cloudfront.net 52.222.158.131
52.222.158.80
52.222.158.66
52.222.158.124
malicious
ocsp.digicert.com 93.184.220.29
whitelisted
cs9.wac.phicdn.net No response whitelisted
d2k03kvdk5cku0.cloudfront.net 143.204.214.77
143.204.214.45
143.204.214.123
143.204.214.68
whitelisted
firefox.settings.services.mozilla.com 143.204.214.68
143.204.214.123
143.204.214.45
143.204.214.77
whitelisted
content-signature-2.cdn.mozilla.net 52.222.169.2
52.222.169.97
52.222.169.93
52.222.169.75
whitelisted
d2nxq2uap88usk.cloudfront.net No response whitelisted
shavar.services.mozilla.com 35.167.176.126
34.213.241.62
34.213.214.155
52.25.50.137
18.236.49.179
35.164.178.120
52.32.91.14
52.39.168.38
whitelisted
shavar.prod.mozaws.net 52.39.168.38
52.32.91.14
35.164.178.120
18.236.49.179
52.25.50.137
34.213.214.155
34.213.241.62
35.167.176.126
whitelisted
fonts.googleapis.com 216.58.210.10
whitelisted
tracking-protection.cdn.mozilla.net 13.35.253.94
13.35.253.114
13.35.253.79
13.35.253.81
whitelisted
d1zkz3k4cclnv6.cloudfront.net No response whitelisted
fonts.gstatic.com 172.217.16.163
whitelisted
gstaticadssl.l.google.com No response whitelisted
widgets.libroreserve.com 34.237.203.145
52.73.84.118
3.227.43.216
3.223.119.4
34.236.27.247
35.168.165.30
3.223.24.224
52.4.3.201
suspicious
widgets.libroreserve.com.herokudns.com 52.4.3.201
3.223.24.224
35.168.165.30
34.236.27.247
3.223.119.4
3.227.43.216
52.73.84.118
34.237.203.145
suspicious
ocsp.comodoca.com 151.139.128.14
whitelisted
d90cvcqfgkok9.cloudfront.net 143.204.208.145
143.204.208.29
143.204.208.8
143.204.208.113
whitelisted
cdn.polyfill.io 151.101.2.109
151.101.66.109
151.101.130.109
151.101.194.109
whitelisted
dualstack.f3.shared.global.fastly.net 151.101.194.109
151.101.130.109
151.101.66.109
151.101.2.109
whitelisted
aus5.mozilla.org 52.222.158.141
52.222.158.182
52.222.158.35
52.222.158.88
whitelisted
checkout.stripe.com 151.101.0.176
151.101.64.176
151.101.128.176
151.101.192.176
whitelisted
balrog-cloudfront.prod.mozaws.net 52.222.158.88
52.222.158.35
52.222.158.182
52.222.158.141
whitelisted
www.google-analytics.com 172.217.16.142
whitelisted
cdn.ravenjs.com 151.101.66.217
151.101.194.217
151.101.130.217
151.101.2.217
whitelisted
stripecdn.map.fastly.net 151.101.192.176
151.101.128.176
151.101.64.176
151.101.0.176
whitelisted
www-google-analytics.l.google.com 172.217.16.142
whitelisted
connect.facebook.net 31.13.92.14
whitelisted
scontent.xx.fbcdn.net 31.13.92.14
whitelisted
ocsp.pki.goog 172.217.22.67
whitelisted
public-api.libroreserve.com 34.237.203.145
52.4.11.55
52.23.149.37
52.20.12.96
3.225.172.191
54.164.7.157
52.73.147.107
3.225.9.174
unknown
blooming-shark-nncsk4zuypswdu07c0dkzdy3.herokudns.com 3.225.9.174
52.73.147.107
54.164.7.157
3.225.172.191
52.20.12.96
52.23.149.37
52.4.11.55
34.237.203.145
unknown
staticxx.facebook.com 69.171.250.25
whitelisted
www.facebook.com