General Info

URL

http://www.acu.ac.th/acu_tuf/acu/pdfz.php?email=[email protected]

Full analysis
https://app.any.run/tasks/af174687-7183-4f40-9319-57069359cf81
Verdict
Malicious activity
Analysis date
2/11/2019, 11:21:59
OS:
Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Tags:

opendir

phishing

Indicators:

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distored by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

Software environment set and analysis options

Launch configuration

Task duration
300 seconds
Additional time used
240 seconds
Fakenet option
off
Heavy Evaision option
off
MITM proxy
off
Route via Tor
off
Network geolocation
off
Privacy
Public submission
Autoconfirmation of UAC
on

Software preset

  • Internet Explorer 8.0.7601.17514
  • Adobe Acrobat Reader DC MUI (15.023.20070)
  • Adobe Flash Player 26 ActiveX (26.0.0.131)
  • Adobe Flash Player 26 NPAPI (26.0.0.131)
  • Adobe Flash Player 26 PPAPI (26.0.0.131)
  • Adobe Refresh Manager (1.8.0)
  • CCleaner (5.35)
  • FileZilla Client 3.36.0 (3.36.0)
  • Google Chrome (68.0.3440.106)
  • Google Update Helper (1.3.33.17)
  • Java 8 Update 92 (8.0.920.14)
  • Java Auto Updater (2.8.92.14)
  • Microsoft .NET Framework 4.6.1 (4.6.01055)
  • Microsoft Office Access MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Access Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Excel MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office OneNote MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Outlook MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office PowerPoint MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Professional 2010 (14.0.6029.1000)
  • Microsoft Office Proof (English) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (French) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (Spanish) 2010 (14.0.6029.1000)
  • Microsoft Office Proofing (English) 2010 (14.0.6029.1000)
  • Microsoft Office Publisher MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Single Image 2010 (14.0.6029.1000)
  • Microsoft Office Word MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (9.0.30729.6161)
  • Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (10.0.40219)
  • Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (12.0.30501.0)
  • Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (14.15.26706.0)
  • Microsoft Visual C++ 2017 x86 Additional Runtime - 14.15.26706 (14.15.26706)
  • Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.15.26706 (14.15.26706)
  • Mozilla Firefox 61.0.2 (x86 en-US) (61.0.2)
  • Notepad++ (32-bit x86) (7.5.1)
  • Opera 12.15 (12.15.1748)
  • Skype version 8.29 (8.29)
  • VLC media player (2.2.6)
  • WinRAR 5.60 (32-bit) (5.60.0)

Hotfixes

  • Client LanguagePack Package
  • Client Refresh LanguagePack Package
  • CodecPack Basic Package
  • Foundation Package
  • IE Troubleshooters Package
  • InternetExplorer Optional Package
  • KB2534111
  • KB2999226
  • KB976902
  • LocalPack AU Package
  • LocalPack CA Package
  • LocalPack GB Package
  • LocalPack US Package
  • LocalPack ZA Package
  • ProfessionalEdition
  • UltimateEdition

Behavior activities

MALICIOUS SUSPICIOUS INFO

No malicious indicators.

No suspicious indicators.

Reads CPU info
  • firefox.exe (PID: 2336)
  • firefox.exe (PID: 1044)
  • firefox.exe (PID: 3672)
  • firefox.exe (PID: 3044)
  • firefox.exe (PID: 2844)
Reads settings of System Certificates
  • firefox.exe (PID: 2844)
Dropped object may contain Bitcoin addresses
  • firefox.exe (PID: 2844)
Application launched itself
  • firefox.exe (PID: 2844)
Creates files in the user directory
  • firefox.exe (PID: 2844)

Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report

Screenshots

Processes

Total processes
34
Monitored processes
5
Malicious processes
0
Suspicious processes
0

Behavior graph

+
start firefox.exe firefox.exe firefox.exe firefox.exe firefox.exe
Specs description
Program did not start
Integrity level elevation
Task сontains an error or was rebooted
Process has crashed
Task contains several apps running
Executable file was dropped
Debug information is available
Process was injected
Network attacks were detected
Application downloaded the executable file
Actions similar to stealing personal data
Behavior similar to exploiting the vulnerability
Inspected object has sucpicious PE structure
File is detected by antivirus software
CPU overrun
RAM overrun
Process starts the services
Process was added to the startup
Behavior similar to spam
Low-level access to the HDD
Probably Tor was used
System was rebooted
Connects to the network
Known threat

Process information

Click at the process to see the details.

PID
2844
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" http://www.acu.ac.th/acu_tuf/acu/pdfz.php?email=[email protected]
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
Parent process
––
User
admin
Integrity Level
MEDIUM
Version:
Company
Mozilla Corporation
Description
Firefox
Version
61.0.2
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\usp10.dll
c:\windows\system32\lpk.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\windows\system32\shell32.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\hid.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\kbdus.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\wbem\wbemprox.dll
c:\windows\system32\wbemcomn.dll
c:\windows\system32\wship6.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\wbem\wbemsvc.dll
c:\windows\system32\wbem\fastprox.dll
c:\windows\system32\ntdsapi.dll
c:\windows\system32\profapi.dll
c:\windows\system32\wpc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\samcli.dll
c:\windows\system32\samlib.dll
c:\windows\system32\netutils.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\mscms.dll
c:\windows\system32\winsta.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\audioses.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\wininet.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\iertutil.dll
c:\program files\mozilla firefox\softokn3.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\program files\mozilla firefox\freebl3.dll
c:\windows\system32\sspicli.dll
c:\progra~1\mozill~1\nssckbi.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\explorerframe.dll
c:\windows\system32\duser.dll
c:\windows\system32\dui70.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\fwpuclnt.dll
c:\program files\adobe\acrobat reader dc\reader\acrord32.exe
c:\program files\mozilla firefox\mozavutil.dll
c:\program files\mozilla firefox\mozavcodec.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\mf.dll
c:\windows\system32\atl.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\dxva2.dll
c:\windows\system32\evr.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\msmpeg2adec.dll
c:\windows\system32\slc.dll
c:\windows\system32\msmpeg2vdec.dll
c:\windows\system32\sqmapi.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\linkinfo.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\ncrypt.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\gpapi.dll

PID
2336
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2844.0.225485574\371004064" -childID 1 -isForBrowser -prefsHandle 1456 -prefsLen 8310 -schedulerPrefs 0001,2 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 2844 "\\.\pipe\gecko-crash-server-pipe.2844" 1332 tab
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
Parent process
firefox.exe
User
admin
Integrity Level
LOW
Version:
Company
Mozilla Corporation
Description
Firefox
Version
61.0.2
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\shell32.dll
c:\windows\system32\hid.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\wship6.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\mscms.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\audioses.dll
c:\windows\system32\wpc.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\samcli.dll
c:\windows\system32\samlib.dll
c:\windows\system32\netutils.dll
c:\program files\mozilla firefox\softokn3.dll
c:\program files\mozilla firefox\freebl3.dll

PID
3044
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2844.6.717442892\315336976" -childID 2 -isForBrowser -prefsHandle 2336 -prefsLen 11442 -schedulerPrefs 0001,2 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 2844 "\\.\pipe\gecko-crash-server-pipe.2844" 2416 tab
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
Parent process
firefox.exe
User
admin
Integrity Level
LOW
Version:
Company
Mozilla Corporation
Description
Firefox
Version
61.0.2
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\hid.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\wship6.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\mscms.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\audioses.dll
c:\program files\mozilla firefox\softokn3.dll
c:\program files\mozilla firefox\freebl3.dll

PID
3672
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2844.12.698285912\625958214" -childID 3 -isForBrowser -prefsHandle 2800 -prefsLen 12017 -schedulerPrefs 0001,2 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 2844 "\\.\pipe\gecko-crash-server-pipe.2844" 2880 tab
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
Parent process
firefox.exe
User
admin
Integrity Level
LOW
Version:
Company
Mozilla Corporation
Description
Firefox
Version
61.0.2
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\hid.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\wship6.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\mscms.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\audioses.dll
c:\program files\mozilla firefox\softokn3.dll
c:\program files\mozilla firefox\freebl3.dll
c:\windows\system32\wpc.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\samcli.dll
c:\windows\system32\samlib.dll
c:\windows\system32\netutils.dll

PID
1044
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2844.18.1862465607\1584066111" -childID 4 -isForBrowser -prefsHandle 1704 -prefsLen 12017 -schedulerPrefs 0001,2 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 2844 "\\.\pipe\gecko-crash-server-pipe.2844" 3172 tab
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
Parent process
firefox.exe
User
admin
Integrity Level
LOW
Version:
Company
Mozilla Corporation
Description
Firefox
Version
61.0.2
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\ws2_32.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\windows\system32\shell32.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\hid.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\wship6.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\mscms.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\audioses.dll

Registry activity

Total events
260
Read events
248
Write events
12
Delete events
0

Modification events

PID
Process
Operation
Key
Name
Value
2844
firefox.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings
ProxyEnable
0
2844
firefox.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
SavedLegacySettings
4600000069000000010000000000000000000000000000000000000000000000C0E333BBEAB1D301000000000000000000000000020000001700000000000000FE800000000000007D6CB050D9C573F70B000000000000006D00330032005C004D00530049004D004700330032002E0064006C000100000004AA400014AA4000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000C0A8016400000000000000000000000000000000000000000800000000000000805D3F00983740000008000002000000000000600000002060040000B8A94000020000008802000060040000B8A9400004000000F8010000B284000088B64000B84B400043003A000000000000000000000000000000000000000000
2844
firefox.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\5F\52C64B7E
LanguageList
en-US

Files activity

Executable files
0
Suspicious files
80
Text files
28
Unknown types
103

Dropped files

PID
Process
Filename
Type
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\shield-recipe-client.json.tmp
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto.metadata
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs-1.js
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3561288849sdhlie.sqlite-shm
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1451318868ntouromlalnodry--epcr.sqlite-shm
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\D0A859652EB27F681D823FBFEFACD5514FF94C4C
compressed
MD5: 498e805d24c078488c7c9b6025365325
SHA256: 66f50b9ddb58489771a4418cd35caa85d6c86fee22bc68c14e99f2530fd98e78
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\8473F6B6E4603BD96F7DE40AD2F4CF89B6744630
compressed
MD5: ac52848d7c9bca50e9f78afee67d4757
SHA256: dc171f002c8b09fb45c64f41da04ff67b1586533f6abfce3b0cdff098e6b9096
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\8B2634FB16660BA3F2D27C544075DFEACA1E561A
compressed
MD5: 09726af5e1398822b5ce81c8b02c53d7
SHA256: 25e610b5b899ca4a25b8da736dc0df14b714b09279dd2c94f81857920e6477dd
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\162BDAA0391079DE536E0ED1CD11B422E27454DB
cer
MD5: 9271b15227a2594d34e5102ab1e7218e
SHA256: 320d71e6eece283c5bedf8eb88472883822b54ea680baf9d7213cf4e171fa5af
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\96E3CDF8FA4A0DCBB81F0A922B22FED61FC7D2FB
compressed
MD5: 6f8cc2e168e71d8b0ee4ad1eab046e32
SHA256: 93743fba3c04741d8344876283d091f79ba1b17b4dbe86213fb3d5d34eb190ae
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\162BDAA0391079DE536E0ED1CD11B422E27454DB
cer
MD5: 2ced689eb6e68f325d43b3fd5bcc9c20
SHA256: 211d1f023190555750f82a2f1fd96d3caf1d25ae909fa907ebe5b592ddf6e637
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\162BDAA0391079DE536E0ED1CD11B422E27454DB
cer
MD5: 094cb5c3d9f407f96fc427a8e34df706
SHA256: c738acfb786e9974cf494ab7d09d5458e6c5100682e24faeabb85c75c6c9ef12
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\162BDAA0391079DE536E0ED1CD11B422E27454DB
cer
MD5: 3e32958c848cca091b8a853b6c88e17f
SHA256: d85822b35b080123ae8d1ae7944e68e883416d6c37465dae2cb76a26dffc28c9
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\162BDAA0391079DE536E0ED1CD11B422E27454DB
cer
MD5: a69614d01df72cefa1b4ce3cda46e677
SHA256: 1f9a33bc749daafa6af44793dc48bea434ab0ff24d1cb40792b981b58ae40e86
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\162BDAA0391079DE536E0ED1CD11B422E27454DB
cer
MD5: eb4de3968b392bd25680c798186b9e09
SHA256: b46a59184e7b866934c5d5b1cf5f327e979daa321e77a0689454653485f4207a
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\E21F074DBAD1CB7994F383C419228B689766FB1C
compressed
MD5: 28d83ab928b26a1ca137743754f97d73
SHA256: ebde6e2c871967b54f3b4696952c801aee6f05b761df70197b25c9bddcd6e5ae
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: d3b75d394d2d3169e31a7a7d99d57ff5
SHA256: dfb6c105902b45d9ef01bcbdec0537004abdf9dd132719ee8c760d1614aaa058
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\5C3B1B4A3AF3BDDFB5E032BA9BA685FAE38E7418
binary
MD5: 2d2aa581663fabf94060ecfbeadd0756
SHA256: bb2e10af44b8cdaae5d4d7f7b86cbc2d973485dfee15872baf0c016f7f25b011
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
binary
MD5: 1492f72f8a3e5eddaa19f1596870f423
SHA256: 255f483b83afb6dfef17f3140116c4c41bae84c236a7bfdbb083418b93ab46c9
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms~RF1d4931.TMP
binary
MD5: 1492f72f8a3e5eddaa19f1596870f423
SHA256: 255f483b83afb6dfef17f3140116c4c41bae84c236a7bfdbb083418b93ab46c9
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5I056QPWWWKX6UUGKNIP.temp
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\startupCache.4.little
compressed
MD5: c98718aedec7fa7087ff64b4d63f75cc
SHA256: 21d7450efe41ed5f193cf7f627a144f0c00d657181cef043bb994b05f05d49db
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\doomed\31258
binary
MD5: da47da85c77eba059128d1cf06944947
SHA256: de3d79ebbb0b4e6866b28bf6894f606075f49f1ade137e819c94e0277ede2d96
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\28BD1E736636595E2BE85F555E200A0212D2B4DE
image
MD5: 403a499002eed8c4388bcc30a8ef0750
SHA256: 0cd370f19f3b27a481066feb8938e459dc4e7190bccd7d2ac7e1f9c9a70f4e3c
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\21DFFE60A711D5EEE03D7B000F1888F4167893A2
binary
MD5: da47da85c77eba059128d1cf06944947
SHA256: de3d79ebbb0b4e6866b28bf6894f606075f49f1ade137e819c94e0277ede2d96
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\231111011D00929FFA9FD1D18AD076085A97E83A
binary
MD5: c91973db2bb3fdcd0132f327a2c37cb0
SHA256: 8262e1e0b6eb1b328aeaba9205bca7134f55544cb0fb7db4c582eb34faf1a323
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\B2AFECE0B09D776F87D7F85E445EE0C09256AFB3
image
MD5: 0d078315ac0c528b6f72a87807ffec37
SHA256: 2c07a3ddc9121dbe68ce68b1231cff69f5276bdf2a2de5225ada990aa9116a4a
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\C60F160EAA8B1A0949CE17BA2B289370158EA01E
der
MD5: 2461a2cf85eddff8bb69b62d43c3a312
SHA256: 32c349414779f43b34e5531678e2ebc5c5a4ea746c4c74ab7934027d5c7129f1
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\datareporting\archived\2019-02\1549880702516.832c6dff-51f2-43a1-801a-2f2d1c40c712.modules.jsonlz4
jsonlz4
MD5: 520f70d798d0498b137046918be77b4d
SHA256: 7463ed464e099c9bf8654ca0d6111eca3497d8755b9240946dcbf16d4d42c091
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\datareporting\archived\2019-02\1549880702516.832c6dff-51f2-43a1-801a-2f2d1c40c712.modules.jsonlz4.tmp
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 96b7b1ba2ee74264be03f259b415ab8c
SHA256: 581def682bbabc71cb4f753014df6cdb790737a34e349b139df90916f6efb286
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.jsonlz4
jsonlz4
MD5: 9be3d8fbbe4fd3907bd7d9875ddbeb57
SHA256: 40318b4141310df165bb626ab06e2cf5e02079fc9cf63a0ae6234f35dd6d7842
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.baklz4
jsonlz4
MD5: 40cb5ee782d1ea9c1995b771b916ed03
SHA256: c7da39dda6d8d86331b4ad1877474f7489b872f3c270a929a79ed3e87c039010
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.jsonlz4.tmp
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\3B9B78B6EF7164DD9CB6E9A4F73983F427DD4576
binary
MD5: 053706c8c61dad81f237a7101deba310
SHA256: 4803c7de16f9c39e2bc8d13636ad08440e53e7f46da00eab9c965053e704e774
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\231111011D00929FFA9FD1D18AD076085A97E83A
binary
MD5: 654ce0eed91001229f783906cd61793d
SHA256: 2ebb7f88409df97acca863146f036804ca014b6797e8cd0741bc3729cd3c6b8c
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\DBA6C144CDF12B8383BF3EB442FFF1F46D1830D9
binary
MD5: 337a55466a5e81f1bd8dc0d82349d9c6
SHA256: d02eeaab9721b2856b6022dd10746ce94115a81b0826060da772dbdb26b556ac
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite-shm
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite-wal
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\1679BAFAC3320D825C847A54A5D26F9F406CC0AA
binary
MD5: 1d7a850ea490735b7de14bde5847d27b
SHA256: b3da311577ca3f9ffa57a7f04859027413478c7f2c8f01374084dca94c50ef47
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\014BBCBADEDBA05A6451621BAD3823C4598AA9E7
htm
MD5: 5a6bddfc0f7df95d1abeaa3b30d60706
SHA256: a7b725e3dbfa858fdc098faf0f6ab1e319b5307ecf68a7765c3c81a1f1186dd1
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\B2AFECE0B09D776F87D7F85E445EE0C09256AFB3
image
MD5: c6a28e251744fcfbe088f625ff09574f
SHA256: 14851b50290c00787002e25f9f933fde9a9feb4e85d590a89cdb4749fc89b43f
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\47006F36DB4C420F429024891CCE94A8EA841B94
htm
MD5: abe7540839400130834c9dbc4ad2fda6
SHA256: a2b4439576a74381aff6b38f731fd4abbfa9827d7a253a55cdc3da69e7b18ce9
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\28BD1E736636595E2BE85F555E200A0212D2B4DE
image
MD5: 4b9baf4bf062038bd949828bc810ae5a
SHA256: 508f09ecb4ae87a94a5db4020539f52bcbcb31d73e442ec8262ec0e78e370a23
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\default\about+newtab\idb\3312185054sbndi_pspte.sqlite
sqlite
MD5: 4df622a7a2e366b779a77990cd7d5683
SHA256: c04e1c0f3f3934eeede7e6797bcdc87eefce775b2fa7e0033d2a19bd41e83db6
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\default\about+newtab\idb\3312185054sbndi_pspte.sqlite-wal
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\default\about+newtab\idb\3312185054sbndi_pspte.sqlite-shm
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\doomed\30213
binary
MD5: eca37d39d4223aaed45ed5a7eecbb249
SHA256: 2cbab5c1fc0b04ac0270dfb3e00789c9969006b3eb17a01fa025ccca21c1b1f1
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\231111011D00929FFA9FD1D18AD076085A97E83A
binary
MD5: b9d5e43ea13926700ef40aa23f20e8b1
SHA256: 88a0e1422c22a7389c97e6faaf9a7511af300920269d4779820b7e8aefd3cc27
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\5F1D4E206A066C33429804E8E68B1C04A194A4E6
binary
MD5: d004e784d05084ff9b38155fe2de8f6d
SHA256: d3d2dd5f4968e65126d56c1291e19f775a655cefe5dc4eca43339892d349c715
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: b9d6649a2c26a82b09587242f44b9ebc
SHA256: c0f1e1e3816d943085c3c2fe185eec8606e6c30b7aa176ee20d1d46b03cf2963
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\75A419ECC30883A6BEDBAF499E7C371BB1879535
binary
MD5: 94c5f652d1391cb3b2a4de943862c151
SHA256: 7256d8eb134bda2c84944dd042d758298472dafae2f4899a3ac075f86d347b09
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\E325B486B777C14C29762600D998974140F8FD34
binary
MD5: 1895eba7a4f1c0184f01edc37ca7cacb
SHA256: ec22944103c81c3aafb48c2532a1e884d56bec0a3bcbd5578983368f9f88bef1
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\doomed\7278
binary
MD5: 11fecba10258bc63327e50cd0b0554ed
SHA256: e8b73732c6994c04e77abe4841df7d64e917c62fe65ff638b681aa9c4f191d55
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\default\about+newtab\idb\3312185054sbndi_pspte.files\3
sz
MD5: c29e943cb5c5e456f96fee0d49aeb521
SHA256: 409717f04e3f1f68aeeeccc97e20a03148104ce3ee781db422f0569ba7047f00
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\FB3F0178CDEDE2CA610BE416EEF1AE9EE9E689C0
binary
MD5: dc02d2468e13a2323eb069ee84413aaa
SHA256: 233051a7bc2633cbb2a171e2e93b87fe8c1aa5ae2cadeb96b2807d360a3c0ed2
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.jsonlz4
jsonlz4
MD5: 40cb5ee782d1ea9c1995b771b916ed03
SHA256: c7da39dda6d8d86331b4ad1877474f7489b872f3c270a929a79ed3e87c039010
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.baklz4
jsonlz4
MD5: b9810a016ada307cb42bcab2a2f9cb18
SHA256: 20c3aa16ae3fce84d5d3ff815b385b9dbe0d23da0cc17838c619ee82bf03be3d
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 7aa082a594c1c9bb67c7ea45bc9af4e0
SHA256: 4e69cc1ebc24d993925eee77d96b2195b9bce926abe8082eee598802dec92cae
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\E325B486B777C14C29762600D998974140F8FD34
binary
MD5: 11fecba10258bc63327e50cd0b0554ed
SHA256: e8b73732c6994c04e77abe4841df7d64e917c62fe65ff638b681aa9c4f191d55
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\B9DE6333A4629C6168C0883FE7C762D92B418881
der
MD5: 8648ff0ee167732a5b26534ddff9a68c
SHA256: 2699b9f730ee277f2fbc08ff6ceee945ed1b4d0361671a20139787a6dc953f66
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\default\about+newtab\idb\3312185054sbndi_pspte.files\2
sz
MD5: c29e943cb5c5e456f96fee0d49aeb521
SHA256: 409717f04e3f1f68aeeeccc97e20a03148104ce3ee781db422f0569ba7047f00
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 0c41335726613cf3fb90203cfcc58685
SHA256: 793d848e5a51e69419b8394bbec62eb9243b90961da31722ec941253f9e8630f
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\default\about+newtab\idb\3312185054sbndi_pspte.sqlite-shm
binary
MD5: b7c14ec6110fa820ca6b65f5aec85911
SHA256: fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\jumpListCache\FyIfWsxToJ7C+3NcbZgKmw==.ico
image
MD5: 012111c480290d97c36079a025c7e272
SHA256: 840d34f7508683fda7ab7de97cfd5acafe847bb34b7a1f754a6bbe99b5b7a39f
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\jumpListCache\pV+3TL7Nu3EP5juvr_gPjg==.ico
image
MD5: 847cf8580806fda649b20afc264f4736
SHA256: 0697b6004d8408ab86ccee76bb59eb07a9012e6f3e7adbc01f6e390f5c9b8836
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
binary
MD5: 1a9dba11ce74b411f8c98d5e9b8b4679
SHA256: 6feb1de8dc2672ba84103616cbbb000e4463afb1985bff5b57ccd8c12f271cbd
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms~RF1b7490.TMP
binary
MD5: 1a9dba11ce74b411f8c98d5e9b8b4679
SHA256: 6feb1de8dc2672ba84103616cbbb000e4463afb1985bff5b57ccd8c12f271cbd
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\TQYA0SA6J67I6RVX0XT5.temp
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: f863477ffa93edbdf6f86ecb10f31b5d
SHA256: 84bbd051c2510703b2efa6411373e663556f28507cf277ac03be1c98d51f9f81
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\E00016DECAD546E2DFD19CA71550A5CD7A0C0906
der
MD5: 02cba30f3a23bc02f771c619dfae61f9
SHA256: d12383e06965951b0ad98edd6d1259e90edbc1f2a9ec90a200aa5aa30f449630
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\startupCache.4.little
compressed
MD5: 93332785fbebab9ebf27cefd91f7eadd
SHA256: e057e8d2da860632294ec18a3c450658eaf86601b2fc53ee2e41d333a90f7845
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.baklz4
jsonlz4
MD5: eac63a43918bb753ea5ea0de900ec739
SHA256: f0a3c12eb0865d642fa4c887815953643299a4f5ae18c79e273a14ce0f9eccf8
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.jsonlz4
jsonlz4
MD5: b9810a016ada307cb42bcab2a2f9cb18
SHA256: 20c3aa16ae3fce84d5d3ff815b385b9dbe0d23da0cc17838c619ee82bf03be3d
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\1941C634934B0B61A0CD6917C8B3B7FC8AEB3731
image
MD5: eb42ddf894252a6c29ca151a71060110
SHA256: ca13a828985504e4fa94ff26fd46f05b81c9a9f52960ffec15b7c52b1a46e955
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\1941C634934B0B61A0CD6917C8B3B7FC8AEB3731
image
MD5: 808eef3fd937894048c8ad68768bc8d1
SHA256: 347a40330f6ca25846a34191d0f972c919ff97846986bd8678e6d5f8c9270ce3
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\datareporting\aborted-session-ping
text
MD5: 87247161b6d77604a2baca44de4c4949
SHA256: 6266d188bb24d06a5565293316f6013c4f5eaca57e7672731487664d98b6affe
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\datareporting\aborted-session-ping.tmp
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\datareporting\session-state.json
text
MD5: 3f48128d02ab8c018d60a4f610b01633
SHA256: 729c8488798f70c1139c2f0b1042a3842218aab0daaee87005cd25a6cc17dc2c
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\datareporting\session-state.json.tmp
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\crashes\store.json.mozlz4
jsonlz4
MD5: a6338865eb252d0ef8fcf11fa9af3f0d
SHA256: 078648c042b9b08483ce246b7f01371072541a2e90d1beb0c8009a6118cbd965
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\crashes\store.json.mozlz4.tmp
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.jsonlz4
jsonlz4
MD5: eac63a43918bb753ea5ea0de900ec739
SHA256: f0a3c12eb0865d642fa4c887815953643299a4f5ae18c79e273a14ce0f9eccf8
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.baklz4
jsonlz4
MD5: 1d27639104b306356ec83c99bf24d9f2
SHA256: 678ed17b86ac177297100f076396ea09dc63f8f8afcd58762c0c123235781d02
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\cert9.db
sqlite
MD5: 95edf846eb0d3e44c43e8723f1f8d511
SHA256: 5783b7b065c0f06857318d61dd171a478ab7fd32a181079a4554da639a4a8f35
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\cert9.db-journal
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\1941C634934B0B61A0CD6917C8B3B7FC8AEB3731
binary
MD5: 929b4ddd9f40b8984d0a8734a4eab0b1
SHA256: 4189316e56c758ddba771f25d4554f99e7a1e37b2795b8906eaf49b2f4a7149e
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\3B9B78B6EF7164DD9CB6E9A4F73983F427DD4576
vc
MD5: 82ad2678b5e2ff3b9068da89af5028c8
SHA256: fc15de360625233f80b87b384caa054d0be66d6992aaa8f5056f224754d27649
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: a345d39100f0b33a55c6bf8361355a72
SHA256: 517d430facdf821ea590c2f64f2911ffe12b3c20dc24c7a6518d81daf4e8a97a
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: d310976f50a9e8af7a4c37498f2bff76
SHA256: fc5041094ceb4b3193eb192e8301271892c5d19b807d1d4fc883ed837e8805da
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\xulstore.json
text
MD5: 120b885c3becc77ebf6b7d377e5e867c
SHA256: cd256c79351140a6e27ef0373e120f245d07b189130ebf40baf4d3859897780d
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\xulstore.json.tmp
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 3e5a0cadec69ac13a7aa26fd2d95a3ac
SHA256: 68d1da6d8d4c66142203e00ccfc75f3cb3cf7dd25c6e782112023e463ed4bf9a
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.jsonlz4
jsonlz4
MD5: 1d27639104b306356ec83c99bf24d9f2
SHA256: 678ed17b86ac177297100f076396ea09dc63f8f8afcd58762c0c123235781d02
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.baklz4
jsonlz4
MD5: 92415ae32c1d7f6be2b568484ceb8568
SHA256: 76314ed7f6506af558b5e45290e7ffde98bbfbf01f0aec869854b99e9199d168
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-backup
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozstd-trackwhite-digest256.pset
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozstd-trackwhite-digest256-1.sbstore
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozstd-trackwhite-digest256.sbstore
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\base-track-digest256-1.sbstore
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.pset
binary
MD5: 5dbd5ec1eb0b4f1764c593c0fb8f6282
SHA256: be316247d848346eb03a80880c690622e52109ff3a1e6c4f0cdd92234b67336e
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.metadata
binary
MD5: da579822b8f1208c2ad8588e1bf3cbb8
SHA256: f59205f38b83d3525404994d9f454d3fde8a2cd51618140684c34123a075b757
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-phish-proto.metadata
binary
MD5: 75afd9cd3c26a18ce124c8f0d7540896
SHA256: 85a7c816255f57b6d23cc40708950392270a14b59c54457f0286ff871e2ff454
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-phish-proto.pset
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto.pset
binary
MD5: cf8f37368ac11850f2cee876dff7dc09
SHA256: 19f093947b9f960bddd59f444230461f37750d82fd42f05e4157036ddb9db69d
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto.metadata
binary
MD5: c1d2ee24e3bd38616660c10086d80266
SHA256: 0a71621476d4a3dd93115bf4ed701912d744a8ab0c034a698dbf2a3ad166fb78
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-downloadwhite-proto.metadata
binary
MD5: 3c03dc59cb438b71b5836a62801f9890
SHA256: 19b8901ed887651baabbcd52af2826b6a4e33370fd1b6c823841c47940ca4891
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-downloadwhite-proto.pset
binary
MD5: ebc0e27ffbae07b37bace7eaf3f8fc5f
SHA256: aaaedcfa78c18514cc81761538fc5c70856734000e7c9579e926bdba60f87a19
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto.pset
binary
MD5: c0f9ec932a8e9fdd91333ab0df06e02d
SHA256: 6429e5f7ab693c594000e57a0b457483e7e2d46b9545d931659bc04ca73419e9
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto.metadata
binary
MD5: 418812805a5e66f295cf4036005035cf
SHA256: 24226a9785d9479c769e4164f6a396d709d8dc1c22f36b7c0c03a0f9dc34664c
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\base-track-digest256.sbstore
binary
MD5: 2d8a52149d4a48b28a7816cc969323a6
SHA256: d48434db83ec8f74c3d23d97ab98567446c531ea66d25bb59fd92b839ccf27cb
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\doomed\759
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\B1457D5ACB32310E701B51B31D0DDA2C49B22191
der
MD5: d2009e7a34728b249cd8200bf21f5b3e
SHA256: bbacf50093aed38c892fc1b0824b2d8302da52d37ceae628b67ad31b585f998e
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: f479857076fc34ecddcce46f38805b7a
SHA256: 6cbfc1b24f76f737fcc8d051d5006f2d9c2934aed4f1b7a14b1a51b7ac8b7606
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-downloadwhite-proto.pset
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-downloadwhite-proto.metadata
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto.metadata
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto.pset
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.metadata
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.pset
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\shield-recipe-client.json
text
MD5: 9d15e9a4cc1724f9352a1f9f72ab51b6
SHA256: c9dd66510075a03ab0d5a4dbad1deb938fc4a420bc3a2dd8b83995097a3d0d35
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto.pset
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-phish-proto.metadata
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\3B9B78B6EF7164DD9CB6E9A4F73983F427DD4576
binary
MD5: 64216633dbae99af1853b9d50571042b
SHA256: 266877b9c49299add6cf41e70ce955b064bee1041b14c2682655bb8b65967ecb
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\161ADB6D7A1A209657D8EF042F382FAC128255CC
binary
MD5: 71e05bd83d0928743b384c7781aa7c38
SHA256: 5e5ce4d31bd3044e85eeef0989188352efa17113b36aa6209e03a607b2cb9a15
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-unwanted-simple.sbstore
binary
MD5: a5695cc64d77967232b0c1344c6e72b3
SHA256: 042a22b8681d754671d2018ba109b31a53ee3728d48c6379043f8e3394e7fbad
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-track-simple.sbstore
binary
MD5: 95f28ede25c301301f25fbbd9a3c56ec
SHA256: 87763df78772f7d750b0fa5a31eec23e931fd3bd1cbb33beddfc61889da36478
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-trackwhite-simple.sbstore
binary
MD5: 65e942614eee70680464ac4be75019fc
SHA256: 34395085da32c8b4efe9959e3b0d756b43ffed17694d66f39b966cd331bd9a94
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-unwanted-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-trackwhite-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-track-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-malware-simple.sbstore
binary
MD5: 3675254e341df799d4307c1f59109185
SHA256: 23d108134bed6099793f7dd6b8b6e62081ec3b945efdbc7c5e0e779fd9b82f98
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-harmful-simple.sbstore
binary
MD5: 051fb32dece757ba112ac36dc72e3a91
SHA256: 0806d98fb3de55f75d7c0b17e26146567e08c483031526659a4a35d09b97ef19
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-phish-simple.sbstore
binary
MD5: 3d1ce5e50208f0cb3b979186043a548f
SHA256: 1e13d05d482c3d533dc6035af2b2d6e84749412a5748d1435b70cec8b312340b
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-malware-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-harmful-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-phish-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozstd-trackwhite-digest256.sbstore
binary
MD5: bdaa2a3b4259ebf8dd87e5769b1bf3f4
SHA256: 8408968dae85e51ea6b0ca7123b0ddfd7425d3013ba311bb1cbe135fff0e5bda
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozplugin-block-digest256.sbstore
binary
MD5: d6acf2573e12afdd7939568804d3fcc1
SHA256: 5525cbf8f8dc41d19ac632ed324e55293a510ae0eeba16d0e3f33c707aa58a0c
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozstd-trackwhite-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-block-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-block-simple.sbstore
binary
MD5: e2cf527ca7550b7e7bdf7311e483a2c3
SHA256: f1e07b1d717433f47073dc54a7d98e3e87b3d0fa88e53466f93ea544af885d11
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.pset
binary
MD5: 956da9703243b882baee1b320e9fb606
SHA256: 45a7cfeb7304cedc0fff05247d16ea745384603e46ca63ffcb2f2603d27f26eb
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.metadata
binary
MD5: c834f081a427580ca4661f1646d92b93
SHA256: e3672be937c311b3e6a2a825f4aa0b3d7bb67f93a336874ef00a185866be1b13
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-phish-proto.pset
binary
MD5: cd6e12988fe9f72fe4a2a529c9eb2a6d
SHA256: 835da593f7efc223e291af8eb16b99c3a1bad5a9e89f22e696ada202fb2029d4
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozplugin-block-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto.pset
binary
MD5: be469e82d40529c40a46fe86c3e69d03
SHA256: fb21601b552cd7d9cbb8940912d2fcab1d19707b1d5b9ab0fd0199f89a64fafd
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto.pset
binary
MD5: b2a6475baaaefda29e3f21b2e51ec23e
SHA256: 2a03b353e4e8412bcf98976ae589b6af24f12ea5802252394e6345200dd0f5b2
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-downloadwhite-proto.pset
binary
MD5: 16c5aee35e9d1fd0e735cfbef142be20
SHA256: 00dce01845d833eff11f38b41499714ee6d3d1b343473c2686dc830cf5297fbe
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-phish-proto.metadata
binary
MD5: 09fbbf39cf99ab9c36514819b05bdbfe
SHA256: 6c2f4152ec6fe51c16b83cc39388f3f8179f592f24afcd9584760ef09a0fb496
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto.metadata
binary
MD5: ad03bc546b37ef44db3cfa1e00c2ea47
SHA256: 2fca11241229fd4c5948f4c25657a9bcdcdff44237d0d0450b01ed6496c769eb
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-downloadwhite-proto.metadata
binary
MD5: 578f74adf6e96eef17ba8ab4d5738408
SHA256: e9780c16075e62e66cf47594262edb17da9b3c6a1dad555a5fd1c91969c81621
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto.metadata
binary
MD5: bb9d8f55e9156fa6ffefa41d2102d400
SHA256: fb97e6aaffb325fa27434d746372d9ecf549e59c2b0476b3da39b42435ab6d6a
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashsubdoc-digest256.sbstore
binary
MD5: ba0009932844173bc8f9af264229df24
SHA256: 66d1c00c04d86e313e9a02775cdf906b1be8d4cd6bef423a1b9e21cc4e9f50c1
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashallow-digest256.sbstore
binary
MD5: 6f85bc4b2ecb49e26b0bd83a821065d0
SHA256: c0b3bc9b3dc507ab654caf72d13c3aefa58c9b13b1e4d14dd8816712d80a7e54
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flash-digest256.sbstore
binary
MD5: c921d8e98fa01b4f303481e112202e92
SHA256: 4ef1038730ec8bc7206713c29a936768831b922c5e6c83355fd62d7401d8c1dc
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashsubdoc-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flash-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashallow-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flashsubdoc-digest256.sbstore
binary
MD5: 04824a1f92353f43ebb9e7f74b7476fd
SHA256: b48e58ebab82e4c376f16150a3fff850c1111ff1f5985d68819cfd6f0db159d2
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flashsubdoc-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\base-track-digest256.sbstore
binary
MD5: cd82f4495eafe523b9b6b938c828611b
SHA256: 576a0d2c3ad8d66bb202439b18f9fd563f92d9ddd9582a3c4cce0ecafd4f0908
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\allow-flashallow-digest256.sbstore
binary
MD5: d886a47c89d9c49c795da345bc236990
SHA256: a03c5e2656d2f292bf5794c8eeb8d223cd6ba4f4bfb2ed1f325460e879d0bcf7
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\base-track-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flash-digest256.sbstore
binary
MD5: 0e8fe60ccd7e9b4c32589a5743a95302
SHA256: 2b124d4026850a3cffd28dbacb58aec28f7dcd4d40bc14e52bbe96d60ce4e749
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flash-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\allow-flashallow-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\permissions.sqlite-journal
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\2A75FAF7349059F7E4075536BF08DEB1BF915796
htm
MD5: edac040070b53cf1e1aa458abb7d264f
SHA256: 77a67b117920c0eb0535856fe8b592a5728ac190667417c4f87579f4b88d861f
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\014BBCBADEDBA05A6451621BAD3823C4598AA9E7
htm
MD5: f96a164f2d24e02701346b37e715e0fa
SHA256: 42acb2fef87eb1097c86c3a2417420e4cf5150effd6b2f15c0e1bd743e4ac9ce
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\47006F36DB4C420F429024891CCE94A8EA841B94
htm
MD5: e67917f38b1fc6b94e1bbb5453576a04
SHA256: 660185b1c169dc747fc26eee7d0fc6dde612802725b5db192a1fc0998168609d
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\161ADB6D7A1A209657D8EF042F382FAC128255CC
binary
MD5: ccc379bf329b4cf8d94da7ffeece4133
SHA256: 9564ca32ce1561b76ac4b2c9548722ec19b27fc53713c8e53813d82195a4a0e5
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\2918063365piupsah.sqlite-shm
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1451318868ntouromlalnodry--epcr.sqlite-wal
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache-child.bin
binary
MD5: d7f2d5d9c9061c4476fe3d633687b144
SHA256: 05b19d4ba0554357189291b438515ee956ef324d3bed349800c21cc2f5f5da30
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache-child-new.bin
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\urlCache.bin
binary
MD5: 1e9f9aa3f9e723de996ea9c387c77ddd
SHA256: a6c3ea8f09fb5a05a2e54f9e0dfd0f6b8988df6b7620486cb4e445d7890326c3
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache.bin
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache-new.bin
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\urlCache-new.bin
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.jsonlz4
jsonlz4
MD5: 92415ae32c1d7f6be2b568484ceb8568
SHA256: 76314ed7f6506af558b5e45290e7ffde98bbfbf01f0aec869854b99e9199d168
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\previous.jsonlz4
jsonlz4
MD5: e381f4a703d1e2f98bbd4060fbe31959
SHA256: 157141f9ba4e70b10098e61b24443e46d527b7e3a554971ab89a0c5ce6fb51f0
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\231111011D00929FFA9FD1D18AD076085A97E83A
binary
MD5: eca37d39d4223aaed45ed5a7eecbb249
SHA256: 2cbab5c1fc0b04ac0270dfb3e00789c9969006b3eb17a01fa025ccca21c1b1f1
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\DBA6C144CDF12B8383BF3EB442FFF1F46D1830D9
binary
MD5: aa6e9142bc87ee48f98d678009b2935c
SHA256: e6f57e7422f34037b39d50614b3a1b090dc30441bcaafa0051210d85834454cb
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\69095795520F614D35A366D8C2F9271DB5D03E6B
binary
MD5: a6da4d89f69686433cba31b7d0c147ef
SHA256: 576422ca1afb63ece8db514f9411de308e3ff8394c3ab51e8411cdfabca2d8ac
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\search.json.mozlz4
jsonlz4
MD5: 882345fc2349ea437d1ec52f6f057a1c
SHA256: bf4b68d57d74456bbadeaa5102040c60fdd2e3e54cacec47d135397d230e04ec
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\search.json.mozlz4.tmp
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\28BD1E736636595E2BE85F555E200A0212D2B4DE
image
MD5: 13d7e1133c2b5bb9735f53c79a25933e
SHA256: 1f8de657b664be52644696c3b24009de276a08144a66c5d78430a86be0ca5c01
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\55F3A8141B0F01292545EBF09A1E053D6C64205B
binary
MD5: 42ce20250bd5cd4b601e3e2815895054
SHA256: 31165ee621df00d026dcd716889c33e2e7bc6b3ba9502f2aa181f141c05a7375
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\33EEF5AEA000FE95EFF7A09335FB40EF5C561E24
binary
MD5: 65fbac64b788ef8f0ed339c8debc9f2f
SHA256: d19d29e71f2084d026223ffd71560ef5904208f0b8c7527f66c0604e6253d9a4
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\doomed\18549
binary
MD5: 2b47f318fdcfabf9b88818d1f266b6ca
SHA256: 552e9205f11d8bed37e6d3c068cd7393893cacae4f21d922e895fb26b3191a54
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\47006F36DB4C420F429024891CCE94A8EA841B94
htm
MD5: 2c31bf030b71b5b388612a0cee558149
SHA256: 5d4c81e49bd107d4d0f8f1328d1cb68176c632309a6775544e7af29bd688ef95
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\B2AFECE0B09D776F87D7F85E445EE0C09256AFB3
image
MD5: 06f0b3a2bb8a3e4f79c9fcfdeebdea1d
SHA256: b5c3dc5ee38d766b282fb08481c813ecaed98ce495728bc24a9a0054b27e78a3
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\014BBCBADEDBA05A6451621BAD3823C4598AA9E7
htm
MD5: cf3cda7d5dd88efa29289b6646a4b5b2
SHA256: e85790b27abb35f6339261d6e0aec3d7444bec2064a3c2789d855ff5bc736c35
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\186EB37C5A87ED308CB51901027DAFCE23F33018
der
MD5: 1f2f182c255bf41d65712330eaf5b25b
SHA256: 803772600fe60b38e9769b48eb2503f19d3c3dcf88b9149bfb6344071dc0b81e
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\A5218D61FE814BB18721027397A4D9E32B498699
der
MD5: d2aaebea7208c9d6f7af2765a57ffac8
SHA256: 6ff361ee2da71fde294df0ba1daaf2d860a0770f7553a608a043e9eeb147067b
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\231111011D00929FFA9FD1D18AD076085A97E83A
binary
MD5: cbf2e781ab89fec1810565fd2a099cb2
SHA256: 6e16f5fcd089e0c4b498ec5994438ebcaf3893da9f69496b43d21621d7298d58
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-block-simple.pset
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-block-simple.sbstore
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-block-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-trackwhite-simple.pset
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-trackwhite-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-trackwhite-simple.sbstore
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-track-simple.sbstore
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-track-simple.pset
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-track-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-unwanted-simple.sbstore
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-harmful-simple.sbstore
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-harmful-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-unwanted-simple.pset
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-harmful-simple.pset
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-phish-simple.sbstore
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-phish-simple.pset
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-unwanted-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-phish-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-malware-simple.pset
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-malware-simple.sbstore
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-malware-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozplugin-block-digest256.sbstore
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozplugin-block-digest256.pset
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashsubdoc-digest256.sbstore
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashallow-digest256.sbstore
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashsubdoc-digest256.pset
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashallow-digest256.pset
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flash-digest256.sbstore
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flash-digest256.pset
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flashsubdoc-digest256.sbstore
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flashsubdoc-digest256.pset
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flash-digest256.pset
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flash-digest256.sbstore
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\base-track-digest256.pset
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\base-track-digest256.sbstore
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\allow-flashallow-digest256.sbstore
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\allow-flashallow-digest256.pset
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 167d01b399afd278216820f3457af827
SHA256: 370aadcc0cf688839a65c232ee92c2f69b51ba17b0af158d496d95a7dd8ba20d
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite-shm
binary
MD5: b7c14ec6110fa820ca6b65f5aec85911
SHA256: fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionCheckpoints.json
text
MD5: c4ab2ee59ca41b6d6a6ea911f35bdc00
SHA256: 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionCheckpoints.json.tmp
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 9993ba2c5ab38e457611f6f2fc02b9a1
SHA256: 9c3a47e58f46fd240890b34c841c667b9f5e0b91050c9032b2cde4b03405bf08
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionCheckpoints.json
text
MD5: ea8b62857dfdbd3d0be7d7e4a954ec9a
SHA256: 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da
2844
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\cookies.sqlite-shm
––
MD5:  ––
SHA256:  ––
2844
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\urlCache-current.bin
binary
MD5: 707c12070c52e55c2a996ac15e219b95
SHA256: 6c5410c655c8efc48d123abe708c8940a4218072c0daf85e03ab45da6d2ce6b9

Find more information of the staic content and download it at the full report

Network activity

HTTP(S) requests
20
TCP/UDP connections
34
DNS requests
93
Threats
3

HTTP requests

PID Process Method HTTP Code IP URL CN Type Size Reputation
2844 firefox.exe GET 200 2.16.186.112:80 http://detectportal.firefox.com/success.txt unknown
text
whitelisted
2844 firefox.exe GET 302 110.164.58.67:80 http://www.acu.ac.th/acu_tuf/acu/pdfz.php?email=[email protected] TH
text
unknown
2844 firefox.exe POST 200 172.217.16.131:80 http://ocsp.pki.goog/GTSGIAG3 US
binary
der
whitelisted
2844 firefox.exe GET 200 62.240.36.58:80 http://cos.ly/pdfview/securedoc.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=[email protected]&.rand=13InboxLight.aspx?n=1774256418&fid=4 LY
html
malicious
2844 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
whitelisted
2844 firefox.exe GET 200 62.240.36.58:80 http://cos.ly/pdfview/securedoc_files/logo-adobe-pdf.jpg LY
image
malicious
2844 firefox.exe GET 200 62.240.36.58:80 http://cos.ly/pdfview/securedoc_files/jquery-1.4.4.min.js.download LY
html
malicious
2844 firefox.exe GET 200 62.240.36.58:80 http://cos.ly/pdfview/securedoc_files/icon-lock-circle.svg LY
image
malicious
2844 firefox.exe GET 200 62.240.36.58:80 http://cos.ly/pdfview/securedoc_files/jquery.h5validate.js.download LY
html
malicious
2844 firefox.exe POST 302 62.240.36.58:80 http://cos.ly/pdfview/proceed.php LY
text
––
––
malicious
2844 firefox.exe GET 200 62.240.36.58:80 http://cos.ly/pdfview/securedocwrongpass.php?email=[email protected] LY
text
html
malicious
2844 firefox.exe GET 404 62.240.36.58:80 http://cos.ly/favicon.ico LY
text
html
malicious
2844 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
whitelisted
2844 firefox.exe POST 302 62.240.36.58:80 http://cos.ly/pdfview/proceeds.php LY
text
––
––
malicious
2844 firefox.exe GET 200 2.16.186.112:80 http://detectportal.firefox.com/success.txt unknown
text
whitelisted
2844 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
whitelisted
2844 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
whitelisted
2844 firefox.exe GET 302 110.164.58.67:80 http://www.acu.ac.th/acu_tuf/acu/pdfz.php?email=[email protected] TH
text
unknown
2844 firefox.exe GET 200 62.240.36.58:80 http://cos.ly/pdfview/securedoc.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=[email protected]&.rand=13InboxLight.aspx?n=1774256418&fid=4 LY
html
malicious
2844 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
whitelisted

Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID Process IP ASN CN Reputation
2844 firefox.exe 2.16.186.112:80 Akamai International B.V. –– whitelisted
2844 firefox.exe 110.164.58.67:80 Triple T Internet/Triple T Broadband TH unknown
2844 firefox.exe 52.25.70.97:443 Amazon.com, Inc. US unknown
2844 firefox.exe 52.89.32.107:443 Amazon.com, Inc. US unknown
2844 firefox.exe 172.217.16.202:443 Google Inc. US whitelisted
2844 firefox.exe 172.217.16.131:80 Google Inc. US whitelisted
2844 firefox.exe 62.240.36.58:80 GPTC Autonomous System, Tripoli Libya LY malicious
2844 firefox.exe 93.184.220.29:80 MCI Communications Services, Inc. d/b/a Verizon Business US whitelisted
2844 firefox.exe 54.200.76.177:443 Amazon.com, Inc. US unknown
2844 firefox.exe 13.35.253.94:443 US unknown
2844 firefox.exe 104.111.215.61:443 Akamai International B.V. NL unknown
2844 firefox.exe 35.164.82.230:443 Amazon.com, Inc. US unknown
2844 firefox.exe 99.86.1.62:443 AT&T Services, Inc. US unknown
2844 firefox.exe 34.251.59.153:443 Amazon.com, Inc. IE unknown
2844 firefox.exe 52.41.78.152:443 Amazon.com, Inc. US unknown
2844 firefox.exe 52.89.179.237:443 Amazon.com, Inc. US unknown
2844 firefox.exe 13.35.253.23:443 US unknown
2844 firefox.exe 35.244.179.255:443 US unknown
2844 firefox.exe 13.35.253.27:443 US unknown

DNS requests

Domain IP Reputation
detectportal.firefox.com 2.16.186.112
2.16.186.50
whitelisted
a1089.dscd.akamai.net 2.16.186.50
2.16.186.112
whitelisted
www.acu.ac.th 110.164.58.67
unknown
tiles.services.mozilla.com 52.25.70.97
52.88.30.0
54.186.163.246
52.34.107.172
52.26.103.165
52.43.40.243
52.41.78.152
52.39.131.77
whitelisted
tiles.r53-2.services.mozilla.com 52.39.131.77
52.41.78.152
52.43.40.243
52.26.103.165
52.34.107.172
54.186.163.246
52.88.30.0
52.25.70.97
whitelisted
search.services.mozilla.com 52.89.32.107
52.27.184.151
34.216.89.123
whitelisted
search.r53-2.services.mozilla.com No response whitelisted
safebrowsing.googleapis.com 172.217.16.202
whitelisted
cos.ly 62.240.36.58
malicious
ocsp.pki.goog 172.217.16.131
whitelisted
pki-goog.l.google.com 172.217.16.131
whitelisted
ocsp.digicert.com 93.184.220.29
whitelisted
cs9.wac.phicdn.net 93.184.220.29
whitelisted
ondamerida.com.ve No response unknown
dns.msftncsi.com 131.107.255.255
whitelisted
shavar.services.mozilla.com 54.200.76.177
52.33.113.226
52.34.90.23
52.89.170.53
54.187.144.104
34.211.202.13
whitelisted
shavar.prod.mozaws.net 34.211.202.13
54.187.144.104
52.89.170.53
52.34.90.23
52.33.113.226
54.200.76.177
whitelisted
tracking-protection.cdn.mozilla.net 13.35.253.94
13.35.253.81
13.35.253.79
13.35.253.114
whitelisted
d1zkz3k4cclnv6.cloudfront.net No response whitelisted
i.pinimg.com 104.111.215.61
unknown
e6449.dsce2.akamaiedge.net 104.111.215.61
unknown
aus5.mozilla.org 35.164.82.230
35.163.20.157
34.218.159.169
52.37.35.5
52.43.79.30
54.148.138.18
54.149.111.157
54.186.118.41
whitelisted
balrog-aus5.r53-2.services.mozilla.com 54.186.118.41
54.149.111.157
54.148.138.18
52.43.79.30
52.37.35.5
34.218.159.169
35.163.20.157
35.164.82.230
whitelisted
www.youtube.com 172.217.21.206
216.58.205.238
172.217.22.14
172.217.18.174
172.217.23.142
216.58.206.14
216.58.207.46
216.58.207.78
172.217.16.174
172.217.16.142
172.217.22.46
172.217.22.78
172.217.22.110
216.58.210.14
172.217.18.110
whitelisted
www.facebook.com 31.13.90.36
whitelisted
star-mini.c10r.facebook.com 31.13.90.36
whitelisted
www.amazon.de 104.111.232.173
whitelisted
youtube-ui.l.google.com 172.217.18.110
216.58.210.14
172.217.22.110
172.217.22.78
172.217.22.46
172.217.16.142
172.217.16.174
216.58.207.78
216.58.207.46
216.58.206.14
172.217.23.142
172.217.18.174
172.217.22.14
216.58.205.238
172.217.21.206
whitelisted
www.ebay.de 23.211.3.10
unknown
e15317.ci.akamaiedge.net 104.111.232.173
whitelisted
e11847.g.akamaiedge.net 23.211.3.10
unknown
www.wikipedia.org 91.198.174.192
whitelisted
www.mozilla.org.cdn.cloudflare.net 104.16.40.2
104.16.41.2
whitelisted
www.mozilla.org 104.16.41.2
104.16.40.2
whitelisted
www.reddit.com 151.101.1.140
151.101.65.140
151.101.129.140
151.101.193.140
whitelisted
reddit.map.fastly.net 151.101.193.140
151.101.129.140
151.101.65.140
151.101.1.140
whitelisted
snippets.cdn.mozilla.net 99.86.1.62
whitelisted
drcwo519tnci7.cloudfront.net 99.86.1.62
whitelisted
location.services.mozilla.com 34.251.59.153
34.252.164.43
52.18.148.152
whitelisted
locprod1-elb-eu-west-1.prod.mozaws.net 52.18.148.152
34.252.164.43
34.251.59.153
whitelisted
incoming.telemetry.mozilla.org 52.89.179.237
34.217.184.213
52.26.72.3
52.34.167.99
52.34.248.21
52.36.71.24
52.38.149.111
35.167.70.180
whitelisted
pipeline-edge-prod-25-561439127.us-west-2.elb.amazonaws.com 35.167.70.180
52.38.149.111
52.36.71.24
52.34.248.21
52.34.167.99
52.26.72.3
34.217.184.213
52.89.179.237
shared
normandy.cdn.mozilla.net 13.35.253.23
13.35.253.50
13.35.253.85
13.35.253.87
whitelisted
d6wjo2hisqfy2.cloudfront.net 13.35.253.87
13.35.253.85
13.35.253.50
13.35.253.23
shared
classify-client.services.mozilla.com 35.244.179.255
whitelisted
prod.normandy.prod.cloudops.mozgcp.net 35.244.179.255
whitelisted
content-signature.cdn.mozilla.net 13.35.253.27
13.35.253.97
13.35.253.78
13.35.253.15
whitelisted
d12uj65dsn9ho1.cloudfront.net 13.35.253.15
13.35.253.78
13.35.253.97
13.35.253.27
whitelisted

Threats

PID Process Class Message
2844 firefox.exe A Network Trojan was detected MALWARE [PTsecurity] Adobe PDF Phishing Landing
2844 firefox.exe A Network Trojan was detected MALWARE [PTsecurity] Adobe PDF Phishing Landing

1 ETPRO signatures available at the full report

Debug output strings

No debug info.