General Info

URL

http://apps4464.boloufduj13.agency/0216651004/?u=1gnpae3&o=0lpkqzc&t=mw4m&f=1

Full analysis
https://app.any.run/tasks/a8697270-2007-4b76-9f9d-b72d91a547d1
Verdict
Malicious activity
Analysis date
7/11/2019, 21:20:28
OS:
Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Indicators:

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distored by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

Software environment set and analysis options

Launch configuration

Task duration
60 seconds
Additional time used
none
Fakenet option
off
Heavy Evaision option
off
MITM proxy
off
Route via Tor
off
Network geolocation
off
Privacy
Public submission
Autoconfirmation of UAC
on

Software preset

  • Internet Explorer 8.0.7601.17514
  • Adobe Acrobat Reader DC MUI (15.023.20070)
  • Adobe Flash Player 26 ActiveX (26.0.0.131)
  • Adobe Flash Player 26 NPAPI (26.0.0.131)
  • Adobe Flash Player 26 PPAPI (26.0.0.131)
  • Adobe Refresh Manager (1.8.0)
  • CCleaner (5.35)
  • FileZilla Client 3.36.0 (3.36.0)
  • Google Chrome (75.0.3770.100)
  • Google Update Helper (1.3.34.7)
  • Java 8 Update 92 (8.0.920.14)
  • Java Auto Updater (2.8.92.14)
  • Microsoft .NET Framework 4.7.2 (4.7.03062)
  • Microsoft Office Access MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Access Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Excel MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office OneNote MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Outlook MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office PowerPoint MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Professional 2010 (14.0.6029.1000)
  • Microsoft Office Proof (English) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (French) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (Spanish) 2010 (14.0.6029.1000)
  • Microsoft Office Proofing (English) 2010 (14.0.6029.1000)
  • Microsoft Office Publisher MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Single Image 2010 (14.0.6029.1000)
  • Microsoft Office Word MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (9.0.30729.6161)
  • Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (10.0.40219)
  • Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (12.0.30501.0)
  • Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.21.27702 (14.21.27702.2)
  • Microsoft Visual C++ 2019 X86 Additional Runtime - 14.21.27702 (14.21.27702)
  • Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.21.27702 (14.21.27702)
  • Mozilla Firefox 67.0.4 (x86 en-US) (67.0.4)
  • Notepad++ (32-bit x86) (7.5.1)
  • Opera 12.15 (12.15.1748)
  • Skype version 8.29 (8.29)
  • Update for Microsoft .NET Framework 4.7.2 (KB4087364) (1)
  • VLC media player (2.2.6)
  • WinRAR 5.60 (32-bit) (5.60.0)

Hotfixes

  • Client LanguagePack Package
  • Client Refresh LanguagePack Package
  • CodecPack Basic Package
  • Foundation Package
  • IE Troubleshooters Package
  • InternetExplorer Optional Package
  • KB2534111
  • KB2999226
  • KB4019990
  • KB976902
  • LocalPack AU Package
  • LocalPack CA Package
  • LocalPack GB Package
  • LocalPack US Package
  • LocalPack ZA Package
  • ProfessionalEdition
  • UltimateEdition

Behavior activities

MALICIOUS SUSPICIOUS INFO

No malicious indicators.

Executable content was dropped or overwritten
  • firefox.exe (PID: 3340)
Dropped object may contain Bitcoin addresses
  • firefox.exe (PID: 3340)
Reads CPU info
  • firefox.exe (PID: 3340)
Application launched itself
  • firefox.exe (PID: 3340)
Creates files in the user directory
  • firefox.exe (PID: 3340)

Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report

Screenshots

Processes

Total processes
38
Monitored processes
5
Malicious processes
0
Suspicious processes
0

Behavior graph

+
start firefox.exe firefox.exe no specs firefox.exe firefox.exe firefox.exe
Specs description
Program did not start
Integrity level elevation
Task сontains an error or was rebooted
Process has crashed
Task contains several apps running
Executable file was dropped
Debug information is available
Process was injected
Network attacks were detected
Application downloaded the executable file
Actions similar to stealing personal data
Behavior similar to exploiting the vulnerability
Inspected object has sucpicious PE structure
File is detected by antivirus software
CPU overrun
RAM overrun
Process starts the services
Process was added to the startup
Behavior similar to spam
Low-level access to the HDD
Probably Tor was used
System was rebooted
Connects to the network
Known threat

Process information

Click at the process to see the details.

PID
3340
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" http://apps4464.boloufduj13.agency/0216651004/?u=1gnpae3&o=0lpkqzc&t=mw4m&f=1
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
Parent process
––
User
admin
Integrity Level
MEDIUM
Version:
Company
Mozilla Corporation
Description
Firefox
Version
67.0.4
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\kbdus.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\psapi.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\wbem\wbemprox.dll
c:\windows\system32\wbemcomn.dll
c:\windows\system32\wship6.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\winsta.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\wbem\wbemsvc.dll
c:\windows\system32\wbem\fastprox.dll
c:\windows\system32\ntdsapi.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\mscms.dll
c:\windows\system32\wpc.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\samcli.dll
c:\windows\system32\samlib.dll
c:\windows\system32\netutils.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\audioses.dll
c:\windows\system32\d2d1.dll
c:\program files\google\update\1.3.34.11\npgoogleupdate3.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\wininet.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\iertutil.dll
c:\program files\mozilla firefox\softokn3.dll
c:\windows\system32\sspicli.dll
c:\program files\mozilla firefox\freebl3.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\rtutils.dll
c:\progra~1\mozill~1\nssckbi.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\explorerframe.dll
c:\windows\system32\duser.dll
c:\windows\system32\dui70.dll
c:\windows\system32\actxprxy.dll
c:\program files\adobe\acrobat reader dc\reader\acrord32.exe
c:\program files\mozilla firefox\mozavutil.dll
c:\program files\mozilla firefox\mozavcodec.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\mf.dll
c:\windows\system32\atl.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\dxva2.dll
c:\windows\system32\evr.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\msmpeg2adec.dll
c:\windows\system32\slc.dll
c:\windows\system32\msmpeg2vdec.dll
c:\windows\system32\sqmapi.dll
c:\windows\system32\bcrypt.dll

PID
2204
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3340.0.1780051164\727074752" -parentBuildID 20190619235627 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 3340 "\\.\pipe\gecko-crash-server-pipe.3340" 1156 gpu
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
No indicators
Parent process
firefox.exe
User
admin
Integrity Level
MEDIUM
Version:
Company
Mozilla Corporation
Description
Firefox
Version
67.0.4
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\mf.dll
c:\windows\system32\atl.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\dxva2.dll
c:\windows\system32\evr.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\wship6.dll
c:\windows\system32\wshqos.dll

PID
3464
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3340.3.229431990\1352599677" -childID 1 -isForBrowser -prefsHandle 1332 -prefMapHandle 1588 -prefsLen 1 -prefMapSize 188076 -parentBuildID 20190619235627 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 3340 "\\.\pipe\gecko-crash-server-pipe.3340" 1648 tab
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
Parent process
firefox.exe
User
admin
Integrity Level
LOW
Version:
Company
Mozilla Corporation
Description
Firefox
Version
67.0.4
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\kernel32.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\wship6.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\mscms.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\audioses.dll
c:\windows\system32\wpc.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\samcli.dll
c:\windows\system32\samlib.dll
c:\windows\system32\netutils.dll
c:\program files\mozilla firefox\softokn3.dll
c:\program files\mozilla firefox\freebl3.dll

PID
1716
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3340.13.932386161\1500555204" -childID 2 -isForBrowser -prefsHandle 2756 -prefMapHandle 2760 -prefsLen 5842 -prefMapSize 188076 -parentBuildID 20190619235627 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 3340 "\\.\pipe\gecko-crash-server-pipe.3340" 2768 tab
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
Parent process
firefox.exe
User
admin
Integrity Level
LOW
Version:
Company
Mozilla Corporation
Description
Firefox
Version
67.0.4
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\wship6.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\mscms.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\audioses.dll
c:\program files\mozilla firefox\softokn3.dll
c:\program files\mozilla firefox\freebl3.dll

PID
1908
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3340.20.1334819449\331668112" -childID 3 -isForBrowser -prefsHandle 3384 -prefMapHandle 3496 -prefsLen 6604 -prefMapSize 188076 -parentBuildID 20190619235627 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 3340 "\\.\pipe\gecko-crash-server-pipe.3340" 3508 tab
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
Parent process
firefox.exe
User
admin
Integrity Level
LOW
Version:
Company
Mozilla Corporation
Description
Firefox
Version
67.0.4
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\windows\system32\shell32.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\wship6.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\mscms.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\audioses.dll

Registry activity

Total events
640
Read events
637
Write events
3
Delete events
0

Modification events

PID
Process
Operation
Key
Name
Value
3340
firefox.exe
write
HKEY_CURRENT_USER\Software\Mozilla\Firefox\Launcher
C:\Program Files\Mozilla Firefox\firefox.exe|Browser
0000000000000000
3340
firefox.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings
ProxyEnable
0
3340
firefox.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
SavedLegacySettings
4600000077000000010000000000000000000000000000000000000000000000C0E333BBEAB1D301000000000000000000000000020000001700000000000000FE800000000000007D6CB050D9C573F70B000000000000006D00330032005C004D00530049004D004700330032002E0064006C000100000004AA400014AA4000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000C0A8016400000000000000000000000000000000000000000800000000000000805D3F00983740000008000002000000000000600000002060040000B8A94000020000008802000060040000B8A9400004000000F8010000B284000088B64000B84B400043003A000000000000000000000000000000000000000000

Files activity

Executable files
2
Suspicious files
67
Text files
23
Unknown types
50

Dropped files

PID
Process
Filename
Type
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-widevinecdm\4.10.1146.0\widevinecdm.dll
executable
MD5: 7f636be36a85d45a148b0fe13bd311a5
SHA256: 5566c2c4b1839386e1b951b13eeb7aaceb1fb52e9f1cfdbc345c5e4f7b6d9745
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-gmpopenh264\1.8.1\gmpopenh264.dll
executable
MD5: d23f706f2eacc190f2d4b75b041670d5
SHA256: ced08ce5bc45dbe505fa94b3a4268c0830ccda016a23c0acb16dd7268cfa7a65
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache-child.bin
binary
MD5: 4bfff7739b423bb39f3e6b5cec4d2e7e
SHA256: 6b1adc70a49ae1c4c611c8b2fae047b947980300c9a568a4310e6e476c66e879
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 2d2ab1efe90047b8361f664a5640ed39
SHA256: 7b91a325463bf503c64341c8c9f64a1de2f0f261d9cd19c2d414678204f8fea6
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs-1.js
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite-shm
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite-wal
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 6889d442d65752745094d65560d905d3
SHA256: 7afc7de3dd6cda335464cd070ef046f6927296f0cd0d6c7a7bc98035d3b1c618
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\43B6655E5F16BC2535236452C6E5FF7FB6F2BD90
binary
MD5: 22c445055080b09490441b13f74bb26c
SHA256: 2babe798d40ea197efbb4efd51dc6ef2b82d69f763e0a911152d5c69b8894d8a
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-widevinecdm\4.10.1146.0\widevinecdm.dll.sig
pi2
MD5: bba147013aa78944b2530f3e4acf231d
SHA256: 2347297ebdd087df38fad1acc207f625938ff575f0d7c0533c6c5572f042f6c9
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-widevinecdm\4.10.1146.0\widevinecdm.dll.lib
obj
MD5: 5a33e95804ea80f06f97453b1a163e27
SHA256: 33bb1b23908e20870aefd100fb10983753b3ffbb308c55316b7b9cb6c9f45a6a
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\crashes\store.json.mozlz4
jsonlz4
MD5: a6338865eb252d0ef8fcf11fa9af3f0d
SHA256: 078648c042b9b08483ce246b7f01371072541a2e90d1beb0c8009a6118cbd965
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-widevinecdm\4.10.1146.0\widevinecdm.dll.sig.tmp
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-widevinecdm\4.10.1146.0\widevinecdm.dll.lib.tmp
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-widevinecdm\4.10.1146.0\widevinecdm.dll.tmp
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-widevinecdm\4.10.1146.0\manifest.json
text
MD5: 6489d53ce5fbfd0eba9deceb95323c61
SHA256: 1a8ce8afcfddd04cfb3dd743b0bcde8d439d9f86a1fe262d2f99fe6876631fc7
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-widevinecdm\4.10.1146.0\LICENSE.txt
text
MD5: 49ddb419d96dceb9069018535fb2e2fc
SHA256: 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-widevinecdm\4.10.1146.0\manifest.json.tmp
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-widevinecdm\4.10.1146.0\LICENSE.txt.tmp
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Local\Temp\tmpaddon-af20a2
compressed
MD5: c787e9b06b44e979c9aff51c8da64b4e
SHA256: 7e8db6c2e3e62999814d198745067e04e7c61c1580d75cf73534712540df5d9e
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\B018E4648950EDAFCA5FC9FFDFF409C4A8A747B5
compressed
MD5: e732b79b86802bf6f583021eb02a6c56
SHA256: 73b98f2c9699e744e576df6cedc7b9c8edddc55e97a46fba787cb7742484ed15
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\broadcast-listeners.json
text
MD5: 2dc73147868905f43f1f25bb63242fa2
SHA256: 604ca57228f728bd5d025591817d5b75f084528c130329c2648faf5ab15e9a76
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\broadcast-listeners.json.tmp
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\260DB6247D3C6E42A9BB310EEF1E660A89E022AD
der
MD5: 3030c2546721c3cb5c3c5d1843c6c126
SHA256: bbaa221bf3ec9533fe4315bec7f1cd45bdbccd151a60d4a7557f4c1e7b28a9b8
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: afa203262e8d9e8be2dfb626d934c2ad
SHA256: 3b1be5a9b3a73e57957f3f64632f872c49c62a6ed7a24179ced343d5cfeee6ff
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\EEAEA8AB98877B6DD1B0F31F837915B7FD47F46F
cer
MD5: e1a7580725ab547cb17c0d68b436f009
SHA256: 030be3bc81c0e1529c4689f90a89eb08ec9291913d798019a59038289bf5501d
3340
firefox.exe
C:\Users\admin\AppData\Local\Temp\mz_etilqs_OrxckHMUtH2I1J6
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\D00A688072D5E651DFCBF1F615D0FF8CC68B8989
binary
MD5: e9f6cca04516fa603e93ae18b5faed9d
SHA256: 7d9413bb7594ddae4cdc201c26c63c28f202c09a559091a12c7408e0427a4faa
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 4cf2a21e7e9c52f98c039ea2738f43b9
SHA256: de2c1cfa4830b18ddb2f709cc84280d6712041e8439342d4b96bda433663e162
3340
firefox.exe
C:\Users\admin\AppData\Local\Temp\mz_etilqs_Kogzah7rILUwSig
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\1836CC1ECC545FA7B1A59C8B19A2E984D0122ED4
cer
MD5: 7c580e4b26837c472653a0d3daab9b35
SHA256: e766bd5833c03db8ef3a86e07c061650c871d6eec8a68e32fac11b50dcabb1d8
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\7B230AB1AF8D8511EACCCB69C1917AB2C031B2FC
binary
MD5: 08a3780de2b4074b959103e30f415865
SHA256: 4f8fd0d68d27ec4c11a53f15a6d965842528fabc2a29569cfc0fce96e82166fb
3340
firefox.exe
C:\Users\admin\AppData\Local\Temp\mz_etilqs_tRKLbsquHWiL4Vq
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Local\Temp\mz_etilqs_eOgh9cyvHJmYwPk
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Local\Temp\mz_etilqs_Rk3ymRPIFflVDxq
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 2333af60264d94594eb5335bd35f1de4
SHA256: 05848a58ca114b367179b4afd48a85eae29c3ad88e79970a91007cc784d0c717
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\broadcast-listeners.json
text
MD5: 72c95709e1a3b27919e13d28bbe8e8a2
SHA256: 9cf589357fceea2f37cd1a925e5d33fd517a44d22a16c357f7fb5d4d187034aa
3340
firefox.exe
C:\Users\admin\AppData\Local\Temp\mz_etilqs_R52exbakDq7N4cW
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\4CB8874972E99F951228B6A518C1A525EA1F880D
der
MD5: 932c2b905cd450c3c0cd7111c72e3b6e
SHA256: 69ddd4c1dec633baeda6628582e30498be47a64320656e0bf14fb7de8db48668
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\43B6655E5F16BC2535236452C6E5FF7FB6F2BD90
binary
MD5: fd3acb0b77b603816466eed269d9380e
SHA256: fabc3d5f1d5fa938b76a8350c578c99d1b8078b90c17a4bb12afbdfa13b8d010
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-backup
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozstd-trackwhite-digest256.sbstore
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozstd-trackwhite-digest256.pset
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozstd-trackwhite-digest256-1.sbstore
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3561288849sdhlie.sqlite-shm
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-gmpopenh264\1.8.1\gmpopenh264.info
text
MD5: 3d33cdc0b3d281e67dd52e14435dd04f
SHA256: f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-gmpopenh264\1.8.1\gmpopenh264.info.tmp
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-gmpopenh264\1.8.1\gmpopenh264.dll.tmp
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\base-track-digest256.pset
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\base-track-digest256.sbstore
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\base-track-digest256-1.sbstore
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: e5d8cc62c34cd5c4544ab555ebb10dd8
SHA256: 4742ac00d4f3bcca0ba54ba5b2990df0fd083cc6f82d4185e0b1beb6bc234f5d
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-unwanted-simple.pset
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-unwanted-simple.sbstore
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-trackwhite-simple.sbstore
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-trackwhite-simple.pset
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-track-simple.pset
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-track-simple.sbstore
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-phish-proto.pset
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\1836CC1ECC545FA7B1A59C8B19A2E984D0122ED4
cer
MD5: e4d39fa4083cbc57e339ed93b5f6476e
SHA256: c677b94db973d3136030300a438411dfd42f64ff38885e80c47a6b89aa46a10a
3340
firefox.exe
C:\Users\admin\AppData\Local\Temp\tmpaddon
compressed
MD5: 29ddfd36f79eaae39627110a00ff8370
SHA256: 600552de4de554364152ed426d02264e97d76ae1f33afb1d845a0d25e5e5ba33
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\30DA536D4A5D56FF0D85DAA6CA4D6E70F41C5F38
compressed
MD5: 8409f4c03c6acb48ef7183f23b08aac7
SHA256: 7aaa5d215d7fbd52d6b45d1c765c5b76b178ca021c9683366d6795e7303c3b9d
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\7065E2D8071545DFA0260E9A938F2BD08B66173D
binary
MD5: ff935b3a3f319fe3fa6e15c8735150d4
SHA256: 3640567f67cc0734e6d4b7c4c88df8e9dd314d7ddd9d94b9dce9fdaadaec4857
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\51AB9D7C1C4E6834E81388FE42FBF8B8520109E5
der
MD5: 3e6e727636f7eb867fc799b6f86cdb66
SHA256: 9bcc7b8dbf14de66d8ee8169cb259c16e11beca438d282e9f7df7f5bf098ac65
3340
firefox.exe
C:\Users\admin\AppData\Local\Temp\mz_etilqs_m04cyQzftzYOFQK
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Local\Temp\mz_etilqs_e8csi02FKiNIc6a
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 35a8ddef38eabc59a88824011bd99ae8
SHA256: 975ef306aab843580a316dd18c9288b0d4a9d8168dea6fb41625ed22aed21eb8
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite-wal
binary
MD5: 9a09b19aff8587b2562bb09ce09970f6
SHA256: d73f8c7d3b2ce41f731a4a2c21f936ef39804625a6442b2f3a401d87a9d9cab3
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite-shm
binary
MD5: 681afc8ec290f7adb24c5052b88b1ed8
SHA256: 3b1bf7c8e87992803e89d6696e1eb72fa4ea09a2f4e7886d39d3bf4817b3f25e
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\63F7196F1E4318A1FA7A06458EF78D342755EA2D
binary
MD5: 25859a7c3bd77f678e1ddfc7b1ad6df6
SHA256: e87877b2139123197e0cfa086598b7c0edf3cd111f47cc826d993ecaa1ea0fd7
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\1836CC1ECC545FA7B1A59C8B19A2E984D0122ED4
cer
MD5: b3fe2eb72a1cf2cee0de5e60f18fb345
SHA256: b9fb2819a3701ed47a3f8fd8f57ce4c585bc4cddfd29a59aced1e622b01b2e38
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\D17FDEA053F042E7C1F46E73FEFE25911325753D
binary
MD5: 638e3748dc7bb582c9e9f8379bab3131
SHA256: 2c831f63b61f34af10f0af04a393a7bd9422a110228352ab197c536fb916929a
3340
firefox.exe
C:\Users\admin\AppData\Local\Temp\mz_etilqs_LFh8guiCm8iIIGo
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\04E55B30B274BBCB2DDD23B3D92098BAD7C02F8C
cer
MD5: 30671c335024d159df46f084de0cda8e
SHA256: 6a93d7332d00828317afaceb87f725dea07868f612f8dd7590ba586322870bc0
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\D14E89E9C0B1611A544D1BF058490F1AB052C547
text
MD5: f0bf87520ccddaf13eb8813f4e2779c1
SHA256: 29c531a02cc0c1743306f4ffa23ad6f367ec277160ae7d1b4b93471dab8b8ea4
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\047745119DF4E93F08EE2D0A67F61B5D61E0894F
der
MD5: 724aa1d26dbc7b1730cacfdb4f9524ee
SHA256: 630c7ef188c6a43042169ddf7c9fe6f603c68aa80d8df6d18778bc51483f73db
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 5b58acee57fb7dfeb8d01e133d436028
SHA256: 92c7e00732323900e00936a14949f29a11a6ad16e35b15c2363b8b5ce74bfa73
3340
firefox.exe
C:\Users\admin\AppData\Local\Temp\mz_etilqs_eH1cKG5bgzEJv6n
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\1836CC1ECC545FA7B1A59C8B19A2E984D0122ED4
cer
MD5: 91725fa8ac157a99b177499550a310f3
SHA256: c916735cf9aa9eb7064cc0096a3dfbdb4c510b94a43d674e20ca8ea0752c03ed
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\5618649FF649547EADA90BBCB501703A456D3C2F
binary
MD5: 10a0a35223278c3814f124ce2434b351
SHA256: bfb9d75cc800a0ac0a0c98f1527e25e189b83a3b42b7945c6c3dc8cad5478534
3340
firefox.exe
C:\Users\admin\AppData\Local\Temp\mz_etilqs_X9z0fyY1ZA8xJt0
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 16a0c2da6adfe2c6c461b293e4ed5462
SHA256: 431571a65635671774d55280388b2bdb113c6a80206cf3bf6315861caca49f3e
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\2B8FB3A7C1E8990CE64886D66718692D2B2ED2BC
binary
MD5: 7f1bff45991c403b64da2086e34eadd9
SHA256: ba500237624ccb388700227d2f2b0a90c53d2079a395d68ec0d1d968e88e06b5
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.jsonlz4
jsonlz4
MD5: 0ae1fb97eddbe02b68d2a38cb7c2496a
SHA256: 37d5a2fd551d3838a819f88bbc85f42ff6034d9cf65d8f4d26aacc9b15799bb2
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.baklz4
jsonlz4
MD5: 37755f42448c35f1d1eeb3750edd5609
SHA256: 692a7fc474ffde7876098974d86a17beaf9a49dbe5ebd52ce01f2c19ca429939
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.jsonlz4.tmp
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite
sqlite
MD5: 8a95f96696a17bdecef8558c7903f337
SHA256: 421df2b7387d27da335ae370b83d26555bf51363943397c7c6a976282fc10d29
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\2918063365piupsah.sqlite-shm
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite-wal
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite-shm
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\9C0AD83E2F79919AAFB9EFCF1EAD02479C52F4DE
binary
MD5: 89c05b633c7116889c94f86c4d06c1e5
SHA256: 185869b5f9a2c27f4b1fd88bb63a269034dfe00b4872939c70fe3fa8294d8d79
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\doomed\5839
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1451318868ntouromlalnodry--epcr.sqlite-shm
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache-current.bin
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\urlCache.bin
binary
MD5: 06bf7bc2ab42c44b54ac6a2f77c58200
SHA256: 8b665a7ffd6f385ed733732c1abe6eb8171d4f63390ca7bd71e9d3d055ce53d0
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache-child-new.bin
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache.bin
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache-new.bin
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\urlCache-new.bin
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\default\moz-extension+++a35bff6e-5489-4e10-95ce-0340b402ad38^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
sqlite
MD5: 08a9a2c32f5c196ec62112d1335d5b78
SHA256: 512eb5377fab71411a692e30d613d5a973dfa926f4a14a96a22049fcd7a736af
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\default\moz-extension+++a35bff6e-5489-4e10-95ce-0340b402ad38^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite-wal
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\default\moz-extension+++a35bff6e-5489-4e10-95ce-0340b402ad38^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite-shm
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\permissions.sqlite-journal
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: cecf1ce6a0387930d775fbc152c39068
SHA256: 2994c93c77b3000fe58c8210893c9bb570f6da785447cd2024c65151835eab34
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\default\moz-extension+++a35bff6e-5489-4e10-95ce-0340b402ad38^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
sqlite
MD5: 229003db68c14802e7b438ec4ed7fb3c
SHA256: 1e15a1a81deec76f7376248cde5722083980749efa4810939bbe6074de242f37
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\default\moz-extension+++a35bff6e-5489-4e10-95ce-0340b402ad38^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite-wal
binary
MD5: a8f0f667d781328d3eb67821a7c02b81
SHA256: dce915346462fe603122aacca9fdb6c28feb738f8725efbb8364194ad75c1912
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\default\moz-extension+++a35bff6e-5489-4e10-95ce-0340b402ad38^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite-shm
binary
MD5: 21bab11c92d0b8028494a644302cefed
SHA256: a53836f5694a4f8846d9872adf1fc7c0ab5088a1a238a47ce3fa43aeb4c7905b
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\default\moz-extension+++a35bff6e-5489-4e10-95ce-0340b402ad38^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite-journal
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\default\moz-extension+++a35bff6e-5489-4e10-95ce-0340b402ad38^userContextId=4294967295\.metadata-v2
binary
MD5: e87693720457ffdfe33855045e40f39a
SHA256: 468fed221355338f43961216bfbbc67d511c9c7d95da5dc089d98c7a859b2462
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\default\moz-extension+++a35bff6e-5489-4e10-95ce-0340b402ad38^userContextId=4294967295\.metadata
binary
MD5: 4c3a7352e820209171240729415ed9ff
SHA256: 22eb3c47dea95733bb5cc249cad4ea83c7a89f2bd8b13889349d37a650cda2e4
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\default\moz-extension+++a35bff6e-5489-4e10-95ce-0340b402ad38^userContextId=4294967295\.metadata-v2-tmp
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\default\moz-extension+++a35bff6e-5489-4e10-95ce-0340b402ad38^userContextId=4294967295\.metadata-tmp
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\9C0AD83E2F79919AAFB9EFCF1EAD02479C52F4DE
binary
MD5: a09d3e5626e534df43dd2a448f77a4fb
SHA256: 2ea241371eef84eb385071f78b87605c2dca01255a04816da9d161887a620c99
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\4067DAF0AE5B033E92B6F2B562349F78FAC48EBD
binary
MD5: cc35a701fa5e1ed83dc5fbc3c1db9403
SHA256: ac4d7bd68a49527d2ec542d124ee6c9e6119f52eafd6f7b4f8bc156b42f2f996
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\2A3F5C7E98D9A7283127225200FD7CE894E3B56B
binary
MD5: 6ff9a634e289d1d9512e291741b1cdaa
SHA256: fc879c17f69ef94b1dc9556197cad39e672241aa3f71c2bcf8ee11ad4b30177a
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.jsonlz4
jsonlz4
MD5: 37755f42448c35f1d1eeb3750edd5609
SHA256: 692a7fc474ffde7876098974d86a17beaf9a49dbe5ebd52ce01f2c19ca429939
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\previous.jsonlz4
jsonlz4
MD5: d282be26272e1e2a33d64d5be0e55f51
SHA256: 8e09de9b62723612ca98aca7137289dd00e19fa0d3a81a167341cc8020e310d1
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\addonStartup.json.lz4
jsonlz4
MD5: 351583f788997971d6d0e40152cefd23
SHA256: fa70ea6714bd13f2e974400187afcd659c62a52712444e8f32e48320ea47d3a7
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\addonStartup.json.lz4.tmp
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 27cbd3d78ea1ad404e448405583b0819
SHA256: 2ae20d6ee59149d1be81d1032c1a34a5364a4c1cc4e3c16ac17b1ab7f2ecbde0
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\907789B2A17839A03D66C344C3DE30C69E9FC1D2
binary
MD5: 371097d4be8c99c6d94fbdca59ffedf7
SHA256: d9cc2caad68af7dffddc27b798aac6e85aa612d6c0578aee7500077ce5e525a9
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\51D766C589E9B2783ABFE624C9A6674B2B72A29E
der
MD5: 3ad65bdb1bf1b2565bb260fcd3318532
SHA256: a0927def0ea35102474eadc4fbd83367b2c8504acb7405ad6a2ef5d8c2a7b2ea
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\A6F2F062EA5BAC8663818852A7FAC048428C1256
der
MD5: 2ca7024d564ec4e5268c949d54ecadf7
SHA256: 34a5aa00ba65d33cf9aca6b27888785a1f42a0bae7ce4fcfe5559f78a1401c13
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-block-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\DF64E2728DC7FC38F35B2643B7567DEEA4AD68B7
ini
MD5: 0d475cbd2d2648b806e3470c60261100
SHA256: 4184391e4e2b2a11fd265d858062214af36919fe392559fa1ab292b5d5460e3a
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-trackwhite-simple.sbstore
binary
MD5: 65e942614eee70680464ac4be75019fc
SHA256: 34395085da32c8b4efe9959e3b0d756b43ffed17694d66f39b966cd331bd9a94
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-trackwhite-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-block-simple.sbstore
binary
MD5: e2cf527ca7550b7e7bdf7311e483a2c3
SHA256: f1e07b1d717433f47073dc54a7d98e3e87b3d0fa88e53466f93ea544af885d11
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-block-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-trackwhite-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-track-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-track-simple.sbstore
binary
MD5: 95f28ede25c301301f25fbbd9a3c56ec
SHA256: 87763df78772f7d750b0fa5a31eec23e931fd3bd1cbb33beddfc61889da36478
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-track-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-harmful-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-unwanted-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-phish-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-harmful-simple.sbstore
binary
MD5: 051fb32dece757ba112ac36dc72e3a91
SHA256: 0806d98fb3de55f75d7c0b17e26146567e08c483031526659a4a35d09b97ef19
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-unwanted-simple.sbstore
binary
MD5: a5695cc64d77967232b0c1344c6e72b3
SHA256: 042a22b8681d754671d2018ba109b31a53ee3728d48c6379043f8e3394e7fbad
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-phish-simple.sbstore
binary
MD5: 3d1ce5e50208f0cb3b979186043a548f
SHA256: 1e13d05d482c3d533dc6035af2b2d6e84749412a5748d1435b70cec8b312340b
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-harmful-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-unwanted-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-malware-simple.sbstore
binary
MD5: 3675254e341df799d4307c1f59109185
SHA256: 23d108134bed6099793f7dd6b8b6e62081ec3b945efdbc7c5e0e779fd9b82f98
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-malware-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-phish-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-malware-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozstd-trackwhite-digest256.sbstore
binary
MD5: d772261ff33497d3681e094f23282ffe
SHA256: 8ee76fa11d5a67f0c93766da3b1ac0c942020afba15b55a8750a896292cf4dce
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozstd-trackwhite-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.pset
binary
MD5: 72e2352f7976b0dd90f2a68047493b8c
SHA256: e0d74336b6c041b6087a697dd7f65fa1da7ea035e202e3d977cc6a7e5bdc13a8
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozplugin-block-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozplugin-block-digest256.sbstore
binary
MD5: d6acf2573e12afdd7939568804d3fcc1
SHA256: 5525cbf8f8dc41d19ac632ed324e55293a510ae0eeba16d0e3f33c707aa58a0c
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.metadata
binary
MD5: eb744b05b13e9410146dab0bd459efa0
SHA256: bfde7f131200eb06c1d54b03d2ce1be1ff31062e8009c937243464712dcd2d50
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-phish-proto.metadata
binary
MD5: ddf263974b1925672d369bbcc8f830de
SHA256: 92a7323dd7eb199618a1e2e823a71919285a70196bfe627808c66cf1c1f3c8e3
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-downloadwhite-proto.pset
binary
MD5: 7655fffe7cfbe1ebf96afea5fe2e1376
SHA256: ff2f663c4e453706b7817109f6a43e8b3389e8cfb1b7d64aace2bfba45f3a359
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto.pset
binary
MD5: e608435b687616692a96462e1ac26756
SHA256: 6aa8ee3813d86411d8073a4c2f850b1e8e734c3759d860cbe54ec7f378a82a52
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-downloadwhite-proto.metadata
binary
MD5: 498dae4e538658a57f464748f2dabfda
SHA256: 8778f52cd9cb4f4787bf7ba18006d212f8c3004652d163f7786556a8eef3a067
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto.metadata
binary
MD5: 704df61fa2e3f587b268ad85126bc689
SHA256: 7e97db3c9370a35f59a6a649e6cf608e4f5ed572f87f433ea652977ac2cc48d5
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto.pset
binary
MD5: 844aff63a5f67cd54d9814b7b54abf18
SHA256: 8985970b72a7bcfcf54c4a2474c36ea9a911ab3672881ee299d58f5a4e64e690
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashallow-digest256.sbstore
binary
MD5: 6f85bc4b2ecb49e26b0bd83a821065d0
SHA256: c0b3bc9b3dc507ab654caf72d13c3aefa58c9b13b1e4d14dd8816712d80a7e54
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto.metadata
binary
MD5: 778202e2ee08f4b4073413c0b03e05fc
SHA256: 33147037ce75ec0a48b3da60d619bc76c2471f5f20c15f9d075671de2067cfb0
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashsubdoc-digest256.sbstore
binary
MD5: ba0009932844173bc8f9af264229df24
SHA256: 66d1c00c04d86e313e9a02775cdf906b1be8d4cd6bef423a1b9e21cc4e9f50c1
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashsubdoc-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flash-digest256.sbstore
binary
MD5: c921d8e98fa01b4f303481e112202e92
SHA256: 4ef1038730ec8bc7206713c29a936768831b922c5e6c83355fd62d7401d8c1dc
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\E34DC641C43872D087B2371FA1278E3E53A2323A
der
MD5: 6303084c3ea6728669a7da79a1362ed4
SHA256: a7fc5728bab998fdff57126473490d8d0ae0f2de01fa9990cf661ade37680a61
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flashsubdoc-digest256.sbstore
binary
MD5: 04824a1f92353f43ebb9e7f74b7476fd
SHA256: b48e58ebab82e4c376f16150a3fff850c1111ff1f5985d68819cfd6f0db159d2
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flash-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashallow-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flashsubdoc-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flash-digest256.sbstore
binary
MD5: 0e8fe60ccd7e9b4c32589a5743a95302
SHA256: 2b124d4026850a3cffd28dbacb58aec28f7dcd4d40bc14e52bbe96d60ce4e749
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flash-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\base-track-digest256.sbstore
binary
MD5: 23e438fd4af1829d4469ff8d0bc83854
SHA256: 96e0d7644aea81d26f039ae633eb405583e11b020363090dac5cad9b4b188846
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\base-track-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\allow-flashallow-digest256.sbstore
binary
MD5: d886a47c89d9c49c795da345bc236990
SHA256: a03c5e2656d2f292bf5794c8eeb8d223cd6ba4f4bfb2ed1f325460e879d0bcf7
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\allow-flashallow-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\search.json.mozlz4
jsonlz4
MD5: 03e22f63ea4be5add7aef9050d485611
SHA256: 0b5a2bcd1edf7ee6252f04b41403e0bc21f2eedf7cbaa6565f6562238c771c13
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\search.json.mozlz4.tmp
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 61e04f058e592438993dcc5c8087b674
SHA256: 39d3b68fb7d143fe276c1e9ad89d9b4f0aa38e95788fca8278d73407e7e3b51f
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionCheckpoints.json
text
MD5: c4ab2ee59ca41b6d6a6ea911f35bdc00
SHA256: 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionCheckpoints.json.tmp
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite-shm
binary
MD5: b7c14ec6110fa820ca6b65f5aec85911
SHA256: fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\2918063365piupsah.sqlite-shm
binary
MD5: b7c14ec6110fa820ca6b65f5aec85911
SHA256: fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1451318868ntouromlalnodry--epcr.sqlite-shm
binary
MD5: b7c14ec6110fa820ca6b65f5aec85911
SHA256: fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite-shm
binary
MD5: b7c14ec6110fa820ca6b65f5aec85911
SHA256: fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: d65b2bd591a1d6cc666241e6eef1afe7
SHA256: 1b94f69a3bf3cb9f7349fe274ca82166c22d675f9b043b19f2770d044ae9bd16
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\pluginreg.dat
text
MD5: 37818d9b7248f34395c2db3c0bd4b07f
SHA256: ff229e03d2ab696e81957957ea8d71280b5800a2b0f70ea77998c3fa4e98a8a6
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\pluginreg.dat.tmp
––
MD5:  ––
SHA256:  ––
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\cookies.sqlite-shm
binary
MD5: b7c14ec6110fa820ca6b65f5aec85911
SHA256: fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache-child-current.bin
binary
MD5: 6a1ef5c5ae2f682a0606848fa329072b
SHA256: 29312a09916820dec3eee29b40c503fee9569204e291320bd9c908b3386b1896
3340
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\urlCache-current.bin
binary
MD5: fd4ac055b608cf2c11c9b2c796a4fe1a
SHA256: 1d8a349613f7dcb71bf648c8c7f780f3953a2bc53435846289101fd77d8887af
3340
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\crashes\store.json.mozlz4.tmp
––
MD5:  ––
SHA256:  ––

Find more information of the staic content and download it at the full report

Network activity

HTTP(S) requests
8
TCP/UDP connections
28
DNS requests
64
Threats
0

HTTP requests

PID Process Method HTTP Code IP URL CN Type Size Reputation
3340 firefox.exe GET 200 2.16.106.209:80 http://detectportal.firefox.com/success.txt unknown
text
whitelisted
3340 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
whitelisted
3340 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
whitelisted
3340 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
whitelisted
3340 firefox.exe POST 200 172.217.23.131:80 http://ocsp.pki.goog/GTSGIAG3 US
binary
der
whitelisted
3340 firefox.exe GET 200 2.16.106.209:80 http://ciscobinary.openh264.org/openh264-win32-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip unknown
compressed
malicious
3340 firefox.exe POST 200 172.217.23.131:80 http://ocsp.pki.goog/GTSGIAG3 US
binary
der
whitelisted
3340 firefox.exe POST 200 172.217.23.131:80 http://ocsp.pki.goog/GTSGIAG3 US
binary
der
whitelisted

Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID Process IP ASN CN Reputation
3340 firefox.exe 2.16.106.209:80 Akamai International B.V. –– unknown
3340 firefox.exe 52.18.148.152:443 Amazon.com, Inc. IE unknown
3340 firefox.exe 54.148.18.114:443 Amazon.com, Inc. US unknown
3340 firefox.exe 93.184.220.29:80 MCI Communications Services, Inc. d/b/a Verizon Business US whitelisted
3340 firefox.exe 34.209.86.85:443 Amazon.com, Inc. US unknown
3340 firefox.exe 13.225.39.58:443 US unknown
3340 firefox.exe 34.215.70.240:443 Amazon.com, Inc. US unknown
3340 firefox.exe 172.217.22.106:443 Google Inc. US whitelisted
3340 firefox.exe 13.225.38.49:443 US unknown
3340 firefox.exe 13.225.38.74:443 US unknown
3340 firefox.exe 172.217.23.131:80 Google Inc. US whitelisted
3340 firefox.exe 54.201.35.95:443 Amazon.com, Inc. US unknown
3340 firefox.exe 13.225.38.48:443 US unknown
3340 firefox.exe 13.225.38.104:443 US unknown
3340 firefox.exe 172.217.22.110:443 Google Inc. US whitelisted
3340 firefox.exe 173.194.165.169:443 Google Inc. US whitelisted

DNS requests

Domain IP Reputation
detectportal.firefox.com 2.16.106.209
2.16.106.152
whitelisted
apps4464.boloufduj13.agency No response unknown
a1089.dscd.akamai.net 2.16.106.152
2.16.106.209
whitelisted
location.services.mozilla.com 52.18.148.152
34.243.21.190
34.251.59.153
whitelisted
locprod1-elb-eu-west-1.prod.mozaws.net 34.251.59.153
34.243.21.190
52.18.148.152
whitelisted
push.services.mozilla.com 54.148.18.114
whitelisted
autopush.prod.mozaws.net 54.148.18.114
whitelisted
ocsp.digicert.com 93.184.220.29
whitelisted
cs9.wac.phicdn.net 93.184.220.29
whitelisted
snippets.cdn.mozilla.net 13.225.39.58
whitelisted
tiles.services.mozilla.com 34.209.86.85
52.25.71.236
52.26.103.165
34.213.89.114
35.166.166.56
34.208.138.0
52.26.166.58
34.210.151.118
whitelisted
tiles.r53-2.services.mozilla.com 34.210.151.118
52.26.166.58
34.208.138.0
35.166.166.56
34.213.89.114
52.26.103.165
52.25.71.236
34.209.86.85
whitelisted
drcwo519tnci7.cloudfront.net 13.225.39.58
whitelisted
search.services.mozilla.com 34.215.70.240
54.190.222.97
52.11.30.237
whitelisted
search.r53-2.services.mozilla.com 52.11.30.237
54.190.222.97
34.215.70.240
whitelisted
safebrowsing.googleapis.com 172.217.22.106
whitelisted
support.mozilla.org 34.208.233.116
52.39.170.29
whitelisted
prod-tp.sumo.mozit.cloud 52.39.170.29
34.208.233.116
malicious
firefox.settings.services.mozilla.com 13.225.38.49
13.225.38.22
13.225.38.95
13.225.38.117
whitelisted
d2k03kvdk5cku0.cloudfront.net 13.225.38.117
13.225.38.95
13.225.38.22
13.225.38.49
whitelisted
content-signature.cdn.mozilla.net 13.225.38.74
13.225.38.54
13.225.38.5
13.225.38.86
whitelisted
d12uj65dsn9ho1.cloudfront.net 13.225.38.86
13.225.38.5
13.225.38.54
13.225.38.74
whitelisted
ocsp.pki.goog 172.217.23.131
whitelisted
pki-goog.l.google.com 172.217.23.131
whitelisted
shavar.services.mozilla.com 54.201.35.95
52.27.116.77
52.41.192.187
52.41.213.214
54.200.216.59
35.161.86.234
whitelisted
shavar.prod.mozaws.net 35.161.86.234
54.200.216.59
52.41.213.214
52.41.192.187
52.27.116.77
54.201.35.95
whitelisted
aus5.mozilla.org 13.225.38.48
13.225.38.80
13.225.38.60
13.225.38.41
whitelisted
balrog-cloudfront.prod.mozaws.net 13.225.38.41
13.225.38.60
13.225.38.80
13.225.38.48
suspicious
tracking-protection.cdn.mozilla.net 13.225.38.104
13.225.38.122
13.225.38.70
13.225.38.108
whitelisted
d1zkz3k4cclnv6.cloudfront.net 13.225.38.108
13.225.38.70
13.225.38.122
13.225.38.104
whitelisted
ciscobinary.openh264.org 2.16.106.209
2.16.106.208
malicious
a19.dscg10.akamai.net No response whitelisted
redirector.gvt1.com 172.217.22.110
whitelisted
r3---sn-4g5edney.gvt1.com 173.194.165.169
whitelisted
r3.sn-4g5edney.gvt1.com 173.194.165.169
whitelisted

Threats

No threats detected.

Debug output strings

No debug info.