General Info

URL

https://ba.ecl-de.com

Full analysis
https://app.any.run/tasks/aeac14e7-c063-48ec-b8c2-7cd04e6ecccd
Verdict
Malicious activity
Analysis date
6/16/2019, 19:38:49
OS:
Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Indicators:

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distored by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

Software environment set and analysis options

Launch configuration

Task duration
60 seconds
Additional time used
none
Fakenet option
off
Heavy Evaision option
off
MITM proxy
off
Route via Tor
on
Network geolocation
off
Privacy
Public submission
Autoconfirmation of UAC
on

Software preset

  • Internet Explorer 8.0.7601.17514
  • Adobe Acrobat Reader DC MUI (15.023.20070)
  • Adobe Flash Player 26 ActiveX (26.0.0.131)
  • Adobe Flash Player 26 NPAPI (26.0.0.131)
  • Adobe Flash Player 26 PPAPI (26.0.0.131)
  • Adobe Refresh Manager (1.8.0)
  • CCleaner (5.35)
  • FileZilla Client 3.36.0 (3.36.0)
  • Google Chrome (73.0.3683.75)
  • Google Update Helper (1.3.33.23)
  • Java 8 Update 92 (8.0.920.14)
  • Java Auto Updater (2.8.92.14)
  • Microsoft .NET Framework 4.6.1 (4.6.01055)
  • Microsoft Office Access MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Access Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Excel MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office OneNote MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Outlook MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office PowerPoint MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Professional 2010 (14.0.6029.1000)
  • Microsoft Office Proof (English) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (French) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (Spanish) 2010 (14.0.6029.1000)
  • Microsoft Office Proofing (English) 2010 (14.0.6029.1000)
  • Microsoft Office Publisher MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Single Image 2010 (14.0.6029.1000)
  • Microsoft Office Word MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (9.0.30729.6161)
  • Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (10.0.40219)
  • Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (12.0.30501.0)
  • Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (14.15.26706.0)
  • Microsoft Visual C++ 2017 x86 Additional Runtime - 14.15.26706 (14.15.26706)
  • Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.15.26706 (14.15.26706)
  • Mozilla Firefox 65.0.2 (x86 en-US) (65.0.2)
  • Notepad++ (32-bit x86) (7.5.1)
  • Opera 12.15 (12.15.1748)
  • Skype version 8.29 (8.29)
  • VLC media player (2.2.6)
  • WinRAR 5.60 (32-bit) (5.60.0)

Hotfixes

  • Client LanguagePack Package
  • Client Refresh LanguagePack Package
  • CodecPack Basic Package
  • Foundation Package
  • IE Troubleshooters Package
  • InternetExplorer Optional Package
  • KB2534111
  • KB2999226
  • KB976902
  • LocalPack AU Package
  • LocalPack CA Package
  • LocalPack GB Package
  • LocalPack US Package
  • LocalPack ZA Package
  • ProfessionalEdition
  • UltimateEdition

Behavior activities

MALICIOUS SUSPICIOUS INFO
Loads dropped or rewritten executable
  • SearchProtocolHost.exe (PID: 3572)
Executable content was dropped or overwritten
  • firefox.exe (PID: 796)
Creates files in the program directory
  • firefox.exe (PID: 456)
  • firefox.exe (PID: 796)
Changes settings of System certificates
  • pingsender.exe (PID: 3036)
  • pingsender.exe (PID: 1004)
Dropped object may contain Bitcoin addresses
  • firefox.exe (PID: 796)
Application launched itself
  • firefox.exe (PID: 796)
  • firefox.exe (PID: 456)
Adds / modifies Windows certificates
  • pingsender.exe (PID: 3036)
  • pingsender.exe (PID: 1004)
Reads settings of System Certificates
  • pingsender.exe (PID: 3036)
Reads CPU info
  • firefox.exe (PID: 796)
  • firefox.exe (PID: 456)
Reads Internet Cache Settings
  • firefox.exe (PID: 796)
Dropped object may contain TOR URL's
  • firefox.exe (PID: 796)
Creates files in the user directory
  • firefox.exe (PID: 796)
  • firefox.exe (PID: 456)

Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report

Screenshots

Processes

Total processes
51
Monitored processes
16
Malicious processes
1
Suspicious processes
0

Behavior graph

+
start firefox.exe firefox.exe no specs firefox.exe firefox.exe firefox.exe pingsender.exe pingsender.exe firefox.exe firefox.exe no specs firefox.exe firefox.exe firefox.exe firefox.exe searchprotocolhost.exe no specs firefox.exe firefox.exe
Specs description
Program did not start
Integrity level elevation
Task сontains an error or was rebooted
Process has crashed
Task contains several apps running
Executable file was dropped
Debug information is available
Process was injected
Network attacks were detected
Application downloaded the executable file
Actions similar to stealing personal data
Behavior similar to exploiting the vulnerability
Inspected object has sucpicious PE structure
File is detected by antivirus software
CPU overrun
RAM overrun
Process starts the services
Process was added to the startup
Behavior similar to spam
Low-level access to the HDD
Probably Tor was used
System was rebooted
Connects to the network
Known threat

Process information

Click at the process to see the details.

PID
3572
CMD
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
Path
C:\Windows\System32\SearchProtocolHost.exe
Indicators
No indicators
Parent process
––
User
SYSTEM
Integrity Level
SYSTEM
Version:
Company
Microsoft Corporation
Description
Microsoft Windows Search Protocol Host
Version
7.00.7600.16385 (win7_rtm.090713-1255)
Modules
Image
c:\windows\system32\searchprotocolhost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\tquery.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\msshooks.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\msidle.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\mssprxy.dll
c:\windows\system32\mssph.dll
c:\windows\system32\mapi32.dll
c:\windows\system32\authz.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\shell32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\propsys.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\profapi.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\slc.dll
c:\windows\system32\notepad.exe
c:\windows\system32\wshext.dll
c:\windows\system32\version.dll
c:\users\admin\desktop\old firefox data\qldyz51w.default\gmp-widevinecdm\1.4.8.1008\widevinecdm.dll
c:\users\admin\desktop\old firefox data\qldyz51w.default\gmp-gmpopenh264\1.7.1\gmpopenh264.dll

PID
456
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" https://ba.ecl-de.com
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
Parent process
––
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Mozilla Corporation
Description
Firefox
Version
65.0.2
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\kbdus.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\psapi.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\wbem\wbemprox.dll
c:\windows\system32\wbemcomn.dll
c:\windows\system32\wship6.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\winsta.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\wbem\wbemsvc.dll
c:\windows\system32\wbem\fastprox.dll
c:\windows\system32\ntdsapi.dll
c:\windows\system32\mscms.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\wpc.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\samcli.dll
c:\windows\system32\samlib.dll
c:\windows\system32\netutils.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\audioses.dll
c:\windows\system32\d2d1.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\wininet.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\sspicli.dll
c:\program files\mozilla firefox\softokn3.dll
c:\program files\mozilla firefox\freebl3.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\rtutils.dll
c:\progra~1\mozill~1\nssckbi.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\explorerframe.dll
c:\windows\system32\duser.dll
c:\windows\system32\dui70.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\actxprxy.dll
c:\program files\adobe\acrobat reader dc\reader\acrord32.exe
c:\program files\mozilla firefox\pingsender.exe

PID
3868
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="456.0.480228716\920549496" -parentBuildID 20190225143501 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - "C:\Users\admin\AppData\LocalLow\Mozilla\Temp-{ce348e4c-7d33-445e-89f9-60108c51bcaf}" 456 "\\.\pipe\gecko-crash-server-pipe.456" 1144 gpu
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
No indicators
Parent process
firefox.exe
User
admin
Integrity Level
MEDIUM
Exit code
1
Version:
Company
Mozilla Corporation
Description
Firefox
Version
65.0.2
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\usp10.dll
c:\windows\system32\lpk.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\mf.dll
c:\windows\system32\atl.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\dxva2.dll
c:\windows\system32\evr.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\wship6.dll
c:\windows\system32\wshqos.dll

PID
2580
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="456.6.2007454497\78801253" -childID 1 -isForBrowser -prefsHandle 1292 -prefMapHandle 840 -prefsLen 1 -prefMapSize 180950 -schedulerPrefs 0001,2 -parentBuildID 20190225143501 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 456 "\\.\pipe\gecko-crash-server-pipe.456" 1584 tab
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
Parent process
firefox.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Mozilla Corporation
Description
Firefox
Version
65.0.2
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\wship6.dll
c:\windows\system32\mscms.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\audioses.dll
c:\windows\system32\wpc.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\samcli.dll
c:\windows\system32\samlib.dll
c:\windows\system32\netutils.dll
c:\program files\mozilla firefox\softokn3.dll
c:\program files\mozilla firefox\freebl3.dll

PID
2280
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="456.13.564543359\733986287" -childID 2 -isForBrowser -prefsHandle 2564 -prefMapHandle 2608 -prefsLen 216 -prefMapSize 180950 -schedulerPrefs 0001,2 -parentBuildID 20190225143501 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 456 "\\.\pipe\gecko-crash-server-pipe.456" 2624 tab
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
Parent process
firefox.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Mozilla Corporation
Description
Firefox
Version
65.0.2
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\wship6.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\mscms.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\audioses.dll
c:\program files\mozilla firefox\softokn3.dll
c:\program files\mozilla firefox\freebl3.dll
c:\windows\system32\wpc.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\samcli.dll
c:\windows\system32\samlib.dll
c:\windows\system32\netutils.dll

PID
2312
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="456.20.463846429\440792657" -childID 3 -isForBrowser -prefsHandle 3340 -prefMapHandle 3212 -prefsLen 5824 -prefMapSize 180950 -schedulerPrefs 0001,2 -parentBuildID 20190225143501 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 456 "\\.\pipe\gecko-crash-server-pipe.456" 3224 tab
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
Parent process
firefox.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Mozilla Corporation
Description
Firefox
Version
65.0.2
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\shell32.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\wship6.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\mscms.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\audioses.dll
c:\windows\system32\wpc.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\samcli.dll
c:\windows\system32\samlib.dll
c:\windows\system32\netutils.dll

PID
1004
CMD
"C:\Program Files\Mozilla Firefox\pingsender.exe" https://incoming.telemetry.mozilla.org/submit/telemetry/e3cfaa92-6609-4c97-9fd1-b6858d77bdc7/health/Firefox/65.0.2/release/20190225143501?v=4 C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\saved-telemetry-pings\e3cfaa92-6609-4c97-9fd1-b6858d77bdc7
Path
C:\Program Files\Mozilla Firefox\pingsender.exe
Indicators
Parent process
firefox.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Mozilla Foundation
Description
Version
65.0.2
Modules
Image
c:\program files\mozilla firefox\pingsender.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\wininet.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\shell32.dll
c:\windows\system32\profapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\schannel.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\wship6.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\credssp.dll
c:\windows\system32\secur32.dll
c:\windows\system32\ncrypt.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\gpapi.dll

PID
3036
CMD
"C:\Program Files\Mozilla Firefox\pingsender.exe" https://incoming.telemetry.mozilla.org/submit/telemetry/e7e5185f-24e6-42b8-bd69-f892e81347a2/main/Firefox/65.0.2/release/20190225143501?v=4 C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\saved-telemetry-pings\e7e5185f-24e6-42b8-bd69-f892e81347a2
Path
C:\Program Files\Mozilla Firefox\pingsender.exe
Indicators
Parent process
firefox.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Mozilla Foundation
Description
Version
65.0.2
Modules
Image
c:\program files\mozilla firefox\pingsender.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\wininet.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\ole32.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\shell32.dll
c:\windows\system32\profapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\schannel.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\wship6.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\credssp.dll
c:\windows\system32\secur32.dll
c:\windows\system32\ncrypt.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\gpapi.dll

PID
796
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe"
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
Parent process
firefox.exe
User
admin
Integrity Level
MEDIUM
Version:
Company
Mozilla Corporation
Description
Firefox
Version
65.0.2
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\kbdus.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\psapi.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\wbem\wbemprox.dll
c:\windows\system32\wbemcomn.dll
c:\windows\system32\wship6.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\winsta.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\wbem\wbemsvc.dll
c:\windows\system32\wbem\fastprox.dll
c:\windows\system32\ntdsapi.dll
c:\windows\system32\mscms.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\wpc.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\samcli.dll
c:\windows\system32\samlib.dll
c:\windows\system32\netutils.dll
c:\windows\system32\d2d1.dll
c:\program files\adobe\acrobat reader dc\reader\acrord32.exe
c:\progra~1\micros~1\office14\outlook.exe
c:\windows\system32\mmdevapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\audioses.dll
c:\windows\system32\macromed\flash\npswf32_26_0_0_131.dll
c:\program files\java\jre1.8.0_92\bin\dtplugin\npdeployjava1.dll
c:\program files\java\jre1.8.0_92\bin\plugin2\npjp2.dll
c:\progra~1\micros~1\office14\npspwrap.dll
c:\progra~1\micros~1\office14\npauthz.dll
c:\program files\google\update\1.3.33.23\npgoogleupdate3.dll
c:\program files\videolan\vlc\npvlc.dll
c:\program files\adobe\acrobat reader dc\reader\air\nppdf32.dll
c:\windows\system32\msimg32.dll
c:\program files\mozilla firefox\softokn3.dll
c:\program files\mozilla firefox\freebl3.dll
c:\progra~1\mozill~1\nssckbi.dll
c:\windows\system32\wininet.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\explorerframe.dll
c:\windows\system32\duser.dll
c:\windows\system32\dui70.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\actxprxy.dll

PID
2536
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="796.0.270131092\895944487" -parentBuildID 20190225143501 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - "C:\Users\admin\AppData\LocalLow\Mozilla\Temp-{34f9bc61-ebc0-4b5f-a904-ad5da161cc2c}" 796 "\\.\pipe\gecko-crash-server-pipe.796" 1092 gpu
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
No indicators
Parent process
firefox.exe
User
admin
Integrity Level
MEDIUM
Version:
Company
Mozilla Corporation
Description
Firefox
Version
65.0.2
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\sechost.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\mf.dll
c:\windows\system32\atl.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\dxva2.dll
c:\windows\system32\evr.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\wship6.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\msimg32.dll

PID
2684
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="796.6.1961984656\2145366906" -childID 1 -isForBrowser -prefsHandle 2588 -prefMapHandle 1664 -prefsLen 1 -prefMapSize 176257 -schedulerPrefs 0001,2 -parentBuildID 20190225143501 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 796 "\\.\pipe\gecko-crash-server-pipe.796" 2068 tab
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
Parent process
firefox.exe
User
admin
Integrity Level
LOW
Version:
Company
Mozilla Corporation
Description
Firefox
Version
65.0.2
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\wship6.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\mscms.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\audioses.dll
c:\program files\mozilla firefox\mozavutil.dll
c:\program files\mozilla firefox\mozavcodec.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\mf.dll
c:\windows\system32\atl.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\dxva2.dll
c:\windows\system32\evr.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\msmpeg2vdec.dll
c:\windows\system32\slc.dll
c:\windows\system32\sqmapi.dll
c:\windows\system32\bcrypt.dll
c:\program files\mozilla firefox\softokn3.dll
c:\program files\mozilla firefox\freebl3.dll
c:\windows\system32\wpc.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\samcli.dll
c:\windows\system32\samlib.dll
c:\windows\system32\netutils.dll

PID
1696
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="796.13.424938988\490715158" -childID 2 -isForBrowser -prefsHandle 2844 -prefMapHandle 2372 -prefsLen 1 -prefMapSize 176257 -schedulerPrefs 0001,2 -parentBuildID 20190225143501 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 796 "\\.\pipe\gecko-crash-server-pipe.796" 2300 tab
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
Parent process
firefox.exe
User
admin
Integrity Level
LOW
Version:
Company
Mozilla Corporation
Description
Firefox
Version
65.0.2
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\shell32.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\wship6.dll
c:\windows\system32\mscms.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\audioses.dll
c:\program files\mozilla firefox\softokn3.dll
c:\program files\mozilla firefox\freebl3.dll

PID
1524
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="796.20.758565558\1621223018" -childID 3 -isForBrowser -prefsHandle 2500 -prefMapHandle 1984 -prefsLen 1 -prefMapSize 176257 -schedulerPrefs 0001,2 -parentBuildID 20190225143501 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 796 "\\.\pipe\gecko-crash-server-pipe.796" 2844 tab
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
Parent process
firefox.exe
User
admin
Integrity Level
LOW
Version:
Company
Mozilla Corporation
Description
Firefox
Version
65.0.2
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\wship6.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\mscms.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\audioses.dll
c:\windows\system32\wpc.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\samcli.dll
c:\windows\system32\samlib.dll
c:\windows\system32\netutils.dll
c:\program files\mozilla firefox\softokn3.dll
c:\program files\mozilla firefox\freebl3.dll

PID
1924
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="796.27.123957868\1881491633" -childID 4 -isForBrowser -prefsHandle 2468 -prefMapHandle 2472 -prefsLen 1256 -prefMapSize 176257 -schedulerPrefs 0001,2 -parentBuildID 20190225143501 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 796 "\\.\pipe\gecko-crash-server-pipe.796" 2392 tab
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
Parent process
firefox.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Mozilla Corporation
Description
Firefox
Version
65.0.2
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\ws2_32.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\wship6.dll
c:\windows\system32\mscms.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\audioses.dll

PID
3392
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="796.34.178053572\1888882543" -childID 5 -isForBrowser -prefsHandle 3628 -prefMapHandle 3632 -prefsLen 6732 -prefMapSize 176257 -schedulerPrefs 0001,2 -parentBuildID 20190225143501 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 796 "\\.\pipe\gecko-crash-server-pipe.796" 3644 tab
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
Parent process
firefox.exe
User
admin
Integrity Level
LOW
Version:
Company
Mozilla Corporation
Description
Firefox
Version
65.0.2
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\wship6.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\mscms.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\audioses.dll
c:\windows\system32\wpc.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\samcli.dll
c:\windows\system32\samlib.dll
c:\windows\system32\netutils.dll
c:\program files\mozilla firefox\softokn3.dll
c:\program files\mozilla firefox\freebl3.dll

PID
3680
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="796.41.1342981415\1703840691" -childID 6 -isForBrowser -prefsHandle 3832 -prefMapHandle 3836 -prefsLen 6822 -prefMapSize 176257 -schedulerPrefs 0001,2 -parentBuildID 20190225143501 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 796 "\\.\pipe\gecko-crash-server-pipe.796" 3848 tab
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
Parent process
firefox.exe
User
admin
Integrity Level
LOW
Version:
Company
Mozilla Corporation
Description
Firefox
Version
65.0.2
Modules
Image
c:\program files\mozilla firefox\firefox.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\lpk.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\wship6.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\mscms.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\audioses.dll

Registry activity

Total events
1458
Read events
1414
Write events
40
Delete events
4

Modification events

PID
Process
Operation
Key
Name
Value
3572
SearchProtocolHost.exe
write
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\62\52C64B7E
LanguageList
en-US
3572
SearchProtocolHost.exe
write
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\62\52C64B7E
@C:\Windows\system32\notepad.exe,-469
Text Document
3572
SearchProtocolHost.exe
write
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\62\52C64B7E
@C:\Windows\System32\wshext.dll,-4804
JScript Script File
456
firefox.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings
ProxyEnable
0
456
firefox.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
SavedLegacySettings
4600000071000000010000000000000000000000000000000000000000000000C0E333BBEAB1D301000000000000000000000000020000001700000000000000FE800000000000007D6CB050D9C573F70B000000000000006D00330032005C004D00530049004D004700330032002E0064006C000100000004AA400014AA4000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000C0A8016400000000000000000000000000000000000000000800000000000000805D3F00983740000008000002000000000000600000002060040000B8A94000020000008802000060040000B8A9400004000000F8010000B284000088B64000B84B400043003A000000000000000000000000000000000000000000
1004
pingsender.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings
ProxyEnable
0
1004
pingsender.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
SavedLegacySettings
4600000072000000010000000000000000000000000000000000000000000000C0E333BBEAB1D301000000000000000000000000020000001700000000000000FE800000000000007D6CB050D9C573F70B000000000000006D00330032005C004D00530049004D004700330032002E0064006C000100000004AA400014AA4000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000C0A8016400000000000000000000000000000000000000000800000000000000805D3F00983740000008000002000000000000600000002060040000B8A94000020000008802000060040000B8A9400004000000F8010000B284000088B64000B84B400043003A000000000000000000000000000000000000000000
1004
pingsender.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\62\52C64B7E
LanguageList
en-US
1004
pingsender.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\91C6D6EE3E8AC86384E548C299295C756C817B81
Blob
0F000000010000001400000085FEF11B4F47FE3952F98301C9F98976FEFEE0CE09000000010000002A000000302806082B0601050507030106082B0601050507030206082B0601050507030406082B0601050507030353000000010000002500000030233021060B6086480186F8450107300130123010060A2B0601040182373C0101030200C01400000001000000140000007B5B45CFAFCECB7AFD31921A6AB6F346EB5748501D00000001000000100000005B3B67000EEB80022E42605B6B3B72400B000000010000000E000000740068006100770074006500000003000000010000001400000091C6D6EE3E8AC86384E548C299295C756C817B812000000001000000240400003082042030820308A0030201020210344ED55720D5EDEC49F42FCE37DB2B6D300D06092A864886F70D01010505003081A9310B300906035504061302555331153013060355040A130C7468617774652C20496E632E31283026060355040B131F43657274696669636174696F6E205365727669636573204469766973696F6E31383036060355040B132F2863292032303036207468617774652C20496E632E202D20466F7220617574686F72697A656420757365206F6E6C79311F301D06035504031316746861777465205072696D61727920526F6F74204341301E170D3036313131373030303030305A170D3336303731363233353935395A3081A9310B300906035504061302555331153013060355040A130C7468617774652C20496E632E31283026060355040B131F43657274696669636174696F6E205365727669636573204469766973696F6E31383036060355040B132F2863292032303036207468617774652C20496E632E202D20466F7220617574686F72697A656420757365206F6E6C79311F301D06035504031316746861777465205072696D61727920526F6F7420434130820122300D06092A864886F70D01010105000382010F003082010A0282010100ACA0F0FB8059D49CC7A4CF9DA159730910450C0D2C6E68F16C5B4868495937FC0B3319C2777FCC102D95341CE6EB4D09A71CD2B8C9973602B789D4245F06C0CC4494948D02626FEB5ADD118D289A5C8490107A0DBD74662F6A38A0E2D55444EB1D079F07BA6FEEE9FD4E0B29F53E84A001F19CABF81C7E89A4E8A1D871650DA3517BEEBCD222600DB95B9DDFBAFC515B0BAF98B2E92EE904E86287DE2BC8D74EC14C641EDDCF8758BA4A4FCA68071D1C9D4AC6D52F91CC7C71721CC5C067EB32FDC9925C94DA85C09BBF537D2B09F48C9D911F976A52CBDE0936A477D87B875044D53E6E2969FB3949261E09A5807B402DEBE82785C9FE61FD7EE67C971DD59D0203010001A3423040300F0603551D130101FF040530030101FF300E0603551D0F0101FF040403020106301D0603551D0E041604147B5B45CFAFCECB7AFD31921A6AB6F346EB574850300D06092A864886F70D010105050003820101007911C04BB391B6FCF0E967D40D6E45BE55E893D2CE033FEDDA25B01D57CB1E3A76A04CEC5076E864720CA4A9F1B88BD6D68784BB32E54111C077D9B3609DEB1BD5D16E4444A9A601EC55621D77B85C8E48497C9C3B5711ACAD73378E2F785C906847D96060E6FC073D222017C4F716E9C4D872F9C8737CDF162F15A93EFD6A27B6A1EB5ABA981FD5E34D640A9D13C861BAF5391C87BAB8BD7B227FF6FEAC4079E5AC106F3D8F1B79768BC437B3211884E53600EB632099B9E9FE3304BB41C8C102F94463209E81CE42D3D63F2C76D3639C59DD8FA6E10EA02E41F72E9547CFBCFD33F3F60B617E7E912B8147C22730EEA7105D378F5C392BE404F07B8D568C68
1004
pingsender.exe
delete key
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\91C6D6EE3E8AC86384E548C299295C756C817B81
1004
pingsender.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\91C6D6EE3E8AC86384E548C299295C756C817B81
Blob
190000000100000010000000DC73F9B71E16D51D26527D32B11A6A3D09000000010000002A000000302806082B0601050507030106082B0601050507030206082B0601050507030406082B0601050507030353000000010000002500000030233021060B6086480186F8450107300130123010060A2B0601040182373C0101030200C01400000001000000140000007B5B45CFAFCECB7AFD31921A6AB6F346EB5748501D00000001000000100000005B3B67000EEB80022E42605B6B3B72400B000000010000000E000000740068006100770074006500000003000000010000001400000091C6D6EE3E8AC86384E548C299295C756C817B812000000001000000240400003082042030820308A0030201020210344ED55720D5EDEC49F42FCE37DB2B6D300D06092A864886F70D01010505003081A9310B300906035504061302555331153013060355040A130C7468617774652C20496E632E31283026060355040B131F43657274696669636174696F6E205365727669636573204469766973696F6E31383036060355040B132F2863292032303036207468617774652C20496E632E202D20466F7220617574686F72697A656420757365206F6E6C79311F301D06035504031316746861777465205072696D61727920526F6F74204341301E170D3036313131373030303030305A170D3336303731363233353935395A3081A9310B300906035504061302555331153013060355040A130C7468617774652C20496E632E31283026060355040B131F43657274696669636174696F6E205365727669636573204469766973696F6E31383036060355040B132F2863292032303036207468617774652C20496E632E202D20466F7220617574686F72697A656420757365206F6E6C79311F301D06035504031316746861777465205072696D61727920526F6F7420434130820122300D06092A864886F70D01010105000382010F003082010A0282010100ACA0F0FB8059D49CC7A4CF9DA159730910450C0D2C6E68F16C5B4868495937FC0B3319C2777FCC102D95341CE6EB4D09A71CD2B8C9973602B789D4245F06C0CC4494948D02626FEB5ADD118D289A5C8490107A0DBD74662F6A38A0E2D55444EB1D079F07BA6FEEE9FD4E0B29F53E84A001F19CABF81C7E89A4E8A1D871650DA3517BEEBCD222600DB95B9DDFBAFC515B0BAF98B2E92EE904E86287DE2BC8D74EC14C641EDDCF8758BA4A4FCA68071D1C9D4AC6D52F91CC7C71721CC5C067EB32FDC9925C94DA85C09BBF537D2B09F48C9D911F976A52CBDE0936A477D87B875044D53E6E2969FB3949261E09A5807B402DEBE82785C9FE61FD7EE67C971DD59D0203010001A3423040300F0603551D130101FF040530030101FF300E0603551D0F0101FF040403020106301D0603551D0E041604147B5B45CFAFCECB7AFD31921A6AB6F346EB574850300D06092A864886F70D010105050003820101007911C04BB391B6FCF0E967D40D6E45BE55E893D2CE033FEDDA25B01D57CB1E3A76A04CEC5076E864720CA4A9F1B88BD6D68784BB32E54111C077D9B3609DEB1BD5D16E4444A9A601EC55621D77B85C8E48497C9C3B5711ACAD73378E2F785C906847D96060E6FC073D222017C4F716E9C4D872F9C8737CDF162F15A93EFD6A27B6A1EB5ABA981FD5E34D640A9D13C861BAF5391C87BAB8BD7B227FF6FEAC4079E5AC106F3D8F1B79768BC437B3211884E53600EB632099B9E9FE3304BB41C8C102F94463209E81CE42D3D63F2C76D3639C59DD8FA6E10EA02E41F72E9547CFBCFD33F3F60B617E7E912B8147C22730EEA7105D378F5C392BE404F07B8D568C68
3036
pingsender.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings
ProxyEnable
0
3036
pingsender.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
SavedLegacySettings
4600000073000000010000000000000000000000000000000000000000000000C0E333BBEAB1D301000000000000000000000000020000001700000000000000FE800000000000007D6CB050D9C573F70B000000000000006D00330032005C004D00530049004D004700330032002E0064006C000100000004AA400014AA4000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000C0A8016400000000000000000000000000000000000000000800000000000000805D3F00983740000008000002000000000000600000002060040000B8A94000020000008802000060040000B8A9400004000000F8010000B284000088B64000B84B400043003A000000000000000000000000000000000000000000
3036
pingsender.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\62\52C64B7E
LanguageList
en-US
3036
pingsender.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\91C6D6EE3E8AC86384E548C299295C756C817B81
Blob
0F000000010000001400000085FEF11B4F47FE3952F98301C9F98976FEFEE0CE09000000010000002A000000302806082B0601050507030106082B0601050507030206082B0601050507030406082B0601050507030353000000010000002500000030233021060B6086480186F8450107300130123010060A2B0601040182373C0101030200C01400000001000000140000007B5B45CFAFCECB7AFD31921A6AB6F346EB5748501D00000001000000100000005B3B67000EEB80022E42605B6B3B72400B000000010000000E000000740068006100770074006500000003000000010000001400000091C6D6EE3E8AC86384E548C299295C756C817B812000000001000000240400003082042030820308A0030201020210344ED55720D5EDEC49F42FCE37DB2B6D300D06092A864886F70D01010505003081A9310B300906035504061302555331153013060355040A130C7468617774652C20496E632E31283026060355040B131F43657274696669636174696F6E205365727669636573204469766973696F6E31383036060355040B132F2863292032303036207468617774652C20496E632E202D20466F7220617574686F72697A656420757365206F6E6C79311F301D06035504031316746861777465205072696D61727920526F6F74204341301E170D3036313131373030303030305A170D3336303731363233353935395A3081A9310B300906035504061302555331153013060355040A130C7468617774652C20496E632E31283026060355040B131F43657274696669636174696F6E205365727669636573204469766973696F6E31383036060355040B132F2863292032303036207468617774652C20496E632E202D20466F7220617574686F72697A656420757365206F6E6C79311F301D06035504031316746861777465205072696D61727920526F6F7420434130820122300D06092A864886F70D01010105000382010F003082010A0282010100ACA0F0FB8059D49CC7A4CF9DA159730910450C0D2C6E68F16C5B4868495937FC0B3319C2777FCC102D95341CE6EB4D09A71CD2B8C9973602B789D4245F06C0CC4494948D02626FEB5ADD118D289A5C8490107A0DBD74662F6A38A0E2D55444EB1D079F07BA6FEEE9FD4E0B29F53E84A001F19CABF81C7E89A4E8A1D871650DA3517BEEBCD222600DB95B9DDFBAFC515B0BAF98B2E92EE904E86287DE2BC8D74EC14C641EDDCF8758BA4A4FCA68071D1C9D4AC6D52F91CC7C71721CC5C067EB32FDC9925C94DA85C09BBF537D2B09F48C9D911F976A52CBDE0936A477D87B875044D53E6E2969FB3949261E09A5807B402DEBE82785C9FE61FD7EE67C971DD59D0203010001A3423040300F0603551D130101FF040530030101FF300E0603551D0F0101FF040403020106301D0603551D0E041604147B5B45CFAFCECB7AFD31921A6AB6F346EB574850300D06092A864886F70D010105050003820101007911C04BB391B6FCF0E967D40D6E45BE55E893D2CE033FEDDA25B01D57CB1E3A76A04CEC5076E864720CA4A9F1B88BD6D68784BB32E54111C077D9B3609DEB1BD5D16E4444A9A601EC55621D77B85C8E48497C9C3B5711ACAD73378E2F785C906847D96060E6FC073D222017C4F716E9C4D872F9C8737CDF162F15A93EFD6A27B6A1EB5ABA981FD5E34D640A9D13C861BAF5391C87BAB8BD7B227FF6FEAC4079E5AC106F3D8F1B79768BC437B3211884E53600EB632099B9E9FE3304BB41C8C102F94463209E81CE42D3D63F2C76D3639C59DD8FA6E10EA02E41F72E9547CFBCFD33F3F60B617E7E912B8147C22730EEA7105D378F5C392BE404F07B8D568C68
3036
pingsender.exe
delete key
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\91C6D6EE3E8AC86384E548C299295C756C817B81
3036
pingsender.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\91C6D6EE3E8AC86384E548C299295C756C817B81
Blob
190000000100000010000000DC73F9B71E16D51D26527D32B11A6A3D09000000010000002A000000302806082B0601050507030106082B0601050507030206082B0601050507030406082B0601050507030353000000010000002500000030233021060B6086480186F8450107300130123010060A2B0601040182373C0101030200C01400000001000000140000007B5B45CFAFCECB7AFD31921A6AB6F346EB5748501D00000001000000100000005B3B67000EEB80022E42605B6B3B72400B000000010000000E000000740068006100770074006500000003000000010000001400000091C6D6EE3E8AC86384E548C299295C756C817B812000000001000000240400003082042030820308A0030201020210344ED55720D5EDEC49F42FCE37DB2B6D300D06092A864886F70D01010505003081A9310B300906035504061302555331153013060355040A130C7468617774652C20496E632E31283026060355040B131F43657274696669636174696F6E205365727669636573204469766973696F6E31383036060355040B132F2863292032303036207468617774652C20496E632E202D20466F7220617574686F72697A656420757365206F6E6C79311F301D06035504031316746861777465205072696D61727920526F6F74204341301E170D3036313131373030303030305A170D3336303731363233353935395A3081A9310B300906035504061302555331153013060355040A130C7468617774652C20496E632E31283026060355040B131F43657274696669636174696F6E205365727669636573204469766973696F6E31383036060355040B132F2863292032303036207468617774652C20496E632E202D20466F7220617574686F72697A656420757365206F6E6C79311F301D06035504031316746861777465205072696D61727920526F6F7420434130820122300D06092A864886F70D01010105000382010F003082010A0282010100ACA0F0FB8059D49CC7A4CF9DA159730910450C0D2C6E68F16C5B4868495937FC0B3319C2777FCC102D95341CE6EB4D09A71CD2B8C9973602B789D4245F06C0CC4494948D02626FEB5ADD118D289A5C8490107A0DBD74662F6A38A0E2D55444EB1D079F07BA6FEEE9FD4E0B29F53E84A001F19CABF81C7E89A4E8A1D871650DA3517BEEBCD222600DB95B9DDFBAFC515B0BAF98B2E92EE904E86287DE2BC8D74EC14C641EDDCF8758BA4A4FCA68071D1C9D4AC6D52F91CC7C71721CC5C067EB32FDC9925C94DA85C09BBF537D2B09F48C9D911F976A52CBDE0936A477D87B875044D53E6E2969FB3949261E09A5807B402DEBE82785C9FE61FD7EE67C971DD59D0203010001A3423040300F0603551D130101FF040530030101FF300E0603551D0F0101FF040403020106301D0603551D0E041604147B5B45CFAFCECB7AFD31921A6AB6F346EB574850300D06092A864886F70D010105050003820101007911C04BB391B6FCF0E967D40D6E45BE55E893D2CE033FEDDA25B01D57CB1E3A76A04CEC5076E864720CA4A9F1B88BD6D68784BB32E54111C077D9B3609DEB1BD5D16E4444A9A601EC55621D77B85C8E48497C9C3B5711ACAD73378E2F785C906847D96060E6FC073D222017C4F716E9C4D872F9C8737CDF162F15A93EFD6A27B6A1EB5ABA981FD5E34D640A9D13C861BAF5391C87BAB8BD7B227FF6FEAC4079E5AC106F3D8F1B79768BC437B3211884E53600EB632099B9E9FE3304BB41C8C102F94463209E81CE42D3D63F2C76D3639C59DD8FA6E10EA02E41F72E9547CFBCFD33F3F60B617E7E912B8147C22730EEA7105D378F5C392BE404F07B8D568C68
796
firefox.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings
ProxyEnable
0
796
firefox.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
SavedLegacySettings
4600000074000000010000000000000000000000000000000000000000000000C0E333BBEAB1D301000000000000000000000000020000001700000000000000FE800000000000007D6CB050D9C573F70B000000000000006D00330032005C004D00530049004D004700330032002E0064006C000100000004AA400014AA4000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000C0A8016400000000000000000000000000000000000000000800000000000000805D3F00983740000008000002000000000000600000002060040000B8A94000020000008802000060040000B8A9400004000000F8010000B284000088B64000B84B400043003A000000000000000000000000000000000000000000

Files activity

Executable files
2
Suspicious files
115
Text files
104
Unknown types
172

Dropped files

PID
Process
Filename
Type
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\gmp-widevinecdm\1.4.8.1008\widevinecdm.dll
executable
MD5: 0ff7bb9561a7934441d4e44c68c8dfd7
SHA256: 123ad18bb0d19cedb94c02a9e90fcc89ec39e3d1813595088c80924fd3b4659d
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\gmp-gmpopenh264\1.7.1\gmpopenh264.dll
executable
MD5: a2deba04f36b39c63d9079389fcd6b8a
SHA256: 5431279ab15d99b71360075d1f221fcb1ce7bd64ce1695050222ca9cf70b1587
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\content-prefs.sqlite
sqlite
MD5: d98c70110cb36f098c925d9143d3e82b
SHA256: f85e01375ff28aa8085ad214a2550edb7c20b147cb08db4a1a09e45d5120227b
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\prefs.js
text
MD5: cb01dd768b543fdebba1c6daf60b9391
SHA256: e24a6a9aa3ef57b992b5ed7219a6d24c1383f37c37c1d54af80e08fdd4089df2
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\prefs-1.js
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\safebrowsing-updating
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\safebrowsing
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\safebrowsing-updating\block-flash-digest256.pset
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\safebrowsing-backup
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\safebrowsing-updating\mozplugin-block-digest256.pset
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\safebrowsing-updating\mozplugin-block-digest256.sbstore
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\safebrowsing-updating\block-flash-digest256.sbstore
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\safebrowsing-updating\base-track-digest256.sbstore
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\safebrowsing-updating\base-track-digest256.pset
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\safebrowsing-updating\block-flashsubdoc-digest256.pset
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\safebrowsing-updating\block-flashsubdoc-digest256.sbstore
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\safebrowsing-updating\mozstd-trackwhite-digest256.pset
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\safebrowsing-updating\mozstd-trackwhite-digest256.sbstore
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\prefs.js
text
MD5: 0fd796dd1683912743b29c5986a8e14d
SHA256: f1eed924220edb9b354f083ed8684845f0aa9ad65e7dee978b7d1782bf0ee274
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\safebrowsing-updating\except-flashsubdoc-digest256.pset
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\safebrowsing-updating\except-flashsubdoc-digest256.sbstore
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\safebrowsing-updating\allow-flashallow-digest256.sbstore
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\safebrowsing-updating\except-flash-digest256.sbstore
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\safebrowsing-updating\allow-flashallow-digest256.pset
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\safebrowsing-updating\except-flash-digest256.pset
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\safebrowsing-updating\except-flashallow-digest256.pset
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\safebrowsing-updating\except-flashallow-digest256.sbstore
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\safebrowsing-updating\test-trackwhite-simple.sbstore
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\safebrowsing-updating\test-unwanted-simple.pset
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\safebrowsing-updating\test-unwanted-simple.sbstore
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\safebrowsing-updating\test-trackwhite-simple.pset
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\safebrowsing-updating\test-malware-simple.sbstore
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\safebrowsing-updating\test-phish-simple.pset
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\safebrowsing-updating\test-phish-simple.sbstore
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\safebrowsing-updating\test-track-simple.pset
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\safebrowsing-updating\test-track-simple.sbstore
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\safebrowsing-updating\test-malware-simple.pset
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\safebrowsing-updating\test-harmful-simple.sbstore
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\safebrowsing-updating\test-harmful-simple.pset
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\safebrowsing-updating\test-block-simple.sbstore
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\safebrowsing-updating\test-block-simple.pset
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\8473F6B6E4603BD96F7DE40AD2F4CF89B6744630
compressed
MD5: 47608748fa2a86e7a0f2a141a21a416f
SHA256: dd84800a75fa94779178cb9aec0a20bf1b2add1d86730cdbadfa8e9e7a628cc6
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\8B2634FB16660BA3F2D27C544075DFEACA1E561A
compressed
MD5: 36099828ff5f09a2b8ef402e7cef8340
SHA256: 39937b62f5a2bae6b9bf747b546309302eb1afaa7606b695dcb0bccf46638ad1
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\34DAD38AEC4332492D2AAF40764C5662339138AB
cer
MD5: 1b38a1f04ce1b0620b23e286980ea2d8
SHA256: 0462f62681aee8734ca37b77a395bba6f68e70e687048947499a79f286e1e174
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\96E3CDF8FA4A0DCBB81F0A922B22FED61FC7D2FB
compressed
MD5: f81634456761df611e30e7a25b8d5944
SHA256: c176313c68fd11dfc5cc5f168127633666435b86304fcadfad0cf5f27da3146b
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\34DAD38AEC4332492D2AAF40764C5662339138AB
cer
MD5: 1ee27718dc4cf0a3815c77e702c26ec4
SHA256: 8c2f672efb61d62ade3025c379cdc6ce500b73e6fa236a56f441051cacbb42cf
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\E910D1FCE8BF27F5536B88567A4DC32624377CC3
binary
MD5: cf17ee965be6692bbf64f31eb5cc9ec7
SHA256: 635ce9df2459141f731e9e69496c514da352cc2353084ed20c509ecd08aeb581
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\0EDDF8C091E2FED62E44BEDDDC1723F5BF38FE4F
binary
MD5: 96a605cf3e55ef5b74dfd95ed85f6809
SHA256: 7d768642a09f95420dd2ca5b7d53d1e11e893cc934824e59c8e0cb5ac67aaf29
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\34DAD38AEC4332492D2AAF40764C5662339138AB
cer
MD5: 5bd7dc9eea7a5cc105e0121a36a56c94
SHA256: a1a75ad0953a6fb743accc6ec3967a9c8d8af2dc5b5f124408c4a7aeafc6149d
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\34DAD38AEC4332492D2AAF40764C5662339138AB
cer
MD5: b153332fe8c064797fd6d718b917e9e5
SHA256: 3ccb54a10fcbde4f1172d6de8d1c5ff77b3ad68ebe19fb0587b30f0d47f137e4
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\F8AC72083E334F70A553AE68455FBDF0E65C5221
compressed
MD5: 93c1661e7968ad7ebf3aebca13e040ed
SHA256: 2a264f24f6f5cc9ab5e2eebdc9458294a5f4ac9d4f0e1d095cc690fe4db53eed
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\34DAD38AEC4332492D2AAF40764C5662339138AB
cer
MD5: 9631f1b32f3f128139685d00d66f9791
SHA256: e9ab7cc34262cd32cfd894d163c7a9389214ab5bcd3e20bd1a31df8d81b8c2bd
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\5E4954707B44E5A4B4ACF5F22B52219A1DCA477F
compressed
MD5: 884005530dc95e659b6600f0f4f93dc4
SHA256: 5933268f9ccffaef71451e109e74f949ec7f13074abd4a2165c33d34beb7cbf4
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\34DAD38AEC4332492D2AAF40764C5662339138AB
cer
MD5: 01e0b77ec92ad412108d8cffd092562d
SHA256: f25d8825ca6ef9036fa222c70b300ec9bb2fe634640fd9076fd738eafe11eed4
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\doomed\32585
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\thumbnails\ad5a4453bea49203135688a7b8db842d.png
image
MD5: 5c5ed1f7fe4ffafe1e9667355b096d9d
SHA256: cb95cdff756be616be7eee9ed5bbba3181edc938e04388ede5b26f717643c2dd
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\thumbnails\ad5a4453bea49203135688a7b8db842d.png.tmp
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\34DAD38AEC4332492D2AAF40764C5662339138AB
cer
MD5: fa7c1f1c66493b31a75588a24273f877
SHA256: e2ad39c9cb36d25efc3757cc9ae3b5f20ed564fed218f969c52f85a5f25d7c28
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\prefs.js
text
MD5: 46a2a77ae64d66e685ebfc1791579f03
SHA256: 8fd2faaffaff42142dd91e5df9aa908aa9cc5fa9cf59534765b80e62e21ec785
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\E21F074DBAD1CB7994F383C419228B689766FB1C
compressed
MD5: 5c7f544325221d3dff44a6e54b8c2922
SHA256: 5a6aef05bf077b75f4292584b934316c8336659d7675f401bd417a46fe8e7a43
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\698AC159A6BCBA0D13FE6F10F1A38E498F826F33
ini
MD5: 3ed75a5c3b928b6edceed69aabe94bb7
SHA256: be075fa39bae19c1a28917d3036eb4c0ce557791260512671e4af35ed9ae73a6
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\D5D7B247774E63182A9E2C82B62424AAB64C79A8
image
MD5: 9e85d4349ec56a8a92059341f3784640
SHA256: d8ca19a8de5e076a198ad4bdb1677489907aef5e401609aa4bd5775e4cbbf7e0
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\89DBE1DF558BB8439E2062ECC3272086F2E3FF1F
image
MD5: f7fc4e76342a45cbd4acbd6f21ac8e92
SHA256: 0aebd0d26a5fdd65f6d54f3cccbe11377d6635e81541055cf68996764932d5cd
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\C7BCCD2D2CA294B38AE834D818CF5D5C0C7A65BE
compressed
MD5: 2534e1d0d2caf6f9caae9d7a199d52e3
SHA256: 408ea88ab0d650abc771a7dc54b5cf48a11b937786520e2fbb4a943763f5ecaf
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\doomed\26050
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cert9.db
sqlite
MD5: 01919146ba6e3aca48ed03e0d5ea795a
SHA256: 4d68dd9f6681db73b91b193b63b79dcd5ca466045c1ab294e07179fb6d25df20
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cert9.db-journal
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\C664ABAE6A070392F60C7BFF721450AA0CF7DBA0
binary
MD5: bc7cf11c85dffb584516aed0b0076f89
SHA256: c8a1136dbe508528d94221964b5c8507eacf6f8d2e2323b8aa4d4892fc6b7d19
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\7AE23C94C3BD69C8D721F455BAD0D7DF73FD3479
der
MD5: c6a27e320e820226761bb428264a7698
SHA256: 4ba556aea4f7996828dffca3e3c15337c471a40c1f7fced61c03d864af00cbb9
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\89DBE1DF558BB8439E2062ECC3272086F2E3FF1F
binary
MD5: 12a0e7e46bbb6d18237f5dfa934c3ada
SHA256: 1e1cc98ce71480c5f3066d8e10598dade76c21d3ce928d53cd914d5fd8c503cb
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\0EDDF8C091E2FED62E44BEDDDC1723F5BF38FE4F
binary
MD5: e6cd0f0de09b3d93ff782f53d6e02141
SHA256: 7bd95d0045a13b441d87c5a50aab03b05e6297d5dfa7da0cfe995ea8c8866a12
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\698AC159A6BCBA0D13FE6F10F1A38E498F826F33
binary
MD5: b4273ded07f495d4cddaf7815018d634
SHA256: c1abeac528751d1de3df42ed2d447ec711a515a4c99e828eeb5fa961b87afe03
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\D5D7B247774E63182A9E2C82B62424AAB64C79A8
binary
MD5: 60d4ad8c8b59c04236424c55d7269487
SHA256: b6488508ca7b458dd4f6cfb7917eb0c92f2de83ae1ba5ef016e5d3b71eaaadce
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\66F684AF9CC570C6247262B47C769C601C2A338B
binary
MD5: da6b5378536606a5aa55f810d1f7aecd
SHA256: d3edcf1d64bb6b5337581a28e590454c7a104f80f94ba0cb5dc946c08d3c2d2d
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\25218EE79CFF5F3AC18C58CFDF44A674E3560C47
binary
MD5: 7d7b42377bbc623f210f73b8ebff0099
SHA256: c20a5cd3dbce7a65d4027496f41b3a2ba2741f00f34e3b895ceeeed1722d025a
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\C7BCCD2D2CA294B38AE834D818CF5D5C0C7A65BE
binary
MD5: b30ddff7106e01ffafd7f7c1bdf69b08
SHA256: db47e36a2f91c6e8d6142eaa09bff271d86f4218de8a56eb16e347c19b25ef32
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\FDD3B4D22DFC36954FCB2DF9D37C06AC060C8225
binary
MD5: 93803f642a561d13a2f2275f2afcda3c
SHA256: 613c64df3a7b25e0102329436260fc1d055c8c5cc63bc93dc8f1ded928f2d646
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\E910D1FCE8BF27F5536B88567A4DC32624377CC3
binary
MD5: 262edf21b3c4dd3f7149df9912d92d0f
SHA256: 679d533fb8bc811e6a2b6a3d752e66991b03c06fb54e6dbe0a62d73c46009ec8
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\CABCAAB05AE00AE3D417253164E05D3B4E345F10
binary
MD5: 4033d82ea6f36814a8d90d1a01ec5ec4
SHA256: 3b4736c9157836f91feb847c995bb4ef4c1b988addc1bf4b9c510f46e99c29d9
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\B9667D755101C1D21E786F253C654BD086964020
woff2
MD5: f9237e06f7c471b9190d6beb4638a665
SHA256: 37ceb651133ddedf731169a250144d80427bee759c581f59a3ade2a2fdca0df5
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\80AAA8DABF864973820B69EDAB47943197DCC575
der
MD5: c6a45175d6f01eae2b7553eb5348bb27
SHA256: 62c787fa0c71c599898b4b740d1682de9f67c36b8fc43cc8c9b393d9fea030b4
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\6D730121FD763F5F1F5C0FA06E1E8AC73C97591D
compressed
MD5: b1eb7a7883a03e6a7dd6fb3160f28106
SHA256: 0196a213cc1c49f7040ee81c47ec48d2c55bc9a7cf32daa3434ef15d81e9c31f
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\3C65B887EA29E617091A5AE14B0D7268FA2053A2
compressed
MD5: 327197ba9dd6cac0da84eebedb0fd1e5
SHA256: 86f3393aa3f8de03f4bec5a078b0a67054ce1d1d8af0e921c338e7398fe48562
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\D68CAF7DF2821B6FF8FA7C896445E3FEDF710B49
woff2
MD5: 41b144942835472a849fb5bc18f29129
SHA256: 0aa3df99b7e2bad25391e4e08fef0ec7007335de9faf181ddbfe8bf76d177400
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\179977EC1B5CF43A769203F2E63E4D2CCB00C0BE
woff2
MD5: 60f0b73856012e3dda6de78e692b6893
SHA256: c45d36bbb9f5319c4d8e0ddc3f8e770eefc3d07aa86495e5418b8ce31d9202a5
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\38687230E1E287B558C5C849322582F3C29084A9
der
MD5: 66d3242184a9302a53412cc1b8373aba
SHA256: b77ae95adb5cc3afc89a1b32d3ff4989ae7482142b4abae49571e30358799b34
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\48A633A53C6575EC2C971CF67147BFAAC1AEF48F
compressed
MD5: 6425b09b4dc29623b2f5d354906489ae
SHA256: e4f0dab5fcbab4057de170766bf18074ce1de02639e98f485e7c04da00857d9e
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\49A1F9EC2F259F3918DFD86624B8931E86FDE425
image
MD5: caee168bd163e6ccf0a3551b4a35fd46
SHA256: f6a8e7712d422f91136e1dea09e08eab1360b6496d794eb2d8a2d6311deed458
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\57B158DEF1DDA4EB8D7E463C132782854F5F2A22
compressed
MD5: 0a0bf88b609b6f40ecd51bd1fc5ab56a
SHA256: 73047f313e28ee8d1caa7e3728eeac7a3b4bd9190fa81822c64480171ccdc1ee
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\A698B6CF98F43F9B0EE1C1DAF3F2CB9BFF09A47C
image
MD5: 362a985585bbb317f003242a94ef7c97
SHA256: dc2da2e249a7dbc226bcd9eb3a8f1ce4b7518551849ffcc5b1d9b9f1735fbca1
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\A02D5AC48AAEBEAFEED63256030E5B9CD1889379
compressed
MD5: 07fc87e48a47cb9ac70fbbc830da9e13
SHA256: d54ec26d4ba89fa13eb9aa7576fb0fca202f5d051d9be8b1b6e27287a587b728
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\A2A7B763C903E1DAE441BE0553CE53297C73ED0C
der
MD5: 51c5028a8e34ea30452df8a33f01ddfb
SHA256: c719c0eae729ffa69e19680ec8c19ed9965916b1f076b5e46842d6863b81a74d
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\892C84289465CD96CDB35CA5469D10A3BC016321
compressed
MD5: 3afcdd82b4e08b91648a3b5c81773ab9
SHA256: 6e2866c20c78619d758b980c3c21ffdadcc5a75ff66f7385c0f042d7aef5ea95
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\930D65589172AB26816A8854D3F463E2322C8902
compressed
MD5: 1a18ae8d5712f11eade410470f841915
SHA256: 74708ec87901b0695a4667dd0c7fe5f0f2135e7868a21838fc5e44e0f965d3b1
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\5F34A74D1380D10E61240C4B94321E6D5B7812DB
compressed
MD5: f27eb604f19aee055d39feb7f9fc5a22
SHA256: cdc8df582228c699c96fa1273fe16b8a88e9a8c5f0f88fe19ca77acd324b0a68
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\B8A5F2155EDD17DB5450911A00D76BEE987CBDED
compressed
MD5: 3cca5b64dce7d57bb10c945b2a89831c
SHA256: 0a3c62d0af4bc1e2f54d313aa7da4a5ec294213000479ebe464fe782fcda3432
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\4710DCD076B3A1B6217142086F409C1904588892
ini
MD5: 29c764de44a991364a57e11724c815ca
SHA256: cfd0b801bb13592b0e972930d3c702130627127e6d0200133b9396b3efa95fd5
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\prefs.js
text
MD5: 3f54ae2fd12c2d01b3b1a1b49bba1ec6
SHA256: 5bc6b5bf22ff0aed9c08d96cb6af05822143b5c9bb65372868aac9c8f99de725
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\863C89121F6B8F9B86DAD458CF263CE94F9E75B2
image
MD5: d207cca69189b2ca32c8fff0d4a6b4cf
SHA256: 069ef44eb5c574064af474c403b02ec4008424235057e55ecdcd7f45bc71d3e4
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\DFC42896C791034AA152214A96020985CC5E9195
image
MD5: 2a3589efde34a29a0562228aaf8cfa43
SHA256: 6a636506413193f0f7b3674e4ea5ef554ca82d1a3f783d86bf641b13b98f015f
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\8419A2637E780F24D2A2B6A86D7C862193C89CBA
image
MD5: deeaeedf1bd557a846f21b8b89b8226c
SHA256: 5983f7e72284366c69abe2a75639e53619df19616003d441e636c6af52b8874a
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\startupCache\webext.sc.lz4
binary
MD5: 4bb5316680c58d48bf9c36eb62e97466
SHA256: 4e0bec4c90636b0f7cc263b7f74fe2f7771e65fd5fc24c02da481954737c0c3f
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\78DBE55782B7B81AF853B4884323B48C34429A53
image
MD5: 34783910bf3d232038cd1d70d84b6988
SHA256: f5469d7179fa3b8d522d855566d3bc331f9473f0da3fe752d31e7f03b2d5b95d
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\9671DB4E21A40D05E565A5211964DD6D443A716F
image
MD5: d49d510b5d460df77a21905a3609cb75
SHA256: bd62bf319ff5edb634b17aaf9b91553be4ceb93c32bcfc188aed9a6a8bf3e777
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\startupCache\webext.sc.lz4.tmp
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\48A633A53C6575EC2C971CF67147BFAAC1AEF48F
compressed
MD5: 67e4bbceacfcfa9af2add0ef69a1f865
SHA256: 1a83fe84507a1fb4f4b5133924b292cc7a6bf198e6a4e0951b77d1ead3619ed0
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\FF7873F5E7B6FF921EED500473B866D8D5C3215E
compressed
MD5: 5958101b8532084b048e9eebf7c201aa
SHA256: bb689b97836c0137b49e959ddb76e552678352ca93bc11373d7fdccd7d197841
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\944A8DF3EF1A971B73D890E7E77E7A4108571771
compressed
MD5: 709fe3960b00fdffa088cff78f484780
SHA256: 3c384b02527ce6109c23346f9277dc15836d7c345cd7b817479e11c645e3840a
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\AC5E012C1887C7B691A8EA00C4E754025E25C235
compressed
MD5: bbfb166acd12a976293faeac6262c568
SHA256: f0bc4000f0270da36b8ba20d2cac2f91d2869c0e7012c98c7ebb32af70cb4eff
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\E910D1FCE8BF27F5536B88567A4DC32624377CC3
binary
MD5: 78c113ac50e81e1244297e618faf42af
SHA256: aed89de387f3f1a0333815903bc2ca9d86609d564b5a8d8e84ed65f0ffaaf29d
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\5C3B1B4A3AF3BDDFB5E032BA9BA685FAE38E7418
binary
MD5: a74e7a2f3d338785756b934a2edc1711
SHA256: 452db99eacab6335d92fc53c5d65bd792cc3ebf7339e7841da8163b8f29f8d01
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\search.json.mozlz4
jsonlz4
MD5: f15fa8afb79433d13836dae2a602f625
SHA256: 6ce047ed594919e76c6003a188c95968ca40c555f143a698bf413e42913934e2
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\search.json.mozlz4.tmp
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\addonStartup.json.lz4.tmp
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\containers.json
text
MD5: 94a3843fad8c45c48b0e07342df3dfdc
SHA256: 854ff2076f71097b030c302a1ea71d8e851d2920b9ff5fc8dc8f16c91ba95b72
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\containers.json.tmp
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\2A72E0068437B133D919EF3801F5AEB17DACAD2B
der
MD5: 8a07061672610fddcbd29cc82c8cc1ee
SHA256: 0b8442b856ae105d7b1362887eb01cbdc09cabe2ba94981597b08c3b5def2267
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\BA2B57FCE42F1E0B09030B26ABE78A953917C68C
der
MD5: 06417cdfd68e2e55f8c826bc182c510c
SHA256: 530995f5b9a0a0b4d800176dba69bf8d95b6c01bfe5535f45acd7721a1c2890c
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\OfflineCache\index.sqlite-journal
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cert9.db
sqlite
MD5: 479089d00c6b69e6495e377154e1500f
SHA256: ff01bd6050cc349b3a90c1b81dac645cf7ba4e8fab398c1d0f5598ca53b2ddb5
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\startupCache\scriptCache-child.bin
binary
MD5: 888f4c7e11179a59e584f8eeb0a9c7c6
SHA256: c5d3f4db9b5e05beee2c0a6bede9c244c5cca988bce30244751d60ada4c9ec78
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\startupCache\scriptCache-child-new.bin
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\startupCache\scriptCache.bin
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\prefs.js
text
MD5: 3b68cde8bfdc0796186183509f4e7e32
SHA256: cbdb31bd81ff39ba54edee3a4e9b6ba759f71347c2eab90e6ac9584f8f6690ef
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\startupCache\scriptCache-new.bin
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\startupCache\urlCache.bin
binary
MD5: 6acb6fb70b54b012c7ab526aad99f0e1
SHA256: 1513b0b7da9a384e1ebe4e36f6c64399e103855c4f077ccd3ee590c04fa66a75
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\startupCache\urlCache-new.bin
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\storage\permanent\chrome\idb\3561288849sdhlie.sqlite-wal
binary
MD5: c9cb32d5aa7d6799f6352680b20fb756
SHA256: 3243e5ff1da3debd672cd2c1d60b515951663a835e37b15aeb02de979c86f457
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\storage\permanent\chrome\idb\3561288849sdhlie.sqlite-shm
binary
MD5: 4b3feefabfeed97ab9e7393f86861cc8
SHA256: 94c86e89a4a2021c68b1e86206a0b0041311de454ae0828d3df1b46133c42dd5
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\storage\permanent\chrome\idb\3561288849sdhlie.sqlite
sqlite
MD5: 5fa77ac2d3d77deccb8fb77578d6fba8
SHA256: eda7e3990647099b3515ba4247f36a4db9a2055f4e3902e4c4c6c8579ba45c6c
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\handlers.json
text
MD5: b025c44725094e95ec3a5bb155d2d6ab
SHA256: 3fd74d94328cd6da3c487eb496e413ec5111b6abf2559474c47c19e6f19d2e07
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\handlers.json.tmp
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\addonStartup.json.lz4
jsonlz4
MD5: 790bf47850e5b296b734b3b96218cf95
SHA256: 264f57973003d0d2de8893a288c2a9aae026c21796e6041f4297cd23fab35c30
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\storage\permanent\chrome\idb\3561288849sdhlie.sqlite-journal
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite-wal
binary
MD5: cba37c639a7faa9fa487cebd301c6bb3
SHA256: 812d1e5107aa806b2ad4e1fe0957fd3057abcc61786ec499c25fd4d252cd33df
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite
sqlite
MD5: 5f5d3ff16b502b0281114c903f623ad7
SHA256: a33d74b91ac6ae387751b62ea343b831b5d3db9b3e5e756563f65b416c8b4059
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite-shm
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite-journal
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\storage\permanent\chrome\idb\2918063365piupsah.sqlite
sqlite
MD5: 48b20208f630df596b2de8433643d897
SHA256: 0165c7e4a4f8ee5c78e41ad1e4222f041d923fe0540f4b376f92b87a7e64f8ea
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\storage\permanent\chrome\idb\2918063365piupsah.sqlite-wal
binary
MD5: 5c06509a433cef751151a658728e401e
SHA256: 8a7b1dd73da29a3a3e2b76a3fa9b6b868b47d0500567a512b20993fd87d9849a
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\storage\permanent\chrome\idb\2918063365piupsah.sqlite-shm
binary
MD5: bc0113928fcad89662a41556c5dfff8f
SHA256: eb92632a0f5c2cd3ca272951bfdd9b1ee7f40dea4c201715a9ad3071190408b9
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\storage\permanent\chrome\idb\2918063365piupsah.sqlite-journal
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\addons.json
text
MD5: 55b5026150dc3a60d07b8bea2ae0f983
SHA256: a13174f20dde2249a49853d6eae20f07ffc4ddf1e3007ab3e4911e511ecffc1c
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\addons.json.tmp
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\extensions.json
text
MD5: 92adf9a6cdaca1637821c93e30adfb43
SHA256: a1e6b34c60b98c6675f3de3edb7ac368d3d97860ab778aa7d04dbd9e6aa805c5
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\extensions.json.tmp
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\storage\permanent\chrome\idb\1451318868ntouromlalnodry--epcr.sqlite
sqlite
MD5: 0b7d4f3cf219ce4b6fa60ba0933947f0
SHA256: 0db33c820b1ffb8bfc45bc724788c3c373d445fb767da6cdf3a5f1cd987449db
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\storage\permanent\chrome\idb\1451318868ntouromlalnodry--epcr.sqlite-wal
binary
MD5: e71da8978d5fbbbde6a0c5dec3b9740e
SHA256: 6d2f941ba8451a687eee407019c1d89e172817249d71466fa28afb18b6c264ab
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\storage\permanent\chrome\idb\1451318868ntouromlalnodry--epcr.sqlite-shm
binary
MD5: 8a9989d63bd2f2e89169bcdd1997cf59
SHA256: 7af7e8a26e631c06686d8d0ca15902545daf1578614635a904b2445763cf9228
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\content-prefs.sqlite-journal
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\storage\permanent\chrome\idb\1451318868ntouromlalnodry--epcr.sqlite-journal
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\storage\permanent\chrome\.metadata-v2
binary
MD5: 3a956a30e4f40a518e2ea94bf62f28de
SHA256: f6af949deb850aab37dda3bbe7c509658227b5fc970f161d5ea5a29571642e0c
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\storage\permanent\chrome\.metadata
binary
MD5: e6cb1601f3fdb32d7ebe782cc45c8aa4
SHA256: c87c8a5dacb54fb7af53051add54a2971139eae967f66d8e1df808cd00d7a24d
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\storage\permanent\chrome\.metadata-v2-tmp
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\storage\permanent\chrome\.metadata-tmp
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\storage.sqlite
sqlite
MD5: e7674923795007824554249902a9ee39
SHA256: 65b3c3909fad405d2ad522a0c1b5ff28b303726ad96db480d65bc7167bf02431
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\storage.sqlite-journal
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\prefs.js
text
MD5: 505d65f27e3ea15fd9cbd5a14ff6aca3
SHA256: 4ed286abe7b59653be5718b1f4e1031b1d084e823778a50851667cd84bacd9e1
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\sessionCheckpoints.json
text
MD5: c4ab2ee59ca41b6d6a6ea911f35bdc00
SHA256: 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\sessionCheckpoints.json.tmp
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\webappsstore.sqlite-journal
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\prefs.js
text
MD5: d7f2dcf2cbeb99ba5bdc01f180a26c40
SHA256: e60bcdb7b2eb42ae7ac8644537addb5f0bd4e425ae4d606170eb93634992b3e0
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\pkcs11.txt
text
MD5: 10791ad9741b116de50664790e16014c
SHA256: 9b5c4d1f5bcc5bdf92cb2b3f7b4ca2b2d4f44a6b22b0b169a0c13dfdc9206719
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\prefs.js
text
MD5: 6ac95c5be984b8e4c4a11421ac236de9
SHA256: eb05cecd356185ea73ce950eb0f22eda9677bd503d6b5321ec152e4a04cea2eb
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\pluginreg.dat
text
MD5: bb41a5eee03ef43a7c1f9fcf0924ea7c
SHA256: b7251b1613038b056a60bc667d0a8982238c9b784485ce2b2e5d5ab302441dcd
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\pluginreg.dat.tmp
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\prefs.js
text
MD5: 9589e3f371d6226e683ee3beb086244c
SHA256: 4b3724ea4e9913301ea4581b2ed2c92b294e2edfe7133931af39dae92527ae8d
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\sessionCheckpoints.json
text
MD5: ea8b62857dfdbd3d0be7d7e4a954ec9a
SHA256: 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\prefs.js
text
MD5: 1eca1db039e978ae38a884d921ff28ec
SHA256: a26d12da04f87702d02aa2edeccccef5c1b102f7107d89ff71b1546e3d0ba70a
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\extensions.json
text
MD5: e8175aa8c4031bf75bc483d23bec7e4f
SHA256: fb68e6d8b0f069501d0405db3e2b5a86fdce54be2d5a5e4074f2e1768c88e101
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\blocklist.xml
xml
MD5: db337f0273db3ac23b7c1c7857469255
SHA256: 64d3d91143c984fae95ecc6710c11f553cc6a9e77effeb288771cca964a81077
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cookies.sqlite-shm
binary
MD5: b7c14ec6110fa820ca6b65f5aec85911
SHA256: fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\permissions.sqlite-journal
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\profiles.ini
text
MD5: 003c8e54b3ee8c8b73816c1ca86fa4d6
SHA256: 5ff24c8379433cf269e675686b96b4d8b45595fd041de9edb66ed6b22fd7a674
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\webappsstore.sqlite
sqlite
MD5: 446fbaa8b14b3c86bfcef8be65ee7d80
SHA256: 47dbd4af1ef0e76fd0fc756d4f3a397c251f63cb1b71b1b4405fca69c1ded6e0
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\xulstore.json
text
MD5: 120b885c3becc77ebf6b7d377e5e867c
SHA256: cd256c79351140a6e27ef0373e120f245d07b189130ebf40baf4d3859897780d
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\weave\failed\tabs.json
text
MD5: f20674a0751f58bbd67ada26a34ad922
SHA256: 8f05bafd61f29998ca102b333f853628502d4e45d53cff41148d6dd15f011792
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\weave\toFetch\tabs.json
text
MD5: f20674a0751f58bbd67ada26a34ad922
SHA256: 8f05bafd61f29998ca102b333f853628502d4e45d53cff41148d6dd15f011792
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\storage.sqlite
sqlite
MD5: 65fd234360942b0eb0f33505c416ef5b
SHA256: c25e4307eff684c95edc0c3b4fdc711125224fd69bbe8421d128da2e4f5d8f92
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\times.json
text
MD5: 7929ebc421c01545bd31e7a240642929
SHA256: 47dc332ba6b154f684848493cc7b1886d714d40b875c9c8dab3f1d3cbdc36124
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\storage\permanent\chrome\idb\727688008bsleotcakcliifsittsr%.sqlite
sqlite
MD5: eb54d7420666049766596046d94682ab
SHA256: 457c0979b74b6530fbf0cce85aabf8ccb278294e1102c97e22f13b5242199aa1
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
sqlite
MD5: 603b8df29fe9a0c861079bd58fa62bee
SHA256: e8cf9d7f482eb39b131910c31f13ebab2bb7cc19aed37cd792ce41509105d077
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\storage\permanent\chrome\idb\3899588440psinninpiFn2g%.sqlite
sqlite
MD5: 489c022454909460f333b279bb069afb
SHA256: f513adf09c2970b5898d4942672ef1601ec089f0be4231e797c21101db9d78d4
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\storage\permanent\chrome\idb\3561288849sdhlie.sqlite
sqlite
MD5: 0660c94ba73abbd5d7ad773776a8fc74
SHA256: e765821f9ca3be398a861760a09abcd38634ecb7f7c1e84fc942b517a2d8d456
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\storage\permanent\chrome\idb\2918063365piupsah.sqlite
sqlite
MD5: f09df169052e7fc8478b297f66bffced
SHA256: 7f50f5a9395c9926963039335c225603e794e8c20c830e3c2d1f1acc52ad0ed1
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\storage\permanent\chrome\idb\3345959086bslnoocdkdlaiFs2t%s.sqlite
sqlite
MD5: 9fb5d058430f7ad16c916003778180f4
SHA256: fe535f1eac6323d3ccc02c08245dbe84a17b22a815182a392f29443d094fffdb
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite
sqlite
MD5: 3c0613bbd424c725b864070de68fa1b3
SHA256: 263cd28a4c4e209688b15269752418537373dc34967d8d082a562b8547c76f20
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\storage\permanent\chrome\idb\1725441852bxlfogcFk2l%isst.sqlite
sqlite
MD5: b17f0aaa5d89f1d37613c541208934b2
SHA256: adbe9ff83054dee5c8d52eefb267ec4af60df1f54bcf04e4cc61d1a8536340e4
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\storage\permanent\chrome\idb\1451318868ntouromlalnodry--epcr.sqlite
sqlite
MD5: 1e44c172f3c7c61780492cc885001d9c
SHA256: 027715a39666331a128e64a2c8c9ca4e2df2609b60f16d5e81b8e66eb8e73423
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\storage\permanent\chrome\idb\1059394878bslnoicgkullipsFt2s%.sqlite
sqlite
MD5: 167270b623f8b27f3376c3e7b385cb99
SHA256: 97a00011beb82c2b999c76a60b7ae653325ad7846788b20c8e99f605355c77af
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\storage\permanent\chrome\.metadata
binary
MD5: 36fd91409594bc22af29fe7d32790bda
SHA256: 762a066726a91f261c65a3d37c8287994a5411d850f56917e8b0dc9f66e07d8e
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\storage\permanent\chrome\.metadata-v2
binary
MD5: 12778684c727cacc57627b0d249f2c0b
SHA256: 4ad62a9ed2f2c3f7d59c1aaeea8512079e30be90af22fef4bf2721e0963b9ff4
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\storage\default\about+newtab\idb\3312185054sbndi_pspte.sqlite
sqlite
MD5: 1985c7557ce41ccce454603d4c503a4a
SHA256: 81a822fb068e6c31bb4e937a34d7214ee968c5a8fa03eddb8abd01920c32a4ed
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\storage\default\about+newtab\idb\3312185054sbndi_pspte.files\1
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\storage\default\about+newtab\.metadata
binary
MD5: 40020cc2faa14d73774db0e2a57ca52a
SHA256: f2232593af09c07a850b59c3383878e381a4a01c4b769f2af800efc4d0b71c91
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\storage\default\about+newtab\.metadata-v2
binary
MD5: 6ea576a1be99d1312e936e51310cd6af
SHA256: 2443973700d8255d812eabc80587ffc5790221de4a5de5f3b6e134ba76c39acd
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\storage\default\about+home\idb\3312185054sbndi_pspte.files\2
sz
MD5: c29e943cb5c5e456f96fee0d49aeb521
SHA256: 409717f04e3f1f68aeeeccc97e20a03148104ce3ee781db422f0569ba7047f00
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\storage\default\about+home\idb\3312185054sbndi_pspte.sqlite
sqlite
MD5: 5871408f922639851ec0e61a7917eb52
SHA256: 93a9f2bea4aebf70bed6a51019405cb9a1df9e3600f9e4b6037bc04a8c660590
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\storage\default\about+home\.metadata
binary
MD5: 6eac8fc2b98b4e57c56ff3b224cbfe2d
SHA256: f8a129c7152dae2427b67d1c55e82df4402a0aefa4e842bcf823c6ef6c41d4c8
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\storage\default\about+home\.metadata-v2
binary
MD5: 23ab4b90a543a64d9335e10466f84313
SHA256: b30378104029ce3cb25d7291fb631d8fb43becf4458382b8e85eb309313b0013
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\SiteSecurityServiceState.txt
text
MD5: 847e279809a1ceba6c78990597745994
SHA256: f30ccbdf992b23b9ece2c35e60ff9ff8719d55e50f51b3fed43162b9384adbe3
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\sessionstore-backups\recovery.baklz4
jsonlz4
MD5: aa4a2b9ac6960e0267854d1f02db8693
SHA256: 745c4e30818beaf8b689db457f7618c2ba67acbb9d43444da6a96e03157d98dc
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\sessionstore-backups\previous.jsonlz4
jsonlz4
MD5: 52e8bc6c145ebbc19b7a267158131fdf
SHA256: d9109ee83aa0203116411da7674ea657ba4a6a506bf9631127b76afd42bfea27
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\sessionstore.jsonlz4
jsonlz4
MD5: 8e08d9c59b7b475d31326a983a1ed764
SHA256: ecc97ccaef8f373990d3f361bb0bb961d3fb95b9680f25cf51f7b533b901c9ee
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\sessionstore-backups\recovery.jsonlz4
jsonlz4
MD5: 19b69d70b23349d91a301b52c388bdfe
SHA256: 7e54bb10564afaa819bcd47b0e02590955e00569b699fbe15d5fac331e64d814
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\sessionCheckpoints.json
text
MD5: 948a7403e323297c6bb8a5c791b42866
SHA256: 2fca1f29b73dd5b4159fa1eb16e69276482f5224ba7d2219a547039129a51f0e
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\saved-telemetry-pings\9e50f1aa-0e03-4ed8-8fd8-612b433a5744
text
MD5: 597a561110ae84633d0ddd13dcd5eeda
SHA256: 1c80cfecf134751bd8db20b8f491a8860bfb07f58a87f4364b5eaffb19c77097
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\saved-telemetry-pings\6c8d38fa-8188-40ce-822e-2249c9316ad9
text
MD5: f7010fe97bd60135f244f37666dc31f0
SHA256: 91c8b79eefb077299aba07b1788b8d91aec86ee65b08cc305a71387f598b28fe
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\search.json.mozlz4
jsonlz4
MD5: 54488f2eaaa6aa3b38370e30217e40c7
SHA256: 002e205a45fa98ffd8bbf9030cffb0916f809bb39bb8a61c621329aef16f73e9
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\pluginreg.dat
text
MD5: 623f1ed6c4dd7e0ef20d6aef7fb3c941
SHA256: c83b6af70ec9dd863f8e56085b3d1d8bb2d2d6b402ca086c66043fc529f39be3
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\revocations.txt
text
MD5: cc749a7f2609a214e1f3600224ee49fd
SHA256: 814e4a31e2472cdb9865483cb7e70523ba93cbe1e57aa2009945992fa2d41fd6
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\saved-telemetry-pings\4802db1c-08fa-4dd6-86ed-b549a554341f
text
MD5: 8c063d28568ed38d6a1588323db23225
SHA256: 9d5d0d53a1ef63603a9541d4f849a2b721bd88e01116917fbbc216724b34f359
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\saved-telemetry-pings\5b3e494c-cfc0-48fc-8a46-d7b0f7ac9ab8
text
MD5: 536ea529515e39292e383b8a0721c541
SHA256: 6e5952ce71b7e0a2a073dcd255dacdc7503b742b275a85ec05a5822e9fe40670
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\prefs.js
text
MD5: 80d087521b0e72476521b3a071cf2124
SHA256: 25ab8514a4ed058ae2c760c3a40052266579af26588f078b110e40f538aa0602
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\pkcs11.txt
text
MD5: 7649bb6f105448170e7e447e66d8cc3d
SHA256: 687ac2de1316be0e875e2fbbf7dee4547fe0b4eff7987517d216534ef2bbc3c3
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\places.sqlite
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\permissions.sqlite
sqlite
MD5: f18e7bce0c0b20231cec185356a8a19d
SHA256: 92152d38e67ef64cfc56dd39ca3ecbcf7361f1e9a6275fe4bff9226fbea1b4f1
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\key4.db
sqlite
MD5: 0b3c43342ce2a99318aa0fe9e531c57b
SHA256: 0ccb4915e00390685621da3d75ebfd5edadc94155a79c66415a7f4e9763d71b8
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\logins.json
text
MD5: e7ce898aadd69f4e4280010b7808116e
SHA256: c9214bb54f10242aa254f0758372a440c8d8f49934021f8f08b6df9fb377eb02
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\handlers.json
text
MD5: b025c44725094e95ec3a5bb155d2d6ab
SHA256: 3fd74d94328cd6da3c487eb496e413ec5111b6abf2559474c47c19e6f19d2e07
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\shield-recipe-client.json
text
MD5: f718cf4a2a2f4da9c41fa4f28ee98d05
SHA256: a69fe65288ac5d44ab4992ad4954e14616011cacde702f49953bf700653c3422
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\gmp-widevinecdm\1.4.8.1008\widevinecdm.dll.lib
obj
MD5: 82122a5f7794f29a393fa67307940514
SHA256: ef691278374fa5a25b1b0049a8473683a8c7309280ea838ecbeb736ca873c687
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\gmp-widevinecdm\1.4.8.1008\widevinecdm.dll.sig
pi2
MD5: b1e59508c855ef1cbc7fb89f3a1a6d4d
SHA256: d05bab1e36c62ddce10dcd930d4dcf2095ba654e0747b8a0609a7418aa1c5d26
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\gmp-gmpopenh264\1.7.1\gmpopenh264.info
text
MD5: 18dcab996bc5fde1b1699c4b5c115e29
SHA256: 4e350386f5eeb397e2f0b663103edd5321b4144f78a6df15150888386e2256da
796
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cache2\entries\0F61E1E2CC1560B5CDF93683ACCCD2CC578A8E27
binary
MD5: 0545953d5017fcc7c24d655acb6796d6
SHA256: b28463207c0b09f669b434f1f0e9fc2231d98f844dd1aa6d331f6497dcfe8914
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\gmp-widevinecdm\1.4.8.1008\LICENSE.txt
text
MD5: 49ddb419d96dceb9069018535fb2e2fc
SHA256: 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\gmp-widevinecdm\1.4.8.1008\manifest.json
text
MD5: 5c15c32fcf4ac1a5d5c9c7a6b092ece0
SHA256: da88859b0fbf2ae545fe4ecacf709ffe348738b377ad341d727a8915fdbcf9d7
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\formhistory.sqlite
sqlite
MD5: 60b51ba20224ac3783e213ea9f55f125
SHA256: 0e305ba02985f26b29b234cd79d2c2af0a51085da2db2bed98d20f8c61b76254
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\favicons.sqlite
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\datareporting\state.json
text
MD5: 9c5351bbf9d0212293b813ee59dc9213
SHA256: 38b9c0fbd09cdcbd2703e194f1874948a0ff886bb2f46fd0edf7a39cb6d91f57
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\extensions.json
text
MD5: 761f072f35248cad29bb5b6699908de6
SHA256: 5fea4730839d9416f1c5c52cc8a7318c41735e263d5ae9a711669fb943f0c6f2
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\datareporting\archived\2019-06\1560706780252.e3cfaa92-6609-4c97-9fd1-b6858d77bdc7.health.jsonlz4
jsonlz4
MD5: 85d03e4081bdd370751c07e2a9b07eb9
SHA256: bd75fe19af17dd5cab927bbe875a0d9c9a2b2aa45cc388f49846ff24c6a1cca3
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\datareporting\archived\2019-06\1560706780222.9e50f1aa-0e03-4ed8-8fd8-612b433a5744.health.jsonlz4
jsonlz4
MD5: 73b57f37998bf9f017603f0db1029fb7
SHA256: a2f0484e537726e5a486f8dc09975e6b0a083d896d20eac56a2ae12d5a980f46
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\datareporting\archived\2019-06\1560706780277.e7e5185f-24e6-42b8-bd69-f892e81347a2.main.jsonlz4
jsonlz4
MD5: cedb5a8c70d268e87ac5edeb545ac71b
SHA256: aae5cdad7c6a6473152c2c388138f37805f1153288688c817cf21829889836e1
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\datareporting\session-state.json
text
MD5: 2359519aba71b66be404faea543fb219
SHA256: 6e28fb28d8ee4e1ebf4fb2fc20ffb4dc8ccc9501ee2d06ff3a2b8d7c29a9b133
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\crashes\store.json.mozlz4
jsonlz4
MD5: a6338865eb252d0ef8fcf11fa9af3f0d
SHA256: 078648c042b9b08483ce246b7f01371072541a2e90d1beb0c8009a6118cbd965
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\cookies.sqlite
sqlite
MD5: ff0b30d6d468e707f10c6e013128d47a
SHA256: 4ca389c09f2e46042fcfcd6c9490374717f43af1261f360bbbfdd9afb9732bfd
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache-current.bin
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\bookmarkbackups\bookmarks-2018-08-28_14_uZyx1cMFmZ7ZpL4NneCk2A==.jsonlz4
jsonlz4
MD5: 8b3a3845e8f6c6076b27362edb8388d7
SHA256: 4f98274fcd24d4a238a86ceec0ddd26c589ebc77ab21c4b18943d1d3ef73dd92
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\containers.json
text
MD5: 94a3843fad8c45c48b0e07342df3dfdc
SHA256: 854ff2076f71097b030c302a1ea71d8e851d2920b9ff5fc8dc8f16c91ba95b72
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\cert9.db
sqlite
MD5: 17f2609e10598c8ac04e5488ce170ecf
SHA256: 2fa7c0d82499f9594f61825bd2b50c35f5b71c20cda79e8ab5e0af24d4d3ae6c
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\compatibility.ini
ini
MD5: d6ff99308b6bb17e79d208b32dd14489
SHA256: 6bcb9dd4a2b7ff9d52da70e10fca5983bad5ac8cc6d6a456f05652a55f7ad26f
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\blocklist.xml
xml
MD5: db337f0273db3ac23b7c1c7857469255
SHA256: 64d3d91143c984fae95ecc6710c11f553cc6a9e77effeb288771cca964a81077
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\addonStartup.json.lz4
jsonlz4
MD5: 7337d087ec76e87a76778b4eec5e8e63
SHA256: aa4398d1716aadeb35a4ddddc4e7d2429c71defd15cb45401938889f5b2f05e0
796
firefox.exe
C:\Users\admin\Desktop\Old Firefox Data\qldyz51w.default\addons.json
text
MD5: 55b5026150dc3a60d07b8bea2ae0f983
SHA256: a13174f20dde2249a49853d6eae20f07ffc4ddf1e3007ab3e4911e511ecffc1c
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\prefs.js
text
MD5: 10ab80d8ddf2f8d29e5067d3de970c50
SHA256: 837329c3f8bca9b79c9b06c7897a74597ee7a7fcb857710f82891a1041b0ffd6
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\datareporting\session-state.json
text
MD5: 2359519aba71b66be404faea543fb219
SHA256: 6e28fb28d8ee4e1ebf4fb2fc20ffb4dc8ccc9501ee2d06ff3a2b8d7c29a9b133
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\sessionstore.jsonlz4
jsonlz4
MD5: 1c01a980ef21f8218b5b2dae6cac1131
SHA256: 5242bb51e4fcb0702e807dad3b5837688d9595317d5c47b0d830a16168b14d15
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\sessionCheckpoints.json
text
MD5: 948a7403e323297c6bb8a5c791b42866
SHA256: 2fca1f29b73dd5b4159fa1eb16e69276482f5224ba7d2219a547039129a51f0e
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\datareporting\state.json
text
MD5: 9c5351bbf9d0212293b813ee59dc9213
SHA256: 38b9c0fbd09cdcbd2703e194f1874948a0ff886bb2f46fd0edf7a39cb6d91f57
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\sessionstore.jsonlz4.tmp
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\bookmarkbackups\bookmarks-2018-08-28_14_uZyx1cMFmZ7ZpL4NneCk2A==.jsonlz4
jsonlz4
MD5: 8b3a3845e8f6c6076b27362edb8388d7
SHA256: 4f98274fcd24d4a238a86ceec0ddd26c589ebc77ab21c4b18943d1d3ef73dd92
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\times.json
text
MD5: c17bf39bb0d36af748d8a252b95f4079
SHA256: 3dd283a853734e4cc4e05adcdc0c4a7ff620ba46488d4ff9f99b7634f454d326
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\times.json.tmp
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\logins.json
text
MD5: e7ce898aadd69f4e4280010b7808116e
SHA256: c9214bb54f10242aa254f0758372a440c8d8f49934021f8f08b6df9fb377eb02
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\cookies.sqlite
sqlite
MD5: ff0b30d6d468e707f10c6e013128d47a
SHA256: 4ca389c09f2e46042fcfcd6c9490374717f43af1261f360bbbfdd9afb9732bfd
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\formhistory.sqlite
sqlite
MD5: 60b51ba20224ac3783e213ea9f55f125
SHA256: 0e305ba02985f26b29b234cd79d2c2af0a51085da2db2bed98d20f8c61b76254
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\key4.db
sqlite
MD5: 0b3c43342ce2a99318aa0fe9e531c57b
SHA256: 0ccb4915e00390685621da3d75ebfd5edadc94155a79c66415a7f4e9763d71b8
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\favicons.sqlite
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\places.sqlite
––
MD5:  ––
SHA256:  ––
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\times.json
text
MD5: 07e63108e0a0219c376d80b66f58cb6a
SHA256: 5a247057c96d72fd3efbcbbefc74cbd3ab95bd19567b7424d4fe837e8508f7ba
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\compatibility.ini
ini
MD5: af292bb8604668e56112918cd9f66687
SHA256: 7d56c2c145cbebc7ea5621b1de2c9a366103bcdee4cda1e9bbcf9a9a3e09d1a5
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\profiles.ini
text
MD5: 05c1c0740cd1f85dcf5a01bf20857e8d
SHA256: d1edccd1112293be0c73c3118611d69c9b86fdb688a48c27bb590c62dd5e665b
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\datareporting\archived\2019-06\1560706780277.e7e5185f-24e6-42b8-bd69-f892e81347a2.main.jsonlz4
jsonlz4
MD5: cedb5a8c70d268e87ac5edeb545ac71b
SHA256: aae5cdad7c6a6473152c2c388138f37805f1153288688c817cf21829889836e1
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\saved-telemetry-pings\e7e5185f-24e6-42b8-bd69-f892e81347a2
text
MD5: ed511f7ba6c722f61d7d4d431c70bb67
SHA256: 5589ccfe9c31469c97b88f97b8590f2c929e266f408dca642a985135923e2dbd
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\saved-telemetry-pings\e7e5185f-24e6-42b8-bd69-f892e81347a2.tmp
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\datareporting\archived\2019-06\1560706780277.e7e5185f-24e6-42b8-bd69-f892e81347a2.main.jsonlz4.tmp
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\datareporting\archived\2019-06\1560706780252.e3cfaa92-6609-4c97-9fd1-b6858d77bdc7.health.jsonlz4
jsonlz4
MD5: 85d03e4081bdd370751c07e2a9b07eb9
SHA256: bd75fe19af17dd5cab927bbe875a0d9c9a2b2aa45cc388f49846ff24c6a1cca3
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\saved-telemetry-pings\e3cfaa92-6609-4c97-9fd1-b6858d77bdc7
text
MD5: 2015a5010d4f43603dccbfc3437b5a65
SHA256: ec20c1856cdfd0ee1cfd2b95d9b1e89ab4d07778183cc685f5e415f7b8c76f0c
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\saved-telemetry-pings\e3cfaa92-6609-4c97-9fd1-b6858d77bdc7.tmp
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\datareporting\archived\2019-06\1560706780252.e3cfaa92-6609-4c97-9fd1-b6858d77bdc7.health.jsonlz4.tmp
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\saved-telemetry-pings\9e50f1aa-0e03-4ed8-8fd8-612b433a5744
text
MD5: 597a561110ae84633d0ddd13dcd5eeda
SHA256: 1c80cfecf134751bd8db20b8f491a8860bfb07f58a87f4364b5eaffb19c77097
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\saved-telemetry-pings\9e50f1aa-0e03-4ed8-8fd8-612b433a5744.tmp
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\datareporting\archived\2019-06\1560706780222.9e50f1aa-0e03-4ed8-8fd8-612b433a5744.health.jsonlz4
jsonlz4
MD5: 73b57f37998bf9f017603f0db1029fb7
SHA256: a2f0484e537726e5a486f8dc09975e6b0a083d896d20eac56a2ae12d5a980f46
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\datareporting\session-state.json
text
MD5: 2359519aba71b66be404faea543fb219
SHA256: 6e28fb28d8ee4e1ebf4fb2fc20ffb4dc8ccc9501ee2d06ff3a2b8d7c29a9b133
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\datareporting\aborted-session-ping.tmp
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\datareporting\aborted-session-ping
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\datareporting\session-state.json.tmp
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\datareporting\archived\2019-06\1560706780222.9e50f1aa-0e03-4ed8-8fd8-612b433a5744.health.jsonlz4.tmp
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 80d087521b0e72476521b3a071cf2124
SHA256: 25ab8514a4ed058ae2c760c3a40052266579af26588f078b110e40f538aa0602
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
sqlite
MD5: 603b8df29fe9a0c861079bd58fa62bee
SHA256: e8cf9d7f482eb39b131910c31f13ebab2bb7cc19aed37cd792ce41509105d077
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite
sqlite
MD5: 3c0613bbd424c725b864070de68fa1b3
SHA256: 263cd28a4c4e209688b15269752418537373dc34967d8d082a562b8547c76f20
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite-wal
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs-1.js
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite-wal
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite-shm
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite-shm
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Temp\mz_etilqs_ltciN0jTPF8K2mR
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1451318868ntouromlalnodry--epcr.sqlite-shm
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\xulstore.json.tmp
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\permissions.sqlite
sqlite
MD5: f18e7bce0c0b20231cec185356a8a19d
SHA256: 92152d38e67ef64cfc56dd39ca3ecbcf7361f1e9a6275fe4bff9226fbea1b4f1
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\xulstore.json
text
MD5: 120b885c3becc77ebf6b7d377e5e867c
SHA256: cd256c79351140a6e27ef0373e120f245d07b189130ebf40baf4d3859897780d
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\cookies.sqlite
sqlite
MD5: ff0b30d6d468e707f10c6e013128d47a
SHA256: 4ca389c09f2e46042fcfcd6c9490374717f43af1261f360bbbfdd9afb9732bfd
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\cookies.sqlite-wal
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\cookies.sqlite-shm
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\webappsstore.sqlite-shm
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\favicons.sqlite-shm
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\places.sqlite
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\places.sqlite-wal
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\places.sqlite-shm
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionCheckpoints.json
text
MD5: 948a7403e323297c6bb8a5c791b42866
SHA256: 2fca1f29b73dd5b4159fa1eb16e69276482f5224ba7d2219a547039129a51f0e
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionCheckpoints.json.tmp
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\SiteSecurityServiceState.txt
text
MD5: 847e279809a1ceba6c78990597745994
SHA256: f30ccbdf992b23b9ece2c35e60ff9ff8719d55e50f51b3fed43162b9384adbe3
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore.jsonlz4
jsonlz4
MD5: 8e08d9c59b7b475d31326a983a1ed764
SHA256: ecc97ccaef8f373990d3f361bb0bb961d3fb95b9680f25cf51f7b533b901c9ee
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore.jsonlz4.tmp
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\1836CC1ECC545FA7B1A59C8B19A2E984D0122ED4
cer
MD5: 38fe75d200f8ed120170447637e4c6a4
SHA256: 76fbd8befb0de6bd818c36a8bf153bfb6fc1cfe1bd0bb99ccbaced7fc6e75a4c
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\1C1B3A1A8A7E7F2621B2227A21474ACA3F829C17
binary
MD5: 8d192288e4cf58f5aaa4a30aab0310f6
SHA256: 9a4cfe9a497668dfa1447ef62cc3ac42d74b1d44d3ab75a9e9d8755da07bbce6
456
firefox.exe
C:\Users\admin\AppData\Local\Temp\mz_etilqs_9L3Aa4HUu05kIwj
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 1ce5b1de15c4d7fec77bbab240b7d0fc
SHA256: 1d9b6883800cca67a008251d09c3f9b8a44ff1c3c704b3b6200277dbb49d893c
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
sqlite
MD5: e1833460d9fcc575f3d037e74b320a97
SHA256: 586e1d85f32127c976e51e34a1f643cb4b7bffb5c56e5ce64ac8f2b80d4d8c01
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite-wal
binary
MD5: d2feb8edc19a4d039b030c4390fa899a
SHA256: 34220c632be25629a0d3727159e80010e8835a4d4271ce241fd47d65df587749
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite-journal
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\2B8FB3A7C1E8990CE64886D66718692D2B2ED2BC
binary
MD5: aba31c052be1907a421c473ab56d5d16
SHA256: 7061c47aff796a063d31fd9dbd5e9d7bf75e8aa4871146f7c8c832c2639f5fb7
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 40c1ec0d5f420db44021747c6113c047
SHA256: 6a1a597038771c54f19b6743ac4219a563844ce9e560038f55863ae1b199a760
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\189CC1E4135F2A8A38A01446CA6FA220F6D31986
binary
MD5: 4f55a52643001d8ec2324c9563e43597
SHA256: f081af31c7ab405be4b381f6c246ca28a01c0afdb3807cba537c1d831dbeae22
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.jsonlz4
jsonlz4
MD5: 19b69d70b23349d91a301b52c388bdfe
SHA256: 7e54bb10564afaa819bcd47b0e02590955e00569b699fbe15d5fac331e64d814
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.baklz4
jsonlz4
MD5: aa4a2b9ac6960e0267854d1f02db8693
SHA256: 745c4e30818beaf8b689db457f7618c2ba67acbb9d43444da6a96e03157d98dc
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.jsonlz4.tmp
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\permissions.sqlite-journal
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\5E50E4B2C29AE15A100F63067AE38098F23BED66
compressed
MD5: 8c0a64c29f8a22faf30e87db56eeda64
SHA256: 482bda45215fd0a506781cf0ac40878ecf73e2b6d3f411defe3061170bb8cbad
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 79e509b0498042c478d1d9e89c19cd5b
SHA256: 1bcce61d19c6289173573575760fea1bfe608db06f118c70f740ac0e6aee319b
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozstd-trackwhite-digest256.pset
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-backup
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozstd-trackwhite-digest256.sbstore
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozstd-trackwhite-digest256-1.sbstore
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\base-track-digest256.pset
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\base-track-digest256-1.sbstore
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\base-track-digest256.sbstore
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-unwanted-simple.pset
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-unwanted-simple.sbstore
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-trackwhite-simple.sbstore
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-track-simple.pset
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-track-simple.sbstore
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-trackwhite-simple.pset
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-harmful-simple.sbstore
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-malware-simple.sbstore
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-malware-simple.pset
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-phish-simple.sbstore
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-block-simple.sbstore
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-phish-simple.pset
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-harmful-simple.pset
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.metadata
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.pset
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozplugin-block-digest256.pset
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozplugin-block-digest256.sbstore
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-block-simple.pset
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto.metadata
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto.pset
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-phish-proto.metadata
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-phish-proto.pset
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-downloadwhite-proto.metadata
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto.pset
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-downloadwhite-proto.pset
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashsubdoc-digest256.sbstore
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto.metadata
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashsubdoc-digest256.pset
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashallow-digest256.sbstore
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashallow-digest256.pset
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flashsubdoc-digest256.sbstore
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flash-digest256.pset
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flash-digest256.sbstore
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flash-digest256.sbstore
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flashsubdoc-digest256.pset
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flash-digest256.pset
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\allow-flashallow-digest256.sbstore
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\allow-flashallow-digest256.pset
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite
sqlite
MD5: e8d9b693f5714aef7951b15cb0963499
SHA256: 42f9cbf2ac6746acc60f290e00ffe186fd6a3b65a7fc136c3340a26b2b15cb8a
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\2918063365piupsah.sqlite-shm
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3561288849sdhlie.sqlite-shm
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\EA82226DEA069CC3115AF8FECA9077012853C79D
der
MD5: d7a994525f4becc5b1679147752e2e0c
SHA256: 3d1dd7ab48e4c662d09ddd9ebaa478fb049f06a245c1ee58781ef5cad7e346f7
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 679b673602f2c602fd3baa76e3c1772b
SHA256: 1b40683d9a97744eb24aa33d8131461b8767f1c64cb93b85e470442d7072eeed
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache-child.bin
binary
MD5: 558efecb4cdb09a52b64b7737a278a26
SHA256: 660da5a16623cb99f05b166ef13dc4da9b481c5c73ad9d714bea1c9fca07d4d6
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache-child-new.bin
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\urlCache.bin
binary
MD5: 24583610253291890e3a6ee7b9af1ef9
SHA256: c80884e84dba81ba08c50f616dde24f220e20f0a2bd067e131bbdf41cde00c99
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache-new.bin
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache.bin
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\urlCache-new.bin
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.pset
binary
MD5: 7270a5aa19556f332c24d318e35267b4
SHA256: b1f6374371d2c5928e0fa6748b777d2d73c1537cfa4257f923c0e352c42004a8
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.metadata
binary
MD5: 5729008567e6c7e0b0fd0cd901bfe2dd
SHA256: ec41c39fff826eee482969c079f0bbd089922c63a42575b7d967d89e6d77e9ef
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\6CB598F58B1E64D992B7E33D65BA9B2ED37275D6
binary
MD5: b28ec28444688c16d2f8ea2f802f7559
SHA256: c4854751d9c4b1363f2a97d27bf8b657842da719d7b149ac56c36ccf1ce1e0b4
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\EBE084BF62DC33B33AAF142C58810140E8C3AEE6
compressed
MD5: 0609f29acf019be15adb182e439acbda
SHA256: 7b8ac84a7b3b37e921e33f55e01a8827e4cac2b84284f9e230450bb38993c47a
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto.pset
binary
MD5: 73b23e376c113e0908fd69a9b0866efe
SHA256: 14f7be248c802a91be2007826de3b08760de324f0645d175751484d2e4618b30
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto.metadata
binary
MD5: 817104b860bc1b1a0f03683e146d99a7
SHA256: ff66201c3d58b6593993def9ceed56ea66a079d593a3145c203afe0917207b9f
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-phish-proto.metadata
binary
MD5: a70661724788dd97eaa46f321d1fc668
SHA256: 4cf45e0e166f2ddb75a8e45c469fb4b511cc8dfa2a13039921eedbc870a52dd7
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\0536C029BEF742DEEEF20C691830537DE7A2A853
image
MD5: 59aaba6362a861d2de9f2a354f7baa59
SHA256: 49a7df6dc8b36532b0b214300a1f6ece30db5fbdc11d70cda8858c99834cf81e
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\B3B76E740884DD49D09A5E062F8849A1BDB3B6AE
image
MD5: 7d734a1bbaf72db6ebe82572dd959a2d
SHA256: d2d74c2e3a873f7b86b95c46a8f8653e18c82ec4a60308a51469e49a54865818
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\25218EE79CFF5F3AC18C58CFDF44A674E3560C47
binary
MD5: 5c62ebcd8c6da2eaf8df042bbe5903ca
SHA256: 2b12d4d75a658a8519159b563c42d4ea3bd7f1e0682deecf3c77ecdf498beecb
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\EBE084BF62DC33B33AAF142C58810140E8C3AEE6
compressed
MD5: 06bdee3e02d626c7dfed88ff1ef032f9
SHA256: 32cbf97f546c293707dcffa777ea28a7508496c43e390122207a442f84832bbe
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\6CB598F58B1E64D992B7E33D65BA9B2ED37275D6
binary
MD5: da1c99e6115aeedee46f4fad571554df
SHA256: afd6731b16dd08406f396b36752e1eec14f9eacf38be21d10ba38cd76915f2f9
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.jsonlz4
jsonlz4
MD5: aa4a2b9ac6960e0267854d1f02db8693
SHA256: 745c4e30818beaf8b689db457f7618c2ba67acbb9d43444da6a96e03157d98dc
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\previous.jsonlz4
jsonlz4
MD5: 52e8bc6c145ebbc19b7a267158131fdf
SHA256: d9109ee83aa0203116411da7674ea657ba4a6a506bf9631127b76afd42bfea27
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\FEF1D0F82FE695B640635DB92C67333040480DCB
der
MD5: a11c34467cb774a7b207728166112148
SHA256: 311a9c355c77b74dd97921c1ee7c9d28d62930e6946f609754bce8b7b3a0dbb4
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\search.json.mozlz4
jsonlz4
MD5: 54488f2eaaa6aa3b38370e30217e40c7
SHA256: 002e205a45fa98ffd8bbf9030cffb0916f809bb39bb8a61c621329aef16f73e9
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\search.json.mozlz4.tmp
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\addonStartup.json.lz4
jsonlz4
MD5: 7337d087ec76e87a76778b4eec5e8e63
SHA256: aa4398d1716aadeb35a4ddddc4e7d2429c71defd15cb45401938889f5b2f05e0
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\addonStartup.json.lz4.tmp
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\FC464BC482CEE604170405ABB2E11726FB316393
htm
MD5: 181e7186dc33b4148dde41f305b25a55
SHA256: c807dc94ce2074f6326c4c6cfee8b38c95511b3ce1e4d7620c9a2d5b5933d718
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\58983D1DD24F2B60FF02FA97FC2AA44F74F9C0C9
image
MD5: 3add255ace67fd30e8d3d89637f64a81
SHA256: bf0518ed920ae63ea31a1dbe0d35a320c0d34ff60cb492acad3bd237444cb761
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\03503071F68B13DDCE95B93F0450138B91498392
image
MD5: 10a8631fa5ceeda7b0697dbd7361ad31
SHA256: 1124993d10550c9c430a8fa0d0dd0b55cfb3c22c3e60ef372b831acb43505ae4
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\CB150E0B64798FE5FAC1AC7BD0A8A8AD3C7DEF69
image
MD5: 051b0ad770342c8f316f58bebb2e4ac9
SHA256: 6d8128da0d16a5257f5ed76bbb8898677941bcf65f794e0fbb5466ea65c39094
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\4A1A3B30FB435E36B7A538CEE6EC80E7EE059239
binary
MD5: 34fe7bc22b60969a5d5255c460c2e141
SHA256: 3abcadfdbb0459657d720a1a5af99cc4ed3cf3f700fff1bf39efb1752b93aa97
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\949CA4603E102BB204D9783C4CC94646BA7F4257
image
MD5: 84bff3bbc21db2563f7e60fb1761754b
SHA256: ffd01179681aaa52a5221ea25ccfbfdbc2d535eba265ef65a8ca4337cdb43ce0
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\17F38F3CACB31FA0DE82A57D91932EEB113D805F
image
MD5: eeefd1d63758a8ac6448e28b229a3492
SHA256: e00f960e075ac9f8a9dbe1d2557469a9c39172392db815e5a22a43a3e133175f
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\EBF525A61D4D4ECD5B498C7E3BEBF29DD7CD5CC5
compressed
MD5: a4978c2fe24fc909c4f7560c77d8470c
SHA256: 1985b85251cc06ab7edbd8f41c8da52ebd8a779a565dc5a26f5cf55f32323ecd
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\EFFB12339B61C515E3211B71D5C32715471C2C93
compressed
MD5: f1ab079afbab3fd61eb3d5fc3a20f030
SHA256: 4a9d27b71e87e6371ede60c9537ee6071de527bd5a2fef43678c0b0161e1d01c
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\4710DCD076B3A1B6217142086F409C1904588892
ini
MD5: f9a1de49ff779e20624845fdf2900337
SHA256: fc28959aea9f561e796fd0debb53d8251bc5862e05a163c0993e1dfcf033ccc3
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\49968F5AAF6C3D4E162E052C301E673D6E1D2552
binary
MD5: cdd45ade010bdcbf6960fecb9d231481
SHA256: f4dc1de03a0269676d22873a119f58bea69aabe06b912152f9d76753171c7d91
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\EBE084BF62DC33B33AAF142C58810140E8C3AEE6
compressed
MD5: d5fa23af3c899850876381c1c8f7f8e9
SHA256: 81048526109dfe5c43f2290c9bfc484c724e13b52b293844598d4775b574103b
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\AB97FE5559DBB5157D5C268B9168EC0C1E692D01
der
MD5: 20cc41998f2181dbdccae30b07c4d7eb
SHA256: 5bbfd60094212e6e989740a02ca56e7f2a486d41724c9c8231f91298f209fa56
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\469F70534B6E536774E9FEF4C56F3FA4FC1EE059
der
MD5: e177fcb127e72c3a4a26b65f4d0ddb58
SHA256: 2794700cadbe61bcf02ef7898250793cfc1703997bc4371f147cb9e030066ebe
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\cert9.db
sqlite
MD5: 17f2609e10598c8ac04e5488ce170ecf
SHA256: 2fa7c0d82499f9594f61825bd2b50c35f5b71c20cda79e8ab5e0af24d4d3ae6c
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\cert9.db-journal
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\F63C5447C744A6CEE449B189E6C4CC4355340ED9
der
MD5: 69495a97bd6879e2bab5c231eea28ab6
SHA256: ab00632220209a2c1558377d2b7d7079b563f15c7dbd22216897e06dfb308790
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\cache2\entries\DB996FFE461F1CD8D09EEED516F6828B384786D1
der
MD5: 2b2ab723140ddd397f5586c089f34a99
SHA256: 07696513420ff154aad0a6510861f7e4083fb58921dc9687cac34c38577bfcc6
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-block-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-trackwhite-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-track-simple.sbstore
binary
MD5: 95f28ede25c301301f25fbbd9a3c56ec
SHA256: 87763df78772f7d750b0fa5a31eec23e931fd3bd1cbb33beddfc61889da36478
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-track-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-track-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-harmful-simple.sbstore
binary
MD5: 051fb32dece757ba112ac36dc72e3a91
SHA256: 0806d98fb3de55f75d7c0b17e26146567e08c483031526659a4a35d09b97ef19
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-harmful-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-harmful-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-unwanted-simple.sbstore
binary
MD5: a5695cc64d77967232b0c1344c6e72b3
SHA256: 042a22b8681d754671d2018ba109b31a53ee3728d48c6379043f8e3394e7fbad
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-unwanted-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-unwanted-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-phish-simple.sbstore
binary
MD5: 3d1ce5e50208f0cb3b979186043a548f
SHA256: 1e13d05d482c3d533dc6035af2b2d6e84749412a5748d1435b70cec8b312340b
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-malware-simple.sbstore
binary
MD5: 3675254e341df799d4307c1f59109185
SHA256: 23d108134bed6099793f7dd6b8b6e62081ec3b945efdbc7c5e0e779fd9b82f98
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-phish-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-malware-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-phish-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-malware-simple-1.sbstore
––
MD5:  ––
SHA256:  ––
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-trackwhite-simple.sbstore
binary
MD5: 65e942614eee70680464ac4be75019fc
SHA256: 34395085da32c8b4efe9959e3b0d756b43ffed17694d66f39b966cd331bd9a94
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-trackwhite-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozstd-trackwhite-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-block-simple.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozstd-trackwhite-digest256.sbstore
binary
MD5: d772261ff33497d3681e094f23282ffe
SHA256: 8ee76fa11d5a67f0c93766da3b1ac0c942020afba15b55a8750a896292cf4dce
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\test-block-simple.sbstore
binary
MD5: e2cf527ca7550b7e7bdf7311e483a2c3
SHA256: f1e07b1d717433f47073dc54a7d98e3e87b3d0fa88e53466f93ea544af885d11
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozplugin-block-digest256.sbstore
binary
MD5: d6acf2573e12afdd7939568804d3fcc1
SHA256: 5525cbf8f8dc41d19ac632ed324e55293a510ae0eeba16d0e3f33c707aa58a0c
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.pset
binary
MD5: 72e2352f7976b0dd90f2a68047493b8c
SHA256: e0d74336b6c041b6087a697dd7f65fa1da7ea035e202e3d977cc6a7e5bdc13a8
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozplugin-block-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.metadata
binary
MD5: eb744b05b13e9410146dab0bd459efa0
SHA256: bfde7f131200eb06c1d54b03d2ce1be1ff31062e8009c937243464712dcd2d50
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-phish-proto.metadata
binary
MD5: ddf263974b1925672d369bbcc8f830de
SHA256: 92a7323dd7eb199618a1e2e823a71919285a70196bfe627808c66cf1c1f3c8e3
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto.pset
binary
MD5: e608435b687616692a96462e1ac26756
SHA256: 6aa8ee3813d86411d8073a4c2f850b1e8e734c3759d860cbe54ec7f378a82a52
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-downloadwhite-proto.pset
binary
MD5: 7655fffe7cfbe1ebf96afea5fe2e1376
SHA256: ff2f663c4e453706b7817109f6a43e8b3389e8cfb1b7d64aace2bfba45f3a359
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto.metadata
binary
MD5: 704df61fa2e3f587b268ad85126bc689
SHA256: 7e97db3c9370a35f59a6a649e6cf608e4f5ed572f87f433ea652977ac2cc48d5
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-downloadwhite-proto.metadata
binary
MD5: 498dae4e538658a57f464748f2dabfda
SHA256: 8778f52cd9cb4f4787bf7ba18006d212f8c3004652d163f7786556a8eef3a067
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashsubdoc-digest256.sbstore
binary
MD5: ba0009932844173bc8f9af264229df24
SHA256: 66d1c00c04d86e313e9a02775cdf906b1be8d4cd6bef423a1b9e21cc4e9f50c1
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto.metadata
binary
MD5: 778202e2ee08f4b4073413c0b03e05fc
SHA256: 33147037ce75ec0a48b3da60d619bc76c2471f5f20c15f9d075671de2067cfb0
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto.pset
binary
MD5: 844aff63a5f67cd54d9814b7b54abf18
SHA256: 8985970b72a7bcfcf54c4a2474c36ea9a911ab3672881ee299d58f5a4e64e690
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashallow-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashsubdoc-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashallow-digest256.sbstore
binary
MD5: 6f85bc4b2ecb49e26b0bd83a821065d0
SHA256: c0b3bc9b3dc507ab654caf72d13c3aefa58c9b13b1e4d14dd8816712d80a7e54
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flashsubdoc-digest256.sbstore
binary
MD5: 04824a1f92353f43ebb9e7f74b7476fd
SHA256: b48e58ebab82e4c376f16150a3fff850c1111ff1f5985d68819cfd6f0db159d2
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flash-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flash-digest256.sbstore
binary
MD5: c921d8e98fa01b4f303481e112202e92
SHA256: 4ef1038730ec8bc7206713c29a936768831b922c5e6c83355fd62d7401d8c1dc
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flashsubdoc-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flash-digest256.sbstore
binary
MD5: 0e8fe60ccd7e9b4c32589a5743a95302
SHA256: 2b124d4026850a3cffd28dbacb58aec28f7dcd4d40bc14e52bbe96d60ce4e749
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\base-track-digest256.sbstore
binary
MD5: 23e438fd4af1829d4469ff8d0bc83854
SHA256: 96e0d7644aea81d26f039ae633eb405583e11b020363090dac5cad9b4b188846
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flash-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\base-track-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\allow-flashallow-digest256.sbstore
binary
MD5: d886a47c89d9c49c795da345bc236990
SHA256: a03c5e2656d2f292bf5794c8eeb8d223cd6ba4f4bfb2ed1f325460e879d0bcf7
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\allow-flashallow-digest256.pset
cdxl
MD5: 076933ff9904d1110d896e2c525e39e5
SHA256: 4cbbd8ca5215b8d161aec181a74b694f4e24b001d5b081dc0030ed797a8973e0
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3561288849sdhlie.sqlite-shm
binary
MD5: b7c14ec6110fa820ca6b65f5aec85911
SHA256: fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\2918063365piupsah.sqlite-shm
binary
MD5: b7c14ec6110fa820ca6b65f5aec85911
SHA256: fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1451318868ntouromlalnodry--epcr.sqlite-shm
binary
MD5: b7c14ec6110fa820ca6b65f5aec85911
SHA256: fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: 32ba0d6238331d9184542ab27f3fee87
SHA256: 5ad22f3cc65d196903b90b417819dc75ca1e894d237cd26e690ab51e8eede100
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionCheckpoints.json
text
MD5: c4ab2ee59ca41b6d6a6ea911f35bdc00
SHA256: 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionCheckpoints.json
text
MD5: ea8b62857dfdbd3d0be7d7e4a954ec9a
SHA256: 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: c52c31e2d546fc217645cd7f542cf3e0
SHA256: 73974f60357b038693803f51ca750e9ed609a3376548c88c117fa1fcbb328236
456
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\cookies.sqlite-shm
binary
MD5: b7c14ec6110fa820ca6b65f5aec85911
SHA256: fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache-child-current.bin
binary
MD5: 82f61c08d68502377826ca7ea054cea7
SHA256: 85801bce5d7ce3a2abc14e3208151ac9d324a6ea82fb2ada1d10baa8ef58e7df
456
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\urlCache-current.bin
binary
MD5: 79262a046a800bc3c3125ff94893cc51
SHA256: ea78cb0e02ca9bd0dc9ae055b82486e63ed4643a53717970a20d5fed7d18a51e
796
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\a5654fc3.default-1560706780746\shield-recipe-client.json.tmp
––
MD5:  ––
SHA256:  ––

Find more information of the staic content and download it at the full report

Network activity

HTTP(S) requests
16
TCP/UDP connections
41
DNS requests
143
Threats
0

HTTP requests

PID Process Method HTTP Code IP URL CN Type Size Reputation
456 firefox.exe GET 200 95.100.96.225:80 http://detectportal.firefox.com/success.txt unknown
text
whitelisted
456 firefox.exe POST 200 95.100.96.232:80 http://ocsp.int-x3.letsencrypt.org/ unknown
binary
der
whitelisted
456 firefox.exe POST 200 95.100.96.232:80 http://ocsp.int-x3.letsencrypt.org/ unknown
binary
der
whitelisted
456 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
whitelisted
456 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
whitelisted
456 firefox.exe POST 200 216.58.211.99:80 http://ocsp.pki.goog/GTSGIAG3 US
binary
der
whitelisted
456 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
whitelisted
456 firefox.exe GET 200 52.18.98.245:80 http://omgxuta.com/path/out.php IE
text
whitelisted
456 firefox.exe GET 404 52.18.98.245:80 http://omgxuta.com/favicon.ico IE
html
whitelisted
796 firefox.exe GET 200 95.100.96.225:80 http://detectportal.firefox.com/success.txt unknown
text
whitelisted
796 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
whitelisted
796 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
whitelisted
796 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
whitelisted
796 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
whitelisted
796 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
whitelisted
796 firefox.exe POST 200 216.58.211.99:80 http://ocsp.pki.goog/GTSGIAG3 US
binary
der
whitelisted

Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID Process IP ASN CN Reputation
456 firefox.exe 142.93.108.123:443 CA suspicious
456 firefox.exe 95.100.96.225:80 Akamai International B.V. –– unknown
456 firefox.exe 35.244.181.201:443 US unknown
456 firefox.exe 52.11.30.237:443 Amazon.com, Inc. US unknown
456 firefox.exe 95.100.96.232:80 Akamai International B.V. –– whitelisted
456 firefox.exe 34.208.138.0:443 Amazon.com, Inc. US malicious
456 firefox.exe 93.184.220.29:80 MCI Communications Services, Inc. d/b/a Verizon Business US whitelisted
456 firefox.exe 99.84.9.61:443 AT&T Services, Inc. US unknown
456 firefox.exe 172.217.17.138:443 Google Inc. US whitelisted
456 firefox.exe 216.58.211.99:80 Google Inc. US whitelisted
456 firefox.exe 52.36.109.121:443 Amazon.com, Inc. US unknown
456 firefox.exe 52.222.167.250:443 Amazon.com, Inc. US unknown
456 firefox.exe 52.18.98.245:80 Amazon.com, Inc. IE unknown
456 firefox.exe 52.222.167.15:443 Amazon.com, Inc. US unknown
456 firefox.exe 52.222.167.133:443 Amazon.com, Inc. US unknown
1004 pingsender.exe 35.160.159.212:443 Amazon.com, Inc. US unknown
3036 pingsender.exe 35.160.159.212:443 Amazon.com, Inc. US unknown
796 firefox.exe 95.100.96.225:80 Akamai International B.V. –– unknown
796 firefox.exe 104.16.40.2:443 Cloudflare Inc US shared
796 firefox.exe 34.243.21.190:443 Amazon.com, Inc. IE unknown
796 firefox.exe 35.244.181.201:443 US unknown
796 firefox.exe 52.222.167.73:443 Amazon.com, Inc. US unknown
796 firefox.exe 99.84.9.61:443 AT&T Services, Inc. US unknown
796 firefox.exe 93.184.220.29:80 MCI Communications Services, Inc. d/b/a Verizon Business US whitelisted
796 firefox.exe 52.36.109.121:443 Amazon.com, Inc. US unknown
796 firefox.exe 35.244.179.255:443 US unknown
796 firefox.exe 172.217.19.200:443 Google Inc. US whitelisted
796 firefox.exe 63.245.208.195:443 Mozilla Corporation US unknown
796 firefox.exe 216.58.211.99:80 Google Inc. US whitelisted
796 firefox.exe 52.222.167.250:443 Amazon.com, Inc. US unknown
796 firefox.exe 52.222.167.133:443 Amazon.com, Inc. US unknown
796 firefox.exe 216.58.208.110:443 Google Inc. US whitelisted
796 firefox.exe 34.208.138.0:443 Amazon.com, Inc. US malicious

DNS requests

Domain IP Reputation
detectportal.firefox.com 95.100.96.225
whitelisted
ba.ecl-de.com 142.93.108.123
suspicious
aus5.mozilla.org 35.244.181.201
whitelisted
search.services.mozilla.com 52.11.30.237
whitelisted
tiles.services.mozilla.com 34.208.138.0
whitelisted
ocsp.digicert.com 93.184.220.29
whitelisted
ocsp.int-x3.letsencrypt.org 95.100.96.232
whitelisted
snippets.cdn.mozilla.net 99.84.9.61
whitelisted
safebrowsing.googleapis.com 172.217.17.138
whitelisted
ocsp.pki.goog 216.58.211.99
whitelisted
shavar.services.mozilla.com 52.36.109.121
whitelisted
tracking-protection.cdn.mozilla.net 52.222.167.250
whitelisted
omgxuta.com No response unknown
firefox.settings.services.mozilla.com 52.222.167.15
whitelisted
content-signature.cdn.mozilla.net 52.222.167.133
whitelisted
incoming.telemetry.mozilla.org 35.160.159.212
whitelisted
www.mozilla.org 104.16.40.2
whitelisted
location.services.mozilla.com 34.243.21.190
whitelisted
normandy.cdn.mozilla.net 52.222.167.73
whitelisted
classify-client.services.mozilla.com 35.244.179.255
whitelisted
mozilla.org 63.245.208.195
unknown
www.googletagmanager.com 172.217.19.200
whitelisted
www.facebook.com 157.240.201.35
whitelisted
www.youtube.com 172.217.19.206
whitelisted
www.wikipedia.org 91.198.174.192
whitelisted
www.reddit.com 151.101.37.140
whitelisted
www.amazon.com 52.222.173.244
whitelisted
twitter.com 104.244.42.65
whitelisted
www.google-analytics.com 216.58.208.110
whitelisted

Threats

No threats detected.

Debug output strings

No debug info.