General Info

URL

https://tp3lks.siddler.com/

Full analysis
https://app.any.run/tasks/c06403a2-3f62-4099-b176-fd22d0cf2365
Verdict
Malicious activity
Analysis date
15/01/2022, 01:22:37
OS:
Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Tags:

phishing

Indicators:

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

Software environment set and analysis options

Launch configuration

Task duration
180 seconds
Additional time used
120 seconds
Fakenet option
off
Heavy Evaision option
off
MITM proxy
off
Route via Tor
off
Network geolocation
off
Privacy
Public submission
Autoconfirmation of UAC
on

Software preset

  • Internet Explorer 11.0.9600.19596 KB4534251
  • Adobe Acrobat Reader DC (20.013.20064)
  • Adobe Flash Player 32 ActiveX (32.0.0.453)
  • Adobe Flash Player 32 NPAPI (32.0.0.453)
  • Adobe Flash Player 32 PPAPI (32.0.0.453)
  • Adobe Refresh Manager (1.8.0)
  • CCleaner (5.74)
  • FileZilla Client 3.51.0 (3.51.0)
  • Google Chrome (86.0.4240.198)
  • Google Update Helper (1.3.36.31)
  • Java 8 Update 271 (8.0.2710.9)
  • Java Auto Updater (2.8.271.9)
  • Microsoft .NET Framework 4.5.2 (4.5.51209)
  • Microsoft Office Access MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Access MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office Access MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office Access MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office Access MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office Access MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office Access MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office Access MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office Access MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office Access MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office Access Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Excel MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Excel MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office Excel MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office Excel MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office Excel MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office Excel MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office Excel MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office Excel MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office Excel MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office Excel MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office Groove MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office Groove MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office Groove MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office Groove MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office Groove MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office Groove MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office Groove MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office Groove MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office Groove MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office IME (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office IME (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office InfoPath MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office InfoPath MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office InfoPath MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office InfoPath MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office InfoPath MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office InfoPath MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office InfoPath MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office InfoPath MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office Language Pack 2010 - French/Français (14.0.4763.1000)
  • Microsoft Office Language Pack 2010 - German/Deutsch (14.0.4763.1000)
  • Microsoft Office Language Pack 2010 - Italian/Italiano (14.0.4763.1000)
  • Microsoft Office Language Pack 2010 - Japanese/日本語 (14.0.4763.1000)
  • Microsoft Office Language Pack 2010 - Korean/한국어 (14.0.4763.1000)
  • Microsoft Office Language Pack 2010 - Portuguese/Português (Brasil) (14.0.4763.1000)
  • Microsoft Office Language Pack 2010 - Russian/русский (14.0.4763.1000)
  • Microsoft Office Language Pack 2010 - Spanish/Español (14.0.4763.1000)
  • Microsoft Office Language Pack 2010 - Turkish/Türkçe (14.0.4763.1013)
  • Microsoft Office O MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office O MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office O MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office O MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office O MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office O MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office O MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office O MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office O MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office OneNote MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office OneNote MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office OneNote MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office OneNote MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office OneNote MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office OneNote MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office OneNote MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office OneNote MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office OneNote MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office OneNote MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office Outlook MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Outlook MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office Outlook MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office Outlook MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office Outlook MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office Outlook MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office Outlook MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office Outlook MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office Outlook MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office Outlook MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office PowerPoint MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office PowerPoint MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office PowerPoint MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office PowerPoint MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office PowerPoint MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office PowerPoint MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office PowerPoint MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office PowerPoint MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office PowerPoint MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office Professional 2010 (14.0.6029.1000)
  • Microsoft Office Proof (Arabic) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (Basque) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (Catalan) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (Dutch) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (English) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (French) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (Galician) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (German) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (Spanish) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office Proof (Ukrainian) 2010 (14.0.4763.1000)
  • Microsoft Office Proofing (English) 2010 (14.0.6029.1000)
  • Microsoft Office Proofing (French) 2010 (14.0.4763.1000)
  • Microsoft Office Proofing (German) 2010 (14.0.4763.1000)
  • Microsoft Office Proofing (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office Proofing (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office Proofing (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office Proofing (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office Proofing (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office Proofing (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office Proofing (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office Publisher MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Publisher MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office Publisher MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office Publisher MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office Publisher MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office Publisher MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office Publisher MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office Publisher MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office Publisher MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office Publisher MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office SharePoint Designer MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office SharePoint Designer MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office SharePoint Designer MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office SharePoint Designer MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office SharePoint Designer MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office SharePoint Designer MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office SharePoint Designer MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office SharePoint Designer MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office SharePoint Designer MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office Shared MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office Shared MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office Shared MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office Shared MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office Shared MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office Shared MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office Shared MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office Shared MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office Shared MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office Shared Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Single Image 2010 (14.0.6029.1000)
  • Microsoft Office Word MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Word MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office Word MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office Word MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office Word MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office Word MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office Word MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office Word MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office Word MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office Word MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office X MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office X MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office X MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office X MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office X MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office X MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office X MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office X MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office X MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (9.0.30729.6161)
  • Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (10.0.40219)
  • Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (12.0.30501.0)
  • Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.21.27702 (14.21.27702.2)
  • Microsoft Visual C++ 2019 X86 Additional Runtime - 14.21.27702 (14.21.27702)
  • Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.21.27702 (14.21.27702)
  • Mozilla Firefox 83.0 (x86 en-US) (83.0)
  • Mozilla Maintenance Service (83.0.0.7621)
  • Notepad++ (32-bit x86) (7.9.1)
  • Opera 12.15 (12.15.1748)
  • QGA (2.14.33)
  • Skype version 8.29 (8.29)
  • VLC media player (3.0.11)
  • WinRAR 5.91 (32-bit) (5.91.0)

Hotfixes

  • Client LanguagePack Package
  • Client Refresh LanguagePack Package
  • CodecPack Basic Package
  • Foundation Package
  • IE Hyphenation Parent Package English
  • IE Spelling Parent Package English
  • IE Troubleshooters Package
  • InternetExplorer Optional Package
  • InternetExplorer Package TopLevel
  • KB2479943
  • KB2491683
  • KB2506212
  • KB2506928
  • KB2532531
  • KB2533552
  • KB2533623
  • KB2534111
  • KB2545698
  • KB2547666
  • KB2552343
  • KB2560656
  • KB2564958
  • KB2574819
  • KB2579686
  • KB2585542
  • KB2604115
  • KB2620704
  • KB2621440
  • KB2631813
  • KB2639308
  • KB2640148
  • KB2653956
  • KB2654428
  • KB2656356
  • KB2660075
  • KB2667402
  • KB2676562
  • KB2685811
  • KB2685813
  • KB2685939
  • KB2690533
  • KB2698365
  • KB2705219
  • KB2719857
  • KB2726535
  • KB2727528
  • KB2729094
  • KB2729452
  • KB2731771
  • KB2732059
  • KB2736422
  • KB2742599
  • KB2750841
  • KB2758857
  • KB2761217
  • KB2770660
  • KB2773072
  • KB2786081
  • KB2789645
  • KB2799926
  • KB2800095
  • KB2807986
  • KB2808679
  • KB2813347
  • KB2813430
  • KB2820331
  • KB2834140
  • KB2836942
  • KB2836943
  • KB2840631
  • KB2843630
  • KB2847927
  • KB2852386
  • KB2853952
  • KB2857650
  • KB2861698
  • KB2862152
  • KB2862330
  • KB2862335
  • KB2864202
  • KB2868038
  • KB2871997
  • KB2872035
  • KB2884256
  • KB2891804
  • KB2893294
  • KB2893519
  • KB2894844
  • KB2900986
  • KB2908783
  • KB2911501
  • KB2912390
  • KB2918077
  • KB2919469
  • KB2923545
  • KB2931356
  • KB2937610
  • KB2943357
  • KB2952664
  • KB2968294
  • KB2970228
  • KB2972100
  • KB2972211
  • KB2973112
  • KB2973201
  • KB2977292
  • KB2978120
  • KB2978742
  • KB2984972
  • KB2984976
  • KB2984976 SP1
  • KB2985461
  • KB2991963
  • KB2992611
  • KB2999226
  • KB3004375
  • KB3006121
  • KB3006137
  • KB3010788
  • KB3011780
  • KB3013531
  • KB3019978
  • KB3020370
  • KB3020388
  • KB3021674
  • KB3021917
  • KB3022777
  • KB3023215
  • KB3030377
  • KB3031432
  • KB3035126
  • KB3037574
  • KB3042058
  • KB3045685
  • KB3046017
  • KB3046269
  • KB3054476
  • KB3055642
  • KB3059317
  • KB3060716
  • KB3061518
  • KB3067903
  • KB3068708
  • KB3071756
  • KB3072305
  • KB3074543
  • KB3075226
  • KB3078667
  • KB3080149
  • KB3086255
  • KB3092601
  • KB3093513
  • KB3097989
  • KB3101722
  • KB3102429
  • KB3102810
  • KB3107998
  • KB3108371
  • KB3108664
  • KB3109103
  • KB3109560
  • KB3110329
  • KB3115858
  • KB3118401
  • KB3122648
  • KB3123479
  • KB3126587
  • KB3127220
  • KB3133977
  • KB3137061
  • KB3138378
  • KB3138612
  • KB3138910
  • KB3139398
  • KB3139914
  • KB3140245
  • KB3147071
  • KB3150220
  • KB3150513
  • KB3155178
  • KB3156016
  • KB3159398
  • KB3161102
  • KB3161949
  • KB3170735
  • KB3172605
  • KB3179573
  • KB3184143
  • KB3185319
  • KB4019990
  • KB4040980
  • KB4474419
  • KB4490628
  • KB4524752
  • KB4532945
  • KB4536952
  • KB4567409
  • KB958488
  • KB976902
  • KB982018
  • LocalPack AU Package
  • LocalPack CA Package
  • LocalPack GB Package
  • LocalPack US Package
  • LocalPack ZA Package
  • Package 21 for KB2984976
  • Package 38 for KB2984976
  • Package 45 for KB2984976
  • Package 59 for KB2984976
  • Package 7 for KB2984976
  • Package 76 for KB2984976
  • PlatformUpdate Win7 SRV08R2 Package TopLevel
  • ProfessionalEdition
  • RDP BlueIP Package TopLevel
  • RDP WinIP Package TopLevel
  • RollupFix
  • UltimateEdition
  • WUClient SelfUpdate ActiveX
  • WUClient SelfUpdate Aux TopLevel
  • WUClient SelfUpdate Core TopLevel
  • WinMan WinIP Package TopLevel

Behavior activities

MALICIOUS SUSPICIOUS INFO

No malicious indicators.

Drops a file that was compiled in debug mode
  • firefox.exe (PID: 3684)
Executable content was dropped or overwritten
  • firefox.exe (PID: 3684)
Application launched itself
  • firefox.exe (PID: 3684)
  • firefox.exe (PID: 2224)
Checks supported languages
  • firefox.exe (PID: 2224)
  • firefox.exe (PID: 3684)
  • firefox.exe (PID: 3192)
  • firefox.exe (PID: 2004)
  • firefox.exe (PID: 3040)
  • firefox.exe (PID: 3892)
  • firefox.exe (PID: 3208)
Reads the date of Windows installation
  • firefox.exe (PID: 3684)
Reads the computer name
  • firefox.exe (PID: 3684)
  • firefox.exe (PID: 2004)
  • firefox.exe (PID: 3040)
  • firefox.exe (PID: 3192)
  • firefox.exe (PID: 3892)
  • firefox.exe (PID: 3208)
Reads CPU info
  • firefox.exe (PID: 3684)
Creates files in the program directory
  • firefox.exe (PID: 3684)
Dropped object may contain Bitcoin addresses
  • firefox.exe (PID: 3684)
Creates files in the user directory
  • firefox.exe (PID: 3684)

Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report

Screenshots

Processes

Total processes
42
Monitored processes
7
Malicious processes
0
Suspicious processes
1

Behavior graph

+
start firefox.exe no specs firefox.exe firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs
Specs description
Program did not start
Integrity level elevation
Task сontains an error or was rebooted
Process has crashed
Task contains several apps running
Executable file was dropped
Debug information is available
Process was injected
Network attacks were detected
Application downloaded the executable file
Actions similar to stealing personal data
Behavior similar to exploiting the vulnerability
Inspected object has sucpicious PE structure
File is detected by antivirus software
CPU overrun
RAM overrun
Process starts the services
Process was added to the startup
Behavior similar to spam
Low-level access to the HDD
Probably Tor was used
System was rebooted
Connects to the network
Known threat

Process information

Click at the process to see the details.

PID
2224
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" "https://tp3lks.siddler.com/"
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
No indicators
Parent process
––
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Mozilla Corporation
Description
Firefox
Version
83.0
Modules
Image
c:\windows\system32\msvcrt.dll
c:\program files\mozilla firefox\firefox.exe
c:\windows\system32\crypt32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\windows\system32\rpcrt4.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\windows\system32\msctf.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\ntdll.dll
c:\windows\system32\msasn1.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\advapi32.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\windows\system32\imm32.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\sechost.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\gdi32.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\mozglue.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\dbghelp.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\windows\system32\usp10.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\msvcp140.dll

PID
3684
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" https://tp3lks.siddler.com/
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
Parent process
firefox.exe
User
admin
Integrity Level
MEDIUM
Version:
Company
Mozilla Corporation
Description
Firefox
Version
83.0
Modules
Image
c:\windows\system32\dwrite.dll
c:\windows\system32\ntdll.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\wshtcpip.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wbemcomn2.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\crypt32.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\windows\system32\wbem\wbemprox.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dhcpcsvc.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\windows\system32\psapi.dll
c:\windows\system32\cfgmgr32.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\wship6.dll
c:\windows\system32\wbem\wbemsvc.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\usp10.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\advapi32.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\windows\system32\nsi.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\msvcrt.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\lpk.dll
c:\program files\mozilla firefox\firefox.exe
c:\windows\system32\rpcrt4.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\devobj.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\userenv.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\dbghelp.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\ole32.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\profapi.dll
c:\windows\system32\msasn1.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\netprofm.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\npmproxy.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\sechost.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\d3dcompiler_47.dll
c:\windows\system32\kbdus.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\windows\system32\shell32.dll
c:\windows\system32\avrt.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\dhcpcsvc6.dll
c:\windows\system32\mscms.dll
c:\windows\system32\samlib.dll
c:\windows\system32\samcli.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\wbem\fastprox.dll
c:\windows\system32\ntdsapi.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\winsta.dll
c:\windows\system32\wpc.dll
c:\windows\system32\netutils.dll
c:\windows\system32\audioses.dll
c:\windows\system32\propsys.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\d2d1.dll
c:\windows\system32\xmllite.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
c:\program files\mozilla firefox\nssckbi.dll
c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\secur32.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\ncrypt.dll
c:\windows\system32\imagehlp.dll
c:\program files\mozilla firefox\softokn3.dll
c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
c:\windows\system32\wininet.dll
c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\fwpuclnt.dll
c:\program files\mozilla firefox\freebl3.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
c:\windows\system32\webio.dll
c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
c:\windows\system32\duser.dll
c:\windows\system32\dui70.dll
c:\windows\system32\explorerframe.dll
c:\windows\system32\actxprxy.dll
c:\program files\mozilla firefox\mozavutil.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\msmpeg2adec.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\mf.dll
c:\windows\system32\atl.dll
c:\windows\system32\slc.dll
c:\windows\system32\dxva2.dll
c:\program files\mozilla firefox\mozavcodec.dll
c:\windows\system32\evr.dll
c:\windows\system32\msmpeg2vdec.dll
c:\windows\system32\linkinfo.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.24483_none_2b200f664577e14b\comctl32.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\ntshrui.dll

PID
3192
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3684.0.420435239\701152804" -parentBuildID 20201112153044 -prefsHandle 892 -prefMapHandle 856 -prefsLen 1 -prefMapSize 238726 -appdir "C:\Program Files\Mozilla Firefox\browser" - 3684 "\\.\pipe\gecko-crash-server-pipe.3684" 1168 gpu
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
No indicators
Parent process
firefox.exe
User
admin
Integrity Level
MEDIUM
Version:
Company
Mozilla Corporation
Description
Firefox
Version
83.0
Modules
Image
c:\windows\system32\msasn1.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\windows\system32\nsi.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\dxva2.dll
c:\windows\system32\wship6.dll
c:\windows\system32\shell32.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\profapi.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\sechost.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\windows\system32\rpcrt4.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\ntdll.dll
c:\windows\system32\wintrust.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\usp10.dll
c:\windows\system32\winmm.dll
c:\windows\system32\evr.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\version.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\powrprof.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\gdi32.dll
c:\program files\mozilla firefox\firefox.exe
c:\windows\system32\crypt32.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\windows\system32\dxgi.dll
c:\program files\mozilla firefox\d3dcompiler_47.dll
c:\windows\system32\atl.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\user32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ole32.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\windows\system32\dnsapi.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\avrt.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\ntmarta.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\windows\system32\lpk.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\windows\system32\devobj.dll
c:\windows\system32\mf.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\userenv.dll

PID
3040
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3684.6.1935355357\2081469606" -childID 1 -isForBrowser -prefsHandle 2476 -prefMapHandle 2472 -prefsLen 245 -prefMapSize 238726 -parentBuildID 20201112153044 -appdir "C:\Program Files\Mozilla Firefox\browser" - 3684 "\\.\pipe\gecko-crash-server-pipe.3684" 2488 tab
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
No indicators
Parent process
firefox.exe
User
admin
Integrity Level
LOW
Version:
Company
Mozilla Corporation
Description
Firefox
Version
83.0
Modules
Image
c:\windows\system32\sechost.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\usp10.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\wpc.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\windows\system32\shell32.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\crypt32.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\wship6.dll
c:\windows\system32\wshqos.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\windows\system32\samcli.dll
c:\windows\system32\user32.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\ntdll.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\netutils.dll
c:\program files\mozilla firefox\firefox.exe
c:\windows\system32\kernel32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\devobj.dll
c:\windows\system32\ntmarta.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\cfgmgr32.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\windows\system32\profapi.dll
c:\program files\mozilla firefox\d3dcompiler_47.dll
c:\windows\system32\msctf.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\advapi32.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\windows\system32\napinsp.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\imm32.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\samlib.dll
c:\windows\system32\wintrust.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ole32.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\uxtheme.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\windows\system32\lpk.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\sspicli.dll
c:\program files\mozilla firefox\freebl3.dll
c:\program files\mozilla firefox\softokn3.dll

PID
3892
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3684.13.163684903\215014005" -childID 2 -isForBrowser -prefsHandle 3048 -prefMapHandle 3044 -prefsLen 6644 -prefMapSize 238726 -parentBuildID 20201112153044 -appdir "C:\Program Files\Mozilla Firefox\browser" - 3684 "\\.\pipe\gecko-crash-server-pipe.3684" 3060 tab
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
No indicators
Parent process
firefox.exe
User
admin
Integrity Level
LOW
Version:
Company
Mozilla Corporation
Description
Firefox
Version
83.0
Modules
Image
c:\program files\mozilla firefox\freebl3.dll
c:\windows\system32\samlib.dll
c:\windows\system32\netutils.dll
c:\windows\system32\wpc.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\samcli.dll
c:\windows\system32\wevtapi.dll
c:\program files\mozilla firefox\softokn3.dll
c:\program files\mozilla firefox\firefox.exe
c:\windows\system32\sechost.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\windows\system32\ntdll.dll
c:\windows\system32\version.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\rpcrt4.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\napinsp.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\windows\system32\avrt.dll
c:\windows\system32\dwmapi.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\windows\system32\imm32.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wintrust.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\windows\system32\wship6.dll
c:\windows\system32\advapi32.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\windows\system32\usp10.dll
c:\windows\system32\dxgi.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\windows\system32\nsi.dll
c:\windows\system32\userenv.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\windows\system32\shell32.dll
c:\windows\system32\dwrite.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\sspicli.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\oleaut32.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\user32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\devobj.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\wshtcpip.dll
c:\program files\mozilla firefox\mozglue.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\windows\system32\winmm.dll
c:\windows\system32\msctf.dll
c:\windows\system32\profapi.dll
c:\program files\mozilla firefox\d3dcompiler_47.dll
c:\windows\system32\ntmarta.dll

PID
2004
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3684.20.1133463354\43942853" -childID 3 -isForBrowser -prefsHandle 3560 -prefMapHandle 3080 -prefsLen 7399 -prefMapSize 238726 -parentBuildID 20201112153044 -appdir "C:\Program Files\Mozilla Firefox\browser" - 3684 "\\.\pipe\gecko-crash-server-pipe.3684" 3572 tab
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
No indicators
Parent process
firefox.exe
User
admin
Integrity Level
LOW
Version:
Company
Mozilla Corporation
Description
Firefox
Version
83.0
Modules
Image
c:\windows\system32\ntdll.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\sechost.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\windows\system32\kernel32.dll
c:\program files\mozilla firefox\firefox.exe
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\lpk.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\wintrust.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\usp10.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\crypt32.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\windows\system32\winmm.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\windows\system32\user32.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\windows\system32\dbghelp.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\ole32.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\windows\system32\nsi.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\wship6.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\avrt.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\cfgmgr32.dll
c:\program files\mozilla firefox\d3dcompiler_47.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\d3d11.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\devobj.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\shell32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\profapi.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\samlib.dll
c:\windows\system32\samcli.dll
c:\windows\system32\netutils.dll
c:\windows\system32\wpc.dll
c:\program files\mozilla firefox\softokn3.dll
c:\program files\mozilla firefox\freebl3.dll

PID
3208
CMD
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3684.27.1420442877\119569605" -childID 4 -isForBrowser -prefsHandle 3724 -prefMapHandle 3720 -prefsLen 7399 -prefMapSize 238726 -parentBuildID 20201112153044 -appdir "C:\Program Files\Mozilla Firefox\browser" - 3684 "\\.\pipe\gecko-crash-server-pipe.3684" 3736 tab
Path
C:\Program Files\Mozilla Firefox\firefox.exe
Indicators
No indicators
Parent process
firefox.exe
User
admin
Integrity Level
LOW
Version:
Company
Mozilla Corporation
Description
Firefox
Version
83.0
Modules
Image
c:\windows\system32\kernelbase.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\program files\mozilla firefox\firefox.exe
c:\windows\system32\rpcrt4.dll
c:\windows\system32\ntdll.dll
c:\windows\system32\advapi32.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\dwrite.dll
c:\program files\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll
c:\windows\system32\usp10.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\winnsi.dll
c:\program files\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll
c:\windows\system32\dbghelp.dll
c:\program files\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll
c:\program files\mozilla firefox\lgpllibs.dll
c:\windows\system32\dwmapi.dll
c:\program files\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll
c:\windows\system32\lpk.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\wshqos.dll
c:\program files\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll
c:\program files\mozilla firefox\nss3.dll
c:\windows\system32\winmm.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\profapi.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\wship6.dll
c:\windows\system32\imm32.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\sspicli.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\pnrpnsp.dll
c:\program files\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wshtcpip.dll
c:\program files\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll
c:\program files\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\mswsock.dll
c:\program files\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll
c:\windows\system32\msctf.dll
c:\windows\system32\wldap32.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l1-2-0.dll
c:\windows\system32\nsi.dll
c:\program files\mozilla firefox\d3dcompiler_47.dll
c:\windows\system32\wintrust.dll
c:\program files\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll
c:\program files\mozilla firefox\xul.dll
c:\windows\system32\avrt.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\ole32.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\program files\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll
c:\windows\system32\napinsp.dll
c:\program files\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll
c:\windows\system32\userenv.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\oleaut32.dll
c:\program files\mozilla firefox\ucrtbase.dll
c:\program files\mozilla firefox\api-ms-win-core-file-l2-1-0.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll

Registry activity

Total events
8645
Read events
0
Write events
24
Delete events
0

Modification events

PID
Process
Operation
Key
Name
Value
2224
firefox.exe
write
HKEY_CURRENT_USER\Software\Mozilla\Firefox\Launcher
C:\Program Files\Mozilla Firefox\firefox.exe|Launcher
93522B1A61000000
3684
firefox.exe
write
HKEY_CURRENT_USER\Software\Mozilla\Firefox\Launcher
C:\Program Files\Mozilla Firefox\firefox.exe|Browser
88582B1A61000000
3684
firefox.exe
write
HKEY_CURRENT_USER\Software\Mozilla\Firefox\Default Browser Agent
C:\Program Files\Mozilla Firefox|ServicesSettingsServer
https://firefox.settings.services.mozilla.com/v1
3684
firefox.exe
write
HKEY_CURRENT_USER\Software\Mozilla\Firefox\Default Browser Agent
C:\Program Files\Mozilla Firefox|DisableDefaultBrowserAgent
0
3684
firefox.exe
write
HKEY_CURRENT_USER\Software\Mozilla\Firefox\DllPrefetchExperiment
C:\Program Files\Mozilla Firefox\firefox.exe
0
3684
firefox.exe
write
HKEY_CURRENT_USER\Software\Mozilla\Firefox\Launcher
C:\Program Files\Mozilla Firefox\firefox.exe|Telemetry
0
3684
firefox.exe
write
HKEY_CURRENT_USER\Software\Mozilla\Firefox\Default Browser Agent
C:\Program Files\Mozilla Firefox|DisableTelemetry
1
3684
firefox.exe
write
HKEY_CURRENT_USER\Software\Mozilla\Firefox\Default Browser Agent
C:\Program Files\Mozilla Firefox|SecurityContentSignatureRootHash
97:E8:BA:9C:F1:2F:B3:DE:53:CC:42:A4:E6:57:7E:D6:4D:F4:93:C2:47:B4:14:FE:A0:36:81:8D:38:23:56:0E
3684
firefox.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
SavedLegacySettings
460000003B010000090000000000000000000000000000000400000000000000C0E333BBEAB1D3010000000000000000000000000100000002000000C0A80164000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
3684
firefox.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings
ProxyEnable
0
3684
firefox.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\16C\52C64B7E
LanguageList
en-US

Files activity

Executable files
4
Suspicious files
134
Text files
52
Unknown types
32

Dropped files

PID
Process
Filename
Type
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-widevinecdm\4.10.1582.2\widevinecdm.dll
executable
MD5: 2c7a3b4c1883fae5d8a71cd43a5a20af
SHA256: df721c9e00dc2557c7d4c464168e83367fdcb9690ff6d51ba51eb71a21e9ac79
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-widevinecdm\4.10.1582.2\widevinecdm.dll.tmp
executable
MD5: 2c7a3b4c1883fae5d8a71cd43a5a20af
SHA256: df721c9e00dc2557c7d4c464168e83367fdcb9690ff6d51ba51eb71a21e9ac79
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-gmpopenh264\1.8.1.1\gmpopenh264.dll.tmp
executable
MD5: d23f706f2eacc190f2d4b75b041670d5
SHA256: ced08ce5bc45dbe505fa94b3a4268c0830ccda016a23c0acb16dd7268cfa7a65
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-gmpopenh264\1.8.1.1\gmpopenh264.dll
executable
MD5: d23f706f2eacc190f2d4b75b041670d5
SHA256: ced08ce5bc45dbe505fa94b3a4268c0830ccda016a23c0acb16dd7268cfa7a65
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\places.sqlite
––
MD5:  ––
SHA256:  ––
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1059394878bslnoicgkullipsFt2s%.sqlite-shm
binary
MD5: b7c14ec6110fa820ca6b65f5aec85911
SHA256: fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs-1.js
text
MD5: e1e4487bd616044b1b69219336126139
SHA256: b220d55f115a63b0949785df13ff4ddba7532a9fa459b36175be895ffb9b1785
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3345959086bslnoocdkdlaiFs2t%s.sqlite
sqlite
MD5: b2f7c00171576c3fe78e5331042de404
SHA256: 8208efb32d5e3919b16fcd72851ac20782a648bfce7d7b9c65d7521fe648bf69
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.js
text
MD5: e1e4487bd616044b1b69219336126139
SHA256: b220d55f115a63b0949785df13ff4ddba7532a9fa459b36175be895ffb9b1785
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3345959086bslnoocdkdlaiFs2t%s.sqlite-wal
binary
MD5: fdb6639c1ad21ca3f51bfd868edba604
SHA256: 53e0bf129d1754f7f810e7a6650bfecd333683517bb40e2fe8aab207bef1eb42
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1725441852bxlfogcFk2l%isst.sqlite-wal
binary
MD5: 1b7696980918400ed694631e1a761b83
SHA256: 4ef6cbee2e54acd9b29368e4a8e5086037796e3d74fe0a2ad40c80ad7bc40acc
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\default\moz-extension+++a35bff6e-5489-4e10-95ce-0340b402ad38^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite-shm
binary
MD5: b7c14ec6110fa820ca6b65f5aec85911
SHA256: fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1725441852bxlfogcFk2l%isst.sqlite
sqlite
MD5: d557b42878d615e5735b125be8fe007f
SHA256: c0694ebb417da3440f81fa970f90e6402a0504b641736a73d349d42815f9b7ee
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\727688008bsleotcakcliifsittsr%.sqlite-shm
binary
MD5: b2e2314b6e3f95e47884868c18d8ab0b
SHA256: 21cf2f71c59c19ce839bd1c57fa25a7b7598e90d6a3eddfedc3fc5b27845435b
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\727688008bsleotcakcliifsittsr%.sqlite-wal
binary
MD5: 2fec7c0dc6dac8e32bc59bf34c5154d2
SHA256: 8050ee61ef159f826fb65e5b1466c35964bffa764312fbf0616b339d2a50bb7e
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\727688008bsleotcakcliifsittsr%.sqlite
sqlite
MD5: d193c1ff48a1cba27d642893cbb091f2
SHA256: d8b71bb0759a2850d8b0f454e70338c65f0334383dce0427bbaee6aedcd4fec4
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3345959086bslnoocdkdlaiFs2t%s.sqlite-shm
binary
MD5: 327e27040d83026e5a723655071153de
SHA256: 66b2bf1e6c4c638b68364fb4cc8ee0e7c0dc31939a057e95a3dc46c5f6650c53
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1725441852bxlfogcFk2l%isst.sqlite-shm
binary
MD5: 01a083d960a4f799b5d9b258b9d0a8e0
SHA256: 82441f79235cf7fbce93921c6400bcbabb7c72f6028a1978c636ddd6321fe74c
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\default\moz-extension+++b4129a3e-f9d3-4735-87c0-14f07ac9e8cb^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite-shm
binary
MD5: b7c14ec6110fa820ca6b65f5aec85911
SHA256: fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\default\about+newtab\idb\3312185054sbndi_pspte.sqlite-shm
binary
MD5: b7c14ec6110fa820ca6b65f5aec85911
SHA256: fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\permissions.sqlite-journal
binary
MD5: a40cc09cca1b57dd657dba8836c63162
SHA256: 768330aa26ba05e6bf76aed631f4734aa21e29274d953e9172f66a8d48beda6e
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\extensions.json
text
MD5: 939230967d1c4de18a43b9031864a695
SHA256: a81e6645ef6c8e13e9b0c26ed153fff42c4a14eca4ae85c966fbffb240c4515c
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\default\about+home\idb\3312185054sbndi_pspte.sqlite-shm
binary
MD5: b7c14ec6110fa820ca6b65f5aec85911
SHA256: fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3899588440psinninpiFn2g%.sqlite-shm
binary
MD5: b7c14ec6110fa820ca6b65f5aec85911
SHA256: fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage.sqlite-journal
binary
MD5: 291ccecbcfbea101f7b36bc6a424a91c
SHA256: 74f92a076e4c8240e7a2c0cd64e47f2a40ea3695a5e5d2dea92895581a7df2b4
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\WI35R9YD8GH8BK12O0S0.temp
binary
MD5: 46d96fe182706cdeef1da3dffb4eb790
SHA256: 301b15ca173c1bc2de08fda74c1cc44eb8279f44d4d39812df5094e72eb5498c
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\extensions.json.tmp
text
MD5: 939230967d1c4de18a43b9031864a695
SHA256: a81e6645ef6c8e13e9b0c26ed153fff42c4a14eca4ae85c966fbffb240c4515c
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\QLDYZ5~1.DEF\cert9.db-journal
binary
MD5: 2eea101d0fdd16eb40a41c0645ed3d60
SHA256: 033a0228b818a1e2936c4bad7d750204da99dbc87fff691c97b6b643d12f849b
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms~RF100764.TMP
binary
MD5: a5fe63acc5098fa0ef51147a0bb95c2c
SHA256: dbc8a69095723bd44b91dad22d07f2eac42abadb0829788b22ee54272f94fcae
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
binary
MD5: 46d96fe182706cdeef1da3dffb4eb790
SHA256: 301b15ca173c1bc2de08fda74c1cc44eb8279f44d4d39812df5094e72eb5498c
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\startupCache.4.little
binary
MD5: 1171e0641b4909ab03269175f0a919a5
SHA256: 28b23e7fc5f74097553ff0ed9aa7ed7f23b2d4eecc9e05cbc38fbef5f81d0764
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.baklz4
jsonlz4
MD5: 7eaa7380d11be6894f08e0e6c6c30c24
SHA256: 5745c0ae73435376cf5792a1985d9cce2c95ed8a3415f0b6712d9ce16e407912
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.jsonlz4
jsonlz4
MD5: a7fba9c22b85ec296c198c1e2b293adc
SHA256: d29bf9f940a37f89a6be9fceb6db0ca257f23befceae08718ef5e1bd5b8aa847
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\datareporting\session-state.json.tmp
binary
MD5: 5a0c2423048d6b31af2b25c0039567d8
SHA256: 63d9ddb30510ac69b164142922ce254b075ef7ad1de39f3903d54af034a8bbaf
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionstore-backups\recovery.jsonlz4.tmp
jsonlz4
MD5: a7fba9c22b85ec296c198c1e2b293adc
SHA256: d29bf9f940a37f89a6be9fceb6db0ca257f23befceae08718ef5e1bd5b8aa847
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\crashes\store.json.mozlz4
jsonlz4
MD5: a6338865eb252d0ef8fcf11fa9af3f0d
SHA256: 078648c042b9b08483ce246b7f01371072541a2e90d1beb0c8009a6118cbd965
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\datareporting\aborted-session-ping.tmp
text
MD5: 85d4a2a9696b54915868d4dc09efd07d
SHA256: a21eda5187cb21a5c080db6d1921e596ce559906c75b5c0b6f9c5c2db8199349
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\datareporting\session-state.json
binary
MD5: 5a0c2423048d6b31af2b25c0039567d8
SHA256: 63d9ddb30510ac69b164142922ce254b075ef7ad1de39f3903d54af034a8bbaf
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\protections.sqlite-journal
binary
MD5: 537dc37dac6226c0ca454415c355741c
SHA256: 00af0c54dde3d0fbb6b61088b9454e2525c2095c1dde1f897e70ab3b1d28b8dd
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-widevinecdm\4.10.1582.2\widevinecdm.dll.sig
pi2
MD5: 92c7eba077938ef66cc7bd90619919e2
SHA256: ca5396df5db329682a778099ec40ce9c81846a97cfcb99b75a6013d19df1fe2e
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\crashes\store.json.mozlz4.tmp
jsonlz4
MD5: a6338865eb252d0ef8fcf11fa9af3f0d
SHA256: 078648c042b9b08483ce246b7f01371072541a2e90d1beb0c8009a6118cbd965
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-widevinecdm\4.10.1582.2\widevinecdm.dll.lib.tmp
obj
MD5: cd73bf55e2cf0f1caa5f1a469d75d9dc
SHA256: 48cd8b46c785ea848e2056525b7f8c28b5c164888bf7145db5b9ade91a71f7f2
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-widevinecdm\4.10.1582.2\widevinecdm.dll.lib
obj
MD5: cd73bf55e2cf0f1caa5f1a469d75d9dc
SHA256: 48cd8b46c785ea848e2056525b7f8c28b5c164888bf7145db5b9ade91a71f7f2
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-widevinecdm\4.10.1582.2\widevinecdm.dll.sig.tmp
pi2
MD5: 92c7eba077938ef66cc7bd90619919e2
SHA256: ca5396df5db329682a778099ec40ce9c81846a97cfcb99b75a6013d19df1fe2e
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\datareporting\aborted-session-ping
text
MD5: 85d4a2a9696b54915868d4dc09efd07d
SHA256: a21eda5187cb21a5c080db6d1921e596ce559906c75b5c0b6f9c5c2db8199349
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite-wal
––
MD5:  ––
SHA256:  ––
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite-wal
––
MD5:  ––
SHA256:  ––
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\2918063365piupsah.sqlite-wal
––
MD5:  ––
SHA256:  ––
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-gmpopenh264\1.8.1.1\gmpopenh264.info
text
MD5: 3d33cdc0b3d281e67dd52e14435dd04f
SHA256: f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b
3684
firefox.exe
C:\Users\admin\AppData\Local\Temp\tmpaddon-3c7bee
compressed
MD5: ca728e84cc4daebbed5bafb35e3df9df
SHA256: 8eeb72ff641c26eb563f6a0fdb1b3fe67f0f9b17be4c4f96a83304590ec99a83
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-widevinecdm\4.10.1582.2\LICENSE.txt
text
MD5: 49ddb419d96dceb9069018535fb2e2fc
SHA256: 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539
3684
firefox.exe
C:\Users\admin\AppData\Local\Temp\tmpaddon
compressed
MD5: 29ddfd36f79eaae39627110a00ff8370
SHA256: 600552de4de554364152ed426d02264e97d76ae1f33afb1d845a0d25e5e5ba33
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite-shm
binary
MD5: 55ccb4d9a6e31265042fc1b9ac76a222
SHA256: 457d49a3f6540c3fa90d45f8bf34754275962c87e627950c9af7841cdae04931
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-widevinecdm\4.10.1582.2\LICENSE.txt.tmp
text
MD5: 49ddb419d96dceb9069018535fb2e2fc
SHA256: 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-gmpopenh264\1.8.1.1\gmpopenh264.info.tmp
text
MD5: 3d33cdc0b3d281e67dd52e14435dd04f
SHA256: f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-widevinecdm\4.10.1582.2\manifest.json
binary
MD5: b3d1c25ba27fc580d497ee7936fed44e
SHA256: 20aac87259d3a34207dedf0c1a6832890e73f18aab557d7ea593e889da6ac15a
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\gmp-widevinecdm\4.10.1582.2\manifest.json.tmp
binary
MD5: b3d1c25ba27fc580d497ee7936fed44e
SHA256: 20aac87259d3a34207dedf0c1a6832890e73f18aab557d7ea593e889da6ac15a
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\social-tracking-protection-twitter-digest256.sbstore
binary
MD5: 373411cebf6e3bcb89d8bfa632409bf1
SHA256: c1d5b95b18ff02514bda0ec7865d9468c3a89e5c3ba2ebd3d4284fd8fcd463d4
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\2918063365piupsah.sqlite-shm
binary
MD5: ca12c7afa195df19bbf54a73ec54eab5
SHA256: bd740edd4c4bd3b7c7fba96ed8bc17dfdc3dc297ead658f2e9f9fa9b82c2fac6
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\social-tracking-protection-linkedin-digest256.sbstore
binary
MD5: 3b11b562807fef504fe671ded4d0e8ce
SHA256: 9bf05adc119cdd219347572787a9b7e18308c4465a8f440c34c697b2f5cd479f
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite-shm
binary
MD5: 3361fc00c34e8b06ff8f870ecd3b4356
SHA256: 375fbc2d00a747979f549b11f7dcaf6746762995c40c385612b83f3285f528f3
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\base-cryptomining-track-digest256.sbstore
binary
MD5: d6c5c2e242df3ec5ff8e17dd8ee15f73
SHA256: f0c6512e42f2732b3aa401f9ab4df84c0a89c9755968b158796706a48b9f492a
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\base-cryptomining-track-digest256.vlpset
binary
MD5: 7d532b89a987d92def1d7aabbaad62ab
SHA256: 7cb574be3e783d6876740dbca525d868677307a52dddd67ac84665ccfaae895e
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flash-digest256.vlpset
binary
MD5: c2994d388f8780c87d35c352d9582985
SHA256: 7ed09f7d2bd632f70077a4ae4f2bd2f3fb654b03cd72652f51678b0c7d027f25
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flashsubdoc-digest256.vlpset
binary
MD5: 40165280ff1345b5241ec2a9d1da2af0
SHA256: f80bdd5341d8b1ee946e344e258ef2d35c3c0bb6b13eb7b3e6a77467dfa8b97f
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\social-tracking-protection-linkedin-digest256.vlpset
binary
MD5: 3303aa4bcb02d27f1a8b6aff30c1dd9c
SHA256: 6f33ccfcf9767b612657242c2819c325cfdf17b8d92224db588a886f7ec2d26e
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashsubdoc-digest256.sbstore
binary
MD5: 22698b4cf784dbbae2d583f00491d43d
SHA256: 3849563088ae0677d61702a1310fde26de5ddd846d53037222d3efe012197bf5
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\social-tracking-protection-twitter-digest256.vlpset
binary
MD5: 35d8fd43d868d7bba7041362eb8101b3
SHA256: 104c2467e4f7bc7cac0ce0e456d5abd8c192c2c8c44f7c9a38412a59abdd1772
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\base-fingerprinting-track-digest256.sbstore
binary
MD5: daa7abdb5ed1dbf8877f4028092e32f6
SHA256: b8f20b14ad5291b4528df859129b301f367a9885f417f9807821d5a386352530
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\social-tracking-protection-facebook-digest256.sbstore
binary
MD5: 58fbc7f7687cc8798aea35b7066eb198
SHA256: 3a2035ad8446c71242daa9eaf3818b87f673d0429e4f5334621905b47a1c3df5
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flash-digest256.vlpset
binary
MD5: 130b9ac2beec5ada274561105d81ae36
SHA256: 7d99fec08182a5b95d18d1569edaa2c60c2aafbd15a56d8882f22f3b395e6460
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashsubdoc-digest256.vlpset
binary
MD5: 0c0d67875bd75a0227c02dd8529ba01a
SHA256: 614be0169ec36e67223eb9645a98da66dbfde5dfbb89bb064f428aaeabdd9d97
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\social-tracking-protection-facebook-digest256.vlpset
binary
MD5: 86b1acdbf1fc7201d0eb7c85ee75f5af
SHA256: a0f4c83316cd66525f663cd72a2dc8bd1b2aa2e40d599b8b6f334d61c5d03098
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\base-fingerprinting-track-digest256.vlpset
binary
MD5: fa7667eeed0b53973506278ece958e62
SHA256: 0d55a21e6694fce19f366f9e5351a02d215d378541dbc38df68645b63b56d8bf
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google-trackwhite-digest256.vlpset
binary
MD5: e54e5b84194eee15e64d2a03f1136bb7
SHA256: 07707b589be3dba3bb0bdac67760a2b180ea3531e9d7976b73e4c1d8df9dbb1e
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashallow-digest256.sbstore
binary
MD5: dd0458514c9a922b45da6a8bebe47320
SHA256: d27d5b27030f4725249377951beb89e84a90a0e8241f0d5fd80ea59c1606e761
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozstd-trackwhite-digest256.sbstore
binary
MD5: 92a93e4c81027f5788873296c6e2875b
SHA256: 4358b8f0af157cf2ef36a3a8bd152a528d32cfe98a2e0ae66207dbdb1d943efa
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google-trackwhite-digest256.sbstore
binary
MD5: fec9bc354a7ee92c6feefe63e6b0fa26
SHA256: 258ef8e6994a09ffb54bd0d5afec97c13c31f2eefb7fe90a2a4c487c87817519
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\content-track-digest256.vlpset
binary
MD5: 897401403f6a9bbc2727bf8acfa8bbaf
SHA256: 75157865105c44c1220c337aeff723e7b2e4aef506ce7db00e2621d5ceaf45b8
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flashallow-digest256.vlpset
binary
MD5: 7194b6bff691a056852a51e2e06ce8fe
SHA256: cbe2dc6abfe25bead60f4dfaf419fc0f441ff8a8dd4a2febf5553be1cbd90c49
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozstd-trackwhite-digest256.vlpset
binary
MD5: c8663695a49bb5fb5a301d1a7233db6c
SHA256: 498d10d381ed91be12cff65292813bcccd676176bcf614534ab7ba0e5536306e
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\content-track-digest256.sbstore
binary
MD5: 2be5027a476efb5fe011ae8257e6b428
SHA256: 26d0ef7103dbc0516add2da8029ca43567b98bda1ef8d8e4cda42f09aa9a4b36
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\social-track-digest256.vlpset
binary
MD5: e1edde17e24b61c5b26d7b76ba039463
SHA256: c2c4612b7b9545751f37b302ee345abd0f22170c7cc2497320897b385d508b7f
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flashsubdoc-digest256.sbstore
binary
MD5: b9556d03aff392142ad5691d2f867310
SHA256: cfd3909b41c1ee3cbcb8b7d2b1378065e7d3b543fff1f2fb7a4f25c5ff41722c
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\except-flash-digest256.sbstore
binary
MD5: d5d6b4d59b4ae4e2de4b40d0da083571
SHA256: 000e3a78c72a210ca3b5417a3cdd294fbce2a31661601c9d594c75cf2800571c
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\allow-flashallow-digest256.sbstore
binary
MD5: dd0458514c9a922b45da6a8bebe47320
SHA256: d27d5b27030f4725249377951beb89e84a90a0e8241f0d5fd80ea59c1606e761
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\analytics-track-digest256.sbstore
binary
MD5: ae706abfaecfd90d67e5c965091e004e
SHA256: 13cbf8a5389a33a562e6dd10660f68e8964313536a109aa80acfd8838bf45e73
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\allow-flashallow-digest256.vlpset
binary
MD5: de0d88480c24350c59e1e9a3583de0d1
SHA256: 01ba9f0b913e04ed10bd7166796483dd4f72005f249d6ee68b12117be4b5d3c7
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\ads-track-digest256.vlpset
binary
MD5: 38f55098ab1772e8a7b90a05cb33cfae
SHA256: fd44a8121e20cf102d8fd79d6ee45d55ccb0d92893907091bb7587ed3b274244
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\analytics-track-digest256.vlpset
binary
MD5: 1e1c0442f3fe16b185d5db74f0e91fce
SHA256: 43acc2d047c7988e9073ecf32ac619de0d080c45b061d441d1d671d305bb4f08
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\block-flash-digest256.sbstore
binary
MD5: 9f6b331aa1e070dcfeed473e76ce56c3
SHA256: 7dbbea2dd387eeb85e1f56e02fc9989acde570cd43bfef2c2a827093ba87da6d
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\social-track-digest256.sbstore
binary
MD5: 59d2d3a9ff42621ae974078bcaabd9bc
SHA256: 7371e8534c31c4bff73e340413d77c988593a0e559418b0f2a5b34b9c82dddd2
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozplugin-block-digest256.vlpset
binary
MD5: fcc9c2c9b611a3264b68ebe180eb4248
SHA256: 6ecd378a537eefe350b45cfa353741383f407d99d776bf23155a7825dc5dd2bc
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-phish-proto.vlpset
––
MD5:  ––
SHA256:  ––
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache.bin
––
MD5:  ––
SHA256:  ––
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache-new.bin
––
MD5:  ––
SHA256:  ––
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-phish-proto-1.vlpset
––
MD5:  ––
SHA256:  ––
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\ads-track-digest256.sbstore
binary
MD5: a03e51212ad01cfe7eb3a87c8ce51744
SHA256: 2328a7569ab3d1e0c8638282e09860c82db28edd1c1be75caad91fc7015e966c
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto.metadata
binary
MD5: 5c150da57afeefd47e1bebe762a317d4
SHA256: 56226f212f38498e9f68ff59bcbea55fdf514f489f97e47c803330bf8a30ac4d
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\urlCache.bin
binary
MD5: 8e42f9c065937c0fb7ceb7328a0a7b1c
SHA256: 4ae9ebbe38c213d35d58f2c2d4b3c1b3a43d3674c63fa0aef540cbf592cab87b
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache-child.bin
binary
MD5: 81c55e854ab5bf7bbc159d8ed9ade618
SHA256: d83100cee5d836f216bdab33c3de8f96c160538343f45087609bfc0d9888645c
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-downloadwhite-proto.metadata
binary
MD5: dc784fa354bbe88791bd8e280d0b0dab
SHA256: 3d0bfc43af64da045dd75229de2629e4b1cc4ca770dff074a9cf3193081b554d
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache-child-new.bin
binary
MD5: 81c55e854ab5bf7bbc159d8ed9ade618
SHA256: d83100cee5d836f216bdab33c3de8f96c160538343f45087609bfc0d9888645c
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\urlCache-new.bin
binary
MD5: 8e42f9c065937c0fb7ceb7328a0a7b1c
SHA256: 4ae9ebbe38c213d35d58f2c2d4b3c1b3a43d3674c63fa0aef540cbf592cab87b
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\mozplugin-block-digest256.sbstore
binary
MD5: 519beb1b01fc355bb388f1f75be997fd
SHA256: ffe2d3077b81ae6f51b220c1c661b276c823fa67dad1d64fc5f17249fc54bdc0
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-phish-proto.metadata
binary
MD5: d4ee7215c88739a16585a6cafe599481
SHA256: c49b9d1b0923b61bad8ef2df65b8493f93d62f8243a185a91d00c2a6ce87b8ba
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.metadata
binary
MD5: 1f4bd85b4e17cd422d6f11f5d8bd9b60
SHA256: 1e39287ee8602bf8b1a9c593737cdc3c2a25413259cf5f3572200deac133532a
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto.metadata
binary
MD5: 732f3c1193334a10e6257e1503ecb35d
SHA256: c28a1620278c58fd2d601cbc1eff7fec784919600e696f11b559d0288e7881e8
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto.vlpset
binary
MD5: 513d5c106bb72631d650917fc66c99fb
SHA256: 6dae7539b398681d52b21186ea6160ba647bbf5134374205a706d1dd51b41980
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-badbinurl-proto-1.vlpset
binary
MD5: 513d5c106bb72631d650917fc66c99fb
SHA256: 6dae7539b398681d52b21186ea6160ba647bbf5134374205a706d1dd51b41980
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
––
MD5:  ––
SHA256:  ––
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-downloadwhite-proto.vlpset
binary
MD5: b0272f5cf9f56f11c856155dc5f40be1
SHA256: 74ab81a1929a8806d559a13140947f076caba52bf882364c416ef4d8e9b155f4
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto.vlpset
binary
MD5: 612bf6d7d8a6b6be7db214a208d118db
SHA256: 52d0d002c61fb8ac25cdf8180d900d37b87cf9da8219bf52431af957a98f95fd
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\addonStartup.json.lz4
jsonlz4
MD5: 01dae35763819ee4c2bd72553b33c337
SHA256: 674e499ccf7e955deffeb21b94c092de0a8ea1dd308c426dcf04bc84dbdfa377
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto-1.vlpset
binary
MD5: 39f9191c8cb0990c51c23da224f10316
SHA256: 95ec984e6e2d2b63147e55f9b80f0e3aaeecf902cf97d9aa2fd3711426a8ac32
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\broadcast-listeners.json.tmp
binary
MD5: 69c355752eca05a47671869190d1906c
SHA256: becf72b624987042ef2e0923629274dab2ed03f8f5f0aee7640ff632465da06b
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\settings\main\ms-language-packs\asrouter.ftl
text
MD5: 3625f1dda6d119478ad89d13950c9aca
SHA256: cb40f6a8d58901d612a86690a41d4e273f24936fc926e98f82c0918cbef4fc64
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-unwanted-proto.vlpset
binary
MD5: 39f9191c8cb0990c51c23da224f10316
SHA256: 95ec984e6e2d2b63147e55f9b80f0e3aaeecf902cf97d9aa2fd3711426a8ac32
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-downloadwhite-proto-1.vlpset
binary
MD5: b0272f5cf9f56f11c856155dc5f40be1
SHA256: 74ab81a1929a8806d559a13140947f076caba52bf882364c416ef4d8e9b155f4
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\safebrowsing-updating\google4\goog-malware-proto-1.vlpset
binary
MD5: 612bf6d7d8a6b6be7db214a208d118db
SHA256: 52d0d002c61fb8ac25cdf8180d900d37b87cf9da8219bf52431af957a98f95fd
3684
firefox.exe
C:\Users\admin\AppData\Local\Temp\mz_etilqs_IQzr0Re5hGMfSlF
binary
MD5: 95daedba9fa47c4e8ad3acae97bf77c3
SHA256: 104b099b135da3b1548e1c69e43a029f34baeb0a256c62b84ebe065e39920574
3684
firefox.exe
C:\Users\admin\AppData\Local\Temp\mz_etilqs_aHpVcMAQEwulNY9
mpg
MD5: 42f513545c54b4e7aa314c8bc0bda303
SHA256: cff9286b0ae05e6fca08d0b4d849989d2651c0be91fcbec5218739c92ee9c97a
3684
firefox.exe
C:\Users\admin\AppData\Local\Temp\mz_etilqs_Clh1a9sshcfgJ86
binary
MD5: c0df6c500a97c2fdb970f5374b79ddca
SHA256: 42ce986c3b4864b8cdc68cac54487fc3978470116bec5dab83b813345eb585b2
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\settings\main\ms-language-packs\asrouter.ftl.tmp
text
MD5: 3625f1dda6d119478ad89d13950c9aca
SHA256: cb40f6a8d58901d612a86690a41d4e273f24936fc926e98f82c0918cbef4fc64
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\addonStartup.json.lz4.tmp
jsonlz4
MD5: 01dae35763819ee4c2bd72553b33c337
SHA256: 674e499ccf7e955deffeb21b94c092de0a8ea1dd308c426dcf04bc84dbdfa377
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\places.sqlite-wal
sqlite-wal
MD5: 264bf815764c0eebe29cf9938e92ad3d
SHA256: 271d1730304e1dfc67a0f13ca0d0f960879fd68e910ea7741bb44ed6018fa281
3684
firefox.exe
C:\Users\admin\AppData\Local\Temp\mz_etilqs_bhMaf9NVcefbGy2
binary
MD5: 7f9f8ccc65563caf1d247194e58597cf
SHA256: 1d5b714c807e88d8f99f40712c3106394a6dbc6b0a4b59a0b13d025fce16193e
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\QLDYZ5~1.DEF\cert9.db
sqlite
MD5: 1b6605a861a145f3b001ccf52aacc442
SHA256: fba95f1b1b64d237d0774c4d58ca5fa3a4d4d0d3022882940ed1c5e3d784cad4
3684
firefox.exe
C:\Users\admin\AppData\Local\Temp\mz_etilqs_tDahzQvssfC3pOW
binary
MD5: 076c51c74c41b1225eab31372a95f266
SHA256: fac8e5cfc50e041a56e49aa1de3d6d867210b2363b47a52c17bd19b4fcdedb5d
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.files\1
binary
MD5: b4ddf33e1dc200be3ffe7ba3a6fd9f3c
SHA256: d148685ce5590081b04dc0014a8f5b074ae16e65c5728afcfde5757896a37550
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\broadcast-listeners.json
binary
MD5: 69c355752eca05a47671869190d1906c
SHA256: becf72b624987042ef2e0923629274dab2ed03f8f5f0aee7640ff632465da06b
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\search.json.mozlz4
jsonlz4
MD5: b17f8d93b0c43d6b72dc03752c20a2d9
SHA256: ada0f70d374223fb63c2f19471fab45d986a681e2485692e63f00f5071f19d76
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\scriptCache-current.bin
––
MD5:  ––
SHA256:  ––
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\search.json.mozlz4.tmp
jsonlz4
MD5: b17f8d93b0c43d6b72dc03752c20a2d9
SHA256: ada0f70d374223fb63c2f19471fab45d986a681e2485692e63f00f5071f19d76
3684
firefox.exe
C:\Users\admin\AppData\Local\Temp\mz_etilqs_KKl1v6xHrNF2Lui
binary
MD5: 351821e41ec0086e5ee4b40b74b78c7c
SHA256: 7d0661d8684356385c846b65461f3e45c1f187264bc7c9af978218fca02fc8b8
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1451318868ntouromlalnodry--epcr.sqlite-shm
binary
MD5: b7c14ec6110fa820ca6b65f5aec85911
SHA256: fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3561288849sdhlie.sqlite-shm
binary
MD5: b7c14ec6110fa820ca6b65f5aec85911
SHA256: fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\2823318777ntouromlalnodry--naod.sqlite-shm
binary
MD5: b7c14ec6110fa820ca6b65f5aec85911
SHA256: fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionCheckpoints.json.tmp
binary
MD5: c4ab2ee59ca41b6d6a6ea911f35bdc00
SHA256: 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionCheckpoints.json
binary
MD5: c4ab2ee59ca41b6d6a6ea911f35bdc00
SHA256: 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2
3684
firefox.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\cookies.sqlite-shm
binary
MD5: b7c14ec6110fa820ca6b65f5aec85911
SHA256: fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb
3684
firefox.exe
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\urlCache-current.bin
binary
MD5: 994a33896bb41a278a315d0d796422b6
SHA256: 54ec50a20fff8cc016710e49437cf6a11d3fe5ee7b28c185e4a9aafee2908b63

Find more information of the staic content and download it at the full report

Network activity

HTTP(S) requests
18
TCP/UDP connections
54
DNS requests
123
Threats
8

HTTP requests

PID Process Method HTTP Code IP URL CN Type Size Reputation
3684 firefox.exe GET 200 34.107.221.82:80 http://detectportal.firefox.com/success.txt US
text
shared
3684 firefox.exe GET 200 34.107.221.82:80 http://detectportal.firefox.com/success.txt?ipv4 US
text
shared
3684 firefox.exe POST 200 195.138.255.16:80 http://r3.o.lencr.org/ DE
binary
der
shared
3684 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
shared
3684 firefox.exe POST 200 216.58.212.163:80 http://ocsp.pki.goog/gts1c3 US
binary
der
shared
3684 firefox.exe POST 200 195.138.255.16:80 http://r3.o.lencr.org/ DE
binary
der
shared
3684 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
shared
3684 firefox.exe POST 200 216.58.212.163:80 http://ocsp.pki.goog/gts1c3 US
binary
der
shared
3684 firefox.exe POST 200 216.58.212.163:80 http://ocsp.pki.goog/gts1c3 US
binary
der
shared
3684 firefox.exe POST 200 216.58.212.163:80 http://ocsp.pki.goog/gts1c3 US
binary
der
shared
3684 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
shared
3684 firefox.exe POST 200 93.184.220.29:80 http://ocsp.digicert.com/ US
binary
der
shared
3684 firefox.exe GET 200 2.22.146.88:80 http://ciscobinary.openh264.org/openh264-win32-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip GB
compressed
whitelisted
3684 firefox.exe POST 200 216.58.212.163:80 http://ocsp.pki.goog/gts1c3 US
binary
der
shared
3684 firefox.exe POST 200 216.58.212.163:80 http://ocsp.pki.goog/gts1c3 US
binary
der
shared
3684 firefox.exe POST 200 13.225.84.142:80 http://ocsp.sca1b.amazontrust.com/ US
binary
der
whitelisted
3684 firefox.exe GET 200 34.107.221.82:80 http://detectportal.firefox.com/success.txt US
text
shared
3684 firefox.exe GET 200 34.107.221.82:80 http://detectportal.firefox.com/success.txt?ipv4 US
text
shared

Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID Process IP ASN CN Reputation
3684 firefox.exe 52.42.77.140:443 Amazon.com, Inc. US unknown
3684 firefox.exe 34.107.221.82:80 US whitelisted
3684 firefox.exe 213.188.194.131:443 Momax Network S.r.l. IT unknown
3684 firefox.exe 195.138.255.16:80 AS33891 Netzbetrieb GmbH DE suspicious
3684 firefox.exe 142.250.186.106:443 Google Inc. US whitelisted
3684 firefox.exe 18.66.139.67:443 Massachusetts Institute of Technology US suspicious
3684 firefox.exe 52.89.187.13:443 Amazon.com, Inc. US unknown
3684 firefox.exe 13.32.121.84:443 Amazon.com, Inc. US unknown
3684 firefox.exe 213.188.197.227:443 Momax Network S.r.l. IT unknown
3684 firefox.exe 35.190.88.7:443 Google Inc. US whitelisted
3684 firefox.exe 13.32.121.49:443 Amazon.com, Inc. US unknown
3684 firefox.exe 142.250.184.202:443 Google Inc. US whitelisted
3684 firefox.exe 104.18.31.182:80 Cloudflare Inc US suspicious
3684 firefox.exe 142.250.186.131:443 Google Inc. US whitelisted
3684 firefox.exe 216.58.212.163:80 Google Inc. US whitelisted
3684 firefox.exe 18.66.139.84:443 Massachusetts Institute of Technology US unknown
3684 firefox.exe 18.66.112.80:443 Massachusetts Institute of Technology US unknown
3684 firefox.exe 54.190.2.244:443 Amazon.com, Inc. US unknown
3684 firefox.exe 93.184.220.29:80 MCI Communications Services, Inc. d/b/a Verizon Business US whitelisted
3684 firefox.exe 13.224.193.19:443 US suspicious
3684 firefox.exe 35.244.181.201:443 US suspicious
3684 firefox.exe 2.22.146.88:80 Akamai International B.V. GB whitelisted
3684 firefox.exe 142.250.186.78:443 Google Inc. US whitelisted
3684 firefox.exe 74.125.110.136:443 Google Inc. US whitelisted
3684 firefox.exe 143.204.98.78:443 US suspicious
3684 firefox.exe 34.98.75.36:443 US suspicious
3684 firefox.exe 52.45.138.32:443 Amazon.com, Inc. US unknown
3684 firefox.exe 13.225.84.142:80 US whitelisted
3684 firefox.exe 104.21.11.219:443 Cloudflare Inc US suspicious
3684 firefox.exe 13.224.193.112:443 US suspicious
3684 firefox.exe 192.229.233.123:443 MCI Communications Services, Inc. d/b/a Verizon Business US unknown
3684 firefox.exe 13.224.193.43:443 US suspicious

DNS requests

Domain IP Reputation
tp3lks.siddler.com 213.188.194.131
unknown
prod.detectportal.prod.cloudops.mozgcp.net 2600:1901:0:38d7::
34.107.221.82
shared
firefox.settings.services.mozilla.com 18.66.139.84
18.66.139.28
18.66.139.31
18.66.139.69
shared
siddler.fly.dev 213.188.194.131
2a09:8280:1:5cb:9b4:b53b:773c:761b
unknown
location.services.mozilla.com 52.42.77.140
52.11.104.45
35.163.35.154
52.89.115.53
52.26.7.9
35.163.137.0
shared
locprod2-elb-us-west-2.prod.mozaws.net 35.163.137.0
52.26.7.9
52.89.115.53
35.163.35.154
52.11.104.45
52.42.77.140
shared
example.org 93.184.216.34
shared
ipv4only.arpa 192.0.0.171
192.0.0.170
whitelisted
r3.o.lencr.org 195.138.255.16
195.138.255.18
shared
a1887.dscq.akamai.net 2a02:26f0:6c00::210:ba41
2a02:26f0:6c00::210:ba60
195.138.255.18
195.138.255.16
whitelisted
ocsp.digicert.com 93.184.220.29
shared
safebrowsing.googleapis.com 142.250.186.106
2a00:1450:4001:829::200a
shared
cs9.wac.phicdn.net 93.184.220.29
shared
content-signature-2.cdn.mozilla.net 18.66.139.67
18.66.139.125
18.66.139.97
18.66.139.17
shared
push.services.mozilla.com 52.89.187.13
shared
autopush.prod.mozaws.net 52.89.187.13
whitelisted
d2nxq2uap88usk.cloudfront.net 2600:9000:225e:9a00:a:da5e:7900:93a1
2600:9000:225e:5600:a:da5e:7900:93a1
2600:9000:225e:3200:a:da5e:7900:93a1
2600:9000:225e:8800:a:da5e:7900:93a1
2600:9000:225e:a600:a:da5e:7900:93a1
2600:9000:225e:6e00:a:da5e:7900:93a1
2600:9000:225e:3600:a:da5e:7900:93a1
2600:9000:225e:4400:a:da5e:7900:93a1
18.66.139.17
18.66.139.97
18.66.139.125
18.66.139.67
shared
ocsp.pki.goog 216.58.212.163
shared
pki-goog.l.google.com 2a00:1450:4001:802::2003
216.58.212.163
whitelisted
a.siddler.com 213.188.197.227
unknown
umami.fly.dev 2a09:8280:1:58a5:1a20:48c9:225d:c5f5
213.188.197.227
unknown
fennec-catalog-cdn.prod.mozaws.net 13.32.121.24
13.32.121.5
13.32.121.102
13.32.121.84
shared
firefox-settings-attachments.cdn.mozilla.net 13.32.121.84
13.32.121.102
13.32.121.5
13.32.121.24
shared
snippets.cdn.mozilla.net 13.32.121.49
13.32.121.112
13.32.121.15
13.32.121.85
shared
sessions.bugsnag.com 2600:1901:0:7a0b::
35.190.88.7
shared
d228z91au11ukj.cloudfront.net 13.32.121.85
13.32.121.15
13.32.121.112
13.32.121.49
whitelisted
fonts.googleapis.com 142.250.184.202
2a00:1450:4001:813::200a
whitelisted
ocsp.sectigo.com 104.18.31.182
104.18.30.182
whitelisted
ocsp.comodoca.com.cdn.cloudflare.net 104.18.30.182
104.18.31.182
2606:4700::6812:1eb6
2606:4700::6812:1fb6
whitelisted
ik.imagekit.io 18.66.112.80
18.66.112.36
18.66.112.88
18.66.112.50
shared
d28h3jm4r3crf8.cloudfront.net 18.66.112.50
18.66.112.88
18.66.112.36
18.66.112.80
2600:9000:223f:8a00:15:c281:3500:93a1
2600:9000:223f:c800:15:c281:3500:93a1
2600:9000:223f:7200:15:c281:3500:93a1
2600:9000:223f:d600:15:c281:3500:93a1
2600:9000:223f:b600:15:c281:3500:93a1
2600:9000:223f:2a00:15:c281:3500:93a1
2600:9000:223f:fa00:15:c281:3500:93a1
2600:9000:223f:dc00:15:c281:3500:93a1
whitelisted
fonts.gstatic.com 142.250.186.131
shared
gstaticadssl.l.google.com 2a00:1450:4001:80f::2003
142.250.186.131
shared
www.facebook.com 157.240.27.35
shared
www.ebay.de 104.75.89.144
shared
www.youtube.com 142.250.186.110
142.250.186.142
142.250.186.174
142.250.184.206
142.250.184.238
216.58.212.142
142.250.185.78
142.250.185.110
142.250.185.142
142.250.185.174
142.250.185.206
142.250.185.238
172.217.18.110
142.250.181.238
172.217.16.142
216.58.212.174
shared
e11847.a.akamaiedge.net 104.75.89.144
whitelisted
star-mini.c10r.facebook.com 157.240.27.35
2a03:2880:f12d:83:face:b00c:0:25de
whitelisted
youtube-ui.l.google.com 216.58.212.174
172.217.16.142
142.250.181.238
172.217.18.110
142.250.185.238
142.250.185.206
142.250.185.174
142.250.185.142
142.250.185.110
142.250.185.78
216.58.212.142
142.250.184.238
142.250.184.206
142.250.186.174
142.250.186.142
142.250.186.110
2a00:1450:4001:803::200e
2a00:1450:4001:827::200e
2a00:1450:4001:828::200e
2a00:1450:4001:829::200e
whitelisted
www.wikipedia.org 91.198.174.192
shared
www.reddit.com 151.101.1.140
151.101.65.140
151.101.129.140
151.101.193.140
whitelisted
dyna.wikimedia.org 91.198.174.192
2620:0:862:ed1a::1
shared
reddit.map.fastly.net 151.101.193.140
151.101.129.140
151.101.65.140
151.101.1.140
whitelisted
shavar.services.mozilla.com 54.190.2.244
34.217.152.155
52.89.81.52
34.213.195.39
34.216.66.163
34.211.175.209
shared
shavar.prod.mozaws.net 34.211.175.209
34.216.66.163
34.213.195.39
52.89.81.52
34.217.152.155
54.190.2.244
shared
tracking-protection.cdn.mozilla.net 13.224.193.19
13.224.193.115
13.224.193.32
13.224.193.82
shared
d1zkz3k4cclnv6.cloudfront.net 13.224.193.82
13.224.193.32
13.224.193.115
13.224.193.19
shared
aus5.mozilla.org 35.244.181.201
whitelisted
a19.dscg10.akamai.net 2.22.146.16
2.22.146.88
2a02:26f0:4000::216:9258
2a02:26f0:4000::216:9210
shared
prod.balrog.prod.cloudops.mozgcp.net 35.244.181.201
whitelisted
ciscobinary.openh264.org 2.22.146.88
2.22.146.16
whitelisted
redirector.gvt1.com 2a00:1450:4001:803::200e
142.250.186.78
shared
r3---sn-5goeen7y.gvt1.com 74.125.110.136
whitelisted
r3.sn-5goeen7y.gvt1.com 74.125.110.136
2a00:1450:400f:12::8
whitelisted
normandy.cdn.mozilla.net 143.204.98.78
143.204.98.93
143.204.98.109
143.204.98.82
shared
classify-client.services.mozilla.com 34.98.75.36
whitelisted
normandy-cdn.services.mozilla.com 143.204.98.82
143.204.98.109
143.204.98.93
143.204.98.78
whitelisted
prod-classifyclient.normandy.prod.cloudops.mozgcp.net 34.98.75.36
whitelisted
maroon-tender-gaura.glitch.me 52.45.138.32
3.90.93.100
3.86.152.72
3.234.98.145
52.44.125.193
23.23.235.119
unknown
ocsp.sca1b.amazontrust.com 13.225.84.142
13.225.84.104
13.225.84.88
13.225.84.107
whitelisted
cdn.glitch.com 13.224.193.112
13.224.193.123
13.224.193.116
13.224.193.50
shared
cloud.webtype.com 104.21.11.219
172.67.167.75
2606:4700:3037::6815:bdb
2606:4700:3036::ac43:a74b
whitelisted
cs549.wac.deltacdn.net 192.229.233.123
unknown
cloud.typenetwork.com 192.229.233.123
whitelisted
detectportal.firefox.com 34.107.221.82
shared
cdn.glitch.me 13.224.193.12
13.224.193.69
13.224.193.79
13.224.193.43
malicious

Threats

PID Process Class Message
3684 firefox.exe Potentially Bad Traffic ET INFO Terse Request for .txt - Likely Hostile
3684 firefox.exe Potentially Bad Traffic ET INFO Terse Request for .txt - Likely Hostile
–– –– Misc activity ET INFO Suspicious Glitch Hosted DNS Request - Possible Phishing Landing
–– –– Misc activity ET INFO Suspicious Glitch Hosted DNS Request - Possible Phishing Landing
–– –– Misc activity ET INFO Suspicious Glitch Hosted DNS Request - Possible Phishing Landing
3684 firefox.exe Misc activity ET INFO Suspicious Glitch Hosted TLS SNI Request - Possible Phishing Landing
3684 firefox.exe Potentially Bad Traffic ET INFO Terse Request for .txt - Likely Hostile
3684 firefox.exe Potentially Bad Traffic ET INFO Terse Request for .txt - Likely Hostile

Debug output strings

No debug info.