Loading ...

Play interactive tourEdit tour

Analysis Report http://152.3.102.53/kalilinux/kali/pool/non-free/w/windows-binaries/windows-binaries_0.6.4_all.deb

Overview

General Information

Joe Sandbox Version:26.0.0 Aquamarine
Analysis ID:141281
Start date:12.06.2019
Start time:23:13:21
Joe Sandbox Product:CloudBasic
Overall analysis duration:0h 4m 1s
Hypervisor based Inspection enabled:false
Report type:full
Cookbook file name:browseurl.jbs
Sample URL:http://152.3.102.53/kalilinux/kali/pool/non-free/w/windows-binaries/windows-binaries_0.6.4_all.deb
Analysis system description:Ubuntu Linux 16.04 x64 (Kernel 4.4.0-116, Firefox 59.0, Document Viewer 3.18.2, LibreOffice 5.1.6.2, OpenJDK 1.8.0_171)
Detection:CLEAN
Classification:clean2.lin@0/66@0/0
Warnings:
Show All
  • Excluded IPs from analysis (whitelisted): 13.32.166.159, 13.32.166.198, 13.32.166.10, 13.32.166.106, 95.101.72.218, 95.101.72.200
  • Excluded domains from analysis (whitelisted): a19.dscg10.akamai.net, ciscobinary.openh264.org, incoming.telemetry.mozilla.org, a17.rackcdn.com.mdc.edgesuite.net, aus5.mozilla.org, search.services.mozilla.com, location.services.mozilla.com, activity-stream-icons.services.mozilla.com

Detection

StrategyScoreRangeReportingWhitelistedDetection
Threshold20 - 100falseclean

Classification

Mitre Att&ck Matrix

Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and Control
Valid AccountsWindows Remote ManagementHidden Files and Directories1Port MonitorsHidden Files and Directories1Credential DumpingSecurity Software Discovery1Remote File Copy1Data from Local SystemData Encrypted1Standard Cryptographic Protocol1
Replication Through Removable MediaService ExecutionPort MonitorsAccessibility FeaturesBinary PaddingNetwork SniffingApplication Window DiscoveryRemote ServicesData from Removable MediaExfiltration Over Other Network MediumStandard Non-Application Layer Protocol2
Drive-by CompromiseWindows Management InstrumentationAccessibility FeaturesPath InterceptionRootkitInput CaptureQuery RegistryWindows Remote ManagementData from Network Shared DriveAutomated ExfiltrationStandard Application Layer Protocol2
Exploit Public-Facing ApplicationScheduled TaskSystem FirmwareDLL Search Order HijackingObfuscated Files or InformationCredentials in FilesSystem Network Configuration DiscoveryLogon ScriptsInput CaptureData EncryptedRemote File Copy1

Signature Overview

Click to jump to signature section


Networking:

barindex
Connects to IPs without corresponding DNS lookupsShow sources
Source: unknownTCP traffic detected without corresponding DNS query: 152.3.102.53
Source: unknownTCP traffic detected without corresponding DNS query: 152.3.102.53
Source: unknownTCP traffic detected without corresponding DNS query: 152.3.102.53
Source: unknownTCP traffic detected without corresponding DNS query: 152.3.102.53
Source: unknownTCP traffic detected without corresponding DNS query: 152.3.102.53
Source: unknownTCP traffic detected without corresponding DNS query: 152.3.102.53
Source: unknownTCP traffic detected without corresponding DNS query: 152.3.102.53
Source: unknownTCP traffic detected without corresponding DNS query: 152.3.102.53
Source: unknownTCP traffic detected without corresponding DNS query: 152.3.102.53
Source: unknownTCP traffic detected without corresponding DNS query: 152.3.102.53
Source: unknownTCP traffic detected without corresponding DNS query: 152.3.102.53
Source: unknownTCP traffic detected without corresponding DNS query: 152.3.102.53
Source: unknownTCP traffic detected without corresponding DNS query: 152.3.102.53
Source: unknownTCP traffic detected without corresponding DNS query: 152.3.102.53
Source: unknownTCP traffic detected without corresponding DNS query: 152.3.102.53
Source: unknownTCP traffic detected without corresponding DNS query: 152.3.102.53
Source: unknownTCP traffic detected without corresponding DNS query: 152.3.102.53
Source: unknownTCP traffic detected without corresponding DNS query: 152.3.102.53
Source: unknownTCP traffic detected without corresponding DNS query: 152.3.102.53
Source: unknownTCP traffic detected without corresponding DNS query: 152.3.102.53
Source: unknownTCP traffic detected without corresponding DNS query: 152.3.102.53
Source: unknownTCP traffic detected without corresponding DNS query: 152.3.102.53
Source: unknownTCP traffic detected without corresponding DNS query: 152.3.102.53
Source: unknownTCP traffic detected without corresponding DNS query: 152.3.102.53
Source: unknownTCP traffic detected without corresponding DNS query: 152.3.102.53
Source: unknownTCP traffic detected without corresponding DNS query: 152.3.102.53
Source: unknownTCP traffic detected without corresponding DNS query: 152.3.102.53
Source: unknownTCP traffic detected without corresponding DNS query: 152.3.102.53
Source: unknownTCP traffic detected without corresponding DNS query: 152.3.102.53
Source: unknownTCP traffic detected without corresponding DNS query: 152.3.102.53
Source: unknownTCP traffic detected without corresponding DNS query: 152.3.102.53
Source: unknownTCP traffic detected without corresponding DNS query: 152.3.102.53
Source: unknownTCP traffic detected without corresponding DNS query: 152.3.102.53
Source: unknownTCP traffic detected without corresponding DNS query: 152.3.102.53
Source: unknownTCP traffic detected without corresponding DNS query: 152.3.102.53
Source: unknownTCP traffic detected without corresponding DNS query: 152.3.102.53
Source: unknownTCP traffic detected without corresponding DNS query: 152.3.102.53
Source: unknownTCP traffic detected without corresponding DNS query: 152.3.102.53
Source: unknownTCP traffic detected without corresponding DNS query: 152.3.102.53
Source: unknownTCP traffic detected without corresponding DNS query: 152.3.102.53
Source: unknownTCP traffic detected without corresponding DNS query: 152.3.102.53
Source: unknownTCP traffic detected without corresponding DNS query: 152.3.102.53
Source: unknownTCP traffic detected without corresponding DNS query: 152.3.102.53
Source: unknownTCP traffic detected without corresponding DNS query: 152.3.102.53
Source: unknownTCP traffic detected without corresponding DNS query: 152.3.102.53
Source: unknownTCP traffic detected without corresponding DNS query: 152.3.102.53
Source: unknownTCP traffic detected without corresponding DNS query: 152.3.102.53
Source: unknownTCP traffic detected without corresponding DNS query: 152.3.102.53
Source: unknownTCP traffic detected without corresponding DNS query: 152.3.102.53
Source: unknownTCP traffic detected without corresponding DNS query: 152.3.102.53
Downloads files from webservers via HTTPShow sources
Source: global trafficHTTP traffic detected: GET /kalilinux/kali/pool/non-free/w/windows-binaries/windows-binaries_0.6.4_all.deb HTTP/1.1Host: 152.3.102.53User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:59.0) Gecko/20100101 Firefox/59.0Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-aliveUpgrade-Insecure-Requests: 1
Uses HTTPSShow sources
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 47774
Source: unknownNetwork traffic detected: HTTP traffic on port 45392 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 47156
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 45392
Source: unknownNetwork traffic detected: HTTP traffic on port 58870 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 56688
Source: unknownNetwork traffic detected: HTTP traffic on port 47774 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 47156 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58870
Source: unknownNetwork traffic detected: HTTP traffic on port 56688 -> 443

System Summary:

barindex
Classification labelShow sources
Source: classification engineClassification label: clean2.lin@0/66@0/0

Persistence and Installation Behavior:

barindex
Creates hidden files and/or directoriesShow sources
Source: /usr/lib/x86_64-linux-gnu/xfce4/exo-1/exo-helper-1 (PID: 20929)Directory: /home/user/.cache
Source: /usr/lib/x86_64-linux-gnu/xfce4/exo-1/exo-helper-1 (PID: 20929)Directory: /home/user/.local
Source: /usr/lib/x86_64-linux-gnu/xfce4/exo-1/exo-helper-1 (PID: 20929)Directory: /home/user/.config
Source: /usr/lib/firefox/firefox (PID: 20938)Directory: /home/user/.cache
Writes ELF files to diskShow sources
Source: /usr/lib/firefox/firefox (PID: 20938)File written: /home/user/.mozilla/firefox/v9nzj3nw.default/gmp-gmpopenh264/1.7.1/libgmpopenh264.so.tmpJump to dropped file

Malware Analysis System Evasion:

barindex
Uses the "uname" system call to query kernel version information (possible evasion)Show sources
Source: /usr/lib/x86_64-linux-gnu/xfce4/exo-1/exo-helper-1 (PID: 20929)Queries kernel information via 'uname':
Source: /usr/lib/firefox/firefox (PID: 20938)Queries kernel information via 'uname':
Source: /usr/lib/firefox/firefox (PID: 20972)Queries kernel information via 'uname':
Source: /usr/bin/dbus-launch (PID: 20987)Queries kernel information via 'uname':
Source: /usr/bin/dbus-launch (PID: 21016)Queries kernel information via 'uname':
Source: /usr/lib/firefox/firefox (PID: 21044)Queries kernel information via 'uname':
Source: /usr/lib/firefox/firefox (PID: 21102)Queries kernel information via 'uname':

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Number of created Files
  • Is malicious
  • Internet
behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 141281 URL: http://152.3.102.53/kalilinux/kali/pool/non-free/w/window... Startdate: 12/06/2019 Architecture: LINUX Score: 2 19 152.3.102.53, 50002, 80 unknown United States 2->19 21 pipeline-edge-prod-25-561439127.us-west-2.elb.amazonaws.com 35.166.68.10, 443, 47774 unknown United States 2->21 23 4 other IPs or domains 2->23 7 exo-helper-1 2->7         started        process3 process4 9 exo-helper-1 sensible-browser x-www-browser firefox 7->9         started        process5 11 firefox dbus-launch 9->11         started        13 firefox dbus-launch 9->13         started        15 firefox lsb_release 9->15         started        17 5 other processes 9->17

Yara Overview

Initial Sample

No yara matches

PCAP (Network Traffic)

No yara matches

Dropped Files

No yara matches

Joe Sandbox View / Context

IPs

No context

Domains

No context

ASN

No context

JA3 Fingerprints

No context

Dropped Files

No context

Antivirus and Machine Learning Detection

Initial Sample

SourceDetectionScannerLabelLink
http://152.3.102.53/kalilinux/kali/pool/non-free/w/windows-binaries/windows-binaries_0.6.4_all.deb0%virustotalBrowse

Dropped Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
http://152.3.102.53/kalilinux/kali/pool/non-free/w/windows-binaries/windows-binaries_0.6.4_all.deb0%virustotalBrowse
http://152.3.102.53/kalilinux/kali/pool/non-free/w/windows-binaries/windows-binaries_0.6.4_all.deb0%Avira URL Cloudsafe

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

windows-stand

Startup

  • system is lnxubuntu1
  • exo-helper-1 (PID: 20929, Parent: 20139, MD5: c27a648e34ba5ce625d064af015be147)
    • sensible-browser (PID: 20938, Parent: 20929, MD5: a5909f49ad9c97574d2b4c49cc24905d)
    • x-www-browser (PID: 20938, Parent: 20929, MD5: 42b33a4578e4a51d8a5d1010c466a9d7)
      • which (PID: 20939, Parent: 20938, MD5: e942f154ef9d9974366551d2d231d936)
    • firefox (PID: 20938, Parent: 20929, MD5: a4440256f73e7450b27eeb48d0d5f804)
      • firefox New Fork (PID: 20940, Parent: 20938)
      • firefox New Fork (PID: 20972, Parent: 20938)
      • firefox New Fork (PID: 20987, Parent: 20938)
      • dbus-launch (PID: 20987, Parent: 20938, MD5: e4a469f27d130d783c21ce9c1c4456c3)
      • firefox New Fork (PID: 20997, Parent: 20938)
      • lsb_release (PID: 20997, Parent: 20938, MD5: 18cba7de7bfedd0d9f027bd1c54cc2b2)
      • firefox New Fork (PID: 21016, Parent: 20938)
      • dbus-launch (PID: 21016, Parent: 20938, MD5: e4a469f27d130d783c21ce9c1c4456c3)
      • firefox New Fork (PID: 21044, Parent: 20938)
      • firefox (PID: 21044, Parent: 20938, MD5: a4440256f73e7450b27eeb48d0d5f804)
      • firefox New Fork (PID: 21102, Parent: 20938)
      • firefox (PID: 21102, Parent: 20938, MD5: a4440256f73e7450b27eeb48d0d5f804)
  • cleanup

Created / dropped Files

/home/user/.cache/dconf/user
Process:/usr/lib/firefox/firefox
File Type:very short file (no magic)
Size (bytes):1
Entropy (8bit):0.0
Encrypted:false
MD5:93B885ADFE0DA089CDF634904FD59F71
SHA1:5BA93C9DB0CFF93F52B521D7420E43F6EDA2784F
SHA-256:6E340B9CFFB37A989CA544E6BB780A2C78901D3FB33738768511A30617AFA01D
SHA-512:B8244D028981D693AF7B456AF8EFA4CAD63D282E19FF14942C246E50D9351D22704A802A71C3580B6370DE4CEB293C324A8423342557D4E5C38438F0E36910EE
Malicious:false
Reputation:low
Preview:.
/home/user/.cache/mozilla/firefox/v9nzj3nw.default/activity-stream.tippytop.json.tmp
Process:/usr/lib/firefox/firefox
File Type:ASCII text, with very long lines, with no line terminators
Size (bytes):96113
Entropy (8bit):5.07563873619721
Encrypted:false
MD5:62BDBFDEDDBFC30EFDB59D45CC7A7FC5
SHA1:3440C9642B1819F56A90AC7535C003BEE6A6CD1E
SHA-256:D3152B3A62BC38881D230FD32388E2B16E89CA40C692BBB562159B592DE0893B
SHA-512:8A890ABD929ECD1466D635B18480FA82B0191FBE4631D55CA19EFB763FF8EA29E6F1EF244CE65B288C33D3D04F47F447F99AF0EBDDE462235CA790B59949DCE1
Malicious:false
Reputation:low
Preview:{"sites":{"01net.com":{"image_url":"https://static.bfmtv.com/ressources/favicon/site01net/apple-touch-icon-144x144.png"},"104.com.tw":{"image_url":"https://static.104.com.tw/logo/104logo_o_152x152_appletouchicon.png"},"1111.com.tw":{"image_url":"https://www.1111.com.tw/1111app/images/1111-job-1.png"},"123rf.com":{"image_url":"https://static-cdn.123rf.com/images/faviconBig.png"},"1688.com":{"image_url":"http://m.1688.com/144px.png"},"17173.com":{"image_url":"http://ue1.17173cdn.com/a/www/index/2015/m/img/touch-icon-120x120.png"},"17track.net":{"image_url":"http://res.17track.net/global-v2/imgs/oauth_image/apple_touch_152x152.png"},"1and1.com":{"image_url":"https://www.1and1.com/modules/frontend-elements/img/components/header/apple-touch-icon-114x114px.png"},"1tv.ru":{"image_url":"https://static.1tv.ru/assets/web/favicon/android-chrome-192x192-2414f320deff0830ead81c2d9e7da72f.png"},"20minutes.fr":{"image_url":"https://assets-v.20mn.fr/favicons/favicon-194x194.png"},"20minutos.es":{"image
/home/user/.cache/mozilla/firefox/v9nzj3nw.default/cache2/entries/7D0DF88A5F52C22C222EA72EA1AC18B62CF57B56
Process:/usr/lib/firefox/firefox
File Type:data
Size (bytes):15205
Entropy (8bit):5.9920770007133735
Encrypted:false
MD5:B35CD78D3CFE130C85230F04C7B2A25A
SHA1:AA054BE457F351E37E40E457F418497106C5ACEB
SHA-256:AE04AF4BC5114DC78EC08C38BBB4715760D98DF320181E523F7700C13E72B465
SHA-512:A60DD3FCE8BC05B8AB46A7E5570508E51CDEFD5AF018D0F5648EA3360F60B98CAC4C854B9D842FF7DADC9873D479796A8E80F980D8FEF747B7B58E36940DEE43
Malicious:false
Reputation:low
Preview:{"cohort": "nov17-1", "interval": 86400, "settings": {"visibleDefaultEngines": ["amazondotcom", "bing", "ebay-ch", "google", "twitter", "wikipedia", "ddg"]}}`.T6..........]..p]..p@w.........]....:https://search.services.mozilla.com/1/firefox/59.0/release-cck-ubuntu/en-US/CH/canonical/1.0.necko:classified.1.strongly-framed.1.security-info.FnhllAKWRHGAlo+ESXykKAAAAAAAAAAAwAAAAAAAAEaphjojH6pBabDSgSnsfLHeAAQAAgAAAAAAAAAAAAAAAAAAAAAB4vFIJp5wRkeyPxAQ9RJGKPqbqVvKO0mKuIl8ec8o/uhmCjImkVxP+7sgiYWmMt8FvcOXmlQiTNWFiWlrbpbqgwAAAAAAAAVjMIIFXzCCBEegAwIBAgIQAX5FoxqlC8NQU7xQ+babrTANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5EaWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTcxMDAzMDAwMDAwWhcNMjAwMTA4MTIwMDAwWjCBkjELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcxHDAaBgNVBAoTE01vemlsbGEgQ29ycG9yYXRpb24xFzAVBgNVBAsTDkNsb3VkIFNlcnZpY2VzMR8wHQYDVQQDDBYqLnNlcnZpY2VzLm1vemlsbGEuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwSgqiCZshdmk7h4t7W5C
/home/user/.cache/mozilla/firefox/v9nzj3nw.default/cache2/entries/919E56FAB432C2B68E3E3098A47701E5788CA22E
Process:/usr/lib/firefox/firefox
File Type:data
Size (bytes):98
Entropy (8bit):4.681727391488289
Encrypted:false
MD5:9E032A312AC9A1B0F4B95C5CE42633A5
SHA1:8D6FDCC80B650EEB0D1393AEC5DDBBC7DF3F3930
SHA-256:2D78C286265ACDAE4E84029CC670CEC25ADA8DB9FFEA26B83D79038EEF1D6A5C
SHA-512:4447EE338EEEFAFFC0159F61AD69FFAB84F6EB8311F1C9403F549E0E407749FD289B5D5D4806F5CFAE151E8D34B1D9C3BEE6126E1558CEEC80465ABFB7267D63
Malicious:false
Reputation:low
Preview:OB..........]..p]..p@w.........'....~predictor-origin,:http://152.3.102.53/.predictor::seen.1.....
/home/user/.cache/mozilla/firefox/v9nzj3nw.default/cache2/entries/E293DE1609300BB1B8A8CA45B3A45EB3CB38903B
Process:/usr/lib/firefox/firefox
File Type:Zip archive data, at least v2.0 to extract
Size (bytes):526842
Entropy (8bit):7.992162652934228
Encrypted:true
MD5:C0C9A4F5DCAA1C2B262010BFAA13A526
SHA1:31BEEF0E78DE22F1966598F900DB9A062CECA386
SHA-256:863B9C765A2CECB030ED51CFF57F671293EF7673D320EC80D09A8EF4047C5B1A
SHA-512:B9093D17CF0906F0E543F4B667F5E0F5A2DB19DDA5664F313B83A1360581B38FEEBEE6C1991AC8D0152EFF1620584967F6AB24543D4E04E7792918844C8B7FB3
Malicious:false
Reputation:low
Preview:PK........ ..K.a.a...t.......gmpopenh264.infoUT......Y...Yux..............K.M.RH.-./H..023.rI-N..,(...Rp..P..)M..SH./R..*..*...K-*..0.3.3.r..,.RH.K.OI.-.LI.............PK......../..K..V2U....y......libgmpopenh264.soUT...)..Y)..Yux..............].\S... "*bDT......b.UP......^"E...b..=.]c=..w..5....7..z.'....w..ss/L6.........{.....q._..-..K.[...R.-...rn.)..M...lI...-yO.......).#.....{zu..%...w...<..N...{..+.i._....>.9...O...H.g.K.Z....=..:................-..jy'....mu".5\...c..\)R.W....<.4..36.....2.2...9n.$.....WQ.2...X.Sm=.2....L:..yR;..2"ci...........{...3.4.+!3n.JU..9...rNj.-1V.x....c"..j...}....._-i.../7.ZK+.g|.T,.c^5(.t...\e].^e..I..;gpr.X*.2.L."...<...X.I..j.<L8.<{....t(...7RYH..*.+..D&\...~....Ld.IE..3.:.....rv.8....4.....Frf.Db...=.U...yf*3..2cSN&..r...&..u9.....Y..%.U\.g6Z^..../w.......IEF9&..3.9.X.o.p....:S\......Is.l ....q...m..\....c../.!m7.M.|l.....4....T&.ff&..L$z.q`....X.\5..".iV.3.r*Ndy.2...|...s........w.*.!..Le....716"....
/home/user/.cache/mozilla/firefox/v9nzj3nw.default/cache2/entries/FC8B11D4F8E2E45CF3B7D3E8C510CAB3B1CF3AA9
Process:/usr/lib/firefox/firefox
File Type:Debian binary package (format 2.0)
Size (bytes):2389825
Entropy (8bit):7.9996387118374175
Encrypted:true
MD5:DC24A354E3351A310D6DE6EE521FFBAD
SHA1:3D4A1A939FEB9D96A51A44FDB8FA7E35F5F768F4
SHA-256:5789BB3BC5A2D49DF67B1FF7D765CF014896EA88556320CF2F030BC05AD9A3BF
SHA-512:7881BC19DAC0BA341CDF2B9980EABE18DDF896FE033618BC8F15069CB6BE8A3DF2FCCF6AA572D912B607DD67A19255293393FBD44E3A443E266EA05D083C10C6
Malicious:false
Reputation:low
Preview:!<arch>.debian-binary 1560264689 0 0 100644 4 `.2.0.control.tar.xz 1560264689 0 0 100644 1580 `..7zXZ.....F.....P!..........4-k.'...].....}....J>y...&.Y:..d.GP.3b...({.r.[...gf..'d.2....q........zW"$..n....B.*s_....j`.)O&<....I.+..R.&.ET.. ..X.P..u.5.Y..k.Mz)..,.'.q9K....H.8....v"YE.zT"U&......~cU....SA..]<&!5.t..OE.+....]..B@$.O...5_.@`.......+..L..O....m3....+..4$...'Y.....9Q*0b2.D.!.......pQqW.z... h...a. 4F."(5.@..}....L:fA7.w....W...<..&.%......C.6.+.....!ER......#.Wj...+.r...B.Uh.>..|....".g.).;!....x..1..{&...<.R<f.2.USvQ!2T._=.Q...@...."...(K.R.x..)4.........[C..\.]A.~....-.....^.'.z....w..#...'.2.....C-R..p...o_.........s.q$.B././.D.8`...Mt....X.T-2DE.p....MO..G.l.>.2...M.3'..g......................?....L.qV;.....x.._...*......s,o.t.. |.j.$...a1...32.D..98..b....C...b.@.."K..`..da6=.b...Ad....oI.....c.KV.]y..]M...*..:..1.8...R.w*..T=....U.K...L\.R.3k.1... ..9...N..".D..B.q..]@>..9g[9...0.$\k....X.....xW.
/home/user/.cache/mozilla/firefox/v9nzj3nw.default/safebrowsing-updating/allow-flashallow-digest256.pset
Process:/usr/lib/firefox/firefox
File Type:data
Size (bytes):16
Entropy (8bit):0.3372900666170139
Encrypted:false
MD5:076933FF9904D1110D896E2C525E39E5
SHA1:4188442577FA77F25820D9B2D01CC446E30684AC
SHA-256:4CBBD8CA5215B8D161AEC181A74B694F4E24B001D5B081DC0030ED797A8973E0
SHA-512:6FCEE9A7B7A7B821D241C03C82377928BC6882E7A08C78A4221199BFA220CDC55212273018EE613317C8293BB8D1CE08D1E017508E94E06AB85A734C99C7CC34
Malicious:false
Reputation:low
Preview:................
/home/user/.cache/mozilla/firefox/v9nzj3nw.default/safebrowsing-updating/allow-flashallow-digest256.sbstore
Process:/usr/lib/firefox/firefox
File Type:data
Size (bytes):232
Entropy (8bit):3.59524688231097
Encrypted:false
MD5:D886A47C89D9C49C795DA345BC236990
SHA1:59E863E0D2B4E428D8C738D48FA0F6F7BAC36849
SHA-256:A03C5E2656D2F292BF5794C8EEB8D223CD6BA4F4BFB2ED1F325460E879D0BCF7
SHA-512:8B5A117BC33463F181458F0A99C14657B365CE2A7695DB346D2D086109176AD019DBD5A5F34F09DC3438E6C89CA93D83875DAA6D463EB06D995A2523FE51A5ED
Malicious:false
Reputation:low
Preview:;.1..............................C.X....x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x.......5...8........G...r.E...&Y...Z.;O.C.X....Y9.H...]..
/home/user/.cache/mozilla/firefox/v9nzj3nw.default/safebrowsing-updating/base-track-digest256.pset
Process:/usr/lib/firefox/firefox
File Type:data
Size (bytes):16
Entropy (8bit):0.3372900666170139
Encrypted:false
MD5:076933FF9904D1110D896E2C525E39E5
SHA1:4188442577FA77F25820D9B2D01CC446E30684AC
SHA-256:4CBBD8CA5215B8D161AEC181A74B694F4E24B001D5B081DC0030ED797A8973E0
SHA-512:6FCEE9A7B7A7B821D241C03C82377928BC6882E7A08C78A4221199BFA220CDC55212273018EE613317C8293BB8D1CE08D1E017508E94E06AB85A734C99C7CC34
Malicious:false
Reputation:low
Preview:................
/home/user/.cache/mozilla/firefox/v9nzj3nw.default/safebrowsing-updating/base-track-digest256.sbstore
Process:/usr/lib/firefox/firefox
File Type:data
Size (bytes):64888
Entropy (8bit):7.7710650452659005
Encrypted:false
MD5:CD82F4495EAFE523B9B6B938C828611B
SHA1:F81F7EDE77BAEB51D397DF96E337677E4957DB7B
SHA-256:576A0D2C3AD8D66BB202439B18F9FD563F92D9DDD9582A3C4CCE0ECAFD4F0908
SHA-512:2AE3B849C601B9614FA26C77FD63B9C022A5871E0A4322929DD3589F14F5AA4E4A368C41FC2BF732CD861B1DB9542D889172812C2CD2242006562FC24E78F7E7
Malicious:false
Reputation:low
Preview:;.1..............................$(Z....x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x.........0...6....#....O......Rg.m../.$(Z...z+...m....S..5..6..H.e..B...$(Z.Yo..V..}B1.1k.........oS...y%..$(Z.q#..QD.:..",=(.....l.......7.O..$(Z...*.q.......A-@..R.,.m.....4.$(Z......AS..F...b.. .V....o.Rs.3.$(Z...ua...`...-.#,..{....D..RI....$(Z..'.Y.....<~..H.(.).}...7...#w..$(Z.N...P......o.}4.<......'.@py....$(Z.U.......V.yb...n......E.>.....$(Z.Y..(.xZ..}...aFfuj.x.......@..$(Z.h}...W@hC..6.B|xoU/VY.p.....4..$(Z...#...g.T..<BwH.t...4..#.jN:...$(Z..Z7.15.J@h...Q..x....k.?.{..B.$(Z..p..i...W.H..JQ.y\|3vD.~.).f..$(Z...U....X..3.}..*,.>..c."9o.<.$(Z...C.....8u..H.....a..j..Xb..n..$(Z..mR......D..qD#...w....f.O.?...$(Z.Sx..W......v.>7v...>..g.{......$(Z.S.~,(.F."o.d.L.-P..h...v...\..$(Z...5X.....=....z'c..^..R.{..<..$(Z..l...-...>..X.^..8..`...%.Y#...$(Z...s...R!C>.W.$.........
/home/user/.cache/mozilla/firefox/v9nzj3nw.default/safebrowsing-updating/block-flash-digest256.pset
Process:/usr/lib/firefox/firefox
File Type:data
Size (bytes):16
Entropy (8bit):0.3372900666170139
Encrypted:false
MD5:076933FF9904D1110D896E2C525E39E5
SHA1:4188442577FA77F25820D9B2D01CC446E30684AC
SHA-256:4CBBD8CA5215B8D161AEC181A74B694F4E24B001D5B081DC0030ED797A8973E0
SHA-512:6FCEE9A7B7A7B821D241C03C82377928BC6882E7A08C78A4221199BFA220CDC55212273018EE613317C8293BB8D1CE08D1E017508E94E06AB85A734C99C7CC34
Malicious:false
Reputation:low
Preview:................
/home/user/.cache/mozilla/firefox/v9nzj3nw.default/safebrowsing-updating/block-flash-digest256.sbstore
Process:/usr/lib/firefox/firefox
File Type:data
Size (bytes):7648
Entropy (8bit):7.734433994790214
Encrypted:false
MD5:0E8FE60CCD7E9B4C32589A5743A95302
SHA1:190F3BC536C9489C707AE31DA32BF86947EA5D78
SHA-256:2B124D4026850A3CFFD28DBACB58AEC28F7DCD4D40BC14E52BBE96D60CE4E749
SHA-512:0AF17BD91464F26072F42BACFBB6BA72E68FA07B9D5801A92B14624CC51EBD00AB127272CECD8DF6FE650FE07BF170FD6422D70C2E8CD8F9AD94BC11548446BD
Malicious:false
Reputation:low
Preview:;.1.............................f*/Y....x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x........T..]..h...........t.V..@..'.f*/Y.hy..../..s:....@R$.Q...w..V...f*/Y..Y..1...c./!>O.3!..2...f L.x.6f*/Y..&F.}......ez.N.R..j....3.;.if*/Y....t.J....b.n...5aL...../...f*/Y.dm....5.S.k...y+.....T.....Q>f*/Y..-..nj.p..z....g...^*T......f*/Y...`.t9..(...@..'..u.8v%.d..^.f*/Y...Z>Z_.b.[).B!/..U.W.y!.G.u..f*/Y..@..WG...PAG.I=tsO.......`.N.f*/Y.f?..G....;.c.`X....z....j...K|f*/Y.j....A-'v...].]-.....Q..L.4.Jf*/Y.{a...!.-#...7.b..\h*.4.~..=.ff*/Y..{B.7...Bx.K..@.v...76."..hf*/Y..;..Q.......!.<...Bd9I.....Mf*/Y.B.*.mFYTJ..5..yj".T.........f*/Y. ..'.',1...D......".L/......e.Yf*/Y.!W..C..W$........8h.A..Nr;}mf*/Y.[..6n.ZkJ.....2........xn.*.f*/Y..,..8n..*-E.....s.|.N..2..Z..f*/Y....C.EI....21w.l...Q.p ....f..f*/Y.K....J..+.C:...v1...jo.7......f*/Y.C."..c.].,@.....u.}.....~
/home/user/.cache/mozilla/firefox/v9nzj3nw.default/safebrowsing-updating/block-flashsubdoc-digest256.pset
Process:/usr/lib/firefox/firefox
File Type:data
Size (bytes):16
Entropy (8bit):0.3372900666170139
Encrypted:false
MD5:076933FF9904D1110D896E2C525E39E5
SHA1:4188442577FA77F25820D9B2D01CC446E30684AC
SHA-256:4CBBD8CA5215B8D161AEC181A74B694F4E24B001D5B081DC0030ED797A8973E0
SHA-512:6FCEE9A7B7A7B821D241C03C82377928BC6882E7A08C78A4221199BFA220CDC55212273018EE613317C8293BB8D1CE08D1E017508E94E06AB85A734C99C7CC34
Malicious:false
Reputation:low
Preview:................
/home/user/.cache/mozilla/firefox/v9nzj3nw.default/safebrowsing-updating/block-flashsubdoc-digest256.sbstore
Process:/usr/lib/firefox/firefox
File Type:data
Size (bytes):82744
Entropy (8bit):7.772258239877141
Encrypted:false
MD5:04824A1F92353F43EBB9E7F74B7476FD
SHA1:C2636E8FFA8A5256D7D1F21E147101356E783114
SHA-256:B48E58EBAB82E4C376F16150A3FFF850C1111FF1F5985D68819CFD6F0DB159D2
SHA-512:92914B56FB2BDCDDCC1BEE2BF4DC98420CF0B923D380BB889C8A6EBC333D74EA4DDCA915218BEA0E729782C4904983424F1DE15BE7087C5A5338AED7319A03E5
Malicious:false
Reputation:low
Preview:;.1.............................a.!Z....x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x.........0...6....#....O......Rg.m../a.!Z....Nt.*HO5..*... ..UM..7<....a.!Z...R..Cl.&/ZM....L...n..9.k.7<.a.!Z...z+...m....S..5..6..H.e..B..a.!Z.Yo..V..}B1.1k.........oS...y%.a.!Z.a{.{..>...M.3....[.THR..>...a.!Z.b.K#.... ..!D.n...}...#k..N..a.!Z.q#..QD.:..",=(.....l.......7.O.a.!Z...*.q.......A-@..R.,.m.....4a.!Z...Z....]..v..M.&.t...C.D.PA.h..a.!Z......AS..F...b.. .V....o.Rs.3a.!Z...ua...`...-.#,..{....D..RI...a.!Z..'.Y.....<~..H.(.).}...7...#w.a.!Z.N...P......o.}4.<......'.@py...a.!Z.U.......V.yb...n......E.>....a.!Z.V..<.>>....r..In+....v. :L.~..a.!Z.Y..(.xZ..}...aFfuj.x.......@.a.!Z.h}...W@hC..6.B|xoU/VY.p.....4.a.!Z...#...g.T..<BwH.t...4..#.jN:..a.!Z..Z7.15.J@h...Q..x....k.?.{..Ba.!Z..p..i...W.H..JQ.y\|3vD.~.).f..a.!Z..)Z.ns.@......O..F...c.9[x.pa.!Z...U....X..3.}..*,.>..c."
/home/user/.cache/mozilla/firefox/v9nzj3nw.default/safebrowsing-updating/except-flash-digest256.pset
Process:/usr/lib/firefox/firefox
File Type:data
Size (bytes):16
Entropy (8bit):0.3372900666170139
Encrypted:false
MD5:076933FF9904D1110D896E2C525E39E5
SHA1:4188442577FA77F25820D9B2D01CC446E30684AC
SHA-256:4CBBD8CA5215B8D161AEC181A74B694F4E24B001D5B081DC0030ED797A8973E0
SHA-512:6FCEE9A7B7A7B821D241C03C82377928BC6882E7A08C78A4221199BFA220CDC55212273018EE613317C8293BB8D1CE08D1E017508E94E06AB85A734C99C7CC34
Malicious:false
Reputation:low
Preview:................
/home/user/.cache/mozilla/firefox/v9nzj3nw.default/safebrowsing-updating/except-flash-digest256.sbstore
Process:/usr/lib/firefox/firefox
File Type:data
Size (bytes):268
Entropy (8bit):4.291717925117119
Encrypted:false
MD5:C921D8E98FA01B4F303481E112202E92
SHA1:9D23B452AD0D06C355477CF70E3AA5D0ADFE6278
SHA-256:4EF1038730EC8BC7206713C29A936768831B922C5E6C83355FD62D7401D8C1DC
SHA-512:D06422752562AFD1F8B94FF09FC9460BE58E07A84FC537FB6B56B1551C37DB7E56CB7932CC2D27D2FFE2CBAB6EC85BDDA6778F2E812E69E5193FCD6BC77066F2
Malicious:false
Reputation:low
Preview:;.1.............................Q..Y....x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x.......C..8.r..M.'j....-...~.B........Q..Y_.P..........X+.s.........cWn..Q..Y........g.,.}t.!
/home/user/.cache/mozilla/firefox/v9nzj3nw.default/safebrowsing-updating/except-flashallow-digest256.pset
Process:/usr/lib/firefox/firefox
File Type:data
Size (bytes):16
Entropy (8bit):0.3372900666170139
Encrypted:false
MD5:076933FF9904D1110D896E2C525E39E5
SHA1:4188442577FA77F25820D9B2D01CC446E30684AC
SHA-256:4CBBD8CA5215B8D161AEC181A74B694F4E24B001D5B081DC0030ED797A8973E0
SHA-512:6FCEE9A7B7A7B821D241C03C82377928BC6882E7A08C78A4221199BFA220CDC55212273018EE613317C8293BB8D1CE08D1E017508E94E06AB85A734C99C7CC34
Malicious:false
Reputation:low
Preview:................
/home/user/.cache/mozilla/firefox/v9nzj3nw.default/safebrowsing-updating/except-flashallow-digest256.sbstore
Process:/usr/lib/firefox/firefox
File Type:data
Size (bytes):232
Entropy (8bit):3.6124882616213143
Encrypted:false
MD5:6F85BC4B2ECB49E26B0BD83A821065D0
SHA1:4DF430B4D63605E41855DBCB3837A189D4CC7604
SHA-256:C0B3BC9B3DC507AB654CAF72D13C3AEFA58C9B13B1E4D14DD8816712D80A7E54
SHA-512:AE7688D501A1F59D4C247ED57BA0547F6376748AF57F554BA1B6DE0EF358ED5868721886BAF94813979B3A9968EC330CE11C41767E4AF42DB413EFC9556C2E22
Malicious:false
Reputation:low
Preview:;.1..............................C.X....x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x.......U...f.....aJ.-.....b..rE..{....C.X...U.K..yP.SQS.
/home/user/.cache/mozilla/firefox/v9nzj3nw.default/safebrowsing-updating/except-flashsubdoc-digest256.pset
Process:/usr/lib/firefox/firefox
File Type:data
Size (bytes):16
Entropy (8bit):0.3372900666170139
Encrypted:false
MD5:076933FF9904D1110D896E2C525E39E5
SHA1:4188442577FA77F25820D9B2D01CC446E30684AC
SHA-256:4CBBD8CA5215B8D161AEC181A74B694F4E24B001D5B081DC0030ED797A8973E0
SHA-512:6FCEE9A7B7A7B821D241C03C82377928BC6882E7A08C78A4221199BFA220CDC55212273018EE613317C8293BB8D1CE08D1E017508E94E06AB85A734C99C7CC34
Malicious:false
Reputation:low
Preview:................
/home/user/.cache/mozilla/firefox/v9nzj3nw.default/safebrowsing-updating/except-flashsubdoc-digest256.sbstore
Process:/usr/lib/firefox/firefox
File Type:data
Size (bytes):304
Entropy (8bit):4.70325744277424
Encrypted:false
MD5:BA0009932844173BC8F9AF264229DF24
SHA1:C8F6956FA86F4E9CF71599B735E28860245AE4B5
SHA-256:66D1C00C04D86E313E9A02775CDF906B1BE8D4CD6BEF423A1B9E21CC4E9F50C1
SHA-512:582D7F28F41E6A7A5F882D15EC1F48D0BE57DC63E1A0D6E6A8BBD442A3AC27E38E0C3FDB3E1C30F416C41649391AFDE61F8079844B61A4995E0AB34D6CC8E745
Malicious:false
Reputation:low
Preview:;.1...............................yZ....x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x.......#...).=..HZE.E.........9N..u3.....yZ..?\.I.u...Mk..<.......Ly......yZ.J...t...{.6w..y.m......Xj..yZ.w....m .U-.mCL.
/home/user/.cache/mozilla/firefox/v9nzj3nw.default/safebrowsing-updating/mozplugin-block-digest256.pset
Process:/usr/lib/firefox/firefox
File Type:data
Size (bytes):16
Entropy (8bit):0.3372900666170139
Encrypted:false
MD5:076933FF9904D1110D896E2C525E39E5
SHA1:4188442577FA77F25820D9B2D01CC446E30684AC
SHA-256:4CBBD8CA5215B8D161AEC181A74B694F4E24B001D5B081DC0030ED797A8973E0
SHA-512:6FCEE9A7B7A7B821D241C03C82377928BC6882E7A08C78A4221199BFA220CDC55212273018EE613317C8293BB8D1CE08D1E017508E94E06AB85A734C99C7CC34
Malicious:false
Reputation:low
Preview:................
/home/user/.cache/mozilla/firefox/v9nzj3nw.default/safebrowsing-updating/mozplugin-block-digest256.sbstore
Process:/usr/lib/firefox/firefox
File Type:data
Size (bytes):3580
Entropy (8bit):7.671891447828382
Encrypted:false
MD5:D6ACF2573E12AFDD7939568804D3FCC1
SHA1:5C54AD3FF47C6B925E7AC17D361FE0FA60B9181E
SHA-256:5525CBF8F8DC41D19AC632ED324E55293A510AE0EEBA16D0E3F33C707AA58A0C
SHA-512:1F72C01AA332A6E3FC5F966ED2B12534653BCACF2DC242850877961CC4C16AC3BD1846939D56EA6E230A71F336F4B37F67E0070DDDB66D57BB51526DE52819CA
Malicious:false
Reputation:low
Preview:;.1.....................^..........W....x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x.............p.....a.....J.B..gZ.........W....+.O..!l$...K...aP....C.5......W..;..t7p.'..qR..,....x..lP..Z...W.1.[.8..^...x.T)..}.Uj2.t..._.B...W.......1.f|....;.m..i...........W.Q....";...'N..o>....UD..........W.Um..Uz"K...H`."e..|...'...L...v...W.B...`..r{@...J.*^....@r...B....W.}..A.......@..A.G.q...@.5.....W Iod}..zV*D../xY..p..h.Z.`i&......W$HWYI.;.~..m.~..5....`.$.J.....W)w.\...t.'[!....#...G~]..CS>.@{...W*$.u..%.H4....p\|..v..)...........W4.8....g.iQE...t.....z.X....N.....W5Feb).<@3Z._..f...e.y.....u.....W6;.')..K.0.b9G.2.n........eP.d.....W6]Y1_A]xZM.L./ozM1S^.a.s....P.H...W77......Oc......g.R....d9F.9.sY...W8.....[.-..............@.?.......W9.R,.j<.G..{.<.,.8..hW.V"../....W<...#5../......@ij...8%0.gX..6...W?.......V..Z\.)..P...w.f...-...W@....c.m.I...G.q.H.R.E.. .*
/home/user/.cache/mozilla/firefox/v9nzj3nw.default/safebrowsing-updating/mozstd-trackwhite-digest256.pset
Process:/usr/lib/firefox/firefox
File Type:data
Size (bytes):16
Entropy (8bit):0.3372900666170139
Encrypted:false
MD5:076933FF9904D1110D896E2C525E39E5
SHA1:4188442577FA77F25820D9B2D01CC446E30684AC
SHA-256:4CBBD8CA5215B8D161AEC181A74B694F4E24B001D5B081DC0030ED797A8973E0
SHA-512:6FCEE9A7B7A7B821D241C03C82377928BC6882E7A08C78A4221199BFA220CDC55212273018EE613317C8293BB8D1CE08D1E017508E94E06AB85A734C99C7CC34
Malicious:false
Reputation:low
Preview:................
/home/user/.cache/mozilla/firefox/v9nzj3nw.default/safebrowsing-updating/mozstd-trackwhite-digest256.sbstore
Process:/usr/lib/firefox/firefox
File Type:data
Size (bytes):326032
Entropy (8bit):7.773045611620996
Encrypted:false
MD5:BDAA2A3B4259EBF8DD87E5769B1BF3F4
SHA1:BDECB51FED41F111CFB19C30E377AA165C0DD7E3
SHA-256:8408968DAE85E51EA6B0CA7123B0DDFD7425D3013BA311BB1CBE135FFF0E5BDA
SHA-512:ACDA5C6344CC51E0921C116CB03395F8027F0E1077D5027CA4B6B33E2C1AB663C319EEAB22D7ECF968702324BEDC882F518BDE7711CB140A059D7997580054CF
Malicious:false
Reputation:low
Preview:;.1.....................[#.........Z....x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x.............TV8.1..h@)..N.5.J..._.:BcT...Z..a...'&.k.$..#.Y... -..W..(...Z.".`....T..../[..A3..FI.rN<%N."...Z.#<.k.+^5Q..k..jMY>.tj+.e....J...Z.,.3b.E9ZC.j..N..l&3.XS.~b...B...Z.-.s.vf^..9)#x<{.Y...<....z......Z.?Yj...br4...........J.Z!........Z.M...+.UJ.)..r..{.t.....f..B...Z.R2."..'..k..9/z..`7d..#BmeN.j...Z.T.........}i.<............y...Z.U.6..."P'/.....J.....>j.E....O...Z.b.&.-1.....7..[.UOS.W....=..R...Z.m.#..,..D.&._^.jy.i...p.....hO...Z.p...RrKJR.U..c"bG7.y.5..YU........Z....a.):.;rk...U..P.....^..?.KV....Z....'..>.$.B...3}...T.....E+.......Z..H.K(.!.A.....(.....H...D....Z...&q......Y.m4.D.'..S~..w.........Z..(......7......h.5..P........4...Z..=#.u@.9.-21.*.x....Gs....^.Ep...Z..L..m.'..%.;..[.......z.DVn:...Z.....8?.....h....q....!.j........Z..oj.........X...}...F...
/home/user/.cache/mozilla/firefox/v9nzj3nw.default/safebrowsing-updating/test-block-simple-1.sbstore
Process:/usr/lib/firefox/firefox
File Type:data
Size (bytes):232
Entropy (8bit):3.367009024331335
Encrypted:false
MD5:E2CF527CA7550B7E7BDF7311E483A2C3
SHA1:C354190BB2B8A00A6051EF2FB86E189AB053FE93
SHA-256:F1E07B1D717433F47073DC54A7D98E3E87B3D0FA88E53466F93EA544AF885D11
SHA-512:7A585735ABFB1292B9FC4709B797F09C6BE4DC90A133FBEDB14428AAE79C6DE5FAAE0B151758A75BF90566C98E5BD2A8201E738F321688180BC5B5814A97BB69
Malicious:false
Reputation:low
Preview:;.1.....................................x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x.........`E.eK.zQ.....H..`T1l..............`.j..G1I...r..
/home/user/.cache/mozilla/firefox/v9nzj3nw.default/safebrowsing-updating/test-block-simple.pset
Process:/usr/lib/firefox/firefox
File Type:data
Size (bytes):28
Entropy (8bit):0.37123232664087563
Encrypted:false
MD5:E2CECF06A89B4A6D968486F17F30DA5D
SHA1:46757A7F71DCFBEB5511665F123810148727324E
SHA-256:E6B10FF8681FB7461557E6227D036617C7ECFC6E31A35412F8A5F72C217F318B
SHA-512:5CFFECE9AF2B403AE150E8D2E755E7E3A71BDDED474293D846CD1A6231C1403261F4B5E6069A0A933738D5CC33F7EA8CC043C721594679E17FC5E8225F3F33C6
Malicious:false
Reputation:low
Preview:............................
/home/user/.cache/mozilla/firefox/v9nzj3nw.default/safebrowsing-updating/test-block-simple.sbstore
Process:/usr/lib/firefox/firefox
File Type:data
Size (bytes):232
Entropy (8bit):3.367009024331335
Encrypted:false
MD5:E2CF527CA7550B7E7BDF7311E483A2C3
SHA1:C354190BB2B8A00A6051EF2FB86E189AB053FE93
SHA-256:F1E07B1D717433F47073DC54A7D98E3E87B3D0FA88E53466F93EA544AF885D11
SHA-512:7A585735ABFB1292B9FC4709B797F09C6BE4DC90A133FBEDB14428AAE79C6DE5FAAE0B151758A75BF90566C98E5BD2A8201E738F321688180BC5B5814A97BB69
Malicious:false
Reputation:low
Preview:;.1.....................................x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x.........`E.eK.zQ.....H..`T1l..............`.j..G1I...r..
/home/user/.cache/mozilla/firefox/v9nzj3nw.default/safebrowsing-updating/test-harmful-simple-1.sbstore
Process:/usr/lib/firefox/firefox
File Type:data
Size (bytes):232
Entropy (8bit):3.3293711760593867
Encrypted:false
MD5:051FB32DECE757BA112AC36DC72E3A91
SHA1:A30D26CEE0F69FA67BF9E60BA692F4831373CC07
SHA-256:0806D98FB3DE55F75D7C0B17E26146567E08C483031526659A4A35D09B97EF19
SHA-512:ADD2D3C503616070F056EA4E3A64FB54A2D8E75AF8FD5D9F1F8EE6B72A1D548FD4AB7D4A3256E4A6F4E1422631439DB62B251EE3F9D07B38A612AFF5E58936D5
Malicious:false
Reputation:low
Preview:;.1.....................................x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........1.....}/9<...?.nyg....N}........<<.@....{..]{:p
/home/user/.cache/mozilla/firefox/v9nzj3nw.default/safebrowsing-updating/test-harmful-simple.pset
Process:/usr/lib/firefox/firefox
File Type:data
Size (bytes):28
Entropy (8bit):0.37123232664087563
Encrypted:false
MD5:E2CECF06A89B4A6D968486F17F30DA5D
SHA1:46757A7F71DCFBEB5511665F123810148727324E
SHA-256:E6B10FF8681FB7461557E6227D036617C7ECFC6E31A35412F8A5F72C217F318B
SHA-512:5CFFECE9AF2B403AE150E8D2E755E7E3A71BDDED474293D846CD1A6231C1403261F4B5E6069A0A933738D5CC33F7EA8CC043C721594679E17FC5E8225F3F33C6
Malicious:false
Reputation:low
Preview:............................
/home/user/.cache/mozilla/firefox/v9nzj3nw.default/safebrowsing-updating/test-harmful-simple.sbstore
Process:/usr/lib/firefox/firefox
File Type:data
Size (bytes):232
Entropy (8bit):3.3293711760593867
Encrypted:false
MD5:051FB32DECE757BA112AC36DC72E3A91
SHA1:A30D26CEE0F69FA67BF9E60BA692F4831373CC07
SHA-256:0806D98FB3DE55F75D7C0B17E26146567E08C483031526659A4A35D09B97EF19
SHA-512:ADD2D3C503616070F056EA4E3A64FB54A2D8E75AF8FD5D9F1F8EE6B72A1D548FD4AB7D4A3256E4A6F4E1422631439DB62B251EE3F9D07B38A612AFF5E58936D5
Malicious:false
Reputation:low
Preview:;.1.....................................x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........1.....}/9<...?.nyg....N}........<<.@....{..]{:p
/home/user/.cache/mozilla/firefox/v9nzj3nw.default/safebrowsing-updating/test-malware-simple-1.sbstore
Process:/usr/lib/firefox/firefox
File Type:data
Size (bytes):232
Entropy (8bit):3.3683561037768297
Encrypted:false
MD5:3675254E341DF799D4307C1F59109185
SHA1:8711844A41A4ACE77BA0A01A4D3AF2B2E59E6A75
SHA-256:23D108134BED6099793F7DD6B8B6E62081EC3B945EFDBC7C5E0E779FD9B82F98
SHA-512:9344CA1456E1E74A4DAC833E0AF55DB9730F8AB2954A855B4A775A938B2055C86EFF367F25BAE80F2FFEA45ACEBADE10A8347ADD18222E715620DD864F2D8E4F
Malicious:false
Reputation:low
Preview:;.1.....................................x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x........B.WG..a..E.+`D8.....a. ...D...q......w...X.Z.Z...~.
/home/user/.cache/mozilla/firefox/v9nzj3nw.default/safebrowsing-updating/test-malware-simple.pset
Process:/usr/lib/firefox/firefox
File Type:data
Size (bytes):28
Entropy (8bit):0.37123232664087563
Encrypted:false
MD5:E2CECF06A89B4A6D968486F17F30DA5D
SHA1:46757A7F71DCFBEB5511665F123810148727324E
SHA-256:E6B10FF8681FB7461557E6227D036617C7ECFC6E31A35412F8A5F72C217F318B
SHA-512:5CFFECE9AF2B403AE150E8D2E755E7E3A71BDDED474293D846CD1A6231C1403261F4B5E6069A0A933738D5CC33F7EA8CC043C721594679E17FC5E8225F3F33C6
Malicious:false
Reputation:low
Preview:............................
/home/user/.cache/mozilla/firefox/v9nzj3nw.default/safebrowsing-updating/test-malware-simple.sbstore
Process:/usr/lib/firefox/firefox
File Type:data
Size (bytes):232
Entropy (8bit):3.3683561037768297
Encrypted:false
MD5:3675254E341DF799D4307C1F59109185
SHA1:8711844A41A4ACE77BA0A01A4D3AF2B2E59E6A75
SHA-256:23D108134BED6099793F7DD6B8B6E62081EC3B945EFDBC7C5E0E779FD9B82F98
SHA-512:9344CA1456E1E74A4DAC833E0AF55DB9730F8AB2954A855B4A775A938B2055C86EFF367F25BAE80F2FFEA45ACEBADE10A8347ADD18222E715620DD864F2D8E4F
Malicious:false
Reputation:low
Preview:;.1.....................................x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x........B.WG..a..E.+`D8.....a. ...D...q......w...X.Z.Z...~.
/home/user/.cache/mozilla/firefox/v9nzj3nw.default/safebrowsing-updating/test-phish-simple-1.sbstore
Process:/usr/lib/firefox/firefox
File Type:data
Size (bytes):232
Entropy (8bit):3.302539208701039
Encrypted:false
MD5:3D1CE5E50208F0CB3B979186043A548F
SHA1:10C66032C5ACAC22D70670B9302437141E6371EF
SHA-256:1E13D05D482C3D533DC6035AF2B2D6E84749412A5748D1435B70CEC8B312340B
SHA-512:AE2F35C0549C26251053689C90CE831F0C5742D6F7C1DC13482560B02FB4A6029F107E472FCB26BF41B4E89E47559490F5DA049D5B51864A3C4C2C2AE3F588C2
Malicious:false
Reputation:low
Preview:;.1.....................................x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x........Y.......j..}`A=F......c..5.......T...8|..d.|..{
/home/user/.cache/mozilla/firefox/v9nzj3nw.default/safebrowsing-updating/test-phish-simple.pset
Process:/usr/lib/firefox/firefox
File Type:data
Size (bytes):28
Entropy (8bit):0.37123232664087563
Encrypted:false
MD5:E2CECF06A89B4A6D968486F17F30DA5D
SHA1:46757A7F71DCFBEB5511665F123810148727324E
SHA-256:E6B10FF8681FB7461557E6227D036617C7ECFC6E31A35412F8A5F72C217F318B
SHA-512:5CFFECE9AF2B403AE150E8D2E755E7E3A71BDDED474293D846CD1A6231C1403261F4B5E6069A0A933738D5CC33F7EA8CC043C721594679E17FC5E8225F3F33C6
Malicious:false
Reputation:low
Preview:............................
/home/user/.cache/mozilla/firefox/v9nzj3nw.default/safebrowsing-updating/test-phish-simple.sbstore
Process:/usr/lib/firefox/firefox
File Type:data
Size (bytes):232
Entropy (8bit):3.302539208701039
Encrypted:false
MD5:3D1CE5E50208F0CB3B979186043A548F
SHA1:10C66032C5ACAC22D70670B9302437141E6371EF
SHA-256:1E13D05D482C3D533DC6035AF2B2D6E84749412A5748D1435B70CEC8B312340B
SHA-512:AE2F35C0549C26251053689C90CE831F0C5742D6F7C1DC13482560B02FB4A6029F107E472FCB26BF41B4E89E47559490F5DA049D5B51864A3C4C2C2AE3F588C2
Malicious:false
Reputation:low
Preview:;.1.....................................x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x........Y.......j..}`A=F......c..5.......T...8|..d.|..{
/home/user/.cache/mozilla/firefox/v9nzj3nw.default/safebrowsing-updating/test-track-simple-1.sbstore
Process:/usr/lib/firefox/firefox
File Type:data
Size (bytes):272
Entropy (8bit):3.9834161156862735
Encrypted:false
MD5:95F28EDE25C301301F25FBBD9A3C56EC
SHA1:80F7D95AFC0DE8C608F672A6837C664EF847BCD5
SHA-256:87763DF78772F7D750B0FA5A31EEC23E931FD3BD1CBB33BEDDFC61889DA36478
SHA-512:C6E09C76840DDEA559E243E5C13881CFBCDCC7B0C2163461FDCCE1F3F5110E2B0BB553DE447A4E1E0D5EDF516EEEE2FAD5EFC15C398E101EF3C81501E55320AF
Malicious:false
Reputation:low
Preview:;.1.........................................x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x.......Ik...Xf2.h.J.^..P>.A.:..I%8]........=(K_..W..{...L.w...:7.&.PH..26....U.]..)..{6....(.
/home/user/.cache/mozilla/firefox/v9nzj3nw.default/safebrowsing-updating/test-track-simple.pset
Process:/usr/lib/firefox/firefox
File Type:data
Size (bytes):28
Entropy (8bit):0.37123232664087563
Encrypted:false
MD5:E2CECF06A89B4A6D968486F17F30DA5D
SHA1:46757A7F71DCFBEB5511665F123810148727324E
SHA-256:E6B10FF8681FB7461557E6227D036617C7ECFC6E31A35412F8A5F72C217F318B
SHA-512:5CFFECE9AF2B403AE150E8D2E755E7E3A71BDDED474293D846CD1A6231C1403261F4B5E6069A0A933738D5CC33F7EA8CC043C721594679E17FC5E8225F3F33C6
Malicious:false
Reputation:low
Preview:............................
/home/user/.cache/mozilla/firefox/v9nzj3nw.default/safebrowsing-updating/test-track-simple.sbstore
Process:/usr/lib/firefox/firefox
File Type:data
Size (bytes):272
Entropy (8bit):3.9834161156862735
Encrypted:false
MD5:95F28EDE25C301301F25FBBD9A3C56EC
SHA1:80F7D95AFC0DE8C608F672A6837C664EF847BCD5
SHA-256:87763DF78772F7D750B0FA5A31EEC23E931FD3BD1CBB33BEDDFC61889DA36478
SHA-512:C6E09C76840DDEA559E243E5C13881CFBCDCC7B0C2163461FDCCE1F3F5110E2B0BB553DE447A4E1E0D5EDF516EEEE2FAD5EFC15C398E101EF3C81501E55320AF
Malicious:false
Reputation:low
Preview:;.1.........................................x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x.......Ik...Xf2.h.J.^..P>.A.:..I%8]........=(K_..W..{...L.w...:7.&.PH..26....U.]..)..{6....(.
/home/user/.cache/mozilla/firefox/v9nzj3nw.default/safebrowsing-updating/test-trackwhite-simple-1.sbstore
Process:/usr/lib/firefox/firefox
File Type:data
Size (bytes):232
Entropy (8bit):3.4079994338327437
Encrypted:false
MD5:65E942614EEE70680464AC4BE75019FC
SHA1:7CA1B5994684A7FE37A61BC350A1FA8A89BF91DA
SHA-256:34395085DA32C8B4EFE9959E3B0D756B43FFED17694D66F39B966CD331BD9A94
SHA-512:55B09573C235876D0CB4E6C20070CD1954CF1EB94F513A94985896237A350E48FCD47C88D5EC9632AB9D0AED4A59C250E69F59A59ED88F2A0AEB6734302744A9
Malicious:false
Reputation:low
Preview:;.1.....................................x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x........=Q.IU`.G...>...u..X...7...k6.b....k:u.z*N._)8.EhnZ
/home/user/.cache/mozilla/firefox/v9nzj3nw.default/safebrowsing-updating/test-trackwhite-simple.pset
Process:/usr/lib/firefox/firefox
File Type:data
Size (bytes):28
Entropy (8bit):0.37123232664087563
Encrypted:false
MD5:E2CECF06A89B4A6D968486F17F30DA5D
SHA1:46757A7F71DCFBEB5511665F123810148727324E
SHA-256:E6B10FF8681FB7461557E6227D036617C7ECFC6E31A35412F8A5F72C217F318B
SHA-512:5CFFECE9AF2B403AE150E8D2E755E7E3A71BDDED474293D846CD1A6231C1403261F4B5E6069A0A933738D5CC33F7EA8CC043C721594679E17FC5E8225F3F33C6
Malicious:false
Reputation:low
Preview:............................
/home/user/.cache/mozilla/firefox/v9nzj3nw.default/safebrowsing-updating/test-trackwhite-simple.sbstore
Process:/usr/lib/firefox/firefox
File Type:data
Size (bytes):232
Entropy (8bit):3.4079994338327437
Encrypted:false
MD5:65E942614EEE70680464AC4BE75019FC
SHA1:7CA1B5994684A7FE37A61BC350A1FA8A89BF91DA
SHA-256:34395085DA32C8B4EFE9959E3B0D756B43FFED17694D66F39B966CD331BD9A94
SHA-512:55B09573C235876D0CB4E6C20070CD1954CF1EB94F513A94985896237A350E48FCD47C88D5EC9632AB9D0AED4A59C250E69F59A59ED88F2A0AEB6734302744A9
Malicious:false
Reputation:low
Preview:;.1.....................................x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x........=Q.IU`.G...>...u..X...7...k6.b....k:u.z*N._)8.EhnZ
/home/user/.cache/mozilla/firefox/v9nzj3nw.default/safebrowsing-updating/test-unwanted-simple-1.sbstore
Process:/usr/lib/firefox/firefox
File Type:data
Size (bytes):232
Entropy (8bit):3.367107760120435
Encrypted:false
MD5:A5695CC64D77967232B0C1344C6E72B3
SHA1:B0F151A5292D4B796668B242BF896FDBB5A24B67
SHA-256:042A22B8681D754671D2018BA109B31A53EE3728D48C6379043F8E3394E7FBAD
SHA-512:C09F56E91B41D01375C458A6CCC3FC0CEDC18696AEC5D7A2520C51905F4D9BC660F3AD28E69D64B3814AEB3279AFC686794C986F0FA6212463F3AAC850D40019
Malicious:false
Reputation:low
Preview:;.1.....................................x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x.......^......R..U:N......LgY.u.l..H.Z....N?^c.d...].1. b
/home/user/.cache/mozilla/firefox/v9nzj3nw.default/safebrowsing-updating/test-unwanted-simple.pset
Process:/usr/lib/firefox/firefox
File Type:data
Size (bytes):28
Entropy (8bit):0.37123232664087563
Encrypted:false
MD5:E2CECF06A89B4A6D968486F17F30DA5D
SHA1:46757A7F71DCFBEB5511665F123810148727324E
SHA-256:E6B10FF8681FB7461557E6227D036617C7ECFC6E31A35412F8A5F72C217F318B
SHA-512:5CFFECE9AF2B403AE150E8D2E755E7E3A71BDDED474293D846CD1A6231C1403261F4B5E6069A0A933738D5CC33F7EA8CC043C721594679E17FC5E8225F3F33C6
Malicious:false
Reputation:low
Preview:............................
/home/user/.cache/mozilla/firefox/v9nzj3nw.default/safebrowsing-updating/test-unwanted-simple.sbstore
Process:/usr/lib/firefox/firefox
File Type:data
Size (bytes):232
Entropy (8bit):3.367107760120435
Encrypted:false
MD5:A5695CC64D77967232B0C1344C6E72B3
SHA1:B0F151A5292D4B796668B242BF896FDBB5A24B67
SHA-256:042A22B8681D754671D2018BA109B31A53EE3728D48C6379043F8E3394E7FBAD
SHA-512:C09F56E91B41D01375C458A6CCC3FC0CEDC18696AEC5D7A2520C51905F4D9BC660F3AD28E69D64B3814AEB3279AFC686794C986F0FA6212463F3AAC850D40019
Malicious:false
Reputation:low
Preview:;.1.....................................x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x.......^......R..U:N......LgY.u.l..H.Z....N?^c.d...].1. b
/home/user/.cache/mozilla/firefox/v9nzj3nw.default/startupCache/scriptCache-child-new.bin
Process:/usr/lib/firefox/firefox
File Type:data
Size (bytes):200373
Entropy (8bit):3.8326026563749935
Encrypted:false
MD5:0AD03DD8CA298F395A86277F4ED4924F
SHA1:989F09017845B9A816C3D93CCCEEEDA3E4B65129
SHA-256:57126239E12EAE538B1A432D6D2E38ED066D68001F0CD6BF37F649B9971FE2EE
SHA-512:7547FE8F9082A53C07B86B3F0ABE9659EF6DF26BB45C30994AAD79E317A1F0290D0D0F3D4CAF1B25196F1D6A6089E2BBB5D1EB864ABD1D50E867286704E0DE71
Malicious:false
Reputation:low
Preview:mozXDRcachev001.,...*.chrome://global/content/process-content.js*.chrome://global/content/process-content.js.........'.resource:///modules/ContentObservers.js'.resource:///modules/ContentObservers.js...........chrome://satchel/content/formSubmitListener.js..chrome://satchel/content/formSubmitListener.jsf:..W-...*.chrome://global/content/browser-content.js*.chrome://global/content/browser-content.js.g...<...(.resource://gre/modules/addons/Content.js(.resource://gre/modules/addons/Content.js....G....9.resource://devtools/client/jsonview/converter-observer.js9.resource://devtools/client/jsonview/converter-observer.js....CF...(.resource://pdf.js/pdfjschildbootstrap.js(.resource://pdf.js/pdfjschildbootstrap.js?........0.resource://pdf.js/pdfjschildbootstrap-enabled.js0.resource://pdf.js/pdfjschildbootstrap-enabled.js.............201803131327473...........B.........................................h......./.*. .T.h.i.s. .S.o.u.r.c.e. .C.o.d.e. .F.o.r.m. .i.s. .s.u.b.j.e.c.t. .t.o. .t.h.e. .t.
/home/user/.cache/mozilla/firefox/v9nzj3nw.default/startupCache/scriptCache-new.bin
Process:/usr/lib/firefox/firefox
File Type:data
Size (bytes):4656083
Entropy (8bit):5.07686916928478
Encrypted:false
MD5:6F3F4EB3206560698963A50B67632241
SHA1:8C52AAD5FCCB91F8065295D001DCE0EBDC30C950
SHA-256:363E1227E8DD94E0D6DF73E06DAF172570C5F672ED6425EA0F224DC1CE967A01
SHA-512:5F86347FC626997B08E38CD45CB7B6FA81584F0266BF067F21F994B34993340B7681ADDC64546589857D518923E7289FC28EB688CB323981A92180DA391DAD11
Malicious:false
Reputation:low
Preview:mozXDRcachev001..R..G.jar:file:///usr/lib/firefox/omni.ja!/components/MainProcessSingleton.jsF.jsloader/non-syntactic/resource/gre/components/MainProcessSingleton.js.........#.resource://gre/modules/Services.jsm8.jsloader/non-syntactic/resource/gre/modules/Services.jsm.....#...'.resource://gre/modules/AppConstants.jsm<.jsloader/non-syntactic/resource/gre/modules/AppConstants.jsm.5..g....%.resource://gre/modules/XPCOMUtils.jsm:.jsloader/non-syntactic/resource/gre/modules/XPCOMUtils.jsm.J..lV...,.resource://gre/modules/RemotePageManager.jsmA.jsloader/non-syntactic/resource/gre/modules/RemotePageManager.jsmW....u...A.jar:file:///usr/lib/firefox/omni.ja!/components/PushComponents.js@.jsloader/non-syntactic/resource/gre/components/PushComponents.jsW..."m...N.jar:file:///usr/lib/firefox/browser/omni.ja!/components/WebContentConverter.jsE.jsloader/non-syntactic/resource/app/components/WebContentConverter.jsy........H.jar:file:///usr/lib/firefox/browser/omni.ja!/components/nsBrowserGlue.js?.js
/home/user/.cache/mozilla/firefox/v9nzj3nw.default/startupCache/urlCache-new.bin
Process:/usr/lib/firefox/firefox
File Type:data
Size (bytes):3075
Entropy (8bit):4.68289272797251
Encrypted:false
MD5:6FA3F435A1C2A2A695526B4BD24A9D9C
SHA1:59D0622EA27A4C614571C9B35BF60F513B2EDDA5
SHA-256:C377ED1E0402CA29C42F0654E505B345029F789D467B6413801A48026F36E42E
SHA-512:6F06CD1A80C23CDA30314B1174F26BFFC42EA3412AE940391DB82A7EF467F92BCDE59E89A82FEEB080097D7EB90C470F029039955B87316A42E03C23536F460A
Malicious:false
Reputation:low
Preview:mozURLcachev002......-.chrome/en-US/locale/branding/brand.properties.5./home/user/.mozilla/firefox/v9nzj3nw.default/prefs.js.4./home/user/.mozilla/firefox/v9nzj3nw.default/user.js.B./home/user/.mozilla/firefox/v9nzj3nw.default/addonStartup.json.lz4.5.chrome/toolkit/pluginproblem/pluginProblemBinding.css.3.chrome/en-US/locale/en-US/global/plugins.properties.$.chrome/toolkit/res/counterstyles.css...chrome/toolkit/res/html.css./.chrome/en-US/locale/en-US/global/css.properties.-.chrome/toolkit/content/global/minimal-xul.css...chrome/toolkit/res/quirk.css...res/svg.css.%.chrome/toolkit/content/global/xul.css.1.chrome/toolkit/skin/classic/global/scrollbars.css.%.chrome/toolkit/res/number-control.css...chrome/toolkit/res/forms.css...chrome/toolkit/res/noscript.css...chrome/toolkit/res/ua.css.../usr/lib/firefox/distribution/distribution.ini...greprefs.js...defaults/pref/services-sync.js...defaults/pref/marionette.js.,./usr/lib/firefox/defaults/pref/vendor-gre.js././usr/lib/firefox/defaults/pre
/home/user/.mozilla/firefox/v9nzj3nw.default/cookies.sqlite-shm
Process:/usr/lib/firefox/firefox
File Type:data
Size (bytes):16
Entropy (8bit):0.0
Encrypted:false
MD5:4AE71336E44BF9BF79D2752E234818A5
SHA1:E129F27C5103BC5CC44BCDF0A15E160D445066FF
SHA-256:374708FFF7719DD5979EC875D56CD2286F6D3CF7EC317A3B25632AAB28EC37BB
SHA-512:0B6CBAC838DFE7F47EA1BD0DF00EC282FDF45510C92161072CCFB84035390C4DA743D9C3B954EAA1B0F86FC9861B23CC6C8667AB232C11C686432EBB5C8C3F27
Malicious:false
Reputation:low
Preview:................
/home/user/.mozilla/firefox/v9nzj3nw.default/cookies.sqlite-wal
Process:/usr/lib/firefox/firefox
File Type:SQLite Write-Ahead Log, version 3007000
Size (bytes):32824
Entropy (8bit):0.1842290844292522
Encrypted:false
MD5:5D12B42087A28CC443B6745F54724B3E
SHA1:AAA1499F653379C45D172A79E5D5EC73F98FED06
SHA-256:E648BDF198D9D75EF0FBD76EC61BA0CBC531FF3A6ED12114F9C69BA8321FBC0A
SHA-512:65081ACA3AE60DBC1F09178A891E994999D7BBB1246D7BED91BF99F4E5993051689B5B42C9814FEBF59100347DBF0D7785190A384D0EEFBE0D61F6E238D82C5C
Malicious:false
Reputation:low
Preview:7....-..............;...Z..b..............;...OK0.#.S.....~s..w..~.~s................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
/home/user/.mozilla/firefox/v9nzj3nw.default/crashes/store.json.mozlz4.tmp
Process:/usr/lib/firefox/firefox
File Type:data
Size (bytes):66
Entropy (8bit):4.837595020998689
Encrypted:false
MD5:A6338865EB252D0EF8FCF11FA9AF3F0D
SHA1:CECDD4C4DCAE10C2FFC8EB938121B6231DE48CD3
SHA-256:078648C042B9B08483CE246B7F01371072541A2E90D1BEB0C8009A6118CBD965
SHA-512:D950227AC83F4E8246D73F9F35C19E88CE65D0CA5F1EF8CCBB02ED6EFC66B1B7E683E2BA0200279D7CA4B49831FD8C3CEB0584265B10ACCFF2611EC1CA8C0C6C
Malicious:false
Reputation:low
Preview:mozLz40.8.....{"v":1,"crashes":{},"countsByDay....rruptDate":null}
/home/user/.mozilla/firefox/v9nzj3nw.default/datareporting/aborted-session-ping.tmp
Process:/usr/lib/firefox/firefox
File Type:ASCII text, with very long lines, with no line terminators
Size (bytes):20103
Entropy (8bit):5.221151060118858
Encrypted:false
MD5:97747B7AB2778E56D219FC8F73A27967
SHA1:EAB1CA2400EA99AF438A09AD6E84609A63A13503
SHA-256:02374BA170FD06E0EB89FBF44749601A8112E544023A3811E5F89EF240348926
SHA-512:AE795363124130305D1AA737243BA8BED882A5B1A9093088E974434DF3396CF66B3950B30EC6CBB7DBE742799F22FFBC61C281968850067AC266AC80E093574E
Malicious:false
Reputation:low
Preview:{"type":"main","id":"5916028f-6fe9-462f-a1a1-f005211e254e","creationDate":"2019-06-12T23:15:54.686Z","version":4,"application":{"architecture":"x86-64","buildId":"20180313132747","name":"Firefox","version":"59.0","displayVersion":"59.0","vendor":"Mozilla","platformVersion":"59.0","xpcomAbi":"x86_64-gcc3","channel":"release"},"payload":{"ver":4,"simpleMeasurements":{"totalTime":61,"uptime":1,"start":8,"main":53,"selectProfile":118,"afterProfileLocked":118,"startupCrashDetectionBegin":482,"startupCrashDetectionEnd":32964,"firstPaint":2935,"sessionRestoreInit":810,"sessionRestored":1775,"createTopLevelWindow":833,"firstLoadURI":2335,"AMI_startup_begin":507,"XPI_startup_begin":527,"XPI_bootstrap_addons_begin":557,"XPI_bootstrap_addons_end":625,"XPI_startup_end":627,"AMI_startup_end":631,"XPI_finalUIStartup":809,"sessionRestoreInitialized":823,"delayedStartupStarted":1439,"delayedStartupFinished":1521,"startupInterrupted":0,"js":{},"maximalNumberOfConcurrentThreads":43,"debuggerAttached":0,
/home/user/.mozilla/firefox/v9nzj3nw.default/datareporting/session-state.json.tmp
Process:/usr/lib/firefox/firefox
File Type:ASCII text, with no line terminators
Size (bytes):161
Entropy (8bit):4.8896078685747835
Encrypted:false
MD5:8D8F38835041420AFDD58BF15825A5F8
SHA1:DE9DA74B6D950A456D09EA4EAAC321CB93B705F6
SHA-256:BDE0235B92D0A106064336025057AF8BF6FF439B5DBE28131107111DC00FF2F7
SHA-512:712A484BE28F16F88CAF20CA5E184F3C6CADC28801251A781AACBB8A19F33DD8A2D87074FE8694579961899858763A54896677B62B1537A2D245CE71148292D6
Malicious:false
Reputation:low
Preview:{"sessionId":"d30dc1c0-8135-4748-b371-6800a45fbef0","subsessionId":"5e3b8a5a-60d9-4168-bb88-25c17f77f0d1","profileSubsessionCounter":3,"newProfilePingSent":true}
/home/user/.mozilla/firefox/v9nzj3nw.default/favicons.sqlite-shm
Process:/usr/lib/firefox/firefox
File Type:data
Size (bytes):8
Entropy (8bit):0.0
Encrypted:false
MD5:7DEA362B3FAC8E00956A4952A3D4F474
SHA1:05FE405753166F125559E7C9AC558654F107C7E9
SHA-256:AF5570F5A1810B7AF78CAF4BC70A660F0DF51E42BAF91D4DE5B2328DE0E83DFC
SHA-512:1B7409CCF0D5A34D3A77EAABFA9FE27427655BE9297127EE9522AA1BF4046D4F945983678169CB1A7348EDCAC47EF0D9E2C924130E5BCC5F0D94937852C42F1B
Malicious:false
Reputation:low
Preview:........
/home/user/.mozilla/firefox/v9nzj3nw.default/gmp-gmpopenh264/1.7.1/gmpopenh264.info.tmp
Process:/usr/lib/firefox/firefox
File Type:ASCII text
Size (bytes):116
Entropy (8bit):4.968220104601006
Encrypted:false
MD5:18DCAB996BC5FDE1B1699C4B5C115E29
SHA1:5B6969A59C802024DC13FBFAED301B4E617C1520
SHA-256:4E350386F5EEB397E2F0B663103EDD5321B4144F78A6DF15150888386E2256DA
SHA-512:DBAEE7C16E3E54DA2B4EDCE03D23BC4A6B7CE95AE46160C2963D8631078C870F364133E6FD2EA2A632574CEEB0CBA92726C9C28033775C53B8C9A8C2ECF52830
Malicious:false
Reputation:low
Preview:Name: gmpopenh264.Description: GMP Plugin for OpenH264..Version: 1.7.1.APIs: encode-video[h264], decode-video[h264].
/home/user/.mozilla/firefox/v9nzj3nw.default/gmp-gmpopenh264/1.7.1/libgmpopenh264.so.tmp
Process:/usr/lib/firefox/firefox
File Type:ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=a6f7711a0f3110c0daf8b925630d2ba49053bb97, not stripped
Size (bytes):1407459
Entropy (8bit):6.423199953068698
Encrypted:false
MD5:8AD0417E69B0421D6B8110D082FDA153
SHA1:C1F346D3B3D1CC0CAAB32AA435C45E6790352276
SHA-256:513277B94FD0B36C63E3ED0D29519D68C3AAA7358F191363AAD1E408CCCFD05D
SHA-512:49CD61893EA41A8D76A8D68400E21E5D82B93631D4A192520BD91C26D124AE96A6E667938E8FC5002FDF268BE88E8CB9EB35AE6F4BA1B362F982969090F41E09
Malicious:false
Reputation:low
Preview:.ELF..............>.....0.......@.......@...........@.8...@......................................Q.......Q........ ..............Q.......Q2......Q2.....DQ......0S........ .............`s......`s2.....`s2.............................................................$.......$...............P.td....`3......`3......`3.......,.......,..............Q.td................................................................GNU...q..1.....%c.+..S..........H............-.:......R..D...A.....#...... ..`u........a..J.A..@"@....@....H$.B.!..1.A.$.......P.-..@.C..I(4`.@.E0.p.B @..z..B..P..$b..4.H......H..$.:.0.... ...R......`...$..,.0.(2x.`..@.........d.....B..M..0..#.B....$....0..........@... .H$...... (].`A....@...B..@,.A...."..F.."..IR!..........1.C............H.....P@ ..$......&. .*....B.....r...`...`H..2.....@ .@........ 0..6`.@U...@. &.).D...@."..* .n......!.........P.A..0F.......F! .....(....!....$P...B.......b............@.......R&.... ..1....D....AW............L(.................B...(.....
/home/user/.mozilla/firefox/v9nzj3nw.default/places.sqlite-shm
Process:/usr/lib/firefox/firefox
File Type:data
Size (bytes):8
Entropy (8bit):0.0
Encrypted:false
MD5:7DEA362B3FAC8E00956A4952A3D4F474
SHA1:05FE405753166F125559E7C9AC558654F107C7E9
SHA-256:AF5570F5A1810B7AF78CAF4BC70A660F0DF51E42BAF91D4DE5B2328DE0E83DFC
SHA-512:1B7409CCF0D5A34D3A77EAABFA9FE27427655BE9297127EE9522AA1BF4046D4F945983678169CB1A7348EDCAC47EF0D9E2C924130E5BCC5F0D94937852C42F1B
Malicious:false
Reputation:low
Preview:........
/home/user/.mozilla/firefox/v9nzj3nw.default/prefs-1.js
Process:/usr/lib/firefox/firefox
File Type:ASCII text, with very long lines
Size (bytes):64748
Entropy (8bit):5.117371888323629
Encrypted:false
MD5:F01D44D6E347D5EC238949F6B11FB776
SHA1:695A8AEDD2DCD3D6CEAB5595E3B0CEDAE70A087F
SHA-256:88D06477C953A96871B2A9806C6EFFF30E5773E2556304C8A5EB1578C4F6F6DF
SHA-512:AD9986989E2FC4CBC67959590E31CC45D3F3F6DB770D833193FFD638639505D0C1497590A6F0A375C0FC05DD117C59AC2B30E0BEF41DA278912D1DD70B6F895C
Malicious:false
Reputation:low
Preview:# Mozilla User Preferences../* Do not edit this file.. *. * If you make changes to this file while the application is running,. * the changes will be overwritten when the application exits.. *. * To make a manual change to preferences, you can visit the URL about:config. */..user_pref("app.shield.optoutstudies.enabled", false);.user_pref("app.update.lastUpdateTime.addon-background-update-timer", 0);.user_pref("app.update.lastUpdateTime.blocklist-background-update-timer", 0);.user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 1525682093);.user_pref("app.update.lastUpdateTime.experiments-update-timer", 0);.user_pref("app.update.lastUpdateTime.recipe-client-addon-run", 0);.user_pref("app.update.lastUpdateTime.search-engine-update-timer", 1525682130);.user_pref("app.update.lastUpdateTime.xpi-signature-verification", 0);.user_pref("app.update.url", "");.user_pref("browser.bookmarks.restore_default_bookmarks", false);.user_pref("browser.cache.disk.capacity", 358400);.user_pref
/home/user/.mozilla/firefox/v9nzj3nw.default/search.json.mozlz4.tmp
Process:/usr/lib/firefox/firefox
File Type:data
Size (bytes):11085
Entropy (8bit):6.669296103042226
Encrypted:false
MD5:16C38B7522AEEBE8241ED79E29A2D174
SHA1:AD63C9CEC4E0E8458441A57F3584CE61ED8BA9E1
SHA-256:0320B52AC22C7AFAA78DAF5D5B68E51D4A1D1410BF5E3511BEE0A7C3F4D22CCF
SHA-512:A0255A1ECDE4EC2BDCDE00A763BF3444526B35D91B199C2454A8DFAECE3A40A9A4532C448A96B10F90D024AC322F352C7172F86BD1CAD321E69805AE66AAEE8B
Malicious:false
Reputation:low
Preview:mozLz40.]P....{"version":1,"buildID":"20180313132747","appV*..t"59.0","locale":"en-US","visibleDefaultEngines":["amazondotcom","bing","ebay-ch","google","twitter","wikipedia","ddg"],"metaData":{k...j..,h..,f..,d..,b..,`.0,dd...Q...-Hash":"1vAuGhBxMZHaDKKvDQf2sRBOp64H1ZmZbt0MZctw/KU=","search....xpir":1560467696904},"e..`{"_namG..G..r_shortN......","_loadPat....[distribution]/r..plugins/.../.../?.@.xmlI.`escrip5..p.! S...a.._H...Form":null,"_iconURL":"data:image/x-....;base64,AAABAAIAEBAAAAEAIABo..pJgAAACA..`BACAAq..rI4EAAAo*.. ..... .............P///zD9/f2W/f392P39/fn9/f35...1/39/ZT+/v4uT..`/v7+Cf0./n/....0.lX///8I`..P.!cHO...+v35/7TZp/92ul3/WKs6/1iqOv9yuFn/rNWd//j79v/.."f3...wC............7PXp/3G3WP9TqDT/U6g0/1OoN...+Or1j//vDoY../0. VA...@....@+vz5P."V/P...WKo6/6LQkf/U6cz/1urO/6rUm/+Zo0r/8IZB//adZ>. v7...///7+/i7`..Y....4nWzf9Lqkj/Vqo4/9Xqz.......ebY//SHRv/0hUL//NjD#..P..U...<...8sxPH/Ebzt/43Rs........4roL/9IVC//i1jf-.. .!fr...Cr37/wW8+/+16/......@.3SFQ.....03pn.........6..../wu++/8Fv
/home/user/.mozilla/firefox/v9nzj3nw.default/sessionCheckpoints.json.tmp
Process:/usr/lib/firefox/firefox
File Type:ASCII text, with no line terminators
Size (bytes):143
Entropy (8bit):4.223691028533093
Encrypted:false
MD5:C0E4C22C50DD21142F57714EF49B8713
SHA1:06B77307DCA5C889EA279243E74730CBC10801BE
SHA-256:6FE46B65B76B3DF32D8392853740B35ED75B6E23F4FBD6F45F3EFA1D496E6717
SHA-512:A4516B4F15EDB429F7B8CE3EA709D3777BFCC590838B1E113147E6BFB4DF0F34F0F2B24F6185D4E4277A77F75711BB470461B86AA507921AF037A6D22DF9278E
Malicious:false
Reputation:low
Preview:{"profile-after-change":true,"final-ui-startup":true}{"profile-after-change":true,"final-ui-startup":true,"sessionstore-windows-restored":true}
/home/user/.mozilla/firefox/v9nzj3nw.default/storage/permanent/chrome/idb/2918063365piupsah.sqlite-shm
Process:/usr/lib/firefox/firefox
File Type:data
Size (bytes):16
Entropy (8bit):0.0
Encrypted:false
MD5:4AE71336E44BF9BF79D2752E234818A5
SHA1:E129F27C5103BC5CC44BCDF0A15E160D445066FF
SHA-256:374708FFF7719DD5979EC875D56CD2286F6D3CF7EC317A3B25632AAB28EC37BB
SHA-512:0B6CBAC838DFE7F47EA1BD0DF00EC282FDF45510C92161072CCFB84035390C4DA743D9C3B954EAA1B0F86FC9861B23CC6C8667AB232C11C686432EBB5C8C3F27
Malicious:false
Reputation:low
Preview:................
/home/user/.mozilla/firefox/v9nzj3nw.default/storage/permanent/chrome/idb/3561288849sdhlie.sqlite-shm
Process:/usr/lib/firefox/firefox
File Type:data
Size (bytes):32
Entropy (8bit):0.0
Encrypted:false
MD5:70BC8F4B72A86921468BF8E8441DCE51
SHA1: