Linux Analysis Report
https://correros.top/es

ID:	1428122
Product:	CloudBasic
Start time:	15:33:55
Start date:	18.04.2024
Cookbook:	browseurl.jbs
System description:	Ubuntu Linux 16.04 x64 (Kernel 4.4.0-116, Firefox 88.0, Document Viewer 3.18.2, LibreOffice 5.1.6.2, OpenJDK 1.8.0_171)
Architecture:	LINUX

Name	Type	MD5	SHA1	SHA256
/home/james/.cache/dconf/user	very short file (no magic)	93B885ADFE0DA089CDF634904FD59F71	5BA93C9DB0CFF93F52B521D7420E43F6EDA2784F	6E340B9CFFB37A989CA544E6BB780A2C78901D3FB33738768511A30617AFA01D
/home/james/.cache/mozilla/firefox/5zxot757.default/cache2/entries/1219C48A0A068C2295F75CE8A52C12FE06F6C10B	data	F803D6D8B30BB31B57F78C231125F17D	BE7A365A0F30854D19EE53E38CE659055C5839A2	C8DA191CE553040BF800B7CC532C3DF313E4777E81265509E90AFCEC6041F6E6
/home/james/.cache/mozilla/firefox/5zxot757.default/cache2/entries/34240C7DC72E83783C59D6BD827D189D629A4F48	data	AE517F913D19F8E7EE6D14116F182DA4	21C33F7B9733A35EAAC4FBAFC4A9D993856AF0E9	1A87ABC191DC12317A74C70ACD67F29282D808D3DF19DD73E1653259852B62C3
/home/james/.cache/mozilla/firefox/5zxot757.default/cache2/entries/4098689E1EA45FF0094F1C8088E49251FFFF7585	data	D88B756676264AD962323427E30F4748	3DF36B11E076D38B11347FF82AC13FF65C3325D8	70B52A47CD6EA5E0F59B4AA5759331EF79C07D88FA1B5D94A125B0A57536A40C
/home/james/.cache/mozilla/firefox/5zxot757.default/cache2/entries/6636573CF5AFDF8A7F35DFA2B3C8E197EF2C586A	data	37916C13505E0D2F5C29E2F60FD358C1	1B051B7D0751281A04B3853F761B1356F18D447E	48F1E0168F41162C64BAC5D6D9995ED732F19966D3D072866A8C08DE46B16613
/home/james/.cache/mozilla/firefox/5zxot757.default/cache2/entries/88501EF5595DDA9CF633105C8280693B0F4E93C5	Zip archive data, at least v2.0 to extract, compression method=deflate	F5894444778E1299212242D1C73A6930	2F632AA5C0483C954D9A36B4BF6DB3BC24110993	97C76D9A654A788BCB757E181D001C67DCED1917371CD4792BE29F2FFCD68383
/home/james/.cache/mozilla/firefox/5zxot757.default/cache2/entries/C389DE279BF5275924497D5B33D1F1900116E591	JSON data	E74F1D05BC4ED395A514DCBF28FD92AA	0F96D89102E0B68E9973F353276AE7DEBE017A40	882163B5164C1E0227BF5FC6866DD8DE34A2F2B9C94310971E18EB570AF24C14
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/allow-flashallow-digest256.pset	data	076933FF9904D1110D896E2C525E39E5	4188442577FA77F25820D9B2D01CC446E30684AC	4CBBD8CA5215B8D161AEC181A74B694F4E24B001D5B081DC0030ED797A8973E0
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/allow-flashallow-digest256.sbstore	data	D886A47C89D9C49C795DA345BC236990	59E863E0D2B4E428D8C738D48FA0F6F7BAC36849	A03C5E2656D2F292BF5794C8EEB8D223CD6BA4F4BFB2ED1F325460E879D0BCF7
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/base-track-digest256.pset	data	076933FF9904D1110D896E2C525E39E5	4188442577FA77F25820D9B2D01CC446E30684AC	4CBBD8CA5215B8D161AEC181A74B694F4E24B001D5B081DC0030ED797A8973E0
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/base-track-digest256.sbstore	data	60985C9439E7E254CA4EAD41AD1EFF32	184C8B3263D678D854F7B05FC41FDD3267A46FD6	5DA0A3FFC814575410D0F58D9647944AF4EB0809BE9E3475CD96B94DC2B14B56
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/block-flash-digest256.pset	data	076933FF9904D1110D896E2C525E39E5	4188442577FA77F25820D9B2D01CC446E30684AC	4CBBD8CA5215B8D161AEC181A74B694F4E24B001D5B081DC0030ED797A8973E0
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/block-flash-digest256.sbstore	data	0E8FE60CCD7E9B4C32589A5743A95302	190F3BC536C9489C707AE31DA32BF86947EA5D78	2B124D4026850A3CFFD28DBACB58AEC28F7DCD4D40BC14E52BBE96D60CE4E749
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/block-flashsubdoc-digest256.pset	data	076933FF9904D1110D896E2C525E39E5	4188442577FA77F25820D9B2D01CC446E30684AC	4CBBD8CA5215B8D161AEC181A74B694F4E24B001D5B081DC0030ED797A8973E0
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/block-flashsubdoc-digest256.sbstore	data	04824A1F92353F43EBB9E7F74B7476FD	C2636E8FFA8A5256D7D1F21E147101356E783114	B48E58EBAB82E4C376F16150A3FFF850C1111FF1F5985D68819CFD6F0DB159D2
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/except-flash-digest256.pset	data	076933FF9904D1110D896E2C525E39E5	4188442577FA77F25820D9B2D01CC446E30684AC	4CBBD8CA5215B8D161AEC181A74B694F4E24B001D5B081DC0030ED797A8973E0
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/except-flash-digest256.sbstore	data	C921D8E98FA01B4F303481E112202E92	9D23B452AD0D06C355477CF70E3AA5D0ADFE6278	4EF1038730EC8BC7206713C29A936768831B922C5E6C83355FD62D7401D8C1DC
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/except-flashallow-digest256.pset	data	076933FF9904D1110D896E2C525E39E5	4188442577FA77F25820D9B2D01CC446E30684AC	4CBBD8CA5215B8D161AEC181A74B694F4E24B001D5B081DC0030ED797A8973E0
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/except-flashallow-digest256.sbstore	data	6F85BC4B2ECB49E26B0BD83A821065D0	4DF430B4D63605E41855DBCB3837A189D4CC7604	C0B3BC9B3DC507AB654CAF72D13C3AEFA58C9B13B1E4D14DD8816712D80A7E54
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/except-flashsubdoc-digest256.pset	data	076933FF9904D1110D896E2C525E39E5	4188442577FA77F25820D9B2D01CC446E30684AC	4CBBD8CA5215B8D161AEC181A74B694F4E24B001D5B081DC0030ED797A8973E0
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/except-flashsubdoc-digest256.sbstore	data	BA0009932844173BC8F9AF264229DF24	C8F6956FA86F4E9CF71599B735E28860245AE4B5	66D1C00C04D86E313E9A02775CDF906B1BE8D4CD6BEF423A1B9E21CC4E9F50C1
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/mozplugin-block-digest256.pset	data	076933FF9904D1110D896E2C525E39E5	4188442577FA77F25820D9B2D01CC446E30684AC	4CBBD8CA5215B8D161AEC181A74B694F4E24B001D5B081DC0030ED797A8973E0
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/mozplugin-block-digest256.sbstore	data	D6ACF2573E12AFDD7939568804D3FCC1	5C54AD3FF47C6B925E7AC17D361FE0FA60B9181E	5525CBF8F8DC41D19AC632ED324E55293A510AE0EEBA16D0E3F33C707AA58A0C
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/mozstd-trackwhite-digest256.pset	data	076933FF9904D1110D896E2C525E39E5	4188442577FA77F25820D9B2D01CC446E30684AC	4CBBD8CA5215B8D161AEC181A74B694F4E24B001D5B081DC0030ED797A8973E0
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/mozstd-trackwhite-digest256.sbstore	data	845BEDB718B8941F643BB988F640E141	DB9BC33A9C9FF6E6D3651710DC1AC8D387759D24	5083D014CC7E8CFB15D4803429A9AB5FA397E1010CE66D0C8B8215C7FC3C6FDE
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-block-simple-1.sbstore	data	E2CF527CA7550B7E7BDF7311E483A2C3	C354190BB2B8A00A6051EF2FB86E189AB053FE93	F1E07B1D717433F47073DC54A7D98E3E87B3D0FA88E53466F93EA544AF885D11
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-block-simple.pset	data	E2CECF06A89B4A6D968486F17F30DA5D	46757A7F71DCFBEB5511665F123810148727324E	E6B10FF8681FB7461557E6227D036617C7ECFC6E31A35412F8A5F72C217F318B
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-block-simple.sbstore	data	E2CF527CA7550B7E7BDF7311E483A2C3	C354190BB2B8A00A6051EF2FB86E189AB053FE93	F1E07B1D717433F47073DC54A7D98E3E87B3D0FA88E53466F93EA544AF885D11
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-harmful-simple-1.sbstore	data	051FB32DECE757BA112AC36DC72E3A91	A30D26CEE0F69FA67BF9E60BA692F4831373CC07	0806D98FB3DE55F75D7C0B17E26146567E08C483031526659A4A35D09B97EF19
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-harmful-simple.pset	data	E2CECF06A89B4A6D968486F17F30DA5D	46757A7F71DCFBEB5511665F123810148727324E	E6B10FF8681FB7461557E6227D036617C7ECFC6E31A35412F8A5F72C217F318B
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-harmful-simple.sbstore	data	051FB32DECE757BA112AC36DC72E3A91	A30D26CEE0F69FA67BF9E60BA692F4831373CC07	0806D98FB3DE55F75D7C0B17E26146567E08C483031526659A4A35D09B97EF19
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-malware-simple-1.sbstore	data	3675254E341DF799D4307C1F59109185	8711844A41A4ACE77BA0A01A4D3AF2B2E59E6A75	23D108134BED6099793F7DD6B8B6E62081EC3B945EFDBC7C5E0E779FD9B82F98
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-malware-simple.pset	data	E2CECF06A89B4A6D968486F17F30DA5D	46757A7F71DCFBEB5511665F123810148727324E	E6B10FF8681FB7461557E6227D036617C7ECFC6E31A35412F8A5F72C217F318B
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-malware-simple.sbstore	data	3675254E341DF799D4307C1F59109185	8711844A41A4ACE77BA0A01A4D3AF2B2E59E6A75	23D108134BED6099793F7DD6B8B6E62081EC3B945EFDBC7C5E0E779FD9B82F98
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-phish-simple-1.sbstore	data	3D1CE5E50208F0CB3B979186043A548F	10C66032C5ACAC22D70670B9302437141E6371EF	1E13D05D482C3D533DC6035AF2B2D6E84749412A5748D1435B70CEC8B312340B
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-phish-simple.pset	data	E2CECF06A89B4A6D968486F17F30DA5D	46757A7F71DCFBEB5511665F123810148727324E	E6B10FF8681FB7461557E6227D036617C7ECFC6E31A35412F8A5F72C217F318B
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-phish-simple.sbstore	data	3D1CE5E50208F0CB3B979186043A548F	10C66032C5ACAC22D70670B9302437141E6371EF	1E13D05D482C3D533DC6035AF2B2D6E84749412A5748D1435B70CEC8B312340B
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-track-simple-1.sbstore	data	95F28EDE25C301301F25FBBD9A3C56EC	80F7D95AFC0DE8C608F672A6837C664EF847BCD5	87763DF78772F7D750B0FA5A31EEC23E931FD3BD1CBB33BEDDFC61889DA36478
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-track-simple.pset	data	E2CECF06A89B4A6D968486F17F30DA5D	46757A7F71DCFBEB5511665F123810148727324E	E6B10FF8681FB7461557E6227D036617C7ECFC6E31A35412F8A5F72C217F318B
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-track-simple.sbstore	data	95F28EDE25C301301F25FBBD9A3C56EC	80F7D95AFC0DE8C608F672A6837C664EF847BCD5	87763DF78772F7D750B0FA5A31EEC23E931FD3BD1CBB33BEDDFC61889DA36478
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-trackwhite-simple-1.sbstore	data	65E942614EEE70680464AC4BE75019FC	7CA1B5994684A7FE37A61BC350A1FA8A89BF91DA	34395085DA32C8B4EFE9959E3B0D756B43FFED17694D66F39B966CD331BD9A94
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-trackwhite-simple.pset	data	E2CECF06A89B4A6D968486F17F30DA5D	46757A7F71DCFBEB5511665F123810148727324E	E6B10FF8681FB7461557E6227D036617C7ECFC6E31A35412F8A5F72C217F318B
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-trackwhite-simple.sbstore	data	65E942614EEE70680464AC4BE75019FC	7CA1B5994684A7FE37A61BC350A1FA8A89BF91DA	34395085DA32C8B4EFE9959E3B0D756B43FFED17694D66F39B966CD331BD9A94
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-unwanted-simple-1.sbstore	data	A5695CC64D77967232B0C1344C6E72B3	B0F151A5292D4B796668B242BF896FDBB5A24B67	042A22B8681D754671D2018BA109B31A53EE3728D48C6379043F8E3394E7FBAD
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-unwanted-simple.pset	data	E2CECF06A89B4A6D968486F17F30DA5D	46757A7F71DCFBEB5511665F123810148727324E	E6B10FF8681FB7461557E6227D036617C7ECFC6E31A35412F8A5F72C217F318B
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-unwanted-simple.sbstore	data	A5695CC64D77967232B0C1344C6E72B3	B0F151A5292D4B796668B242BF896FDBB5A24B67	042A22B8681D754671D2018BA109B31A53EE3728D48C6379043F8E3394E7FBAD
/home/james/.cache/mozilla/firefox/5zxot757.default/startupCache/scriptCache-child-new.bin	data	A0BA79ECF68E7015BC503A68CC041F65	E38A9CA99DBEFE22328BF175784E4D0E29C5D639	CF1B03F40CB6A6DAD98094FCD2F8B7B407902D0EE0E37DCE1FA72799B1709562
/home/james/.cache/mozilla/firefox/5zxot757.default/startupCache/scriptCache-new.bin	data	BA3ED0CBC8A88BEC3C86228EB0C1460A	E137A99E616D6AEBCC7364C95683DEA90EC8FB02	140269DCC86D10A5D5CE95899C2403509585188B05345CCFEB3AC9181DC22C7A
/home/james/.cache/mozilla/firefox/5zxot757.default/startupCache/urlCache-new.bin	data	1CF57A143B3079F60ABC6B45F4204350	2FEAB37CD8AF6A23E534ECDFFB5EFADF32279748	49187C6854AD1B739DDB8B8EF50358828F76C9E2D569128ED1FC045C3A5FA81D
/home/james/.cache/mozilla/firefox/5zxot757.default/startupCache/webext.sc.lz4.tmp	data	E5A0B8F8FB6F2467FC9F268C3D87DDD0	573E9A4E23EEDD9010F093AF6BDFB3F8638B65F1	5E8E8603749CB19F14790E36E4FF8465EFB23BC87040F0007E02B6AB865E1C74
/home/james/.mozilla/firefox/5zxot757.default/addonStartup.json.lz4.tmp	Mozilla lz4 compressed data, originally 1426 bytes	C03070F8A39B68E1DF90C197530147B8	CA5D078F9FE04FA46AF10505F930F1F67DEA4314	FB1ABAC28102E4FD1F7CD97C8B4135681C9BD4BA0EF1517895B278DB52BF5256
/home/james/.mozilla/firefox/5zxot757.default/cert9.db	SQLite 3.x database, last written using SQLite version 3026000, page size 32768, file counter 4, database pages 7, cookie 0x5, schema 4, UTF-8, version-valid-for 4	F329AA086134E7DA8B2283BE5C33BE27	4692A768A428F62B5F2733CB1A89C339724CDFC3	3F26A9E8AE3603E0B11A2B0DC9454DE8A9672E76EAEB415731F6B043F5BFB3A1
/home/james/.mozilla/firefox/5zxot757.default/cert9.db-journal	data	E8D3769F8DB627C1FE236E7BCDA0DB9C	F63606CEDE73778FC4FFDF02D7D13F98E53F39D8	B85B7C7FE2C9D17DEFED0FBEC4D271BF2C79EC557D128BE3AE5C320496197960
/home/james/.mozilla/firefox/5zxot757.default/key4.db	SQLite 3.x database, last written using SQLite version 3026000, page size 32768, file counter 3, database pages 9, cookie 0x6, schema 4, UTF-8, version-valid-for 3	020C82E57402263CBF7F53B39118D317	CC2C61F71511B08EB2B876C314395868F46040EE	9CBCC012295CA02A7F37818415A3A020A1E647AC13BB6F1271B03621A10A3A52
/home/james/.mozilla/firefox/5zxot757.default/key4.db-journal	data	8541CDF9443923BDAC9B181F6E14C5D9	2297D9F5C433C28796EB264A468CC1DE4763C947	9CCC36A748793C4E479D1BAEBA4495DA2066208F5869245B3CCEA8D3BAB7BE70
/home/james/.mozilla/firefox/5zxot757.default/permissions.sqlite	SQLite 3.x database, user version 9, last written using SQLite version 3026000, page size 32768, file counter 5, database pages 3, cookie 0x2, schema 4, UTF-8, version-valid-for 5	3EC564DFFB31A761D90CC78B79A12619	179B48158BB8B9FAB1422D40C9B0618307AC0C5B	18A9301EDE2C87FC24D9CE4EB1DC710DE2CD13C9DC57C46B0D88F08F8EC0CB91
/home/james/.mozilla/firefox/5zxot757.default/permissions.sqlite-journal	data	6FD9BDE7E83C0CE0450804BB5AFAE4F8	8166EFFC10B89A707697F230B818BDE44CC7BC84	62A55F7D12C628F32F718AEE10B818596F822F76B29AC62C980266F997FE5D45
/home/james/.mozilla/firefox/5zxot757.default/places.sqlite-wal	SQLite Write-Ahead Log, version 3007000	0EC1E610CCFB519D50EC6EA0487E9137	9730F676FF42BF6FC208444432A04B7014657DB0	6E7C7E10A15D04D0F6511B992F3D2C9887A0806E003181505EBFF62935B0D3A3
/home/james/.mozilla/firefox/5zxot757.default/prefs-1.js	ASCII text, with very long lines (663)	84277E3A55B14D732A6C4D198A46DA84	34851748FA09DC0C8AFE2C5A5881CC2C96695C01	754287050967986BCAFCCB2C800C7662CBC91F52E15A238A7408565CFFE2AEAD
/home/james/.mozilla/firefox/5zxot757.default/sessionCheckpoints.json.tmp	JSON data	C0E4C22C50DD21142F57714EF49B8713	06B77307DCA5C889EA279243E74730CBC10801BE	6FE46B65B76B3DF32D8392853740B35ED75B6E23F4FBD6F45F3EFA1D496E6717
/home/james/.mozilla/firefox/5zxot757.default/sessionstore-backups/recovery.jsonlz4.tmp	Mozilla lz4 compressed data, originally 26938 bytes	8B5EF9FCD16B40D0B1EA173B591F1158	A7FB4DD9C56D5924A46526F79B1B0DFE11714D84	E33E29BDE73C4F62698083A558EFA1440964EC4852D9058C8709659439127B23
/proc/4879/gid_map	ASCII text, with no line terminators	54258652109C33FE06188083A3EC23F4	013EC30A95D66C56642C193613A829B746982601	C459EBB6CF3917EFB05A2E72EF25E223BE9B78780B1CE0CAACCE49C773DF199E
/proc/4879/setgroups	ASCII text, with no line terminators	05AFB6CE69B9CEF1BD6ECE7E4745F96C	1D16DC2DCC6851208C1B981E2EC377250A4A0CC5	3026A0CA485E5831657BA0120FA8DD66B3425427BFB0A2BE0DB743E2305CC7C5
/proc/4879/uid_map	ASCII text, with no line terminators	54258652109C33FE06188083A3EC23F4	013EC30A95D66C56642C193613A829B746982601	C459EBB6CF3917EFB05A2E72EF25E223BE9B78780B1CE0CAACCE49C773DF199E
/proc/4924/gid_map	ASCII text, with no line terminators	54258652109C33FE06188083A3EC23F4	013EC30A95D66C56642C193613A829B746982601	C459EBB6CF3917EFB05A2E72EF25E223BE9B78780B1CE0CAACCE49C773DF199E
/proc/4924/setgroups	ASCII text, with no line terminators	05AFB6CE69B9CEF1BD6ECE7E4745F96C	1D16DC2DCC6851208C1B981E2EC377250A4A0CC5	3026A0CA485E5831657BA0120FA8DD66B3425427BFB0A2BE0DB743E2305CC7C5
/proc/4924/uid_map	ASCII text, with no line terminators	54258652109C33FE06188083A3EC23F4	013EC30A95D66C56642C193613A829B746982601	C459EBB6CF3917EFB05A2E72EF25E223BE9B78780B1CE0CAACCE49C773DF199E
/proc/4964/gid_map	ASCII text, with no line terminators	54258652109C33FE06188083A3EC23F4	013EC30A95D66C56642C193613A829B746982601	C459EBB6CF3917EFB05A2E72EF25E223BE9B78780B1CE0CAACCE49C773DF199E
/proc/4964/setgroups	ASCII text, with no line terminators	05AFB6CE69B9CEF1BD6ECE7E4745F96C	1D16DC2DCC6851208C1B981E2EC377250A4A0CC5	3026A0CA485E5831657BA0120FA8DD66B3425427BFB0A2BE0DB743E2305CC7C5
/proc/4964/uid_map	ASCII text, with no line terminators	54258652109C33FE06188083A3EC23F4	013EC30A95D66C56642C193613A829B746982601	C459EBB6CF3917EFB05A2E72EF25E223BE9B78780B1CE0CAACCE49C773DF199E

Compliance

Source: unknown

HTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.20:58536 version: TLS 1.2

Networking

Source: /usr/lib/firefox/firefox (PID: 4754)

Reads hosts file: /etc/hosts

Jump to behavior

Source: global traffic	HTTP traffic detected: GET /es HTTP/1.1Host: correros.topUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brConnection: keep-aliveUpgrade-Insecure-Requests: 1
Source: global traffic	HTTP traffic detected: GET /6/Firefox/66.0.3/20190410113011/Linux_x86_64-gcc3/en-US/release-cck-ubuntu/Linux%204.4.0-116-generic%20(GTK%203.18.9%2Clibpulse%208.0.0)/canonical/1.0/ HTTP/1.1Host: snippets.cdn.mozilla.netUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brConnection: keep-alive
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: correros.topUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: image/webp,*/*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brConnection: keep-alive
Source: global traffic	HTTP traffic detected: GET /us-west/bundles-pregen/Firefox/en-us/default.json HTTP/1.1Host: snippets.cdn.mozilla.netUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brConnection: keep-alive
Source: global traffic	HTTP traffic detected: GET /update/3/GMP/66.0.3/20190410113011/Linux_x86_64-gcc3/null/release-cck-ubuntu/Linux%204.4.0-116-generic%20(GTK%203.18.9%2Clibpulse%208.0.0)/canonical/1.0/update.xml HTTP/1.1Host: aus5.mozilla.orgUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brCache-Control: no-cachePragma: no-cacheConnection: keep-alive

Source: unknown

DNS traffic detected: queries for: correros.top

Source: global traffic

HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 18 Apr 2024 13:34:35 GMTContent-Type: text/plain; charset=utf-8Content-Length: 9Connection: closeAccess-Control-Allow-Origin: *ETag: W/"9-0gXL1ngzMqISxa6S1zx3F4wtLyg"CF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hHIT1h5p0dt%2FC%2FO1Rt%2FWGBNiVHfRADC1D5oW8IQyc1JFgDVCPkvZoqBZMeQzj4qBkwmEE5PCborde1MIzOycCXKJGoZrfgvn4U6AuaPcCGFFn%2BfgOTZknnK6tAYVwz4%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 87650878ea57b077-ATLalt-svc: h3=":443"; ma=86400

Source: global traffic

HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 18 Apr 2024 13:34:36 GMTContent-Type: text/plain; charset=utf-8Content-Length: 9Connection: closeAccess-Control-Allow-Origin: *ETag: W/"9-0gXL1ngzMqISxa6S1zx3F4wtLyg"Cache-Control: max-age=14400CF-Cache-Status: EXPIREDReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1uVz7sZ4vUtQ5SDB2y8xVMCoZBbVxfXiKpUq7WxzmkjDCFPr%2BER%2B1o5KMCdyoDnxj%2BdOelOw8wzD3QGa5jJZlwemyQlEwSpjv3gbaBUGRlnkawfV9lEsdG6r0vGooNg%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 876508813a8812d2-ATLalt-svc: h3=":443"; ma=86400

Source: scriptCache-new.bin.34.dr	String found in binary or memory: http://%(server)s/dummy/blocklist/)signon.autofillForms-signon.rememberSignons9startup.homepage_welc
Source: scriptCache-new.bin.34.dr	String found in binary or memory: http://%(server)s/dummy/healthreport/cdatareporting.healthreport.logging.consoleEnabledUdatareportin
Source: scriptCache-new.bin.34.dr	String found in binary or memory: http://a9.com/-/spec/opensearch/1.0/I
Source: scriptCache-new.bin.34.dr	String found in binary or memory: http://a9.com/-/spec/opensearch/1.0/Ihttp://a9.com/-/spec/opensearch/1.1/_http://a9.com/-/spec/opens
Source: scriptCache-new.bin.34.dr	String found in binary or memory: http://a9.com/-/spec/opensearch/1.1/_
Source: scriptCache-new.bin.34.dr	String found in binary or memory: http://a9.com/-/spec/opensearchdescription/1.0/
Source: scriptCache-new.bin.34.dr	String found in binary or memory: http://a9.com/-/spec/opensearchdescription/1.1/_
Source: cert9.db-journal.34.dr, cert9.db.34.dr	String found in binary or memory: http://crl.pki.goog/gsr2/gsr2.crl0?
Source: cert9.db-journal.34.dr, cert9.db.34.dr	String found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootCA.crl07
Source: cert9.db-journal.34.dr, cert9.db.34.dr	String found in binary or memory: http://crl4.digicert.com/DigiCertGlobalRootCA.crl0=
Source: scriptCache-new.bin.34.dr	String found in binary or memory: http://json-schema.org/draft-04/schema#
Source: scriptCache-child-new.bin.34.dr	String found in binary or memory: http://mozilla.org/MPL/2.0/.
Source: cert9.db-journal.34.dr, cert9.db.34.dr	String found in binary or memory: http://ocsp.digicert.com0
Source: cert9.db-journal.34.dr, cert9.db.34.dr	String found in binary or memory: http://ocsp.pki.goog/gsr202
Source: places.sqlite-wal.34.dr	String found in binary or memory: http://wiki.ubuntu.com
Source: places.sqlite-wal.34.dr	String found in binary or memory: http://wiki.ubuntu.com/moc.utnubu.ikiw.
Source: places.sqlite-wal.34.dr	String found in binary or memory: http://www.debian.org
Source: places.sqlite-wal.34.dr	String found in binary or memory: http://www.debian.org/gro.naibed.www.
Source: scriptCache-new.bin.34.dr	String found in binary or memory: http://www.mozilla.org/2006/addons-blocklist
Source: scriptCache-new.bin.34.dr	String found in binary or memory: http://www.mozilla.org/2006/browser/search/
Source: scriptCache-new.bin.34.dr	String found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul
Source: scriptCache-new.bin.34.dr	String found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul-
Source: scriptCache-new.bin.34.dr	String found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul-getElementsByTagNameNS
Source: scriptCache-new.bin.34.dr	String found in binary or memory: http://www.mozilla.org/newlayout/xml/parsererror.xml
Source: scriptCache-new.bin.34.dr	String found in binary or memory: http://www.openh264.org/
Source: places.sqlite-wal.34.dr	String found in binary or memory: http://www.ubuntu.com
Source: places.sqlite-wal.34.dr	String found in binary or memory: http://www.ubuntu.com/moc.utnubu.www.
Source: scriptCache-new.bin.34.dr	String found in binary or memory: https://amazon.com
Source: places.sqlite-wal.34.dr	String found in binary or memory: https://answers.launchpad.net
Source: places.sqlite-wal.34.dr	String found in binary or memory: https://answers.launchpad.net/ubuntu/
Source: scriptCache-new.bin.34.dr	String found in binary or memory: https://baidu.com
Source: scriptCache-new.bin.34.dr	String found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1238180
Source: scriptCache-new.bin.34.dr	String found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1243643
Source: places.sqlite-wal.34.dr	String found in binary or memory: https://correros.top
Source: 34240C7DC72E83783C59D6BD827D189D629A4F48.34.dr	String found in binary or memory: https://correros.top/
Source: 6636573CF5AFDF8A7F35DFA2B3C8E197EF2C586A.34.dr, recovery.jsonlz4.tmp.34.dr	String found in binary or memory: https://correros.top/es
Source: places.sqlite-wal.34.dr	String found in binary or memory: https://correros.top/espot.sorerroc.
Source: 1219C48A0A068C2295F75CE8A52C12FE06F6C10B.34.dr	String found in binary or memory: https://correros.top/favicon.ico
Source: 34240C7DC72E83783C59D6BD827D189D629A4F48.34.dr	String found in binary or memory: https://correros.top/predictor::seen1
Source: scriptCache-new.bin.34.dr	String found in binary or memory: https://developer.mozilla.org/docs/JavaScript_OS.File
Source: scriptCache-child-new.bin.34.dr	String found in binary or memory: https://developer.mozilla.org/en-US/Add-ons/WebExtensions/manifest.json/commands#Key_combinations
Source: scriptCache-new.bin.34.dr	String found in binary or memory: https://developer.mozilla.org/en-US/docs/JavaScript_OS.File/OS.File.Info#Cross-platform_Attributes/
Source: scriptCache-new.bin.34.dr	String found in binary or memory: https://developer.mozilla.org/en-US/docs/JavaScript_OS.File/OS.File.Info#Cross-platform_Attributes/_
Source: scriptCache-new.bin.34.dr	String found in binary or memory: https://developer.mozilla.org/en-US/docs/XPCOM_Interface_Reference/nsIBrowserSearchService#async_war
Source: scriptCache-new.bin.34.dr	String found in binary or memory: https://discovery.addons-dev.allizom.org
Source: scriptCache-new.bin.34.dr	String found in binary or memory: https://discovery.addons.allizom.orgQ
Source: scriptCache-new.bin.34.dr	String found in binary or memory: https://discovery.addons.allizom.orgQhttps://discovery.addons-dev.allizom.org
Source: scriptCache-new.bin.34.dr	String found in binary or memory: https://discovery.addons.mozilla.org
Source: scriptCache-new.bin.34.dr	String found in binary or memory: https://duckduckgo.com
Source: scriptCache-new.bin.34.dr	String found in binary or memory: https://ebay.com
Source: webext.sc.lz4.tmp.34.dr	String found in binary or memory: https://github.com/
Source: scriptCache-new.bin.34.dr	String found in binary or memory: https://google.com
Source: scriptCache-new.bin.34.dr	String found in binary or memory: https://hg.mozilla.org/releases/mozilla-release/rev/37ecfd08ffee9924609121aaec3f101598f8a84e
Source: cert9.db-journal.34.dr, cert9.db.34.dr	String found in binary or memory: https://pki.goog/repository/0
Source: 4098689E1EA45FF0094F1C8088E49251FFFF7585.34.dr	String found in binary or memory: https://snippets.cdn.mozilla.net/6/Firefox/66.0.3/20190410113011/Linux_x86_64-gcc3/en-US/release-cck
Source: C389DE279BF5275924497D5B33D1F1900116E591.34.dr, 4098689E1EA45FF0094F1C8088E49251FFFF7585.34.dr	String found in binary or memory: https://snippets.cdn.mozilla.net/us-west/bundles-pregen/Firefox/en-us/default.json
Source: places.sqlite-wal.34.dr	String found in binary or memory: https://support.mozilla.org
Source: places.sqlite-wal.34.dr	String found in binary or memory: https://support.mozilla.org/en-US/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=fire
Source: places.sqlite-wal.34.dr	String found in binary or memory: https://support.mozilla.org/en-US/products/firefoxgro.allizom.troppus.
Source: scriptCache-new.bin.34.dr	String found in binary or memory: https://support.mozilla.org/kb/flash-protected-mode-autodisabled
Source: scriptCache-new.bin.34.dr	String found in binary or memory: https://support.mozilla.org/kb/reset-firefox-easily-fix-most-problems
Source: scriptCache-new.bin.34.dr	String found in binary or memory: https://support.mozilla.org/kb/warning-unresponsive-script#w_other-causes
Source: scriptCache-new.bin.34.dr	String found in binary or memory: https://twitter.com
Source: cert9.db-journal.34.dr, cert9.db.34.dr	String found in binary or memory: https://www.digicert.com/CPS0
Source: scriptCache-new.bin.34.dr	String found in binary or memory: https://www.google.com/policies/privacy/3
Source: scriptCache-new.bin.34.dr	String found in binary or memory: https://www.google.com/policies/privacy/3https://www.widevine.com/
Source: places.sqlite-wal.34.dr	String found in binary or memory: https://www.mozilla.org
Source: places.sqlite-wal.34.dr	String found in binary or memory: https://www.mozilla.org/en-US/about/gro.allizom.www.
Source: places.sqlite-wal.34.dr	String found in binary or memory: https://www.mozilla.org/en-US/contribute/gro.allizom.www.
Source: places.sqlite-wal.34.dr	String found in binary or memory: https://www.mozilla.org/en-US/firefox/central/gro.allizom.www.
Source: places.sqlite-wal.34.dr	String found in binary or memory: https://www.mozilla.org/en-US/privacy/firefox/Firefox
Source: places.sqlite-wal.34.dr	String found in binary or memory: https://www.mozilla.org/media/img/mozorg/mozilla-256.4720741d4108.jpg
Source: places.sqlite-wal.34.dr	String found in binary or memory: https://www.mozilla.org/privacy/firefox/gro.allizom.www.
Source: scriptCache-new.bin.34.dr	String found in binary or memory: https://www.widevine.com/
Source: scriptCache-new.bin.34.dr	String found in binary or memory: https://yandex.com

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 48400
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 48398
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 40580
Source: unknown	Network traffic detected: HTTP traffic on port 40580 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 48394
Source: unknown	Network traffic detected: HTTP traffic on port 58536 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58536
Source: unknown	Network traffic detected: HTTP traffic on port 48400 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 48394 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 40584 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 40584
Source: unknown	Network traffic detected: HTTP traffic on port 48398 -> 443

Source: unknown

HTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.20:58536 version: TLS 1.2

System Summary

Source: classification engine

Classification label: clean2.lin@0/70@18/0

Persistence and Installation Behavior

Source: /usr/bin/exo-open (PID: 4739)	Directory: /home/james/.Xauthority			Jump to behavior
Source: /usr/bin/exo-open (PID: 4739)	Directory: /home/james/.cache			Jump to behavior
Source: /usr/lib/x86_64-linux-gnu/xfce4/exo-1/exo-helper-1 (PID: 4747)	Directory: /home/james/.Xauthority			Jump to behavior
Source: /usr/lib/x86_64-linux-gnu/xfce4/exo-1/exo-helper-1 (PID: 4747)	Directory: /home/james/.cache			Jump to behavior
Source: /usr/lib/x86_64-linux-gnu/xfce4/exo-1/exo-helper-1 (PID: 4747)	Directory: /home/james/.local			Jump to behavior
Source: /usr/lib/x86_64-linux-gnu/xfce4/exo-1/exo-helper-1 (PID: 4747)	Directory: /home/james/.config			Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4754)	Directory: /home/james/.Xauthority			Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4754)	File: /tmp/firefox_james/.parentlock			Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4754)	Directory: /home/james/.Xauthority			Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4754)	File: /home/james/.mozilla/firefox/5zxot757.default/.parentlock			Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4754)	File: /home/james/.cache/mozilla/firefox/5zxot757.default/.startup-incomplete			Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4754)	Directory: /home/james/.Xdefaults-ubuntu			Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4754)	Directory: /home/james/.mime.types			Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4754)	Directory: /home/james/.mozilla/firefox/5zxot757.default/storage/permanent/chrome/.metadata-v2			Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4754)	Directory: /home/james/.mailcap			Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4754)	Directory: /home/james/.cache			Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4782)	Directory: /home/james/.Xauthority			Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4782)	Directory: /home/james/.drirc			Jump to behavior
Source: /usr/bin/dbus-launch (PID: 4816)	Directory: /home/james/.Xauthority			Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4879)	Directory: /home/james/.Xauthority			Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4924)	Directory: /home/james/.Xauthority			Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4964)	Directory: /home/james/.Xauthority			Jump to behavior

Source: /usr/lib/firefox/firefox (PID: 4754)	Empty hidden file: /tmp/firefox_james/.parentlock			Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4754)	Empty hidden file: /home/james/.cache/mozilla/firefox/5zxot757.default/.startup-incomplete			Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4754)	Empty hidden file: /home/james/.mozilla/firefox/5zxot757.default/.parentlock			Jump to behavior

Malware Analysis System Evasion

Source: /usr/bin/exo-open (PID: 4739)	Queries kernel information via 'uname':			Jump to behavior
Source: /usr/lib/x86_64-linux-gnu/xfce4/exo-1/exo-helper-1 (PID: 4747)	Queries kernel information via 'uname':			Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4754)	Queries kernel information via 'uname':			Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4782)	Queries kernel information via 'uname':			Jump to behavior
Source: /usr/bin/dbus-launch (PID: 4816)	Queries kernel information via 'uname':			Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4879)	Queries kernel information via 'uname':			Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4924)	Queries kernel information via 'uname':			Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4964)	Queries kernel information via 'uname':			Jump to behavior

Language, Device and Operating System Detection

Source: /usr/lib/firefox/firefox (PID: 4796)

Arguments: /usr/bin/lsb_release -> /usr/bin/python3 -Es /usr/bin/lsb_release -idrc

Jump to behavior