Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\uninstall_ping_308046B0AF4A39CB_71167f61-3b69-4c05-aba5-e9629aba10a6.json
(copy)
|
JSON data
|
dropped
|
||
C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\uninstall_ping_308046B0AF4A39CB_71167f61-3b69-4c05-aba5-e9629aba10a6.json.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\mozilla-temp-files\mozilla-temp-41
|
ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\tmpaddon
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 26 12:58:56 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 26 12:58:56 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 26 12:58:56 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 26 12:58:56 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 26 12:58:56 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\ExperimentStoreData.json (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\ExperimentStoreData.json.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\addonStartup.json.lz4 (copy)
|
Mozilla lz4 compressed data, originally 23432 bytes
|
dropped
|
||
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\addonStartup.json.lz4.tmp
|
Mozilla lz4 compressed data, originally 23432 bytes
|
dropped
|
||
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\addons.json (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\addons.json.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\content-prefs.sqlite
|
SQLite 3.x database, user version 5, last written using SQLite version 3042000, page size 32768, file counter 4, database
pages 8, cookie 0x6, schema 4, largest root page 8, UTF-8, vacuum mode 1, version-valid-for 4
|
dropped
|
||
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\crashes\store.json.mozlz4 (copy)
|
Mozilla lz4 compressed data, originally 56 bytes
|
dropped
|
||
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\crashes\store.json.mozlz4.tmp
|
Mozilla lz4 compressed data, originally 56 bytes
|
dropped
|
||
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\extensions.json (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\extensions.json.tmp
|
JSON data
|
modified
|
||
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\favicons.sqlite-shm
|
data
|
dropped
|
||
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\formhistory.sqlite
|
SQLite 3.x database, user version 5, last written using SQLite version 3042000, page size 32768, file counter 2, database
pages 8, cookie 0x7, schema 4, UTF-8, version-valid-for 2
|
modified
|
||
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll (copy)
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll.tmp
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info.tmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\permissions.sqlite
|
SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, file counter 4, database
pages 3, cookie 0x2, schema 4, UTF-8, version-valid-for 4
|
modified
|
||
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\places.sqlite-shm
|
data
|
dropped
|
||
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\places.sqlite-wal
|
SQLite Write-Ahead Log, version 3007000
|
dropped
|
||
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\prefs-1.js
|
ASCII text, with very long lines (1717), with CRLF line terminators
|
modified
|
||
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\prefs.js (copy)
|
ASCII text, with very long lines (1717), with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\protections.sqlite
|
SQLite 3.x database, user version 1, last written using SQLite version 3042000, page size 32768, file counter 4, database
pages 2, cookie 0x1, schema 4, UTF-8, version-valid-for 4
|
dropped
|
||
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\sessionCheckpoints.json (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\sessionCheckpoints.json.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\sessionstore-backups\recovery.baklz4 (copy)
|
Mozilla lz4 compressed data, originally 5825 bytes
|
dropped
|
||
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\sessionstore-backups\recovery.jsonlz4 (copy)
|
Mozilla lz4 compressed data, originally 5825 bytes
|
dropped
|
||
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\sessionstore-backups\recovery.jsonlz4.tmp
|
Mozilla lz4 compressed data, originally 6279 bytes
|
dropped
|
||
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\storage.sqlite
|
SQLite 3.x database, user version 131075, last written using SQLite version 3042000, page size 512, file counter 6, database
pages 8, cookie 0x4, schema 4, UTF-8, version-valid-for 6
|
dropped
|
||
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\targeting.snapshot.json (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\targeting.snapshot.json.tmp
|
JSON data
|
dropped
|
There are 32 hidden files, click here to show them.
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
https://bagger-laase.dk/mekanisk-sikring/tyverimaerkning
|
|||
https://bagger-laase.dk/mekanisk-sikring/tyverimaerkning
|
|||
about:blank
|
|||
https://www.youtube.com/embed/78mF4s3qkZ4?rel=0&showinfo=0
|
|||
http://detectportal.firefox.com/canonical.html
|
34.107.221.82
|
||
http://detectportal.firefox.com/success.txt?ipv4
|
34.107.221.82
|
||
https://www.youtube.com/embed/KAGUIysMS9Q?rel=0&showinfo=0
|
|||
https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
|
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
example.org
|
93.184.215.14
|
||
prod.detectportal.prod.cloudops.mozgcp.net
|
34.107.221.82
|
||
services.addons.mozilla.org
|
18.173.166.111
|
||
i.ytimg.com
|
142.250.217.182
|
||
d2afiqwypp03na.cloudfront.net
|
13.32.87.71
|
||
bagger-laase.dk
|
77.235.50.241
|
||
contile.services.mozilla.com
|
34.117.188.166
|
||
prod.content-signature-chains.prod.webservices.mozgcp.net
|
34.160.144.191
|
||
us-west1.prod.sumo.prod.webservices.mozgcp.net
|
34.149.128.2
|
||
ipv4only.arpa
|
192.0.0.171
|
||
photos-ugc.l.googleusercontent.com
|
142.250.217.193
|
||
prod.ads.prod.webservices.mozgcp.net
|
34.117.188.166
|
||
www.google.com
|
142.250.217.228
|
||
normandy-cdn.services.mozilla.com
|
35.201.103.21
|
||
fathom-cdn.b-cdn.net
|
195.181.163.195
|
||
star-mini.c10r.facebook.com
|
157.240.14.35
|
||
prod.balrog.prod.cloudops.mozgcp.net
|
35.244.181.201
|
||
twitter.com
|
104.244.42.129
|
||
dyna.wikimedia.org
|
208.80.154.224
|
||
prod.remote-settings.prod.webservices.mozgcp.net
|
34.149.100.209
|
||
static.doubleclick.net
|
192.178.50.38
|
||
youtube-ui.l.google.com
|
172.217.2.206
|
||
googleads.g.doubleclick.net
|
142.250.217.226
|
||
reddit.map.fastly.net
|
151.101.193.140
|
||
o2.mouseflow.com
|
185.17.186.161
|
||
analytics.freespee.com
|
18.157.139.40
|
||
telemetry-incoming.r53-2.services.mozilla.com
|
34.120.208.123
|
||
yt3.ggpht.com
|
unknown
|
||
www.reddit.com
|
unknown
|
||
spocs.getpocket.com
|
unknown
|
||
imgsct.cookiebot.com
|
unknown
|
||
content-signature-2.cdn.mozilla.net
|
unknown
|
||
support.mozilla.org
|
unknown
|
||
ratinglogo.bisnode.com
|
unknown
|
||
firefox.settings.services.mozilla.com
|
unknown
|
||
push.services.mozilla.com
|
unknown
|
||
www.youtube.com
|
unknown
|
||
cdn.usefathom.com
|
unknown
|
||
consentcdn.cookiebot.com
|
unknown
|
||
www.facebook.com
|
unknown
|
||
cdn.mouseflow.com
|
unknown
|
||
consent.cookiebot.com
|
unknown
|
||
www.linkedin.com
|
unknown
|
||
detectportal.firefox.com
|
unknown
|
||
px.ads.linkedin.com
|
unknown
|
||
normandy.cdn.mozilla.net
|
unknown
|
||
snap.licdn.com
|
unknown
|
||
shavar.services.mozilla.com
|
unknown
|
||
www.wikipedia.org
|
unknown
|
There are 39 hidden domains, click here to show them.
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
185.17.186.161
|
o2.mouseflow.com
|
Netherlands
|
||
44.233.67.78
|
unknown
|
United States
|
||
185.17.186.162
|
unknown
|
Netherlands
|
||
195.181.163.195
|
fathom-cdn.b-cdn.net
|
United Kingdom
|
||
142.250.64.238
|
unknown
|
United States
|
||
142.250.64.232
|
unknown
|
United States
|
||
74.125.196.84
|
unknown
|
United States
|
||
172.217.15.202
|
unknown
|
United States
|
||
13.32.87.71
|
d2afiqwypp03na.cloudfront.net
|
United States
|
||
142.250.217.163
|
unknown
|
United States
|
||
142.250.217.246
|
unknown
|
United States
|
||
142.250.217.202
|
unknown
|
United States
|
||
18.173.166.111
|
services.addons.mozilla.org
|
United States
|
||
172.217.2.206
|
youtube-ui.l.google.com
|
United States
|
||
34.120.208.123
|
telemetry-incoming.r53-2.services.mozilla.com
|
United States
|
||
142.250.189.131
|
unknown
|
United States
|
||
23.43.235.121
|
unknown
|
United States
|
||
1.1.1.1
|
unknown
|
Australia
|
||
142.250.217.228
|
www.google.com
|
United States
|
||
142.250.189.138
|
unknown
|
United States
|
||
142.250.217.226
|
googleads.g.doubleclick.net
|
United States
|
||
13.107.42.14
|
unknown
|
United States
|
||
239.255.255.250
|
unknown
|
Reserved
|
||
142.250.217.234
|
unknown
|
United States
|
||
34.160.144.191
|
prod.content-signature-chains.prod.webservices.mozgcp.net
|
United States
|
||
142.250.217.194
|
unknown
|
United States
|
||
142.250.217.193
|
photos-ugc.l.googleusercontent.com
|
United States
|
||
127.0.0.1
|
unknown
|
unknown
|
||
104.18.26.50
|
unknown
|
United States
|
||
192.178.50.78
|
unknown
|
United States
|
||
172.217.2.196
|
unknown
|
United States
|
||
23.55.219.113
|
unknown
|
United States
|
||
192.168.2.16
|
unknown
|
unknown
|
||
192.178.50.38
|
static.doubleclick.net
|
United States
|
||
77.235.50.241
|
bagger-laase.dk
|
Netherlands
|
||
156.146.43.65
|
unknown
|
United States
|
||
34.117.188.166
|
contile.services.mozilla.com
|
United States
|
||
172.217.165.194
|
unknown
|
United States
|
||
104.124.1.65
|
unknown
|
United States
|
||
35.201.103.21
|
normandy-cdn.services.mozilla.com
|
United States
|
||
172.217.3.67
|
unknown
|
United States
|
||
18.157.139.40
|
analytics.freespee.com
|
United States
|
||
142.250.217.182
|
i.ytimg.com
|
United States
|
||
34.149.100.209
|
prod.remote-settings.prod.webservices.mozgcp.net
|
United States
|
||
34.107.243.93
|
unknown
|
United States
|
||
34.107.221.82
|
prod.detectportal.prod.cloudops.mozgcp.net
|
United States
|
||
142.250.64.195
|
unknown
|
United States
|
||
35.244.181.201
|
prod.balrog.prod.cloudops.mozgcp.net
|
United States
|
||
13.32.87.82
|
unknown
|
United States
|
||
52.24.210.222
|
unknown
|
United States
|
||
184.28.75.169
|
unknown
|
United States
|
||
23.56.5.67
|
unknown
|
United States
|
There are 42 hidden IPs, click here to show them.