Windows Analysis Report
file.exe

Overview

General Information

Sample name: file.exe
Analysis ID: 1504861
MD5: 9174e680d1b0ea8cdb3ee932ec2dfc6f
SHA1: 49ba7df579d1b30e9c4474ba6733748614ab5c68
SHA256: 136d5473ded4b9a2bef3ef6160a377c0965b4e7292fb81980219ef8cc7d96cfd
Tags: exe
Infos:

Detection

Score: 64
Range: 0 - 100
Whitelisted: false
Confidence: 100%

Signatures

Multi AV Scanner detection for submitted file
AI detected suspicious sample
Binary is likely a compiled AutoIt script file
Found API chain indicative of sandbox detection
Machine Learning detection for sample
Contains functionality for execution timing, often used to detect debuggers
Contains functionality for read data from the clipboard
Contains functionality to block mouse and keyboard input (often used to hinder debugging)
Contains functionality to call native functions
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to check if a window is minimized (may be used to check if an application is visible)
Contains functionality to communicate with device drivers
Contains functionality to dynamically determine API calls
Contains functionality to execute programs as a different user
Contains functionality to launch a process as a different user
Contains functionality to launch a program with higher privileges
Contains functionality to modify clipboard data
Contains functionality to open a port and listen for incoming connection (possibly a backdoor)
Contains functionality to query CPU information (cpuid)
Contains functionality to read the PEB
Contains functionality to read the clipboard data
Contains functionality to retrieve information about pressed keystrokes
Contains functionality to shutdown / reboot the system
Contains functionality to simulate keystroke presses
Contains functionality to simulate mouse events
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Creates a process in suspended mode (likely to inject code)
Detected potential crypto function
Drops PE files
Found large amount of non-executed APIs
Found potential string decryption / allocating functions
IP address seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
OS version to string mapping found (often used in BOTs)
PE file contains sections with non-standard names
Potential key logger detected (key state polling based)
Sample file is different than original file name gathered from version info
Uses 32bit PE files
Uses code obfuscation techniques (call, push, ret)
Uses insecure TLS / SSL version for HTTPS connection

Classification

AV Detection

barindex
Source: file.exe ReversingLabs: Detection: 26%
Source: Submited Sample Integrated Neural Analysis Model: Matched 100.0% probability
Source: file.exe Joe Sandbox ML: detected
Source: file.exe Static PE information: EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE, 32BIT_MACHINE
Source: unknown HTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49779 version: TLS 1.0
Source: unknown HTTPS traffic detected: 2.18.97.153:443 -> 192.168.2.5:49732 version: TLS 1.2
Source: unknown HTTPS traffic detected: 40.126.31.69:443 -> 192.168.2.5:49733 version: TLS 1.2
Source: unknown HTTPS traffic detected: 2.18.97.153:443 -> 192.168.2.5:49744 version: TLS 1.2
Source: unknown HTTPS traffic detected: 40.126.31.69:443 -> 192.168.2.5:49757 version: TLS 1.2
Source: unknown HTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.5:49775 version: TLS 1.2
Source: unknown HTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.5:49789 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.5:49788 version: TLS 1.2
Source: unknown HTTPS traffic detected: 52.222.236.23:443 -> 192.168.2.5:49791 version: TLS 1.2
Source: unknown HTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.5:49794 version: TLS 1.2
Source: unknown HTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.5:49795 version: TLS 1.2
Source: unknown HTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.5:49796 version: TLS 1.2
Source: unknown HTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.5:49799 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:49801 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:49802 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:49803 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:49804 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:49805 version: TLS 1.2
Source: Binary string: z:\task_1551543573\build\openh264\gmpopenh264.pdbV source: firefox.exe, 00000005.00000003.2496055924.000002409E800000.00000004.00000800.00020000.00000000.sdmp, gmpopenh264.dll.tmp.5.dr
Source: Binary string: z:\task_1551543573\build\openh264\gmpopenh264.pdb source: firefox.exe, 00000005.00000003.2496055924.000002409E800000.00000004.00000800.00020000.00000000.sdmp, gmpopenh264.dll.tmp.5.dr
Source: C:\Users\user\Desktop\file.exe Code function: 0_2_00BEDBBE lstrlenW,GetFileAttributesW,FindFirstFileW,FindClose, 0_2_00BEDBBE
Source: C:\Users\user\Desktop\file.exe Code function: 0_2_00BBC2A2 FindFirstFileExW, 0_2_00BBC2A2
Source: C:\Users\user\Desktop\file.exe Code function: 0_2_00BF68EE FindFirstFileW,FindClose, 0_2_00BF68EE
Source: C:\Users\user\Desktop\file.exe Code function: 0_2_00BF698F FindFirstFileW,FindClose,FileTimeToLocalFileTime,FileTimeToLocalFileTime,FileTimeToLocalFileTime,FileTimeToSystemTime,FileTimeToSystemTime,FileTimeToSystemTime, 0_2_00BF698F
Source: C:\Users\user\Desktop\file.exe Code function: 0_2_00BED076 FindFirstFileW,DeleteFileW,DeleteFileW,MoveFileW,DeleteFileW,FindNextFileW,FindClose,FindClose, 0_2_00BED076
Source: C:\Users\user\Desktop\file.exe Code function: 0_2_00BED3A9 FindFirstFileW,DeleteFileW,FindNextFileW,FindClose,FindClose, 0_2_00BED3A9
Source: C:\Users\user\Desktop\file.exe Code function: 0_2_00BF9642 SetCurrentDirectoryW,FindFirstFileW,FindFirstFileW,GetFileAttributesW,SetFileAttributesW,FindNextFileW,FindClose,FindFirstFileW,SetCurrentDirectoryW,SetCurrentDirectoryW,SetCurrentDirectoryW,FindNextFileW,FindClose,FindClose, 0_2_00BF9642
Source: C:\Users\user\Desktop\file.exe Code function: 0_2_00BF979D SetCurrentDirectoryW,FindFirstFileW,FindFirstFileW,FindNextFileW,FindClose,FindFirstFileW,SetCurrentDirectoryW,SetCurrentDirectoryW,SetCurrentDirectoryW,FindNextFileW,FindClose,FindClose, 0_2_00BF979D
Source: C:\Users\user\Desktop\file.exe Code function: 0_2_00BF9B2B FindFirstFileW,Sleep,FindNextFileW,FindClose, 0_2_00BF9B2B
Source: C:\Users\user\Desktop\file.exe Code function: 0_2_00BF5C97 FindFirstFileW,FindNextFileW,FindClose, 0_2_00BF5C97
Source: firefox.exe Memory has grown: Private usage: 0MB later: 96MB
Source: Joe Sandbox View IP Address: 13.107.246.40 13.107.246.40
Source: Joe Sandbox View IP Address: 13.107.246.40 13.107.246.40
Source: Joe Sandbox View IP Address: 23.55.235.170 23.55.235.170
Source: Joe Sandbox View IP Address: 152.195.19.97 152.195.19.97
Source: Joe Sandbox View JA3 fingerprint: 1138de370e523e824bbca92d049a3777
Source: Joe Sandbox View JA3 fingerprint: 28a2c9bd18a11de089ef85a160da29e4
Source: Joe Sandbox View JA3 fingerprint: fb0aa01abe9d8e4037eb3473ca6e2dca
Source: unknown HTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49779 version: TLS 1.0
Source: unknown TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown TCP traffic detected without corresponding DNS query: 40.126.31.69
Source: unknown TCP traffic detected without corresponding DNS query: 40.126.31.69
Source: unknown TCP traffic detected without corresponding DNS query: 40.126.31.69
Source: unknown TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown TCP traffic detected without corresponding DNS query: 40.126.31.69
Source: unknown TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown TCP traffic detected without corresponding DNS query: 142.251.40.174
Source: unknown TCP traffic detected without corresponding DNS query: 142.251.40.174
Source: unknown TCP traffic detected without corresponding DNS query: 142.251.40.174
Source: unknown TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknown TCP traffic detected without corresponding DNS query: 142.251.40.174
Source: unknown TCP traffic detected without corresponding DNS query: 142.251.40.174
Source: unknown TCP traffic detected without corresponding DNS query: 142.251.40.174
Source: unknown TCP traffic detected without corresponding DNS query: 142.251.40.174
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknown TCP traffic detected without corresponding DNS query: 142.250.65.174
Source: unknown TCP traffic detected without corresponding DNS query: 142.250.65.174
Source: unknown TCP traffic detected without corresponding DNS query: 142.250.65.174
Source: unknown TCP traffic detected without corresponding DNS query: 142.250.65.174
Source: unknown TCP traffic detected without corresponding DNS query: 142.250.65.174
Source: unknown TCP traffic detected without corresponding DNS query: 142.250.65.174
Source: unknown TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown TCP traffic detected without corresponding DNS query: 142.251.40.174
Source: unknown TCP traffic detected without corresponding DNS query: 142.251.40.174
Source: unknown TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown TCP traffic detected without corresponding DNS query: 142.251.40.174
Source: unknown TCP traffic detected without corresponding DNS query: 142.251.40.174
Source: unknown TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown TCP traffic detected without corresponding DNS query: 142.251.40.174
Source: unknown TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: C:\Users\user\Desktop\file.exe Code function: 0_2_00BFCE44 InternetReadFile,SetEvent,GetLastError,SetEvent, 0_2_00BFCE44
Source: global traffic HTTP traffic detected: GET /edgeoffer/pb/experiments?appId=edge-extensions&country=CH HTTP/1.1Host: api.edgeoffer.microsoft.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic HTTP traffic detected: GET /crx/blobs/AY4GWKBMNax_FQrZEVzNkO_0mu3UShnzR6AihR_EPjVIUOT_pwZzkWCpOk8YKIu0qnIq_YObWXuPyiJ7NA0nDjMHUEYIIEknsNvJHXuPd0MqxESzoxi9xiMyJKNwZiVV1yEAxlKa5UVe61sINARQ7fO9dE0bkfP_W4GG/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_80_1_0.crx HTTP/1.1Host: clients2.googleusercontent.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic HTTP traffic detected: GET /accounts/CheckConnection?pmpo=https%3A%2F%2Faccounts.google.com&v=403473328&timestamp=1725539476166 HTTP/1.1Host: accounts.youtube.comConnection: keep-alivesec-ch-ua: "Not;A=Brand";v="8", "Chromium";v="117", "Google Chrome";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-arch: "x86"sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-model: ""sec-ch-ua-bitness: "64"sec-ch-ua-wow64: ?0sec-ch-ua-full-version-list: "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132", "Google Chrome";v="117.0.5938.132"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://accounts.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic HTTP traffic detected: GET /assets/domains_config_gz/2.8.76/asset?assetgroup=EntityExtractionDomainsConfig HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveEdge-Asset-Group: EntityExtractionDomainsConfigSec-Mesh-Client-Edge-Version: 117.0.2045.47Sec-Mesh-Client-Edge-Channel: stableSec-Mesh-Client-OS: WindowsSec-Mesh-Client-OS-Version: 10.0.19045Sec-Mesh-Client-Arch: x86_64Sec-Mesh-Client-WebView: 0Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic HTTP traffic detected: GET /assets/edge_hub_apps_manifest_gz/4.7.107/asset?assetgroup=Shoreline HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveEdge-Asset-Group: ShorelineSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Not;A=Brand";v="8", "Chromium";v="117", "Google Chrome";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132", "Google Chrome";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://accounts.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic HTTP traffic detected: GET /assets/edge_hub_apps_action_center_maximal_light.png/1.2.1/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic HTTP traffic detected: GET /assets/edge_hub_apps_search_maximal_light.png/1.3.6/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic HTTP traffic detected: GET /assets/edge_hub_apps_shopping_maximal_light.png/1.4.0/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic HTTP traffic detected: GET /assets/edge_hub_apps_games_maximal_light.png/1.7.1/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic HTTP traffic detected: GET /assets/edge_hub_apps_toolbox_maximal_light.png/1.5.13/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic HTTP traffic detected: GET /assets/edge_hub_apps_M365_light.png/1.7.32/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic HTTP traffic detected: GET /assets/edge_hub_apps_outlook_light.png/1.9.10/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic HTTP traffic detected: GET /assets/edge_hub_apps_edrop_maximal_light.png/1.1.12/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic HTTP traffic detected: GET /assets/product_category_en/1.0.0/asset?assetgroup=ProductCategories HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveEdge-Asset-Group: ProductCategoriesSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic HTTP traffic detected: GET /filestreamingservice/files/bdc392b9-6b81-4aaa-b3ee-2fffd9562edb?P1=1726144273&P2=404&P3=2&P4=gRzw0TlO28v3xn3M7ZJhhK0eBAMU0JhFJIg7WN8JZ5MTymrQli7NI%2bsdHZx608dhOnKfPCyJKrT9LBIEthiwCg%3d%3d HTTP/1.1Host: msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.comConnection: keep-aliveMS-CV: 3Al34tMPCy06pq6FBnsh7ySec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=hdKrGKVxsOrhn2G&MD=bUKt+RBK HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=hdKrGKVxsOrhn2G&MD=bUKt+RBK HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic HTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global traffic HTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global traffic HTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global traffic HTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global traffic HTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global traffic HTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global traffic HTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global traffic HTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global traffic HTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global traffic HTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global traffic HTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global traffic HTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: firefox.exe, 00000005.00000003.2476182627.000002409CB4B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2481620846.000002409CB2D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: "url": "https://www.facebook.com/", equals www.facebook.com (Facebook)
Source: firefox.exe, 00000005.00000003.2476182627.000002409CB4B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2481620846.000002409CB2D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: "url": "https://www.youtube.com/", equals www.youtube.com (Youtube)
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: "default.sites": "https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/", equals www.facebook.com (Facebook)
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: "default.sites": "https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/", equals www.twitter.com (Twitter)
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: "default.sites": "https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/", equals www.youtube.com (Youtube)
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: "url": "https://www.youtube.com" equals www.youtube.com (Youtube)
Source: 000003.log7.8.dr String found in binary or memory: "www.facebook.com": "{\"Tier1\": [1103, 6061], \"Tier2\": [5445, 1780, 8220]}", equals www.facebook.com (Facebook)
Source: 000003.log7.8.dr String found in binary or memory: "www.linkedin.com": "{\"Tier1\": [1103, 214, 6061], \"Tier2\": [2771, 9515, 1780, 1303, 1099, 6081, 5581, 9396]}", equals www.linkedin.com (Linkedin)
Source: 000003.log7.8.dr String found in binary or memory: "www.youtube.com": "{\"Tier1\": [983, 6061, 1103], \"Tier2\": [2413, 8118, 1720, 5007]}", equals www.youtube.com (Youtube)
Source: firefox.exe, 00000005.00000003.2951636377.000002409CB7D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2291354489.000002409CB7D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2788760828.000002409CB7D000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: -l10n-id="newtab-menu-content-tooltip" data-l10n-args="{&quot;title&quot;:&quot;Wikipedia&quot;}" class="context-menu-button icon"></button></div><div class="topsite-impression-observer"></div></div></li><li class="top-site-outer"><div class="top-site-inner"><a class="top-site-button" href="https://www.reddit.com/" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper" data-fallback="R"><div class="top-site-icon rich-icon" style="background-image:url(chrome://activity-stream/content/data/content/tippytop/images/reddit-com@2x.png)"></div></div></div><div class="title"><span dir="auto">Reddit<span class="sponsored-label" data-l10n-id="newtab-topsite-sponsored"></span></span></div></a><div><button aria-haspopup="true" data-l10n-id="newtab-menu-content-tooltip" data-l10n-args="{&quot;title&quot;:&quot;Reddit&quot;}" class="context-menu-button icon"></button></div><div class="topsite-impression-observer"></div></div></li><li class="top-site-outer hide-for-narrow"><div class="top-site-inner"><a class="top-site-button" href="https://twitter.com/" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper" data-fallback="T"><div class="top-site-icon rich-icon" style="background-image:url(chrome://activity-stream/content/data/content/tippytop/images/twitter-com@2x.png)"></div></div></div><div class="title"><span dir="auto">Twitter<span class="sponsored-label" data-l10n-id="newtab-topsite-sponsored"></span></span></div></a><div><button aria-haspopup="true" data-l10n-id="newtab-menu-content-tooltip" data-l10n-args="{&quot;title&quot;:&quot;Twitter&quot;}" class="context-menu-button icon"></button></div><div class="topsite-impression-observer"></div></div></li><li class="top-site-outer placeholder hide-for-narrow"><div class="top-site-inner"><a class="top-site-button" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper"><div class=""></div></div></div><div class="title"><span dir="auto"><br/><span class="sponsored-label" data-l10n-id="newtab-topsite-sponsored"></span></span></div></a><button aria-haspopup="dialog" class="context-menu-button edit-button icon" data-l10n-id="newtab-menu-topsites-placeholder-tooltip"></button><div class="topsite-impression-observer"></div></div></li></ul><div class="edit-topsites-wrapper"></div></div></section></div></div></div></div><style data-styles="[[null]]"></style></div><div class="discovery-stream ds-layout"><div class="ds-column ds-column-12"><div class="ds-column-grid"><div></div></div></div><style data-styles="[[null]]"></style></div></div></main></div></div> equals www.twitter.com (Twitter)
Source: firefox.exe, 00000005.00000003.2479963202.000002409DDFD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2490394108.000002409DDB6000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: 8www.facebook.com equals www.facebook.com (Facebook)
Source: firefox.exe, 00000005.00000003.2249500185.000002409B379000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: doff-text" data-l10n-args="{&quot;engine&quot;: &quot;Google&quot;}"></div><input type="search" class="fake-editable" tabindex="-1" aria-hidden="true"/><div class="fake-caret"></div></button></div></div></div><div class="body-wrapper on"><div class="discovery-stream ds-layout"><div class="ds-column ds-column-12"><div class="ds-column-grid"><div><div class="ds-top-sites"><section class="collapsible-section top-sites" data-section-id="topsites"><div class="section-top-bar"><h3 class="section-title-container " style="visibility:hidden"><span class="section-title"><span data-l10n-id="newtab-section-header-topsites"></span></span><span class="learn-more-link-wrapper"></span></h3></div><div><ul class="top-sites-list"><li class="top-site-outer placeholder "><div class="top-site-inner"><a class="top-site-button" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper"><div class=""></div></div></div><div class="title"><span dir="auto"><br/><span class="sponsored-label" data-l10n-id="newtab-topsite-sponsored"></span></span></div></a><button aria-haspopup="dialog" class="context-menu-button edit-button icon" data-l10n-id="newtab-menu-topsites-placeholder-tooltip"></button><div class="topsite-impression-observer"></div></div></li><li class="top-site-outer placeholder "><div class="top-site-inner"><a class="top-site-button" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper"><div class=""></div></div></div><div class="title"><span dir="auto"><br/><span class="sponsored-label" data-l10n-id="newtab-topsite-sponsored"></span></span></div></a><button aria-haspopup="dialog" class="context-menu-button edit-button icon" data-l10n-id="newtab-menu-topsites-placeholder-tooltip"></button><div class="topsite-impression-observer"></div></div></li><li class="top-site-outer"><div class="top-site-inner"><a class="top-site-button" href="https://www.youtube.com/" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper" data-fallback="Y"><div class="top-site-icon rich-icon" style="background-image:url(chrome://activity-stream/content/data/content/tippytop/images/youtube-com@2x.png)"></div></div></div><div class="title"><span dir="auto">YouTube<span class="sponsored-label" data-l10n-id="newtab-topsite-sponsored"></span></span></div></a><div><button aria-haspopup="true" data-l10n-id="newtab-menu-content-tooltip" data-l10n-args="{&quot;title&quot;:&quot;YouTube&quot;}" class="context-menu-button icon"></button></div><div class="topsite-impression-observer"></div></div></li><li class="top-site-outer"><div class="top-site-inner"><a class="top-site-button" href="https://www.facebook.com/" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper" data-fallback="F"><div class="top-site-icon rich-icon" style="backgroun
Source: firefox.exe, 00000005.00000003.2249500185.000002409B379000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: doff-text" data-l10n-args="{&quot;engine&quot;: &quot;Google&quot;}"></div><input type="search" class="fake-editable" tabindex="-1" aria-hidden="true"/><div class="fake-caret"></div></button></div></div></div><div class="body-wrapper on"><div class="discovery-stream ds-layout"><div class="ds-column ds-column-12"><div class="ds-column-grid"><div><div class="ds-top-sites"><section class="collapsible-section top-sites" data-section-id="topsites"><div class="section-top-bar"><h3 class="section-title-container " style="visibility:hidden"><span class="section-title"><span data-l10n-id="newtab-section-header-topsites"></span></span><span class="learn-more-link-wrapper"></span></h3></div><div><ul class="top-sites-list"><li class="top-site-outer placeholder "><div class="top-site-inner"><a class="top-site-button" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper"><div class=""></div></div></div><div class="title"><span dir="auto"><br/><span class="sponsored-label" data-l10n-id="newtab-topsite-sponsored"></span></span></div></a><button aria-haspopup="dialog" class="context-menu-button edit-button icon" data-l10n-id="newtab-menu-topsites-placeholder-tooltip"></button><div class="topsite-impression-observer"></div></div></li><li class="top-site-outer placeholder "><div class="top-site-inner"><a class="top-site-button" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper"><div class=""></div></div></div><div class="title"><span dir="auto"><br/><span class="sponsored-label" data-l10n-id="newtab-topsite-sponsored"></span></span></div></a><button aria-haspopup="dialog" class="context-menu-button edit-button icon" data-l10n-id="newtab-menu-topsites-placeholder-tooltip"></button><div class="topsite-impression-observer"></div></div></li><li class="top-site-outer"><div class="top-site-inner"><a class="top-site-button" href="https://www.youtube.com/" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper" data-fallback="Y"><div class="top-site-icon rich-icon" style="background-image:url(chrome://activity-stream/content/data/content/tippytop/images/youtube-com@2x.png)"></div></div></div><div class="title"><span dir="auto">YouTube<span class="sponsored-label" data-l10n-id="newtab-topsite-sponsored"></span></span></div></a><div><button aria-haspopup="true" data-l10n-id="newtab-menu-content-tooltip" data-l10n-args="{&quot;title&quot;:&quot;YouTube&quot;}" class="context-menu-button icon"></button></div><div class="topsite-impression-observer"></div></div></li><li class="top-site-outer"><div class="top-site-inner"><a class="top-site-button" href="https://www.facebook.com/" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper" data-fallback="F"><div class="top-site-icon rich-icon" style="backgroun
Source: firefox.exe, 00000005.00000003.2479963202.000002409DDFD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2490394108.000002409DDB6000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: www.facebook.com equals www.facebook.com (Facebook)
Source: firefox.exe, 00000005.00000003.2490394108.000002409DD3F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2490394108.000002409DD83000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2243897678.000002409DDF5000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: x*://www.facebook.com/platform/impression.php* equals www.facebook.com (Facebook)
Source: 14f51c3d-8b0b-4803-b3fa-d58e55ebcdd4.tmp.9.dr String found in binary or memory: {"net":{"http_server_properties":{"servers":[{"anonymization":["IAAAABoAAABodHRwczovL3d3dy5nb29nbGVhcGlzLmNvbQAA",false],"server":"https://www.googleapis.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13372605070894581","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"server":"https://clients2.google.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13372605073479700","port":443,"protocol_str":"quic"}],"anonymization":["JAAAAB0AAABodHRwczovL2dvb2dsZXVzZXJjb250ZW50LmNvbQAAAA==",false],"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13372605073618754","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"server":"https://fonts.gstatic.com"},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13370106673646437","port":443,"protocol_str":"quic"}],"anonymization":["FAAAABAAAABodHRwczovL2JpbmcuY29t",false],"server":"https://www.bing.com"},{"anonymization":["HAAAABUAAABodHRwczovL21pY3Jvc29mdC5jb20AAAA=",false],"server":"https://msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13372605076960847","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",true],"server":"https://accounts.youtube.com"},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13372605078686234","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"server":"https://www.google.com"},{"anonymization":["HAAAABUAAABodHRwczovL2F6dXJlZWRnZS5uZXQAAAA=",false],"server":"https://edgeassetservice.azureedge.net","supports_spdy":true},{"anonymization":["HAAAABUAAABodHRwczovL21pY3Jvc29mdC5jb20AAAA=",false],"server":"https://edge.microsoft.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13372605077598366","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"network_stats":{"srtt":233391},"server":"https://www.gstatic.com"},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13372605107405812","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"network_stats":{"srtt":335461},"server":"https://play.google.com"},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13372605079237187","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"network_stats":{"srtt":226681},"server":"https://accounts.google.com"}],"supports_quic":{"address":"192.168.2.5","used_quic":true},"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"4G","CAYSABiAgICA+P////8B":"Offline"}}} equals www.youtube.com (Youtube)
Source: global traffic DNS traffic detected: DNS query: bzib.nelreports.net
Source: global traffic DNS traffic detected: DNS query: clients2.googleusercontent.com
Source: global traffic DNS traffic detected: DNS query: chrome.cloudflare-dns.com
Source: global traffic DNS traffic detected: DNS query: prod.classify-client.prod.webservices.mozgcp.net
Source: global traffic DNS traffic detected: DNS query: detectportal.firefox.com
Source: global traffic DNS traffic detected: DNS query: prod.detectportal.prod.cloudops.mozgcp.net
Source: global traffic DNS traffic detected: DNS query: example.org
Source: global traffic DNS traffic detected: DNS query: ipv4only.arpa
Source: global traffic DNS traffic detected: DNS query: firefox.settings.services.mozilla.com
Source: global traffic DNS traffic detected: DNS query: prod.remote-settings.prod.webservices.mozgcp.net
Source: global traffic DNS traffic detected: DNS query: prod.balrog.prod.cloudops.mozgcp.net
Source: global traffic DNS traffic detected: DNS query: services.addons.mozilla.org
Source: global traffic DNS traffic detected: DNS query: telemetry-incoming.r53-2.services.mozilla.com
Source: unknown HTTP traffic detected: POST /dns-query HTTP/1.1Host: chrome.cloudflare-dns.comConnection: keep-aliveContent-Length: 128Accept: application/dns-messageAccept-Language: *User-Agent: ChromeAccept-Encoding: identityContent-Type: application/dns-message
Source: firefox.exe, 00000005.00000003.2248120040.000002409CE73000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2492675453.000002409CE73000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000002.3337640147.000002408CB6D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: http://127.0.0.1:
Source: firefox.exe, 00000005.00000003.2496055924.000002409E800000.00000004.00000800.00020000.00000000.sdmp, gmpopenh264.dll.tmp.5.dr String found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0
Source: firefox.exe, 00000005.00000003.2788174419.000002409DCF9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2244595446.000002409DCF9000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootCA.crt0
Source: firefox.exe, 00000005.00000003.2788174419.000002409DCF9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2244595446.000002409DCF9000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootCA.crt0B
Source: firefox.exe, 00000005.00000003.2496055924.000002409E800000.00000004.00000800.00020000.00000000.sdmp, gmpopenh264.dll.tmp.5.dr String found in binary or memory: http://cacerts.digicert.com/DigiCertSHA2AssuredIDCodeSigningCA.crt0
Source: firefox.exe, 00000005.00000003.2475949403.000002409CB98000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2951259551.000002409D936000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2531288077.000002409D936000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2788464539.000002409D936000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2906846651.000002409D936000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://ciscobinary.openh264.org
Source: firefox.exe, 00000005.00000003.2475949403.000002409CB98000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://ciscobinary.openh264.org/
Source: firefox.exe, 00000005.00000003.2488213495.000002409FF44000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2787269307.000002409F8B4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2489090234.000002409F8B4000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://ciscobinary.openh264.org/openh264-android-aarch64-42954cf0fe8a2bdc97fdc180462a3eaefceb035f.zi
Source: firefox.exe, 00000005.00000003.2488213495.000002409FF44000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2787269307.000002409F8B4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2489090234.000002409F8B4000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://ciscobinary.openh264.org/openh264-android-arm-42954cf0fe8a2bdc97fdc180462a3eaefceb035f.zip
Source: firefox.exe, 00000005.00000003.2488213495.000002409FF44000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2787269307.000002409F8B4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2489090234.000002409F8B4000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://ciscobinary.openh264.org/openh264-android-x86-42954cf0fe8a2bdc97fdc180462a3eaefceb035f.zip
Source: firefox.exe, 00000005.00000003.2488213495.000002409FF44000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2787269307.000002409F8B4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2489090234.000002409F8B4000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://ciscobinary.openh264.org/openh264-android-x86_64-42954cf0fe8a2bdc97fdc180462a3eaefceb035f.zip
Source: firefox.exe, 00000005.00000003.2488213495.000002409FF44000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2787269307.000002409F8B4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2489090234.000002409F8B4000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://ciscobinary.openh264.org/openh264-linux32-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
Source: firefox.exe, 00000005.00000003.2488213495.000002409FF44000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2787269307.000002409F8B4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2489090234.000002409F8B4000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://ciscobinary.openh264.org/openh264-linux64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
Source: firefox.exe, 00000005.00000003.2488213495.000002409FF44000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2787269307.000002409F8B4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2489090234.000002409F8B4000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://ciscobinary.openh264.org/openh264-macosx64-2e1774ab6dc6c43debb0b5b628bdf122a391d521-2.zip
Source: firefox.exe, 00000005.00000003.2488213495.000002409FF44000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2787269307.000002409F8B4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2489090234.000002409F8B4000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://ciscobinary.openh264.org/openh264-macosx64-aarch64-2e1774ab6dc6c43debb0b5b628bdf122a391d521-2
Source: firefox.exe, 00000005.00000003.2488213495.000002409FF44000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2787269307.000002409F8B4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2489090234.000002409F8B4000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://ciscobinary.openh264.org/openh264-win32-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
Source: firefox.exe, 00000005.00000003.2476540516.000002409CB2D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2492124474.000002409D809000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://ciscobinary.openh264.org/openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
Source: firefox.exe, 00000005.00000003.2533493611.000002409DE33000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://ciscobinary.openh264.org/openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zipjar:file:
Source: firefox.exe, 00000005.00000003.2488213495.000002409FF44000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2787269307.000002409F8B4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2489090234.000002409F8B4000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://ciscobinary.openh264.org/openh264-win64-aarch64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
Source: firefox.exe, 00000005.00000003.2477447202.000002409D936000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://ciscobinary.openh264.orgP
Source: firefox.exe, 00000005.00000003.2248750417.000002409CB98000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2475513133.000002409CBB0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2449660946.000002409CBA6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2481266651.000002409CBA1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2253333167.000002409CBB0000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://compose.mail.yahoo.co.jp/ym/Compose?To=%ss
Source: firefox.exe, 00000005.00000003.2788174419.000002409DCF9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2244595446.000002409DCF9000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://crl.rootca1.amazontrust.com/rootca1.crl0
Source: firefox.exe, 00000005.00000003.2487359852.00000240A003D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2496055924.000002409E800000.00000004.00000800.00020000.00000000.sdmp, gmpopenh264.dll.tmp.5.dr String found in binary or memory: http://crl.thawte.com/ThawteTimestampingCA.crl0
Source: firefox.exe, 00000005.00000003.2496055924.000002409E800000.00000004.00000800.00020000.00000000.sdmp, gmpopenh264.dll.tmp.5.dr String found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0O
Source: firefox.exe, 00000005.00000003.2788174419.000002409DCF9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2244595446.000002409DCF9000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootCA.crl07
Source: firefox.exe, 00000005.00000003.2788174419.000002409DCF9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2244595446.000002409DCF9000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootCA.crl0=
Source: firefox.exe, 00000005.00000003.2496055924.000002409E800000.00000004.00000800.00020000.00000000.sdmp, gmpopenh264.dll.tmp.5.dr String found in binary or memory: http://crl3.digicert.com/sha2-assured-cs-g1.crl05
Source: firefox.exe, 00000005.00000003.2496055924.000002409E800000.00000004.00000800.00020000.00000000.sdmp, gmpopenh264.dll.tmp.5.dr String found in binary or memory: http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0:
Source: firefox.exe, 00000005.00000003.2788174419.000002409DCF9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2244595446.000002409DCF9000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://crl4.digicert.com/DigiCertGlobalRootCA.crl00
Source: firefox.exe, 00000005.00000003.2496055924.000002409E800000.00000004.00000800.00020000.00000000.sdmp, gmpopenh264.dll.tmp.5.dr String found in binary or memory: http://crl4.digicert.com/sha2-assured-cs-g1.crl0L
Source: firefox.exe, 00000005.00000003.2788174419.000002409DCF9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2244595446.000002409DCF9000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://crt.rootca1.amazontrust.com/rootca1.cer0?
Source: firefox.exe, 00000005.00000003.2476540516.000002409CB2D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2487525846.000002409FFCA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2250781570.000002409FF9A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2789413242.00000240993E1000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://detectportal.firefox.com
Source: firefox.exe, 00000005.00000003.2476540516.000002409CB2D000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://detectportal.firefox.com/
Source: firefox.exe, 00000005.00000003.2533277445.0000024099159000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: http://detectportal.firefox.com/canonical.html
Source: firefox.exe, 00000005.00000003.2476540516.000002409CB2D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: http://detectportal.firefox.com/success.txt?ipv4
Source: firefox.exe, 00000005.00000003.2476540516.000002409CB2D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: http://detectportal.firefox.com/success.txt?ipv6
Source: firefox.exe, 00000005.00000003.2477823650.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2250178189.00000240A0AE6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2241273572.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2250178189.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://developer.mozilla.org/en/docs/DOM:element.addEventListener
Source: firefox.exe, 00000005.00000003.2477823650.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2250178189.00000240A0AE6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2241273572.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2250178189.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://developer.mozilla.org/en/docs/DOM:element.removeEventListener
Source: firefox.exe, 00000005.00000003.2532892624.000002409918A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2292240962.000002409918E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2789533288.000002409918A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2952632105.000002409918E000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://exslt.org/common
Source: firefox.exe, 00000005.00000003.2292775986.0000024099181000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2533277445.0000024099181000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2953161333.0000024099181000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://exslt.org/dates-and-timesP5
Source: firefox.exe, 00000005.00000003.2532892624.000002409918A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2292240962.000002409918E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2789533288.000002409918A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2952632105.000002409918E000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://exslt.org/math
Source: firefox.exe, 00000005.00000003.2292775986.0000024099181000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2533277445.0000024099181000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2953161333.0000024099181000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://exslt.org/regular-expressions
Source: firefox.exe, 00000005.00000003.2532892624.000002409918A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2292240962.000002409918E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2789533288.000002409918A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2952632105.000002409918E000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://exslt.org/sets
Source: firefox.exe, 00000005.00000002.3337640147.000002408CB03000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://exslt.org/stringsp
Source: firefox.exe, 00000005.00000003.2890963956.000002409D5D6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2236468884.000002409D5ED000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2154354366.000002409D5D6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2248471810.000002409CD3F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2156868789.000002409D5ED000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2449486106.000002409CE34000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2242829106.00000240A006B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2268359542.000002430003F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2900039604.000002409D5F2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2156868789.000002409D5D5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2890963956.000002409D5B7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2531288077.000002409D936000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2901995722.000002409D037000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2252617341.000002409F9CC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2788464539.000002409D936000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2196890631.000002409FFCA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2896735245.000002409D5B8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2247475792.000002409D940000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2235417964.000002409D5DC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2154151308.000002409D5F8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2236468884.000002409D5DE000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://mozilla.org/MPL/2.0/.
Source: firefox.exe, 00000005.00000003.2788174419.000002409DCF9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2244595446.000002409DCF9000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://ocsp.digicert.com0
Source: firefox.exe, 00000005.00000003.2496055924.000002409E800000.00000004.00000800.00020000.00000000.sdmp, gmpopenh264.dll.tmp.5.dr String found in binary or memory: http://ocsp.digicert.com0C
Source: firefox.exe, 00000005.00000003.2496055924.000002409E800000.00000004.00000800.00020000.00000000.sdmp, gmpopenh264.dll.tmp.5.dr String found in binary or memory: http://ocsp.digicert.com0N
Source: firefox.exe, 00000005.00000003.2788174419.000002409DCF9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2244595446.000002409DCF9000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://ocsp.rootca1.amazontrust.com0:
Source: firefox.exe, 00000005.00000003.2487359852.00000240A003D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2496055924.000002409E800000.00000004.00000800.00020000.00000000.sdmp, gmpopenh264.dll.tmp.5.dr String found in binary or memory: http://ocsp.thawte.com0
Source: firefox.exe, 00000005.00000003.2248750417.000002409CB98000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2475513133.000002409CBB0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2449660946.000002409CBA6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2481266651.000002409CBA1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2253333167.000002409CBB0000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://poczta.interia.pl/mh/?mailto=%sw
Source: firefox.exe, 00000005.00000003.2496055924.000002409E800000.00000004.00000800.00020000.00000000.sdmp, gmpopenh264.dll.tmp.5.dr String found in binary or memory: http://ts-aia.ws.symantec.com/tss-ca-g2.cer0
Source: firefox.exe, 00000005.00000003.2496055924.000002409E800000.00000004.00000800.00020000.00000000.sdmp, gmpopenh264.dll.tmp.5.dr String found in binary or memory: http://ts-crl.ws.symantec.com/tss-ca-g2.crl0(
Source: firefox.exe, 00000005.00000003.2496055924.000002409E800000.00000004.00000800.00020000.00000000.sdmp, gmpopenh264.dll.tmp.5.dr String found in binary or memory: http://ts-ocsp.ws.symantec.com07
Source: firefox.exe, 00000005.00000003.2248750417.000002409CB98000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2475513133.000002409CBB0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2449660946.000002409CBA6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2481266651.000002409CBA1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2253333167.000002409CBB0000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://win.mail.ru/cgi-bin/sentmsg?mailto=%sy
Source: firefox.exe, 00000005.00000003.2248750417.000002409CB98000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2475513133.000002409CBB0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2449660946.000002409CBA6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2481266651.000002409CBA1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2253333167.000002409CBB0000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://www.inbox.lv/rfc2368/?value=%su
Source: firefox.exe, 00000005.00000003.2487359852.00000240A003D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2496055924.000002409E800000.00000004.00000800.00020000.00000000.sdmp, gmpopenh264.dll.tmp.5.dr String found in binary or memory: http://www.mozilla.com0
Source: firefox.exe, 00000005.00000003.2762430803.000002409CD3F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2247970283.000002409D884000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2477447202.000002409D936000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2531522407.000002409D90B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2906846651.000002409D936000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul
Source: firefox.exe, 00000005.00000003.2788174419.000002409DCF9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2244595446.000002409DCF9000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://x1.c.lencr.org/0
Source: firefox.exe, 00000005.00000003.2788174419.000002409DCF9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2244595446.000002409DCF9000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://x1.i.lencr.org/0
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://%LOCALE%.malware-error.mozilla.com/?url=
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://%LOCALE%.phish-error.mozilla.com/?url=
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://%LOCALE%.phish-report.mozilla.com/?url=
Source: firefox.exe, 00000005.00000003.2140776897.000002409CE00000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2142321397.000002409D03D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2144393504.000002409D080000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2144020852.000002409D05F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2140971232.000002409D01C000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://ac.duckduckgo.com/ac/
Source: firefox.exe, 00000005.00000003.2241273572.00000240A0A59000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://account.bellmedia.c
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://accounts.firefox.com/
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://accounts.firefox.com/settings/clients
Source: firefox.exe, 00000005.00000003.2243342334.000002409F986000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2223393926.000002409F986000.00000004.00000800.00020000.00000000.sdmp, Session_13370013070951362.8.dr String found in binary or memory: https://accounts.google.com
Source: MediaDeviceSalts.8.dr, Session_13370013070951362.8.dr, 000003.log2.8.dr String found in binary or memory: https://accounts.google.com/
Source: MediaDeviceSalts.8.dr String found in binary or memory: https://accounts.google.com//
Source: Favicons.8.dr, History.8.dr String found in binary or memory: https://accounts.google.com/InteractiveLogin?continue=https://accounts.google.com/v3/signin/challeng
Source: firefox.exe, 00000012.00000002.3327312863.00000184435CA000.00000004.00000020.00020000.00000000.sdmp String found in binary or memory: https://accounts.google.com/Service
Source: firefox.exe, 00000012.00000002.3328196717.0000018443840000.00000004.00000020.00020000.00000000.sdmp String found in binary or memory: https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://accounts.goog
Source: Favicons.8.dr, History.8.dr, Session_13370013070951362.8.dr String found in binary or memory: https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://accounts.google.co
Source: Favicons.8.dr String found in binary or memory: https://accounts.google.com/favicon.ico
Source: file.exe, 00000000.00000002.2069066022.0000000000E79000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2068346178.0000000000E40000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2068346178.0000000000E32000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2069001048.0000000000E40000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2069001048.0000000000E32000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000003.00000003.2071605740.0000017EB96F7000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000003.00000003.2070566137.0000017EB96ED000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000003.00000002.2073373514.0000017EB96F8000.00000004.00000020.00020000.00000000.sdmp String found in binary or memory: https://accounts.google.com/v3/signin/challenge/pwd
Source: firefox.exe, 00000005.00000003.2113337915.000002408F6D6000.00000004.00000020.00020000.00000000.sdmp String found in binary or memory: https://accounts.google.com/v3/signin/challenge/pwdMOZ_CRASHREPORTER_STRINGS_OVERRIDE=C:
Source: Favicons.8.dr, History.8.dr, Session_13370013070951362.8.dr, WebAssistDatabase.8.dr String found in binary or memory: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Faccounts.google.com%2Fv3%2Fs
Source: firefox.exe, 00000005.00000003.2249500185.000002409B38F000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://addons.mozilla.org
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://addons.mozilla.org/%LOCALE%/%APP%/blocked-addon/%addonID%/%addonVersion%/
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/language-tools/
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/search-engines/
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/search?q=%TERMS%&platform=%OS%&appver=%VERSION%
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/themes
Source: firefox.exe, 00000005.00000003.2490394108.000002409DD3F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2490394108.000002409DD83000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2243897678.000002409DDF5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2243897678.000002409DD3F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2490394108.000002409DDF5000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://ads.stickyadstv.com/firefox-etp
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://amazon.com
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://api.accounts.firefox.com/v1
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://apps.apple.com/app/firefox-private-safe-browser/id989804926
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://apps.apple.com/us/app/firefox-private-network-vpn/id1489407738
Source: firefox.exe, 00000005.00000003.2476540516.000002409CB2D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2483017787.0000024099D67000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://aus5.mozilla.org
Source: firefox.exe, 00000005.00000003.2533277445.0000024099159000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://aus5.mozilla.org/
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://aus5.mozilla.org/update/3/GMP/%VERSION%/%BUILD_ID%/%BUILD_TARGET%/%LOCALE%/%CHANNEL%/%OS_VER
Source: firefox.exe, 00000005.00000003.2475478733.000002409CBEA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2532492262.00000240993F0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2789264579.00000240993F0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2493073495.000002409CBEA000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://aus5.mozilla.org/update/3/GMP/118.0.1/20230927232528/WINNT_x86_64-msvc-x64/en-US/release/Win
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://aus5.mozilla.org/update/3/SystemAddons/%VERSION%/%BUILD_ID%/%BUILD_TARGET%/%LOCALE%/%CHANNEL
Source: firefox.exe, 00000005.00000003.2475478733.000002409CBEA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2493073495.000002409CBEA000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://aus5.mozilla.org/update/3/SystemAddons/118.0.1/20230927232528/WINNT_x86_64-msvc-x64/en-US/re
Source: firefox.exe, 00000005.00000002.3337640147.000002408CB0E000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://aus5.mozilla.org/update/6/%PRODUCT%/%VERSION%/%BUILD_ID%/%BUILD_TARGET%/%LOCALE%/%CHANNEL%/%
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://bard.google.com/
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://blocked.cdn.mozilla.net/
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://blocked.cdn.mozilla.net/%blockID%.html
Source: firefox.exe, 00000005.00000003.2789533288.00000240991B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000B.00000002.3330835195.000002071B4CA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3334297902.0000018444003000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.5.dr String found in binary or memory: https://bridge.sfo1.admarketplace.net/ctp?version=16.0.0&key=1696425136400800000.2&ci=1696425136743.
Source: firefox.exe, 00000005.00000003.2789533288.00000240991B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000B.00000002.3330835195.000002071B4CA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3334297902.0000018444003000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.5.dr String found in binary or memory: https://bridge.sfo1.ap01.net/ctp?version=16.0.0&key=1696425136400800000.1&ci=1696425136743.12791&cta
Source: firefox.exe, 00000005.00000003.2243307554.000002409FBCA000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://bugzilla.mo
Source: Reporting and NEL.9.dr String found in binary or memory: https://bzib.nelreports.net/api/report?cat=bingbusiness
Source: manifest.json.8.dr String found in binary or memory: https://chrome.google.com/webstore/
Source: 14f51c3d-8b0b-4803-b3fa-d58e55ebcdd4.tmp.9.dr, ba8bc3a4-eb42-4a35-89fc-96395d696325.tmp.9.dr String found in binary or memory: https://clients2.google.com
Source: manifest.json0.8.dr String found in binary or memory: https://clients2.google.com/service/update2/crx
Source: 14f51c3d-8b0b-4803-b3fa-d58e55ebcdd4.tmp.9.dr, ba8bc3a4-eb42-4a35-89fc-96395d696325.tmp.9.dr String found in binary or memory: https://clients2.googleusercontent.com
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://color.firefox.com/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_content=theme-f
Source: firefox.exe, 00000005.00000003.2140776897.000002409CE00000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2142321397.000002409D03D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2144393504.000002409D080000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2144020852.000002409D05F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2140971232.000002409D01C000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://completion.amazon.com/search/complete?q=
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://content.cdn.mozilla.net
Source: firefox.exe, 00000005.00000003.2789533288.00000240991B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000B.00000002.3330835195.000002071B4CA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3334297902.0000018444003000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.5.dr String found in binary or memory: https://contile-images.services.mozilla.com/obgoOYObjIFea_bXuT6L4LbBJ8j425AD87S1HMD3BWg.9991.jpg
Source: firefox.exe, 00000005.00000003.2789533288.00000240991B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000B.00000002.3330835195.000002071B4CA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3334297902.0000018444003000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.5.dr String found in binary or memory: https://contile-images.services.mozilla.com/u1AuJcj32cbVUf9NjMipLXEYwu2uFIt4lsj-ccwVqEs.36904.jpg
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://contile.services.mozilla.com/v1/tiles
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://coverage.mozilla.org
Source: firefox.exe, 00000005.00000002.3337640147.000002408CB0E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000002.3337640147.000002408CB32000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://crash-reports.mozilla.com/submit?id=
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://crash-stats.mozilla.org/report/index/
Source: Reporting and NEL.9.dr String found in binary or memory: https://csp.withgoogle.com/csp/report-to/AccountsSignInUi
Source: Reporting and NEL.9.dr String found in binary or memory: https://csp.withgoogle.com/csp/report-to/apps-themes
Source: Reporting and NEL.9.dr String found in binary or memory: https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers
Source: Reporting and NEL.9.dr String found in binary or memory: https://csp.withgoogle.com/csp/report-to/static-on-bigtable
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://dap-02.api.divviup.org
Source: firefox.exe, 00000005.00000003.2477823650.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2250178189.00000240A0AE6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2241273572.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2250178189.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://developer.mozilla.org/docs/Mozilla/Add-ons/WebExtensions/API/tabs/captureTab
Source: firefox.exe, 00000005.00000003.2289194503.00000240A0ABD000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://developer.mozilla.org/docs/Mozilla/Add-ons/WebExtensions/API/tabs/captureTabMozRequestFullSc
Source: firefox.exe, 00000005.00000003.2250178189.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://developer.mozilla.org/docs/Web/API/Element/releasePointerCapture
Source: firefox.exe, 00000005.00000003.2289194503.00000240A0AB8000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://developer.mozilla.org/docs/Web/API/Element/releasePointerCaptureWebExtensionUncheckedLastErr
Source: firefox.exe, 00000005.00000003.2477823650.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2250178189.00000240A0AE6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2241273572.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2250178189.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://developer.mozilla.org/docs/Web/API/Element/setPointerCapture
Source: firefox.exe, 00000005.00000003.2289194503.00000240A0AB3000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://developer.mozilla.org/docs/Web/API/Element/setPointerCaptureElementReleaseCaptureWarning
Source: firefox.exe, 00000005.00000003.2477823650.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2250178189.00000240A0AE6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2241273572.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2250178189.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://developer.mozilla.org/docs/Web/API/Push_API/Using_the_Push_API#Encryption
Source: firefox.exe, 00000005.00000003.2477823650.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2250178189.00000240A0AE6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2241273572.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2250178189.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://developer.mozilla.org/en-US/docs/Glossary/speculative_parsing
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://developers.google.com/safe-browsing/v4/advisory
Source: manifest.json0.8.dr String found in binary or memory: https://docs.google.com/
Source: manifest.json0.8.dr String found in binary or memory: https://drive-autopush.corp.google.com/
Source: manifest.json0.8.dr String found in binary or memory: https://drive-daily-0.corp.google.com/
Source: manifest.json0.8.dr String found in binary or memory: https://drive-daily-1.corp.google.com/
Source: manifest.json0.8.dr String found in binary or memory: https://drive-daily-2.corp.google.com/
Source: manifest.json0.8.dr String found in binary or memory: https://drive-daily-3.corp.google.com/
Source: manifest.json0.8.dr String found in binary or memory: https://drive-daily-4.corp.google.com/
Source: manifest.json0.8.dr String found in binary or memory: https://drive-daily-5.corp.google.com/
Source: manifest.json0.8.dr String found in binary or memory: https://drive-daily-6.corp.google.com/
Source: manifest.json0.8.dr String found in binary or memory: https://drive-preprod.corp.google.com/
Source: manifest.json0.8.dr String found in binary or memory: https://drive-staging.corp.google.com/
Source: manifest.json0.8.dr String found in binary or memory: https://drive.google.com/
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://duckduckgo.com
Source: firefox.exe, 00000005.00000003.2140776897.000002409CE00000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2142321397.000002409D03D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2252948556.000002409DD1D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2144393504.000002409D080000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2144020852.000002409D05F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2479963202.000002409DD19000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2140971232.000002409D01C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2244571984.000002409DD19000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://duckduckgo.com/
Source: firefox.exe, 00000005.00000003.2448411394.000002409D37F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2237059722.000002409D377000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2248605595.000002409CBE0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2448019818.000002409D37F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2898806395.000002409D377000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2814549647.000002409D377000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://e.mail.ru/cgi-bin/sentmsg?mailto=%s
Source: firefox.exe, 00000005.00000003.2248750417.000002409CB98000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2475513133.000002409CBB0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2449660946.000002409CBA6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2481266651.000002409CBA1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2253333167.000002409CBB0000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://e.mail.ru/cgi-bin/sentmsg?mailto=%sz
Source: firefox.exe, 00000005.00000003.2248750417.000002409CB98000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2475513133.000002409CBB0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2449660946.000002409CBA6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2481266651.000002409CBA1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2253333167.000002409CBB0000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://e.mail.ru/cgi-bin/sentmsg?mailto=%szw
Source: 000003.log7.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/addressbar_uu_files.en-gb/1.0.2/asset?sv=2017-07-29&sr
Source: 000003.log7.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/arbitration_priority_list/4.0.5/asset?assetgroup=Arbit
Source: 000003.log7.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/arbitration_priority_list/4.0.5/asset?sv=2017-07-29&sr
Source: 000003.log6.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/domains_config_gz/2.8.76/asset?assetgroup=EntityExtrac
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_163_music.png/1.0.3/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_M365_dark.png/1.7.32/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_M365_hc.png/1.7.32/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr, HubApps Icons.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_M365_light.png/1.7.32/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_action_center_hc.png/1.2.1/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_action_center_maximal_dark.png/1.2.1/ass
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr, HubApps Icons.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_action_center_maximal_light.png/1.2.1/as
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_amazon_music_light.png/1.4.13/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_apple_music.png/1.4.12/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_bard_light.png/1.0.1/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_active_dark.png/1.1.17/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_active_dark.png/1.6.8/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_active_light.png/1.1.17/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_active_light.png/1.6.8/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_hc.png/1.1.17/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_hc.png/1.6.8/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_collections_hc.png/1.0.3/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_collections_maximal_dark.png/1.0.3/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_collections_maximal_light.png/1.0.3/asse
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_deezer.png/1.4.12/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_demo_dark.png/1.0.6/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_demo_light.png/1.0.6/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_designer_color.png/1.0.14/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_designer_hc.png/1.0.14/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_edrop_hc.png/1.1.12/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_edrop_maximal_dark.png/1.1.12/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr, HubApps Icons.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_edrop_maximal_light.png/1.1.12/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_etree_hc.png/1.2.0/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_etree_maximal_dark.png/1.2.0/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_etree_maximal_light.png/1.2.0/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_excel.png/1.7.32/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_facebook_messenger.png/1.5.14/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_gaana.png/1.0.3/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_hc.png/1.7.1/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_hc_controller.png/1.7.1/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_hc_joystick.png/1.7.1/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_dark.png/1.7.1/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_dark_controller.png/1.7.1/
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_dark_joystick.png/1.7.1/as
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr, HubApps Icons.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_light.png/1.7.1/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_light_controller.png/1.7.1
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_light_joystick.png/1.7.1/a
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_gmail.png/1.5.4/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_help.png/1.0.0/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_history_hc.png/0.1.3/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_history_maximal_dark.png/0.1.3/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_history_maximal_light.png/0.1.3/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_iHeart.png/1.0.3/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_image_creator_hc.png/1.0.14/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_image_creator_maximal_dark.png/1.0.14/as
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_image_creator_maximal_light.png/1.0.14/a
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_instagram.png/1.4.13/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_ku_gou.png/1.0.3/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_last.png/1.0.3/asset
Source: 000003.log7.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_manifest_gz/4.7.107/asset?assetgroup=Sho
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_maximal_follow_dark.png/1.1.0/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_maximal_follow_hc.png/1.1.0/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_maximal_follow_light.png/1.1.0/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_naver_vibe.png/1.0.3/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_onenote_dark.png/1.4.9/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_onenote_hc.png/1.4.9/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_onenote_light.png/1.4.9/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_outlook_dark.png/1.9.10/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_outlook_hc.png/1.9.10/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr, HubApps Icons.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_outlook_light.png/1.9.10/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_performance_hc.png/1.1.0/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_performance_maximal_dark.png/1.1.0/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_performance_maximal_light.png/1.1.0/asse
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_power_point.png/1.7.32/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_qq.png/1.0.3/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_refresh_dark.png/1.1.12/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_refresh_hc.png/1.1.12/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_refresh_light.png/1.1.12/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_rewards_hc.png/1.1.3/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_rewards_maximal_dark.png/1.1.3/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_rewards_maximal_light.png/1.1.3/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_search_hc.png/1.3.6/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_search_maximal_dark.png/1.3.6/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr, HubApps Icons.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_search_maximal_light.png/1.3.6/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_dark.png/1.1.12/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_dark.png/1.4.0/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_dark.png/1.5.13/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_hc.png/1.1.12/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_hc.png/1.4.0/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_hc.png/1.5.13/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_light.png/1.1.12/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_light.png/1.4.0/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_light.png/1.5.13/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_shopping_hc.png/1.4.0/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_shopping_maximal_dark.png/1.4.0/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr, HubApps Icons.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_shopping_maximal_light.png/1.4.0/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_skype_dark.png/1.3.20/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_skype_hc.png/1.3.20/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_skype_light.png/1.3.20/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_sound_cloud.png/1.0.3/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_spotify.png/1.4.12/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_teams_dark.png/1.2.19/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_teams_hc.png/1.2.19/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_teams_light.png/1.2.19/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_telegram.png/1.0.4/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_theater_hc.png/1.0.5/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_theater_maximal_dark.png/1.0.5/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_theater_maximal_light.png/1.0.5/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_tidal.png/1.0.3/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_tik_tok_light.png/1.0.5/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_toolbox_hc.png/1.5.13/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_toolbox_maximal_dark.png/1.5.13/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr, HubApps Icons.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_toolbox_maximal_light.png/1.5.13/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_twitter_light.png/1.0.9/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_vk.png/1.0.3/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_whats_new.png/1.0.0/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_whatsapp_light.png/1.4.11/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_word.png/1.7.32/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_yandex_music.png/1.0.10/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_youtube.png/1.4.14/asset
Source: 000003.log7.8.dr String found in binary or memory: https://edgeassetservice.azureedge.net/assets/signal_triggers/1.13.3/asset?sv=2017-07-29&sr=c&sig=Nt
Source: firefox.exe, 00000005.00000003.2448411394.000002409D37F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2237059722.000002409D377000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2248605595.000002409CBE0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2448019818.000002409D37F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2898806395.000002409D377000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2814549647.000002409D377000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://email.seznam.cz/newMessageScreen?mailto=%s
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://excel.new?from=EdgeM365Shoreline
Source: firefox.exe, 00000005.00000003.2477823650.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2250178189.00000240A0AE6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2241273572.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2250178189.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://extensionworkshop.com/documentation/publish/self-distribution/
Source: firefox.exe, 00000005.00000003.2289194503.00000240A0AB8000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://extensionworkshop.com/documentation/publish/self-distribution/SelectOptionsLengthAssignmentW
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://firefox-api-proxy.cdn.mozilla.net/
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://firefox-source-docs.mozilla.org/networking/dns/trr-skip-reasons.html#
Source: firefox.exe, 00000005.00000003.2196890631.000002409FFE1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2487525846.000002409FFE1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2250781570.000002409FFE1000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://firefox-source-docs.mozilla.org/performance/scroll-linked_effects.html
Source: firefox.exe, 00000005.00000003.2953161333.000002409916C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2533277445.000002409916C000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://firefox.settings.services.mozilla.com
Source: firefox.exe, 00000005.00000003.2483017787.0000024099DB2000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expe
Source: 14f51c3d-8b0b-4803-b3fa-d58e55ebcdd4.tmp.9.dr String found in binary or memory: https://fonts.gstatic.com
Source: firefox.exe, 00000005.00000003.2249337998.000002409B3DD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2249500185.000002409B38F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2483017787.0000024099DB2000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://fpn.firefox.com
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://fpn.firefox.com/browser?utm_source=firefox-desktop&utm_medium=referral&utm_campaign=about-pr
Source: firefox.exe, 00000005.00000003.2249500185.000002409B38F000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://fpn.firefox.comP4
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://ftp.mozilla.org/pub/labs/devtools/adb-extension/#OS#/adb-extension-latest-#OS#.xpi
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://gaana.com/
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://getpocket.cdn.mozilla.net/
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=$apiKey&locale_lang=
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://getpocket.cdn.mozilla.net/v3/firefox/trending-topics?version=2&consumer_key=$apiKey&locale_l
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://getpocket.cdn.mozilla.net/v3/newtab/layout?version=1&consumer_key=$apiKey&layout_variant=bas
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://getpocket.cdn.mozilla.net/v3/newtab/layout?version=1&consumer_key=40249-e88c401e1b1f2242d9e4
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://getpocket.com/explore/career?utm_source=pocket-newtab
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://getpocket.com/explore/entertainment?utm_source=pocket-newtab
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://getpocket.com/explore/food?utm_source=pocket-newtab
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://getpocket.com/explore/health?utm_source=pocket-newtab
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://getpocket.com/explore/science?utm_source=pocket-newtab
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://getpocket.com/explore/self-improvement?utm_source=pocket-newtab
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://getpocket.com/explore/technology?utm_source=pocket-newtab
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://getpocket.com/explore/trending?src=fx_new_tab
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://getpocket.com/explore?utm_source=pocket-newtab
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://getpocket.com/firefox/new_tab_learn_more
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://getpocket.com/recommendations
Source: firefox.exe, 00000005.00000003.2140776897.000002409CE00000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2142321397.000002409D03D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2144020852.000002409D05F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2140971232.000002409D01C000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://github.com/mozilla-services/screenshots
Source: firefox.exe, 00000005.00000003.2243688333.000002409F947000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://google.com
Source: firefox.exe, 00000005.00000003.2243342334.000002409F9BD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2223393926.000002409F9BD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2488470417.000002409F9BD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2252617341.000002409F9BD000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://google.com/
Source: firefox.exe, 00000005.00000003.2243342334.000002409F9BD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2223393926.000002409F9BD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2488470417.000002409F9BD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2252617341.000002409F9BD000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://google.com/PCi
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://helper1.dap.cloudflareresearch.com/v02
Source: firefox.exe, 00000005.00000002.3337640147.000002408CB0E000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://hg.mozilla.org/releases/mozilla-release/rev/68e4c357d26c5a1f075a1ec0c696d4fe684ed881
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://i.y.qq.com/n2/m/index.html
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://ideas.mozilla.org/
Source: firefox.exe, 00000012.00000002.3334297902.0000018444003000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.5.dr String found in binary or memory: https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4Qqm4p8dfCfm4pbW1pbWfpbW7ReNxR3UIG8zInwYIFIVs9eYi
Source: firefox.exe, 00000005.00000003.2482020426.000002409B3F6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://incoming.telemetry.mozilla.org
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://incoming.telemetry.mozilla.org/submit
Source: firefox.exe, 00000005.00000003.2906809192.000002409D9C0000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://incoming.telemetry.mozilla.org/submit/telemetry/3c7034d6-bc52-43bb-9a23-5da34ee205e0/health/
Source: firefox.exe, 00000005.00000003.2768818965.000002409D90B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2788709822.000002409D90B000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://incoming.telemetry.mozilla.org/submit/telemetry/49409584-9cbe-40a8-9057-948720249a2c/health/
Source: firefox.exe, 00000005.00000003.2906809192.000002409D9C0000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://incoming.telemetry.mozilla.org/submit/telemetry/a83301c6-790b-49f3-adc7-55a855f7fe79/main/Fi
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://install.mozilla.org
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://latest.web.skype.com/?browsername=edge_canary_shoreline
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://location.services.mozilla.com/v1/country?key=%MOZILLA_API_KEY%
Source: firefox.exe, 00000005.00000003.2768928876.000002409B3DD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2449980527.00000240993F0000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://location.services.mozilla.com/v1/country?key=7e40f68c-7938-4c5d-9f95-e61647c213eb
Source: firefox.exe, 00000005.00000003.2287812899.00003F057CA03000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2241273572.00000240A0A59000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://login.live.com
Source: firefox.exe, 00000005.00000003.2287812899.00003F057CA03000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://login.live.comZ
Source: firefox.exe, 00000005.00000003.2241273572.00000240A0A59000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://login.microsoftonline.com
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://m.kugou.com/
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://m.soundcloud.com/
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://m.vk.com/
Source: firefox.exe, 00000005.00000003.2448411394.000002409D37F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2237059722.000002409D377000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2248605595.000002409CBE0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2448019818.000002409D37F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2898806395.000002409D377000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2814549647.000002409D377000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://mail.google.com/mail/?extsrc=mailto&url=%s
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://mail.google.com/mail/mu/mp/266/#tl/Inbox
Source: firefox.exe, 00000005.00000003.2448411394.000002409D37F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2237059722.000002409D377000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2248605595.000002409CBE0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2448019818.000002409D37F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2898806395.000002409D377000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2814549647.000002409D377000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://mail.inbox.lv/compose?to=%s
Source: firefox.exe, 00000005.00000003.2248750417.000002409CB98000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2475513133.000002409CBB0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2449660946.000002409CBA6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2481266651.000002409CBA1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2253333167.000002409CBB0000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://mail.inbox.lv/compose?to=%sv
Source: firefox.exe, 00000005.00000003.2448411394.000002409D37F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2237059722.000002409D377000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2248605595.000002409CBE0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2448019818.000002409D37F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2898806395.000002409D377000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2814549647.000002409D377000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://mail.yahoo.co.jp/compose/?To=%s
Source: firefox.exe, 00000005.00000003.2248750417.000002409CB98000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2475513133.000002409CBB0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2449660946.000002409CBA6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2481266651.000002409CBA1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2253333167.000002409CBB0000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://mail.yahoo.co.jp/compose/?To=%st
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://manifestdeliveryservice.edgebrowser.microsoft-staging-falcon.io/app/page-context-demo
Source: firefox.exe, 00000012.00000002.3329957378.0000018443999000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://merino.services.mozilla.com/api/v1/suggest
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://mitmdetection.services.mozilla.com/
Source: firefox.exe, 00000005.00000003.2483017787.0000024099DB2000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://monitor.firefox.com
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://monitor.firefox.com/?entrypoint=protection_report_monitor&utm_source=about-protections
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://monitor.firefox.com/about
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://monitor.firefox.com/breach-details/
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://monitor.firefox.com/oauth/init?entrypoint=protection_report_monitor&utm_source=about-protect
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://monitor.firefox.com/user/breach-stats?includeResolved=true
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://monitor.firefox.com/user/dashboard
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://monitor.firefox.com/user/preferences
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://mozilla-ohttp-fakespot.fastly-edge.com/
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://mozilla.cloudflare-dns.com/dns-query
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://music.amazon.com
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://music.apple.com
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://music.yandex.com
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://normandy.cdn.mozilla.net/api/v1
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://oauth.accounts.firefox.com/v1
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://open.spotify.com
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://outlook.live.com/calendar/view/agenda/quickcapture/moreDetails?isExtension=true
Source: firefox.exe, 00000005.00000003.2448411394.000002409D37F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2237059722.000002409D377000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2248605595.000002409CBE0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2448019818.000002409D37F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2898806395.000002409D377000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2814549647.000002409D377000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://outlook.live.com/default.aspx?rru=compose&to=%s
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://outlook.live.com/mail/0/
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://outlook.live.com/mail/compose?isExtension=true
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://outlook.live.com/mail/inbox?isExtension=true&sharedHeader=1&nlp=1&client_flight=outlookedge
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://outlook.office.com/calendar/view/agenda/quickcapture/moreDetails?isExtension=true
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://outlook.office.com/mail/0/
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://outlook.office.com/mail/compose?isExtension=true
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://outlook.office.com/mail/inbox?isExtension=true&sharedHeader=1&client_flight=outlookedge
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://play.google.com/store/apps/details?id=org.mozilla.firefox&referrer=utm_source%3Dprotection_r
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://play.google.com/store/apps/details?id=org.mozilla.firefox.vpn&referrer=utm_source%3Dfirefox-
Source: firefox.exe, 00000005.00000003.2448411394.000002409D37F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2237059722.000002409D377000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2248605595.000002409CBE0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2448019818.000002409D37F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2898806395.000002409D377000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2814549647.000002409D377000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://poczta.interia.pl/mh/?mailto=%s
Source: firefox.exe, 00000005.00000003.2248750417.000002409CB98000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2475513133.000002409CBB0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2449660946.000002409CBA6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2481266651.000002409CBA1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2253333167.000002409CBB0000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://poczta.interia.pl/mh/?mailto=%sx
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://powerpoint.new?from=EdgeM365Shoreline
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://prod.ohttp-gateway.prod.webservices.mozgcp.net/ohttp-configs
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://profile.accounts.firefox.com/v1
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://profiler.firefox.com
Source: firefox.exe, 00000005.00000003.2481266651.000002409CBA1000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://profiler.firefox.com/
Source: firefox.exe, 00000005.00000003.2481266651.000002409CBA1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2906846651.000002409D936000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://redirector.gvt1.com
Source: firefox.exe, 00000005.00000003.2481266651.000002409CBA1000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://redirector.gvt1.com/
Source: firefox.exe, 00000005.00000003.2482020426.000002409B3F6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2493584941.000002409B3F0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2482073044.000002409B3F0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2788828406.000002409B3F6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2788868182.000002409B3ED000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2768928876.000002409B3ED000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://redirector.gvt1.com/edgedl/widevine-cdm/4.10.2557.0-linux-x64.zip
Source: firefox.exe, 00000005.00000003.2482020426.000002409B3F6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2493584941.000002409B3F0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2482073044.000002409B3F0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2788828406.000002409B3F6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2788868182.000002409B3ED000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2768928876.000002409B3ED000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://redirector.gvt1.com/edgedl/widevine-cdm/4.10.2557.0-mac-arm64.zip
Source: firefox.exe, 00000005.00000003.2482020426.000002409B3F6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2493584941.000002409B3F0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2482073044.000002409B3F0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2788828406.000002409B3F6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2788868182.000002409B3ED000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2768928876.000002409B3ED000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://redirector.gvt1.com/edgedl/widevine-cdm/4.10.2557.0-mac-x64.zip
Source: firefox.exe, 00000005.00000003.2482020426.000002409B3F6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2493584941.000002409B3F0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2482073044.000002409B3F0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2788828406.000002409B3F6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2788868182.000002409B3ED000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2768928876.000002409B3ED000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://redirector.gvt1.com/edgedl/widevine-cdm/4.10.2557.0-win-arm64.zip
Source: firefox.exe, 00000005.00000003.2476540516.000002409CB2D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2768928876.000002409B3ED000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://redirector.gvt1.com/edgedl/widevine-cdm/4.10.2557.0-win-x64.zip
Source: firefox.exe, 00000005.00000003.2482020426.000002409B3F6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2493584941.000002409B3F0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2482073044.000002409B3F0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2788828406.000002409B3F6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2788868182.000002409B3ED000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2768928876.000002409B3ED000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://redirector.gvt1.com/edgedl/widevine-cdm/4.10.2557.0-win-x86.zip
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://relay.firefox.com/accounts/profile/?utm_medium=firefox-desktop&utm_source=modal&utm_campaign
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://relay.firefox.com/api/v1/
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://safebrowsing.google.com/safebrowsing/diagnostic?site=
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://safebrowsing.google.com/safebrowsing/downloads?client=SAFEBROWSING_ID&appver=%MAJOR_VERSION%
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://safebrowsing.google.com/safebrowsing/gethash?client=SAFEBROWSING_ID&appver=%MAJOR_VERSION%&p
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://safebrowsing.googleapis.com/v4/fullHashes:find?$ct=application/x-protobuf&key=%GOOGLE_SAFEBR
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://safebrowsing.googleapis.com/v4/threatHits?$ct=application/x-protobuf&key=%GOOGLE_SAFEBROWSIN
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://safebrowsing.googleapis.com/v4/threatListUpdates:fetch?$ct=application/x-protobuf&key=%GOOGL
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://sb-ssl.google.com/safebrowsing/clientreport/download?key=%GOOGLE_SAFEBROWSING_API_KEY%
Source: firefox.exe, 00000005.00000003.2483017787.0000024099DB2000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://screenshots.firefox.com
Source: firefox.exe, 00000005.00000003.2140971232.000002409D01C000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://screenshots.firefox.com/
Source: firefox.exe, 00000005.00000003.2789264579.00000240993F0000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://services.addons.mozilla.org
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://services.addons.mozilla.org/api/v4/abuse/report/addon/
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://services.addons.mozilla.org/api/v4/addons/addon/
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://services.addons.mozilla.org/api/v4/addons/language-tools/?app=firefox&type=language&appversi
Source: firefox.exe, 00000005.00000003.2450075349.000002409DE33000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://services.addons.mozilla.org/api/v4/addons/search/?guid=%IDS%&lang=%LOCALE%
Source: firefox.exe, 00000005.00000003.2450075349.000002409DE33000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://services.addons.mozilla.org/api/v4/addons/search/?guid=%IDS%&lang=%LOCALE%file:///C:/Program
Source: firefox.exe, 00000005.00000003.2531900347.0000024099DC5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2482329845.0000024099DC5000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://services.addons.mozilla.org/api/v4/addons/search/?guid=default-theme%40mozilla.org%2Caddons-
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://services.addons.mozilla.org/api/v4/discovery/?lang=%LOCALE%&edition=%DISTRIBUTION%
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://services.addons.mozilla.org/api/v5/addons/browser-mappings/?browser=%BROWSER%
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://shavar.services.mozilla.com/downloads?client=SAFEBROWSING_ID&appver=%MAJOR_VERSION%&pver=2.2
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://shavar.services.mozilla.com/gethash?client=SAFEBROWSING_ID&appver=%MAJOR_VERSION%&pver=2.2
Source: firefox.exe, 00000005.00000003.2768528442.000002409DCD0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2244647347.000002409DCCE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2480877202.000002409DCCE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2246835045.000002409DCCE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2475190021.000002409DCD0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2788279722.000002409DCD0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2491387252.000002409DCD0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2290635640.000002409DCD0000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://smartblock.firefox.etp/facebook.svg
Source: firefox.exe, 00000005.00000003.2768528442.000002409DCD0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2244647347.000002409DCCE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2480877202.000002409DCCE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2246835045.000002409DCCE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2475190021.000002409DCD0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2788279722.000002409DCD0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2491387252.000002409DCD0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2290635640.000002409DCD0000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://smartblock.firefox.etp/play.svg
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://snippets.cdn.mozilla.net/%STARTPAGE_VERSION%/%NAME%/%VERSION%/%APPBUILDID%/%BUILD_TARGET%/%L
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://spocs.getpocket.com/
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://spocs.getpocket.com/spocs
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://spocs.getpocket.com/user
Source: firefox.exe, 00000005.00000003.2243897678.000002409DDF5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2490394108.000002409DDF5000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://static.adsafeprotected.com/firefox-etp-js
Source: firefox.exe, 00000005.00000003.2490394108.000002409DD3F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2490394108.000002409DD83000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2243897678.000002409DDF5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2243897678.000002409DD3F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2490394108.000002409DDF5000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://static.adsafeprotected.com/firefox-etp-pixel
Source: firefox.exe, 00000005.00000003.2249500185.000002409B38F000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://support.mozilla.org
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/cross-site-tracking-report
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/cryptominers-report
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/fingerprinters-report
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/firefox-relay-integration
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/password-manager-report
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/search-engine-removal
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/send-tab
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/shield
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/social-media-tracking-report
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/tracking-content-report
Source: firefox.exe, 00000005.00000003.2767901965.000002409FBCA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2474871935.000002409FBCA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2169985603.000002409FBCA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2243307554.000002409FBCA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2787062774.000002409FBCA000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://support.mozilla.org/1/firefox/118.0.1/WINNT/en-US/
Source: firefox.exe, 00000005.00000003.2532492262.00000240993F0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2906809192.000002409D9C0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2789264579.00000240993F0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2492675453.000002409CEB9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2492124474.000002409D809000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://support.mozilla.org/kb/captive-portal
Source: firefox.exe, 00000005.00000003.2250178189.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://support.mozilla.org/kb/fix-video-audio-problems-firefox-windows
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://tidal.com/
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://token.services.mozilla.com/1.0/sync/1.5
Source: firefox.exe, 00000005.00000003.2250178189.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://tools.ietf.org/html/draft-ietf-httpbis-encryption-encoding-02#section-2
Source: firefox.exe, 00000005.00000003.2250178189.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://tools.ietf.org/html/draft-ietf-httpbis-encryption-encoding-02#section-3.1
Source: firefox.exe, 00000005.00000003.2250178189.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://tools.ietf.org/html/draft-ietf-httpbis-encryption-encoding-02#section-4
Source: firefox.exe, 00000005.00000003.2250178189.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://tools.ietf.org/html/rfc7515#appendix-C)
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://topsites.services.mozilla.com/cid/
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://tracking-protection-issues.herokuapp.com/new
Source: firefox.exe, 00000005.00000003.2249500185.000002409B38F000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://truecolors.firefox.com
Source: firefox.exe, 00000005.00000003.2476182627.000002409CB4B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2951636377.000002409CB7D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2291354489.000002409CB7D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2788760828.000002409CB7D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2481620846.000002409CB2D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2248750417.000002409CB78000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmp, 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://twitter.com/
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://versioncheck-bg.addons.mozilla.org/update/VersionCheck.php?reqVersion=%REQ_VERSION%&id=%ITEM
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://versioncheck.addons.mozilla.org/update/VersionCheck.php?reqVersion=%REQ_VERSION%&id=%ITEM_ID
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://vibe.naver.com/today
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://vpn.mozilla.org/?utm_source=firefox-browser&utm_medium=firefox-%CHANNEL%-browser&utm_campaig
Source: firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://vpn.mozilla.org/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_campaign=about-pr
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://web.skype.com/?browsername=edge_canary_shoreline
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://web.skype.com/?browsername=edge_stable_shoreline
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://web.telegram.org/
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://web.whatsapp.com
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://webcompat.com/issues/new
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://webextensions.settings.services.mozilla.com/v1
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://word.new?from=EdgeM365Shoreline
Source: firefox.exe, 00000005.00000003.2789533288.00000240991B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000B.00000002.3330835195.000002071B4CA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3334297902.0000018444003000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.5.dr String found in binary or memory: https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_35787f1071928bc3a1aef90b79c9bee9c64ba6683fde7477
Source: firefox.exe, 00000005.00000003.2140776897.000002409CE00000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2768528442.000002409DCD0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2142321397.000002409D03D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2244647347.000002409DCCE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2144393504.000002409D080000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2144020852.000002409D05F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2480877202.000002409DCCE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2246835045.000002409DCCE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2475190021.000002409DCD0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2788279722.000002409DCD0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2491387252.000002409DCD0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2140971232.000002409D01C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2290635640.000002409DCD0000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://www.amazon.com/exec/obidos/external-search/
Source: firefox.exe, 00000005.00000003.2789533288.00000240991B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000B.00000002.3330835195.000002071B4CA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3334297902.0000018444003000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.5.dr String found in binary or memory: https://www.bestbuy.com/site/electronics/top-deals/pcmcat1563299784494.c/?id=pcmcat1563299784494&ref
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://www.deezer.com/
Source: firefox.exe, 00000005.00000003.2496055924.000002409E800000.00000004.00000800.00020000.00000000.sdmp, gmpopenh264.dll.tmp.5.dr String found in binary or memory: https://www.digicert.com/CPS0
Source: content_new.js.8.dr, content.js.8.dr String found in binary or memory: https://www.google.com/chrome
Source: firefox.exe, 00000005.00000003.2140776897.000002409CE00000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2142321397.000002409D03D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2144393504.000002409D080000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2144020852.000002409D05F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2140971232.000002409D01C000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://www.google.com/complete/search?client=firefox&q=
Source: firefox.exe, 00000005.00000003.2140776897.000002409CE00000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2768528442.000002409DCD0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2142321397.000002409D03D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2244647347.000002409DCCE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2144393504.000002409D080000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2144020852.000002409D05F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2480877202.000002409DCCE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2246835045.000002409DCCE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2475190021.000002409DCD0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2788279722.000002409DCD0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2491387252.000002409DCD0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2140971232.000002409D01C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2290635640.000002409DCD0000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://www.google.com/search
Source: 14f51c3d-8b0b-4803-b3fa-d58e55ebcdd4.tmp.9.dr String found in binary or memory: https://www.googleapis.com
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://www.googleapis.com/geolocation/v1/geolocate?key=%GOOGLE_LOCATION_SERVICE_API_KEY%
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://www.iheart.com/podcast/
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://www.instagram.com
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://www.last.fm/
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://www.messenger.com
Source: firefox.exe, 00000005.00000002.3327280611.000000A80677C000.00000004.00000010.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2249500185.000002409B38F000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://www.mozilla.org
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://www.mozilla.org/%LOCALE%/about/legal/terms/subscription-services/
Source: firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/%VERSION%/releasenotes/?utm_source=firefox-browser&utm_medi
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/%VERSION%/tour/
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/geolocation/
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/new?reason=manual-update
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/notes
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/set-as-default/thanks/
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/xr/
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://www.mozilla.org/%LOCALE%/privacy/subscription-services/
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://www.mozilla.org/firefox/android/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_c
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://www.mozilla.org/firefox/ios/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_campa
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://www.mozilla.org/legal/privacy/firefox.html
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://www.mozilla.org/legal/privacy/firefox.html#crash-reporter
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://www.mozilla.org/legal/privacy/firefox.html#health-report
Source: firefox.exe, 00000005.00000003.2292775986.000002409915F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2953161333.000002409915F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2533277445.0000024099159000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000B.00000002.3330835195.000002071B4CA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3329957378.0000018443999000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://www.mozilla.org/privacy/firefox/
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://www.mozilla.org/privacy/firefox/#suggest-relevant-content
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmp String found in binary or memory: https://www.mozilla.org/privacy/firefox/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_c
Source: firefox.exe, 00000005.00000003.2292775986.000002409915F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2953161333.000002409915F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2533277445.0000024099159000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://www.mozilla.org/privacy/firefox/J
Source: firefox.exe, 00000005.00000002.3327280611.000000A80677C000.00000004.00000010.00020000.00000000.sdmp String found in binary or memory: https://www.mozilla.orgo
Source: firefox.exe, 00000005.00000003.2287812899.00003F057CA03000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2247820800.000002409D9A3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2241273572.00000240A0A59000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://www.msn.com
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://www.msn.com/widgets/fullpage/cgSideBar/widget?experiences=CasualGamesHub&sharedHeader=1
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://www.msn.com/widgets/fullpage/cgSideBar/widget?experiences=CasualGamesHub&sharedHeader=1&game
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://www.msn.com/widgets/fullpage/cgSideBar/widget?experiences=CasualGamesHub&sharedHeader=1&item
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://www.msn.com/widgets/fullpage/gaming/widget?experiences=CasualGamesHub&sharedHeader=1
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://www.msn.com/widgets/fullpage/gaming/widget?experiences=CasualGamesHub&sharedHeader=1&item=fl
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://www.msn.com/widgets/fullpage/gaming/widget?experiences=CasualGamesHub&sharedHeader=1&playInS
Source: firefox.exe, 00000005.00000003.2287812899.00003F057CA03000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://www.msn.comZ
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://www.office.com
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://www.officeplus.cn/?sid=shoreline&endpoint=OPPC&source=OPCNshoreline
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://www.onenote.com/stickynotes?isEdgeHub=true
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://www.onenote.com/stickynotes?isEdgeHub=true&auth=1
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://www.onenote.com/stickynotes?isEdgeHub=true&auth=2
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://www.onenote.com/stickynotesstaging?isEdgeHub=true
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://www.onenote.com/stickynotesstaging?isEdgeHub=true&auth=1
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://www.onenote.com/stickynotesstaging?isEdgeHub=true&auth=2
Source: firefox.exe, 00000005.00000003.2789413242.00000240993C6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2952549951.00000240993C6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2532628861.00000240993D8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2292130151.00000240993D8000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://www.openh264.org/
Source: firefox.exe, 00000005.00000003.2476182627.000002409CB4B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2951636377.000002409CB7D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2291354489.000002409CB7D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2788760828.000002409CB7D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2481620846.000002409CB2D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2248750417.000002409CB78000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://www.reddit.com/
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://www.tiktok.com/
Source: firefox.exe, 00000005.00000003.2287812899.00003F057CA03000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://www.tsn.ca
Source: firefox.exe, 00000005.00000003.2287812899.00003F057CA03000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://www.tsn.caZ
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://www.youtube.com
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://www.youtube.com/
Source: firefox.exe, 00000005.00000003.2477823650.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2250178189.00000240A0AE6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2241273572.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2250178189.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://xhr.spec.whatwg.org/#sync-warning
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr String found in binary or memory: https://y.music.163.com/m/
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49784