Windows Analysis Report
4114122C0DCA23F637D83EED33F9ABCDC92709E2AC6F63FFD55F5AAE519B58AB.zip

Overview

General Information

Sample name: 4114122C0DCA23F637D83EED33F9ABCDC92709E2AC6F63FFD55F5AAE519B58AB.zip
Analysis ID: 1606859
MD5: 6ab69261fe2957eaefb0b40e4a89bad1
SHA1: 4e7762f7078072be36bce1806a0e0b231ce2aca2
SHA256: 41f1adc8f9b480f66c777cea071489f6f6a9d02906e7f320ec77a45cfadb8ec2
Infos:

Detection

Score: 48
Range: 0 - 100
Confidence: 100%

Signatures

Multi AV Scanner detection for dropped file
Connects to many different domains
Creates a process in suspended mode (likely to inject code)
Drops PE files
Drops files with a non-matching file extension (content does not match file extension)
Queries the volume information (name, serial number etc) of a device

Classification

AV Detection

barindex
Source: C:\Users\user\Downloads\hsI-t-r7.part ReversingLabs: Detection: 30%
Source: C:\Users\user\Downloads\hsI-t-r7.part Virustotal: Detection: 23% Perma Link
Source: unknown HTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.16:49717 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.160.144.191:443 -> 192.168.2.16:49720 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.160.144.191:443 -> 192.168.2.16:49721 version: TLS 1.2
Source: unknown HTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.16:49730 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.16:49733 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.16:49735 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.16:49738 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.16:49739 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.16:49737 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.16:49744 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.16:49748 version: TLS 1.2
Source: unknown HTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.16:49749 version: TLS 1.2
Source: unknown HTTPS traffic detected: 151.101.129.91:443 -> 192.168.2.16:49750 version: TLS 1.2
Source: unknown HTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.16:49753 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.16:49752 version: TLS 1.2
Source: unknown HTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.16:49755 version: TLS 1.2
Source: unknown HTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.16:49754 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.16:49756 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.16:49763 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.16:49766 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.16:49765 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.16:49768 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.16:49770 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.16:49769 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.16:49767 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.16:49772 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.16:49771 version: TLS 1.2
Source: firefox.exe Memory has grown: Private usage: 1MB later: 286MB
Source: unknown Network traffic detected: DNS query count 45
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global traffic HTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global traffic HTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global traffic HTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global traffic HTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global traffic HTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global traffic HTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global traffic HTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global traffic HTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global traffic HTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global traffic HTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global traffic HTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global traffic HTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global traffic HTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global traffic HTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global traffic HTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global traffic HTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global traffic HTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global traffic HTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global traffic HTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global traffic HTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global traffic HTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global traffic HTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global traffic HTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global traffic HTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global traffic HTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global traffic HTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global traffic HTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global traffic HTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global traffic HTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global traffic HTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global traffic HTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global traffic HTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global traffic HTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global traffic HTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global traffic HTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global traffic HTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global traffic HTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global traffic HTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global traffic HTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global traffic HTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global traffic HTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global traffic HTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global traffic HTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global traffic HTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global traffic HTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global traffic HTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global traffic HTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global traffic HTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global traffic HTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global traffic HTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global traffic HTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global traffic HTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global traffic HTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global traffic HTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global traffic HTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global traffic HTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global traffic HTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global traffic HTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global traffic HTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global traffic HTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global traffic HTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global traffic HTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global traffic HTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global traffic HTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global traffic HTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global traffic HTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global traffic HTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global traffic HTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global traffic DNS traffic detected: DNS query: prod.classify-client.prod.webservices.mozgcp.net
Source: global traffic DNS traffic detected: DNS query: detectportal.firefox.com
Source: global traffic DNS traffic detected: DNS query: prod.detectportal.prod.cloudops.mozgcp.net
Source: global traffic DNS traffic detected: DNS query: example.org
Source: global traffic DNS traffic detected: DNS query: ipv4only.arpa
Source: global traffic DNS traffic detected: DNS query: contile.services.mozilla.com
Source: global traffic DNS traffic detected: DNS query: spocs.getpocket.com
Source: global traffic DNS traffic detected: DNS query: prod.ads.prod.webservices.mozgcp.net
Source: global traffic DNS traffic detected: DNS query: prod.balrog.prod.cloudops.mozgcp.net
Source: global traffic DNS traffic detected: DNS query: content-signature-2.cdn.mozilla.net
Source: global traffic DNS traffic detected: DNS query: prod.content-signature-chains.prod.webservices.mozgcp.net
Source: global traffic DNS traffic detected: DNS query: shavar.services.mozilla.com
Source: global traffic DNS traffic detected: DNS query: shavar.prod.mozaws.net
Source: global traffic DNS traffic detected: DNS query: push.services.mozilla.com
Source: global traffic DNS traffic detected: DNS query: telemetry-incoming.r53-2.services.mozilla.com
Source: global traffic DNS traffic detected: DNS query: firefox.settings.services.mozilla.com
Source: global traffic DNS traffic detected: DNS query: prod.remote-settings.prod.webservices.mozgcp.net
Source: global traffic DNS traffic detected: DNS query: www.wikipedia.org
Source: global traffic DNS traffic detected: DNS query: www.facebook.com
Source: global traffic DNS traffic detected: DNS query: www.youtube.com
Source: global traffic DNS traffic detected: DNS query: dyna.wikimedia.org
Source: global traffic DNS traffic detected: DNS query: youtube-ui.l.google.com
Source: global traffic DNS traffic detected: DNS query: star-mini.c10r.facebook.com
Source: global traffic DNS traffic detected: DNS query: www.reddit.com
Source: global traffic DNS traffic detected: DNS query: twitter.com
Source: global traffic DNS traffic detected: DNS query: dualstack.reddit.map.fastly.net
Source: global traffic DNS traffic detected: DNS query: www.google.com
Source: global traffic DNS traffic detected: DNS query: services.addons.mozilla.org
Source: global traffic DNS traffic detected: DNS query: normandy.cdn.mozilla.net
Source: global traffic DNS traffic detected: DNS query: a19.dscg10.akamai.net
Source: global traffic DNS traffic detected: DNS query: normandy.tombstone.experimenter.prod.webservices.mozgcp.net
Source: global traffic DNS traffic detected: DNS query: support.mozilla.org
Source: global traffic DNS traffic detected: DNS query: us-west1.prod.sumo.prod.webservices.mozgcp.net
Source: global traffic DNS traffic detected: DNS query: o.pki.goog
Source: global traffic DNS traffic detected: DNS query: pki-goog.l.google.com
Source: global traffic DNS traffic detected: DNS query: id.google.com
Source: global traffic DNS traffic detected: DNS query: csp.withgoogle.com
Source: global traffic DNS traffic detected: DNS query: wavebrowser.co
Source: global traffic DNS traffic detected: DNS query: use.typekit.net
Source: global traffic DNS traffic detected: DNS query: api.wavebrowser.co
Source: global traffic DNS traffic detected: DNS query: p.typekit.net
Source: global traffic DNS traffic detected: DNS query: a1988.dscg1.akamai.net
Source: global traffic DNS traffic detected: DNS query: a1874.dscg1.akamai.net
Source: global traffic DNS traffic detected: DNS query: api.wavebrowserbase.com
Source: global traffic DNS traffic detected: DNS query: app.termly.io
Source: unknown HTTP traffic detected: POST /we2 HTTP/1.1Host: o.pki.googUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateContent-Type: application/ocsp-requestContent-Length: 84Connection: keep-alivePragma: no-cacheCache-Control: no-cacheData Raw: 30 52 30 50 30 4e 30 4c 30 4a 30 09 06 05 2b 0e 03 02 1a 05 00 04 14 ee 30 9c 40 4f 6b 6b 62 56 b4 8e 26 bf e4 45 12 98 ba e4 dd 04 14 75 be c4 77 ae 89 f6 44 37 7d cf b1 68 1f 1d 1a eb dc 34 59 02 11 00 9b f0 f7 63 41 e4 3c 96 10 a4 e6 5f 5e 9e 21 6a Data Ascii: 0R0P0N0L0J0+0@OkkbV&EuwD7}h4YcA<_^!j
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49865
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49864
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49863
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49862
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49861
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49860
Source: unknown Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49875 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49852 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49859
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49858
Source: unknown Network traffic detected: HTTP traffic on port 49881 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49857
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49856
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49855
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49854
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49852
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49858 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49893 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49847
Source: unknown Network traffic detected: HTTP traffic on port 49886 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown Network traffic detected: HTTP traffic on port 49869 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49843
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49841
Source: unknown Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49840
Source: unknown Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49892 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49837
Source: unknown Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49836
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown Network traffic detected: HTTP traffic on port 49887 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49864 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49870 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49853 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown Network traffic detected: HTTP traffic on port 49836 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49868 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49885 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown Network traffic detected: HTTP traffic on port 49862 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49893
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49892
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49891
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49890
Source: unknown Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49879 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49889
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49888
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49887
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49886
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49885
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown Network traffic detected: HTTP traffic on port 49863 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49884
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49883
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49882
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49881
Source: unknown Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49880
Source: unknown Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49857 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49879
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49878
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49877
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49876
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49875
Source: unknown Network traffic detected: HTTP traffic on port 49891 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49874
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49873
Source: unknown Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49872
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49871
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49870
Source: unknown Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49874 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49880 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown Network traffic detected: HTTP traffic on port 49846 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49869
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49868
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49867
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49866
Source: unknown Network traffic detected: HTTP traffic on port 49890 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49878 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49889 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49866 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49872 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49855 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49861 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49844 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49873 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown Network traffic detected: HTTP traffic on port 49856 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49884 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49867 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown Network traffic detected: HTTP traffic on port 49865 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown Network traffic detected: HTTP traffic on port 49842 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49871 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49833 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49876 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49882 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49877 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49854 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49860 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49883 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49843 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49832 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49888 -> 443
Source: unknown HTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.16:49717 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.160.144.191:443 -> 192.168.2.16:49720 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.160.144.191:443 -> 192.168.2.16:49721 version: TLS 1.2
Source: unknown HTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.16:49730 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.16:49733 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.16:49735 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.16:49738 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.16:49739 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.16:49737 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.16:49744 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.16:49748 version: TLS 1.2
Source: unknown HTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.16:49749 version: TLS 1.2
Source: unknown HTTPS traffic detected: 151.101.129.91:443 -> 192.168.2.16:49750 version: TLS 1.2
Source: unknown HTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.16:49753 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.16:49752 version: TLS 1.2
Source: unknown HTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.16:49755 version: TLS 1.2
Source: unknown HTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.16:49754 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.16:49756 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.16:49763 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.16:49766 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.16:49765 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.16:49768 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.16:49770 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.16:49769 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.16:49767 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.16:49772 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.16:49771 version: TLS 1.2
Source: classification engine Classification label: mal48.winZIP@21/42@105/203
Source: C:\Program Files\Mozilla Firefox\firefox.exe File created: C:\Users\user\AppData\Local\Mozilla\Firefox\SkeletonUILock-c388d246
Source: C:\Windows\System32\OpenWith.exe Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7148:120:WilError_03
Source: C:\Program Files\Mozilla Firefox\firefox.exe File created: C:\Users\user\AppData\Local\Temp\firefox
Source: C:\Windows\System32\OpenWith.exe File read: C:\Users\desktop.ini
Source: C:\Windows\System32\rundll32.exe Key opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers
Source: unknown Process created: C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
Source: unknown Process created: C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
Source: unknown Process created: C:\Windows\System32\OpenWith.exe C:\Windows\system32\OpenWith.exe -Embedding
Source: C:\Windows\System32\OpenWith.exe Process created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "C:\Users\user\AppData\Local\Temp\Temp1_4114122C0DCA23F637D83EED33F9ABCDC92709E2AC6F63FFD55F5AAE519B58AB.zip\4114122C0DCA23F637D83EED33F9ABCDC92709E2AC6F63FFD55F5AAE519B58AB"
Source: C:\Program Files\Mozilla Firefox\firefox.exe Process created: C:\Program Files\Mozilla Firefox\firefox.exe
Source: C:\Program Files\Mozilla Firefox\firefox.exe Process created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2292 -parentBuildID 20230927232528 -prefsHandle 2236 -prefMapHandle 2220 -prefsLen 25250 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {15460761-7f89-454d-8624-7e87d18afb80} 6688 "\\.\pipe\gecko-crash-server-pipe.6688" 23ff6c71310 socket
Source: C:\Program Files\Mozilla Firefox\firefox.exe Process created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3804 -parentBuildID 20230927232528 -prefsHandle 3796 -prefMapHandle 3792 -prefsLen 26099 -prefMapSize 237879 -appDir "C:\Program Files\Mozilla Firefox\browser" - {bb7a99de-111a-4f1a-b11a-279fd710bf5e} 6688 "\\.\pipe\gecko-crash-server-pipe.6688" 23f844f8a10 rdd
Source: C:\Windows\System32\OpenWith.exe Process created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "C:\Users\user\AppData\Local\Temp\Temp1_4114122C0DCA23F637D83EED33F9ABCDC92709E2AC6F63FFD55F5AAE519B58AB.zip\4114122C0DCA23F637D83EED33F9ABCDC92709E2AC6F63FFD55F5AAE519B58AB"
Source: C:\Program Files\Mozilla Firefox\firefox.exe Process created: C:\Program Files\Mozilla Firefox\firefox.exe
Source: C:\Program Files\Mozilla Firefox\firefox.exe Process created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2292 -parentBuildID 20230927232528 -prefsHandle 2236 -prefMapHandle 2220 -prefsLen 25250 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {15460761-7f89-454d-8624-7e87d18afb80} 6688 "\\.\pipe\gecko-crash-server-pipe.6688" 23ff6c71310 socket
Source: C:\Program Files\Mozilla Firefox\firefox.exe Process created: unknown unknown
Source: C:\Program Files\Mozilla Firefox\firefox.exe Process created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3804 -parentBuildID 20230927232528 -prefsHandle 3796 -prefMapHandle 3792 -prefsLen 26099 -prefMapSize 237879 -appDir "C:\Program Files\Mozilla Firefox\browser" - {bb7a99de-111a-4f1a-b11a-279fd710bf5e} 6688 "\\.\pipe\gecko-crash-server-pipe.6688" 23f844f8a10 rdd
Source: C:\Program Files\Mozilla Firefox\firefox.exe Process created: unknown unknown
Source: C:\Program Files\Mozilla Firefox\firefox.exe Process created: unknown unknown
Source: C:\Program Files\Mozilla Firefox\firefox.exe Process created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5528 -parentBuildID 20230927232528 -sandboxingKind 0 -prefsHandle 5580 -prefMapHandle 5584 -prefsLen 33172 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3590b89d-6eb2-406f-a54a-f628857fb203} 6688 "\\.\pipe\gecko-crash-server-pipe.6688" 23f8eaea910 utility
Source: C:\Program Files\Mozilla Firefox\firefox.exe Process created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5528 -parentBuildID 20230927232528 -sandboxingKind 0 -prefsHandle 5580 -prefMapHandle 5584 -prefsLen 33172 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3590b89d-6eb2-406f-a54a-f628857fb203} 6688 "\\.\pipe\gecko-crash-server-pipe.6688" 23f8eaea910 utility
Source: C:\Program Files\Mozilla Firefox\firefox.exe Process created: unknown unknown
Source: C:\Program Files\Mozilla Firefox\firefox.exe Process created: unknown unknown
Source: C:\Program Files\Mozilla Firefox\firefox.exe Process created: unknown unknown
Source: C:\Program Files\Mozilla Firefox\firefox.exe Process created: unknown unknown
Source: C:\Program Files\Mozilla Firefox\firefox.exe Process created: unknown unknown
Source: C:\Program Files\Mozilla Firefox\firefox.exe Process created: unknown unknown
Source: C:\Windows\System32\OpenWith.exe Section loaded: kernel.appcore.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: uxtheme.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: onecoreuapcommonproxystub.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: windows.storage.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: wldp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: twinui.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: wintypes.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: powrprof.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: dwmapi.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: pdh.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: umpdc.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: onecorecommonproxystub.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: actxprxy.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: propsys.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: profapi.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: windows.staterepositoryps.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: windows.ui.appdefaults.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: windows.ui.immersive.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: ntmarta.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: uiautomationcore.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: dui70.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: duser.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: dwrite.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: bcp47mrm.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: uianimation.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d11.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: dxgi.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: resourcepolicyclient.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: oleacc.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: edputil.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: windows.ui.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: windowmanagementapi.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: textinputframework.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: inputhost.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: twinapi.appcore.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: coremessaging.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: twinapi.appcore.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: coremessaging.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: coreuicomponents.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: coreuicomponents.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: coremessaging.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: windowscodecs.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: thumbcache.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: policymanager.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: msvcp110_win.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: sxs.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: directmanipulation.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: textshaping.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: urlmon.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: iertutil.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: srvcli.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: netutils.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: sspicli.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: appresolver.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: bcp47langs.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: slc.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: userenv.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: sppc.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: pcacli.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: mpr.dll
Source: C:\Windows\System32\OpenWith.exe Section loaded: sfc_os.dll
Source: C:\Windows\System32\OpenWith.exe Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\InProcServer32
Source: Window Recorder Window detected: More than 3 window changes detected
Source: C:\Program Files\Mozilla Firefox\firefox.exe File created: C:\Users\user\Downloads\hsI-t-r7.part Jump to dropped file
Source: C:\Program Files\Mozilla Firefox\firefox.exe File created: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll.tmp Jump to dropped file
Source: C:\Program Files\Mozilla Firefox\firefox.exe File created: C:\Users\user\Downloads\hsI-t-r7.part Jump to dropped file
Source: C:\Windows\System32\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\OpenWith.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\OpenWith.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\OpenWith.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\OpenWith.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\OpenWith.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\OpenWith.exe Process created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "C:\Users\user\AppData\Local\Temp\Temp1_4114122C0DCA23F637D83EED33F9ABCDC92709E2AC6F63FFD55F5AAE519B58AB.zip\4114122C0DCA23F637D83EED33F9ABCDC92709E2AC6F63FFD55F5AAE519B58AB"
Source: C:\Windows\System32\OpenWith.exe Queries volume information: C:\Windows\Fonts\segoeui.ttf VolumeInformation
Source: C:\Windows\System32\OpenWith.exe Queries volume information: C:\Windows\Fonts\seguisb.ttf VolumeInformation
Source: C:\Windows\System32\OpenWith.exe Queries volume information: C:\Windows\Fonts\seguisym.ttf VolumeInformation
Source: C:\Windows\System32\OpenWith.exe Queries volume information: C:\Windows\Fonts\seguisym.ttf VolumeInformation