Firefox Downloads
Overview
Section titled “Overview”Evidence: Firefox Downloads
Description: Collect Firefox Downloads
Category: Applications
Platform: linux
Short Name: fdwnlds
Is Parsed: Yes
Sent to Investigation Hub: Yes
Collect File(s): No
Background
Section titled “Background”Browser download history records files downloaded by users, including file paths, timestamps, URLs, referrer information, and download status. This data is essential for tracking file acquisition, identifying potentially malicious downloads, and reconstructing user activity timelines.
Data Collected
Section titled “Data Collected”This collector gathers structured data about firefox downloads.
Firefox Downloads Data
Section titled “Firefox Downloads Data”| Field | Description | Example |
|---|---|---|
UserName | User Name | Example value |
Browser | Browser | Example value |
ProfileName | Profile Name | Example value |
URL | URL | Example value |
TargetPath | Target Path | Example value |
CurrentPath | Current Path | Example value |
Referrer | Referrer | Example value |
LastModified | Last Modified | 2023-10-15 14:30:25+03:00 |
DangerType | Danger Type | 123 |
Opened | Opened | 123 |
TabURL | Tab URL | Example value |
TabReferrerURL | Tab Referrer URL | Example value |
StartTime | Start Time | 2023-10-15 14:30:25+03:00 |
EndTime | End Time | 2023-10-15 14:30:25+03:00 |
HistoryFilePath | History File Path | Example value |
Collection Method
Section titled “Collection Method”This collector queries the browser’s History database to extract download records, including file paths, download times, source URLs, and security flags.
Forensic Value
Section titled “Forensic Value”Download history reveals malware delivery vectors, data exfiltration attempts, unauthorized software installation, and user interaction with suspicious websites. Analysts can identify downloaded malicious files, track attack chains, and correlate downloads with other security events.