Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://ecouterrepondeurvocal.pro/35-hnJZib

Overview

General Information

Sample URL:https://ecouterrepondeurvocal.pro/35-hnJZib
Analysis ID:1426567

Detection

Score:48
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Multi AV Scanner detection for domain / URL
Creates a process in suspended mode (likely to inject code)
May sleep (evasive loops) to hinder dynamic analysis
Queries the volume information (name, serial number etc) of a device
Stores files to the Windows start menu directory

Classification

Process Tree

  • System is w10x64_ra
  • chrome.exe (PID: 4992 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://ecouterrepondeurvocal.pro/35-hnJZib MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 6252 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2212 --field-trial-handle=1916,i,14184590075913143465,5547467704499224158,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • OpenWith.exe (PID: 3228 cmdline: C:\Windows\system32\OpenWith.exe -Embedding MD5: E4A834784FA08C17D47A1E72429C5109)
    • msedge.exe (PID: 3268 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument tel:0895083829 MD5: 69222B8101B0601CC6663F8381E7E00F)
      • msedge.exe (PID: 3484 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2232 --field-trial-handle=1796,i,15325391256058872953,15750776415804555094,262144 /prefetch:3 MD5: 69222B8101B0601CC6663F8381E7E00F)
  • msedge.exe (PID: 7000 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate --single-argument tel:0895083829 MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 6516 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2248 --field-trial-handle=1980,i,5134124990743793995,14467359437152217128,262144 /prefetch:3 MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 6728 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=5100 --field-trial-handle=1980,i,5134124990743793995,14467359437152217128,262144 /prefetch:8 MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 2204 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=6832 --field-trial-handle=1980,i,5134124990743793995,14467359437152217128,262144 /prefetch:8 MD5: 69222B8101B0601CC6663F8381E7E00F)
  • OpenWith.exe (PID: 7468 cmdline: C:\Windows\system32\OpenWith.exe -Embedding MD5: E4A834784FA08C17D47A1E72429C5109)
    • chrome.exe (PID: 1660 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument tel:0895083829 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
      • chrome.exe (PID: 7800 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2148 --field-trial-handle=1956,i,12109073706536864834,4435517575057208521,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Snort Signatures

No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Multi AV Scanner detection for domain / URL
Source: ecouterepondeurvocal.proVirustotal: Detection: 8%Perma Link
Source: unknownHTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.16:49711 version: TLS 1.2
Source: unknownHTTPS traffic detected: 40.126.28.11:443 -> 192.168.2.16:49726 version: TLS 1.2
Source: unknownHTTPS traffic detected: 40.126.28.11:443 -> 192.168.2.16:49741 version: TLS 1.2
Source: chrome.exeMemory has grown: Private usage: 22MB later: 28MB
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownTCP traffic detected without corresponding DNS query: 23.45.13.176
Source: unknownTCP traffic detected without corresponding DNS query: 23.45.13.176
Source: unknownTCP traffic detected without corresponding DNS query: 23.45.13.176
Source: unknownTCP traffic detected without corresponding DNS query: 23.45.13.176
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 40.126.28.11
Source: unknownTCP traffic detected without corresponding DNS query: 40.126.28.11
Source: unknownTCP traffic detected without corresponding DNS query: 40.126.28.11
Source: unknownTCP traffic detected without corresponding DNS query: 40.126.28.11
Source: unknownTCP traffic detected without corresponding DNS query: 40.126.28.11
Source: unknownTCP traffic detected without corresponding DNS query: 40.126.28.11
Source: unknownTCP traffic detected without corresponding DNS query: 40.126.28.11
Source: unknownTCP traffic detected without corresponding DNS query: 40.126.28.11
Source: unknownTCP traffic detected without corresponding DNS query: 40.126.28.11
Source: unknownTCP traffic detected without corresponding DNS query: 40.126.28.11
Source: unknownTCP traffic detected without corresponding DNS query: 40.126.28.11
Source: unknownDNS traffic detected: queries for: ecouterrepondeurvocal.pro
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49865
Source: unknownNetwork traffic detected: HTTP traffic on port 49817 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49864
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49863
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49862
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49861
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49860
Source: unknownNetwork traffic detected: HTTP traffic on port 49926 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49789 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49800 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49932 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49898 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49875 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49852 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49795 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49859
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49858
Source: unknownNetwork traffic detected: HTTP traffic on port 49881 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49856
Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49855
Source: unknownNetwork traffic detected: HTTP traffic on port 49841 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49854
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49853
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49852
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49851
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49850
Source: unknownNetwork traffic detected: HTTP traffic on port 49812 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49858 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49915 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49909 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49806 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49849
Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49848
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49846
Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49845
Source: unknownNetwork traffic detected: HTTP traffic on port 49869 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49844
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49843
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49842
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49841
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49840
Source: unknownNetwork traffic detected: HTTP traffic on port 49834 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49892 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49828 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49933 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49805 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49839
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49838
Source: unknownNetwork traffic detected: HTTP traffic on port 49904 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49837
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49836
Source: unknownNetwork traffic detected: HTTP traffic on port 49921 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49835
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49834
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49712
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49833
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49832
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49710
Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49831
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49830
Source: unknownNetwork traffic detected: HTTP traffic on port 49839 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49864 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49927 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49870 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49910 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49853 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49796 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
Source: unknownNetwork traffic detected: HTTP traffic on port 49938 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49811 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49828
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49827
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49826
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49785
Source: unknownNetwork traffic detected: HTTP traffic on port 49922 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
Source: unknownNetwork traffic detected: HTTP traffic on port 49813 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
Source: unknownNetwork traffic detected: HTTP traffic on port 49836 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49916 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49785 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49807 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49845 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49791 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49868 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49898
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49897
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
Source: unknownNetwork traffic detected: HTTP traffic on port 49862 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49892
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49891
Source: unknownNetwork traffic detected: HTTP traffic on port 49897 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49879 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49911 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49802 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49851 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49830 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49905 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49863 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49884
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49883
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49882
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49881
Source: unknownNetwork traffic detected: HTTP traffic on port 49928 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49840 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49797 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49801 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49879
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49878
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49877
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49876
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49875
Source: unknownNetwork traffic detected: HTTP traffic on port 49891 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49874
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49873
Source: unknownNetwork traffic detected: HTTP traffic on port 49923 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49872
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49871
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49870
Source: unknownNetwork traffic detected: HTTP traffic on port 49835 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49917 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49874 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49934 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49775 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
Source: unknownNetwork traffic detected: HTTP traffic on port 49846 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49869
Source: unknownNetwork traffic detected: HTTP traffic on port 49792 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49868
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49867
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49866
Source: unknownNetwork traffic detected: HTTP traffic on port 49878 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49912 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49803 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49935 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49826 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49906 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49849 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49900 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49866 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49837 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49820 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49929 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49872 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49855 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49798 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49861 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49901 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49924 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49712 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49844 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49918 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49873 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49787 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49930 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49793 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49850 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49831 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49774 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49799
Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49798
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49797
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49796
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49795
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49794
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49793
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49792
Source: unknownNetwork traffic detected: HTTP traffic on port 49814 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49791
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49790
Source: unknownNetwork traffic detected: HTTP traffic on port 49856 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49913 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49808 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49884 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49907 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49867 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49789
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49821
Source: unknownNetwork traffic detected: HTTP traffic on port 49865 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49710 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49820
Source: unknownNetwork traffic detected: HTTP traffic on port 49842 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49859 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49871 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49833 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49799 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49810 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49817
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49938
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49816
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49937
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49815
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49936
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49814
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49935
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49813
Source: unknownNetwork traffic detected: HTTP traffic on port 49902 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49934
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49812
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49933
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49811
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49932
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49810
Source: unknownNetwork traffic detected: HTTP traffic on port 49816 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49931
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49930
Source: unknownNetwork traffic detected: HTTP traffic on port 49925 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49919 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49788 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49794 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49936 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49827 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49876 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49809
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49808
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49929
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49807
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49928
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49806
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49927
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49805
Source: unknownNetwork traffic detected: HTTP traffic on port 49848 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49882 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49926
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49804
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49925
Source: unknownNetwork traffic detected: HTTP traffic on port 49773 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49803
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49924
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49802
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49923
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49801
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49922
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49800
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49921
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49920
Source: unknownNetwork traffic detected: HTTP traffic on port 49783 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49838 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49678 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49821 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49815 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49877 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49854 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49914 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49908 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49919
Source: unknownNetwork traffic detected: HTTP traffic on port 49937 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49918
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49917
Source: unknownNetwork traffic detected: HTTP traffic on port 49809 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49860 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49883 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49916
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49915
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49914
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49913
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49912
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49911
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49910
Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49843 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49931 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49804 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49832 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49909
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49908
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49907
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49906
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49905
Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49904
Source: unknownNetwork traffic detected: HTTP traffic on port 49920 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49903
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49902
Source: unknownNetwork traffic detected: HTTP traffic on port 49903 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49901
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49900
Source: unknownHTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.16:49711 version: TLS 1.2
Source: unknownHTTPS traffic detected: 40.126.28.11:443 -> 192.168.2.16:49726 version: TLS 1.2
Source: unknownHTTPS traffic detected: 40.126.28.11:443 -> 192.168.2.16:49741 version: TLS 1.2
Source: classification engineClassification label: mal48.win@86/198@48/137
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Windows\System32\OpenWith.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:3228:120:WilError_03
Source: C:\Windows\System32\OpenWith.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7468:120:WilError_03
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Users\user\AppData\Local\Temp\32ecc927-b1be-4923-8f9a-f66b6531deb8.tmp
Source: C:\Windows\System32\OpenWith.exeFile read: C:\Program Files\desktop.ini
Source: C:\Windows\System32\OpenWith.exeKey opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://ecouterrepondeurvocal.pro/35-hnJZib
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2212 --field-trial-handle=1916,i,14184590075913143465,5547467704499224158,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2212 --field-trial-handle=1916,i,14184590075913143465,5547467704499224158,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: unknownProcess created: C:\Windows\System32\OpenWith.exe C:\Windows\system32\OpenWith.exe -Embedding
Source: C:\Windows\System32\OpenWith.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument tel:0895083829
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2232 --field-trial-handle=1796,i,15325391256058872953,15750776415804555094,262144 /prefetch:3
Source: unknownProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate --single-argument tel:0895083829
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2248 --field-trial-handle=1980,i,5134124990743793995,14467359437152217128,262144 /prefetch:3
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=5100 --field-trial-handle=1980,i,5134124990743793995,14467359437152217128,262144 /prefetch:8
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=6832 --field-trial-handle=1980,i,5134124990743793995,14467359437152217128,262144 /prefetch:8
Source: C:\Windows\System32\OpenWith.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument tel:0895083829
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2232 --field-trial-handle=1796,i,15325391256058872953,15750776415804555094,262144 /prefetch:3
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2248 --field-trial-handle=1980,i,5134124990743793995,14467359437152217128,262144 /prefetch:3
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=5100 --field-trial-handle=1980,i,5134124990743793995,14467359437152217128,262144 /prefetch:8
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=5100 --field-trial-handle=1980,i,5134124990743793995,14467359437152217128,262144 /prefetch:8
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=6832 --field-trial-handle=1980,i,5134124990743793995,14467359437152217128,262144 /prefetch:8
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: unknownProcess created: C:\Windows\System32\OpenWith.exe C:\Windows\system32\OpenWith.exe -Embedding
Source: C:\Windows\System32\OpenWith.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument tel:0895083829
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2148 --field-trial-handle=1956,i,12109073706536864834,4435517575057208521,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Windows\System32\OpenWith.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument tel:0895083829
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2148 --field-trial-handle=1956,i,12109073706536864834,4435517575057208521,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Windows\System32\OpenWith.exeSection loaded: kernel.appcore.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: uxtheme.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: onecoreuapcommonproxystub.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: windows.storage.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: wldp.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: twinui.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: wintypes.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: powrprof.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: dwmapi.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: pdh.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: umpdc.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: onecorecommonproxystub.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: actxprxy.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: windows.ui.appdefaults.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: windows.ui.immersive.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: profapi.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: ntmarta.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: uiautomationcore.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: propsys.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: dui70.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: duser.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: dwrite.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: bcp47mrm.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: uianimation.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: d3d11.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: dxgi.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: resourcepolicyclient.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: dxcore.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: dcomp.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: oleacc.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: edputil.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: windows.ui.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: windowmanagementapi.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: textinputframework.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: inputhost.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: coremessaging.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: coreuicomponents.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: coreuicomponents.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: twinapi.appcore.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: coremessaging.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: coremessaging.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: twinapi.appcore.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: coremessaging.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: mrmcorer.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: iertutil.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: windows.staterepositorycore.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: appxdeploymentclient.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: appxdeploymentclient.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: apphelp.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: appresolver.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: bcp47langs.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: slc.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: userenv.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: sppc.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: tiledatarepository.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: staterepository.core.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: windows.staterepository.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: wtsapi32.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: windows.staterepositoryps.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: appxdeploymentclient.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: thumbcache.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: windowscodecs.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: policymanager.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: msvcp110_win.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: appxdeploymentclient.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: urlmon.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: srvcli.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: netutils.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: appxdeploymentclient.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: photometadatahandler.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: sxs.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: directmanipulation.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: textshaping.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: appxdeploymentclient.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: appxdeploymentclient.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: ieframe.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: netapi32.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: version.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: winhttp.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: wkscli.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: secur32.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: sspicli.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: mlang.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: wininet.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: pcacli.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: mpr.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: sfc_os.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: kernel.appcore.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: uxtheme.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: onecoreuapcommonproxystub.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: windows.storage.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: wldp.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: twinui.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: wintypes.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: powrprof.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: dwmapi.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: pdh.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: umpdc.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: onecorecommonproxystub.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: actxprxy.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: windows.ui.appdefaults.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: windows.ui.immersive.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: profapi.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: ntmarta.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: uiautomationcore.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: propsys.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: dui70.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: duser.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: dwrite.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: bcp47mrm.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: uianimation.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: d3d11.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: dxgi.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: resourcepolicyclient.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: dxcore.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: dcomp.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: oleacc.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: edputil.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: windows.ui.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: windowmanagementapi.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: textinputframework.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: inputhost.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: coremessaging.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: coreuicomponents.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: twinapi.appcore.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: coremessaging.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: coreuicomponents.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: twinapi.appcore.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: coremessaging.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: mrmcorer.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: iertutil.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: windows.staterepositorycore.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: appxdeploymentclient.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: apphelp.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: appresolver.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: bcp47langs.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: slc.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: userenv.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: sppc.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: tiledatarepository.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: staterepository.core.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: windows.staterepository.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: wtsapi32.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: windows.staterepositoryps.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: appxdeploymentclient.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: windowscodecs.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: thumbcache.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: appxdeploymentclient.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: sxs.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: directmanipulation.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: textshaping.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: ieframe.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: netapi32.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: version.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: winhttp.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: wkscli.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: netutils.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: urlmon.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: srvcli.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: secur32.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: sspicli.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: mlang.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: wininet.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: policymanager.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: msvcp110_win.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: pcacli.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: mpr.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: sfc_os.dll
Source: C:\Windows\System32\OpenWith.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\InProcServer32
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Windows\System32\OpenWith.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\16.0\Access\Capabilities\UrlAssociations
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
Source: C:\Windows\System32\OpenWith.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\OpenWith.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\OpenWith.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\OpenWith.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\OpenWith.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\OpenWith.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\OpenWith.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\OpenWith.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\OpenWith.exe TID: 3224Thread sleep count: 44 > 30
Source: C:\Windows\System32\OpenWith.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument tel:0895083829
Source: C:\Windows\System32\OpenWith.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument tel:0895083829
Source: C:\Windows\System32\OpenWith.exeQueries volume information: C:\Program Files\WindowsApps\Microsoft.People_10.1902.633.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\contrast-black\PeopleAppList.scale-100.png VolumeInformation
Source: C:\Windows\System32\OpenWith.exeQueries volume information: C:\Windows\Fonts\segoeui.ttf VolumeInformation
Source: C:\Windows\System32\OpenWith.exeQueries volume information: C:\Windows\Fonts\seguisym.ttf VolumeInformation
Source: C:\Windows\System32\OpenWith.exeQueries volume information: C:\Windows\Fonts\seguisym.ttf VolumeInformation
Source: C:\Windows\System32\OpenWith.exeQueries volume information: C:\Windows\Fonts\seguisb.ttf VolumeInformation
Source: C:\Windows\System32\OpenWith.exeQueries volume information: C:\Windows\Fonts\seguisym.ttf VolumeInformation
Source: C:\Windows\System32\OpenWith.exeQueries volume information: C:\Windows\Fonts\segoeui.ttf VolumeInformation
Source: C:\Windows\System32\OpenWith.exeQueries volume information: C:\Windows\Fonts\seguisym.ttf VolumeInformation
Source: C:\Windows\System32\OpenWith.exeQueries volume information: C:\Windows\Fonts\seguisb.ttf VolumeInformation

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
DLL Side-Loading		11
Process Injection		1
Masquerading		OS Credential Dumping1
Virtualization/Sandbox Evasion		Remote ServicesData from Local System2
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/Job1
Registry Run Keys / Startup Folder		1
DLL Side-Loading		1
Virtualization/Sandbox Evasion		LSASS Memory1
File and Directory Discovery		Remote Desktop ProtocolData from Removable Media1
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)1
Registry Run Keys / Startup Folder		11
Process Injection		Security Account Manager12
System Information Discovery		SMB/Windows Admin SharesData from Network Shared Drive2
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin Hook1
Extra Window Memory Injection		1
DLL Side-Loading		NTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput CaptureProtocol ImpersonationTraffic DuplicationData Destruction
Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
Extra Window Memory Injection		LSA SecretsInternet Connection DiscoverySSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

No Antivirus matches

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

SourceDetectionScannerLabelLink
ecouterrepondeurvocal.pro0%VirustotalBrowse
ecouterepondeurvocal.pro9%VirustotalBrowse

URLs

No Antivirus matches

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
chrome.cloudflare-dns.com
162.159.61.3
truefalse
    		unknown
    google.com
    		172.217.215.101
    		truefalse
      		high
      ecouterepondeurvocal.pro
      		172.67.174.177
      		truetrueunknown
      sb.scorecardresearch.com
      		18.160.60.23
      		truefalse
        		unknown
        www.google.com
        		74.125.136.103
        		truefalse
          		high
          part-0012.t-0009.t-msedge.net
          		13.107.246.40
          		truefalse
            		unknown
            googlehosted.l.googleusercontent.com
            		64.233.177.132
            		truefalse
              		high
              sni1gl.wpc.nucdn.net
              		152.195.19.97
              		truefalse
                		unknown
                assets.msn.com
                		unknown
                		unknownfalse
                  		high
                  c.msn.com
                  		unknown
                  		unknownfalse
                    		high
                    ecouterrepondeurvocal.pro
                    		unknown
                    		unknownfalseunknown
                    ntp.msn.com
                    		unknown
                    		unknownfalse
                      		high
                      clients2.googleusercontent.com
                      		unknown
                      		unknownfalse
                        		high
                        bzib.nelreports.net
                        		unknown
                        		unknownfalse
                          		unknown
                          api.msn.com
                          		unknown
                          		unknownfalse
                            		high
                            browser.events.data.msn.com
                            		unknown
                            		unknownfalse
                              		high

                              World Map of Contacted IPs

                              • No. of IPs < 25%
                              • 25% < No. of IPs < 50%
                              • 50% < No. of IPs < 75%
                              • 75% < No. of IPs

                              Public IPs

                              IPDomainCountryFlagASNASN NameMalicious
                              20.1.248.118
                              		unknownUnited States
                              		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                              13.107.246.41
                              		unknownUnited States
                              		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                              13.107.6.158
                              		unknownUnited States
                              		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                              20.25.227.174
                              		unknownUnited States
                              		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                              13.107.246.40
                              		part-0012.t-0009.t-msedge.netUnited States
                              		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                              20.189.173.9
                              		unknownUnited States
                              		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                              204.79.197.200
                              		unknownUnited States
                              		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                              23.96.180.189
                              		unknownUnited States
                              		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                              152.195.19.97
                              		sni1gl.wpc.nucdn.netUnited States
                              		15133EDGECASTUSfalse
                              13.107.21.200
                              		unknownUnited States
                              		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                              131.253.33.203
                              		unknownUnited States
                              		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                              23.54.202.151
                              		unknownUnited States
                              		16625AKAMAI-ASUSfalse
                              172.67.174.177
                              		ecouterepondeurvocal.proUnited States
                              		13335CLOUDFLARENETUStrue
                              52.168.117.170
                              		unknownUnited States
                              		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                              8.8.8.8
                              		unknownUnited States
                              		15169GOOGLEUSfalse
                              162.159.61.3
                              		chrome.cloudflare-dns.comUnited States
                              		13335CLOUDFLARENETUSfalse
                              23.54.201.219
                              		unknownUnited States
                              		16625AKAMAI-ASUSfalse
                              23.34.82.23
                              		unknownUnited States
                              		25019SAUDINETSTC-ASSAfalse
                              52.159.108.190
                              		unknownUnited States
                              		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                              23.49.5.137
                              		unknownUnited States
                              		35994AKAMAI-ASUSfalse
                              142.251.15.94
                              		unknownUnited States
                              		15169GOOGLEUSfalse
                              64.233.177.132
                              		googlehosted.l.googleusercontent.comUnited States
                              		15169GOOGLEUSfalse
                              204.79.197.239
                              		unknownUnited States
                              		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                              74.125.136.103
                              		www.google.comUnited States
                              		15169GOOGLEUSfalse
                              20.110.205.119
                              		unknownUnited States
                              		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                              204.79.197.219
                              		unknownUnited States
                              		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                              172.64.41.3
                              		unknownUnited States
                              		13335CLOUDFLARENETUSfalse
                              23.55.63.75
                              		unknownUnited States
                              		20940AKAMAI-ASN1EUfalse
                              204.79.197.237
                              		unknownUnited States
                              		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                              64.233.177.94
                              		unknownUnited States
                              		15169GOOGLEUSfalse
                              23.1.33.14
                              		unknownUnited States
                              		20940AKAMAI-ASN1EUfalse
                              13.107.5.80
                              		unknownUnited States
                              		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                              74.125.138.99
                              		unknownUnited States
                              		15169GOOGLEUSfalse
                              1.1.1.1
                              		unknownAustralia
                              		13335CLOUDFLARENETUSfalse
                              20.94.153.70
                              		unknownUnited States
                              		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                              13.107.21.239
                              		unknownUnited States
                              		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                              18.160.60.23
                              		sb.scorecardresearch.comUnited States
                              		3MIT-GATEWAYSUSfalse
                              23.49.5.136
                              		unknownUnited States
                              		35994AKAMAI-ASUSfalse
                              13.107.42.16
                              		unknownUnited States
                              		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                              20.88.206.205
                              		unknownUnited States
                              		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                              239.255.255.250
                              		unknownReserved
                              		unknownunknownfalse
                              13.107.22.239
                              		unknownUnited States
                              		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                              173.222.249.89
                              		unknownUnited States
                              		20940AKAMAI-ASN1EUfalse
                              74.125.138.84
                              		unknownUnited States
                              		15169GOOGLEUSfalse
                              173.222.249.42
                              		unknownUnited States
                              		20940AKAMAI-ASN1EUfalse
                              74.125.138.101
                              		unknownUnited States
                              		15169GOOGLEUSfalse
                              204.79.197.203
                              		unknownUnited States
                              		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse

                              Private

                              IP
                              192.168.2.16

                              General Information

                              Joe Sandbox version:40.0.0 Tourmaline
                              Analysis ID:1426567
                              Start date and time:2024-04-16 10:31:43 +02:00
                              Joe Sandbox product:CloudBasic
                              Overall analysis duration:
                              Hypervisor based Inspection enabled:false
                              Report type:full
                              Cookbook file name:defaultwindowsinteractivecookbook.jbs
                              Sample URL:https://ecouterrepondeurvocal.pro/35-hnJZib
                              Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                              Number of analysed new started processes analysed:21
                              Number of new started drivers analysed:0
                              Number of existing processes analysed:0
                              Number of existing drivers analysed:0
                              Number of injected processes analysed:0
                              Technologies:
                              • EGA enabled
                              Analysis Mode:stream
                              Analysis stop reason:Timeout
                              Detection:MAL
                              Classification:mal48.win@86/198@48/137

                              Warnings

                              • Exclude process from analysis (whitelisted): dllhost.exe
                              • Excluded IPs from analysis (whitelisted): 64.233.177.94, 74.125.138.101, 74.125.138.138, 74.125.138.102, 74.125.138.139, 74.125.138.100, 74.125.138.113, 74.125.138.84, 34.104.35.123
                              • Excluded domains from analysis (whitelisted): fs.microsoft.com, slscr.update.microsoft.com, fe3cr.delivery.mp.microsoft.com
                              • Not all processes where analyzed, report is missing behavior information
                              • Report size getting too big, too many NtAllocateVirtualMemory calls found.
                              • Report size getting too big, too many NtOpenFile calls found.
                              • Report size getting too big, too many NtOpenKeyEx calls found.
                              • Report size getting too big, too many NtProtectVirtualMemory calls found.
                              • Report size getting too big, too many NtQueryValueKey calls found.
                              • Report size getting too big, too many NtSetInformationFile calls found.
                              • Report size getting too big, too many NtWriteVirtualMemory calls found.
                              • Timeout during stream target processing, analysis might miss dynamic analysis data

                              Created / dropped Files

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\4e06615d-9051-41c8-ad1f-38a165922d6f.tmp

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):58113
                              Entropy (8bit):6.105799755228442
                              Encrypted:false
                              SSDEEP:
                              MD5:28508BE9B8F7AF5A7F43C03C093A5A33
                              SHA1:F2F7BC05BE8FDBAEA030614754ABA37CE84C02BD
                              SHA-256:DCB61D49D0EC9F0F9CA00676F8A04324E97BFE1363C3D74CD733A49D74A0F564
                              SHA-512:50D36DC9175410E802EF6818791DFFEBA688EE8A11CD9F0FE05C8EE7E645F226C22E6579B8BA866F9F7ACB1C74388F7A72E8869FD5C8E21043125E7813289F74
                              Malicious:false
                              Reputation:unknown
                              Preview:{"abusive_adblocker_etag":"\"8ABCE35666CBACA121128B98C75E78308AAC1CE803625FAFB4A7AFA722C77CA4\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\545aa0f1-eb1c-42af-a4e2-b249c8dadd19.tmp

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):52484
                              Entropy (8bit):6.100820418208219
                              Encrypted:false
                              SSDEEP:
                              MD5:6C89AC70AA1A00409301B739E1985828
                              SHA1:A41E3DADB101AF917AA986F0BCE1296BB436087C
                              SHA-256:628DF5717B791857EB63AE524947C6B62C4AECBA311E45F9884E12373825FE56
                              SHA-512:1D8B64F8F8C931B727A43BCF03FBE2FDC9F5D2118163653517A6C51612261D6F3609FCFAB3DD2AA766C1B42E70FAE218AD19FE23B73AFE1A426AF94CBF1382FD
                              Malicious:false
                              Reputation:unknown
                              Preview:{"abusive_adblocker_etag":"\"DBBD7E4308B5271427679652B4782A36813B3EA52CB11A4B170804BD16F9F719\"","browser":{"browser_build_version":"117.0.2045.47","browser_version_of_last_seen_whats_new":"117.0.2045.47","last_seen_whats_new_page_version":"117.0.2045.47"},"continuous_migration":{"local_guid":"84e6c6f8-2902-4290-a0ce-289794b896ae"},"desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"desktop_session_duration_tracker":{"last_session_end_timestamp":"1713256434"},"domain_actions_config":"H4sIAAAAAAAAAL19a3PktrH2X1HpU5LyQNLe5M355HeziV3Jxi5nU656T6VUIIghIYIAF5eZ4bj83083ONJKOwRmmutzPngtUXxwY6Nv6G78evmdqa1z/N/f/biRzqlaXv7510s+DFoJHpQ1/vLP//2fby4HCw+UxN9+vTS8h9cu39eN/Pd3l99chnHA3wfuguL6ZzloLmQvTYC/bbiO+MfvoEn5i6z+rsLV65e37OWbiz/8/fuPH/7xzYVWnbz4mxSd/ePFu9bZXl7dXrNr9vL1y2/ZzfWLi3/xNXfqAYbdXt3AX25v37y8/O2bx/FM2KcjkvDqR9tJMz+mp+C/2H/a8LgGjy3Uzx4/eR9H8fbt/8rk376Fyb/69tUrdvvqeO7Tn29uXl+z16+Pp/9/Pqa5LwBE9U4r6O97ZYI

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\6805b95a-370a-45fd-a010-6cf7de4ab088.tmp

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):60787
                              Entropy (8bit):6.082947887489653
                              Encrypted:false
                              SSDEEP:
                              MD5:0FA5F7C6AB6ED1EA7722BC88C7744081
                              SHA1:A1CC3B98A70A26121E397ECC71959BC220A123DF
                              SHA-256:FDA4DD7F13AC804D4BF05CEEA911574E2D65646898A36C0FD19E8E154606AF9C
                              SHA-512:DB065F2FD5CDEE3EC8DD8F49863356264A9E52437C681E24617921785CBF915D0A241E4BE05ECD7880677B697451B084EE2D277AAC266D354ECD6C738E886A30
                              Malicious:false
                              Reputation:unknown
                              Preview:{"abusive_adblocker_etag":"\"DBBD7E4308B5271427679652B4782A36813B3EA52CB11A4B170804BD16F9F719\"","browser":{"browser_build_version":"117.0.2045.47","browser_version_of_last_seen_whats_new":"117.0.2045.47","last_seen_whats_new_page_version":"117.0.2045.47"},"continuous_migration":{"local_guid":"84e6c6f8-2902-4290-a0ce-289794b896ae"},"desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"desktop_session_duration_tracker":{"last_session_end_timestamp":"1713256451"},"domain_actions_config":"H4sIAAAAAAAAAL19a3PktrH2X1HpU5LyQNLe5M355HeziV3Jxi5nU656T6VUIIghIYIAF5eZ4bj83083ONJKOwRmmutzPngtUXxwY6Nv6G78evmdqa1z/N/f/biRzqlaXv7510s+DFoJHpQ1/vLP//2fby4HCw+UxN9+vTS8h9cu39eN/Pd3l99chnHA3wfuguL6ZzloLmQvTYC/bbiO+MfvoEn5i6z+rsLV65e37OWbiz/8/fuPH/7xzYVWnbz4mxSd/ePFu9bZXl7dXrNr9vL1y2/ZzfWLi3/xNXfqAYbdXt3AX25v37y8/O2bx/FM2KcjkvDqR9tJMz+mp+C/2H/a8LgGjy3Uzx4/eR9H8fbt/8rk376Fyb/69tUrdvvqeO7Tn29uXl+z16+Pp/9/Pqa5LwBE9U4r6O97ZYI

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\824e69ea-7cd0-4a91-a18b-32b555b26681.tmp

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):58057
                              Entropy (8bit):6.106117685374113
                              Encrypted:false
                              SSDEEP:
                              MD5:1418D421BC24E1432C0994EB65C6DDEE
                              SHA1:E9DF598C67D1E390F9C4EC1CDC6226FEE08F9153
                              SHA-256:4C482683541CD79C3C8542CDD3A6C661A5675D417CD6FAA62ED73AF4D52B392B
                              SHA-512:50047D3F87643F1D40F3B6E0B5FF0B0274A3F703608B2D24CAFEAC5D3C4C2518F3E5E55D7BEFD8A46CA754F64734C81CEA8B22AFDBC9272779DF91D73959C327
                              Malicious:false
                              Reputation:unknown
                              Preview:{"abusive_adblocker_etag":"\"8ABCE35666CBACA121128B98C75E78308AAC1CE803625FAFB4A7AFA722C77CA4\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\2311f71c-dfac-4934-bb66-c9bc25c71fd9.tmp

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):103680
                              Entropy (8bit):4.636189249274964
                              Encrypted:false
                              SSDEEP:
                              MD5:9625E9F385F3DB044E0A2B82944ECC12
                              SHA1:6B80EF9DAEE465632174C4725AA78A9AEDE398D9
                              SHA-256:C3308DDD5BE45015A10C1D2BC61127870E4DD2D9960209ABFD9A59C79490CE43
                              SHA-512:FE5D0B1AD4D768CD110ADACD3907B1A5D200C68CCB85EA1E56D51DC3C47BEA35B1AE74F56466EAB2845AD604C0A7BAB86503829CE463F4F292E6C3084864F59C
                              Malicious:false
                              Reputation:unknown
                              Preview:{"sites":[{"url":"24video.be"},{"url":"7dnifutbol.bg"},{"url":"6tv.dk"},{"url":"9kefa.com"},{"url":"aculpaedoslb.blogspot.pt"},{"url":"aek-live.gr"},{"url":"arcadepunk.co.uk"},{"url":"acidimg.cc"},{"url":"aazah.com"},{"url":"allehensbeverwijk.nl"},{"url":"amateurgonewild.org"},{"url":"aindasoudotempo.blogspot.com"},{"url":"anorthosis365.com"},{"url":"autoreview.bg"},{"url":"alivefoot.us"},{"url":"arbitro10.com"},{"url":"allhard.org"},{"url":"babesnude.info"},{"url":"aysel.today"},{"url":"animepornx.com"},{"url":"bahisideal20.com"},{"url":"analyseindustrie.nl"},{"url":"bahis10line.org"},{"url":"apoel365.net"},{"url":"bahissitelerisikayetleri.com"},{"url":"bambusratte.com"},{"url":"banzaj.pl"},{"url":"barlevegas.com"},{"url":"baston.info"},{"url":"atomcurve.com"},{"url":"atascadocherba.com"},{"url":"astrologer.gr"},{"url":"adultpicz.com"},{"url":"alleporno.com"},{"url":"beaver-tube.com"},{"url":"beachbabes.info"},{"url":"bearworldmagazine.com"},{"url":"bebegimdensonra.com"},{"url":"autoy

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\blocklist (copy)

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):0
                              Entropy (8bit):0.0
                              Encrypted:false
                              SSDEEP:
                              MD5:9625E9F385F3DB044E0A2B82944ECC12
                              SHA1:6B80EF9DAEE465632174C4725AA78A9AEDE398D9
                              SHA-256:C3308DDD5BE45015A10C1D2BC61127870E4DD2D9960209ABFD9A59C79490CE43
                              SHA-512:FE5D0B1AD4D768CD110ADACD3907B1A5D200C68CCB85EA1E56D51DC3C47BEA35B1AE74F56466EAB2845AD604C0A7BAB86503829CE463F4F292E6C3084864F59C
                              Malicious:false
                              Reputation:unknown
                              Preview:{"sites":[{"url":"24video.be"},{"url":"7dnifutbol.bg"},{"url":"6tv.dk"},{"url":"9kefa.com"},{"url":"aculpaedoslb.blogspot.pt"},{"url":"aek-live.gr"},{"url":"arcadepunk.co.uk"},{"url":"acidimg.cc"},{"url":"aazah.com"},{"url":"allehensbeverwijk.nl"},{"url":"amateurgonewild.org"},{"url":"aindasoudotempo.blogspot.com"},{"url":"anorthosis365.com"},{"url":"autoreview.bg"},{"url":"alivefoot.us"},{"url":"arbitro10.com"},{"url":"allhard.org"},{"url":"babesnude.info"},{"url":"aysel.today"},{"url":"animepornx.com"},{"url":"bahisideal20.com"},{"url":"analyseindustrie.nl"},{"url":"bahis10line.org"},{"url":"apoel365.net"},{"url":"bahissitelerisikayetleri.com"},{"url":"bambusratte.com"},{"url":"banzaj.pl"},{"url":"barlevegas.com"},{"url":"baston.info"},{"url":"atomcurve.com"},{"url":"atascadocherba.com"},{"url":"astrologer.gr"},{"url":"adultpicz.com"},{"url":"alleporno.com"},{"url":"beaver-tube.com"},{"url":"beachbabes.info"},{"url":"bearworldmagazine.com"},{"url":"bebegimdensonra.com"},{"url":"autoy

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-661E37EE-1B58.pma

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:data
                              Category:dropped
                              Size (bytes):4194304
                              Entropy (8bit):0.5737234260057662
                              Encrypted:false
                              SSDEEP:
                              MD5:F8C63368BDE0BD77501B43C6E10A42FD
                              SHA1:8BE7FD6EAFA869690F831F5A66460AF128C01CF4
                              SHA-256:9DCAA78869C2F81E430E2939B3D2CE400420B57C963C64DBD17FAB6DC4A7F124
                              SHA-512:66E26377B4F8BD45F84A3E09FB5D519AA72BFEBF0C271B4A3BC47721E06DE39A5D970373C57A6E2617FAB4C899CC973E35DC0F2863E51DCF9CEE841A39744279
                              Malicious:false
                              Reputation:unknown
                              Preview:...@..@...@.....C.].....@................0... ..............`... ...i.y.........BrowserMetrics......i.y..Yd. .......A...................v.0.....UV&K.k<................UV&K.k<................UMA.PersistentHistograms.InitResult.....8...i.y.[".................................................i.y.Pq.30..............117.0.2045.47-64..".en-GB*...Windows NT..10.0.190452....x86_64..?........".tbwron20,1(.0..8..B....(.....10.0.19041.5462.Google Inc. (Google):bANGLE (Google, Vulkan 1.3.0 (SwiftShader Device (Subzero) (0x0000C0DE)), SwiftShader driver-5.0.0)M..BU..Be...?j...GenuineIntel... .. ..........x86_64...J....s..^o..J...W..^o..J.....1.^o..J.......^o..J../T...^o..J.....p.^o..J..~|[..^o..J...t...^o..J.......^o..J...Y...^o..J.......^o..J..w....^o..J...G.Y.^o..J..h....^o..J..A....^o..J..&.t..^o..J...c=..^o..J....J..^o..J...h8..^o..J..3.(..^o..J.......^o..J.......^o..J.....-.^o..J.....z.^o..J.......^o..J...b.J.^o..J..G....^o..J..8...^o..J...#...^o..J...T..^o..J.....a.^o..J..k.R..^o..J..

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-661E37EE-CC4.pma

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:data
                              Category:dropped
                              Size (bytes):4194304
                              Entropy (8bit):0.03959052579901814
                              Encrypted:false
                              SSDEEP:
                              MD5:60BDECB9C2875CA4133C358498D2B418
                              SHA1:F7A1A110B7FB835E78FE84CF76ADF4005972FCB0
                              SHA-256:EA26D02641EF3F26F80F5A49AFC1BD91756EE40B4765CC754F65BC5180C806E1
                              SHA-512:4D2B4EDF28CF3FD0A2B41F36D1C7D61E5FD7CE2D1F454831B6AC4DBFB322BE0421381033C3157E8D43ADF8E010E92123D710ED076A352F91E50F653A70DC718E
                              Malicious:false
                              Reputation:unknown
                              Preview:...@..@...@.....C.].....@................_...O..............`... ...i.y.........BrowserMetrics......i.y..Yd. .......A...................v.0.....UV&K.k<................UV&K.k<................UMA.PersistentHistograms.InitResult.....8...i.y.[".................................................i.y.Pq.30....q.........117.0.2045.47-64..".en-GB*...Windows NT..10.0.190452l..x86_64..?........".tbwron20,1(.0..8..B.......2.:.M..BU..Be...?j...GenuineIntel... .. ..........x86_64...J....k..^o..J..l.zL.^o..J...I.r.^o..J....\.^o..J.....f.^o..J....?.^o..P.Z...b.INBXj....... .8.@..............2......................w..U.>.........."....."...2...".*.:............B)..1.3.177.11.. .*.RegKeyNotFound2.windowsR...Z....+....W@..$...SF@.......Y@.......Y@.......Y@........?........?.................?.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@................Y@.......Y@.......Y@........?........?z...........................................................................

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:data
                              Category:dropped
                              Size (bytes):280
                              Entropy (8bit):4.15990952542332
                              Encrypted:false
                              SSDEEP:
                              MD5:B3FFAA411A6FA13FF4279D17DACFA5D8
                              SHA1:C252ADCFA56F1464C86439B85ADB9532C2E6EA43
                              SHA-256:A48E4E510771EE4E9630D785DDBAF7FB47675968E2AA04A32706E522DF0D1E7B
                              SHA-512:8FEFBEBB3C9D82D3AD36471E042549F6F9E5A792CE0D9D00C68F9267D219D9F77D2841ED30860CE8FF4477282EE955E3FEA9A7E5C5C16C701BCBAC83DE2CD45F
                              Malicious:false
                              Reputation:unknown
                              Preview:sdPC......................z....K..s...x."C2Nft4srAayuXDT/+xJZdTAbGw727eySWzABz920p6g="..................................................................................47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=....................7dc5f755-0f90-4102-bc8e-37d02917bdc7............

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\1d3a67d0-fa3f-4e37-9eb1-ecabe3d570a9.tmp

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:ASCII text, with very long lines (1597), with CRLF line terminators
                              Category:dropped
                              Size (bytes):115717
                              Entropy (8bit):5.183660917461099
                              Encrypted:false
                              SSDEEP:
                              MD5:3D8183370B5E2A9D11D43EBEF474B305
                              SHA1:155AB0A46E019E834FA556F3D818399BFF02162B
                              SHA-256:6A30BADAD93601FC8987B8239D8907BCBE65E8F1993E4D045D91A77338A2A5B4
                              SHA-512:B7AD04F10CD5DE147BDBBE2D642B18E9ECB2D39851BE1286FDC65FF83985EA30278C95263C98999B6D94683AE1DB86436877C30A40992ACA1743097A2526FE81
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "current_locale": "en-GB",.. "hub_apps": [ {.. "auto_show": {.. "enabled": true,.. "fre_notification": {.. "enabled": true,.. "header": "Was opening this pane helpful to you?",.. "show_count": 2,.. "text": "Was opening this pane helpful to you?".. },.. "settings_description": "We'll automatically open Bing Chat in the sidebar to show you relevant web experiences alongside your web content",.. "settings_title": "Automatically open Bing Chat in the sidebar",.. "triggering_configs|flight:msHubAppsMsnArticleAutoShowTriggering": [ {.. "show_count_basis": "signal",.. "signal_name": "IsMsnArticleAutoOpenFromP1P2",.. "signal_threshold": 0.5.. } ],.. "triggering_configs|flight:msUndersidePersistentChat": [ {.. "signal_name": "IsUndersidePersistentChatLink",.. "signal_threshold": 0.5.. } ],.. "triggering_co

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\579b3e1e-f59b-4309-9b73-101c8ab33db6.tmp

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:Unicode text, UTF-8 text, with very long lines (17159), with no line terminators
                              Category:dropped
                              Size (bytes):17163
                              Entropy (8bit):5.480594790182144
                              Encrypted:false
                              SSDEEP:
                              MD5:26754F06D9101C1B23EF4E0EFD2BB391
                              SHA1:90AE8F57F32394F3E8654311BE2D3C7147C2423D
                              SHA-256:1E1632026226C10D3408DF79A01F7E8D2B019F19AAD5D4E8C4FFC418A4F9A7E7
                              SHA-512:B9B973727BE176BC8297A00E2FCFDEDD52EEECA2D30166E2E211EF4F263E3C5868F4E4527847CC9E0DABA50AB516485FE2122C5FAC8519F7E9F99199E5CDA258
                              Malicious:false
                              Reputation:unknown
                              Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13357730031466038","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13341058280410352","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117794":{"last_path":""},"380c71d3-10bf-4a5d-9a06-c932e4b7d1d8":{"last_path":""},"3a2f4dee-d482-4ef8-baef-cb22b6496

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\71d1598f-f26a-4446-b849-43b8bed0cf11.tmp

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):39597
                              Entropy (8bit):5.562932742004622
                              Encrypted:false
                              SSDEEP:
                              MD5:A4EDEAA91BE9949AD2106558A1477D11
                              SHA1:B7144AE997A0367E4459F68DCEF707309E00BC0D
                              SHA-256:8C68C7A1E60B7EC82D6049937774C07AA3AFC0527E21BCDC49EEF880156950A9
                              SHA-512:3247A83E4B001CAFE632EA1C2D7358C5984E29919C326EFA6554CA28B4CD5C858A26FF64DC9A2E776BFDD135E9B60C7B2FA2218D91CF3037CF7B5C45F03F325C
                              Malicious:false
                              Reputation:unknown
                              Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13357730031140904","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13357730031140904","location":5,"ma

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\8a4abe76-5b99-4d7a-8fae-3f7fda048d22.tmp

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):39579
                              Entropy (8bit):5.563174635122138
                              Encrypted:false
                              SSDEEP:
                              MD5:4A13C592764F16530C95B1F112666C4D
                              SHA1:B2F5D8670DF973DA6E567A853C30AC29BF4ED69F
                              SHA-256:66431D3623518E0F899E0260AD65172805825EF799239F9D8A8FE6BF860D7503
                              SHA-512:8603CDEBE374168F802D7448D6F3E7945BBEF89F04EEA7FC906D6187A6EEB6C0B19AC29A8F982549AF730E1CDFB2F760C0D0A0D635276B0CE7DFEC0644F3981F
                              Malicious:false
                              Reputation:unknown
                              Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13357730031140904","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13357730031140904","location":5,"ma

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\000003.log

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:data
                              Category:modified
                              Size (bytes):2164083
                              Entropy (8bit):5.223204494434184
                              Encrypted:false
                              SSDEEP:
                              MD5:DC72112CA330165C3D1FBD8E27F1BE11
                              SHA1:FC1AEDCB526FB33AB4701515F8764D02A06B5678
                              SHA-256:A6390E44302CA25BA7E3B4A1235516E51CF174D5A1319F62B491ECAB0A5962F8
                              SHA-512:2FB4A14B3B996E96F76725391754D378D84D3C94F3002C320DB2F586C36EDDE275890B1068BE8E8AE26FC6FED17355957C0A12CB7E44AB747C764F63E05D7B70
                              Malicious:false
                              Reputation:unknown
                              Preview:...m.................DB_VERSION.1...8.................QUERY_TIMESTAMP:arbitration_priority_list4.*.*.13341056840624329.$QUERY:arbitration_priority_list4.*.*..[{"name":"arbitration_priority_list","url":"https://edgeassetservice.azureedge.net/assets/arbitration_priority_list/4.0.5/asset?sv=2017-07-29&sr=c&sig=NtPyTqjbjPElpw2mWa%2FwOk1no4JFJEK8%2BwO4xQdDJO4%3D&st=2021-01-01T00%3A00%3A00Z&se=2023-12-30T00%3A00%3A00Z&sp=r&assetgroup=ArbitrationService","version":{"major":4,"minor":0,"patch":5},"hash":"N0MkrPHaUyfTgQSPaiVpHemLMcVgqoPh/xUYLZyXayg=","size":11749}]...................'ASSET_VERSION:arbitration_priority_list.4.0.5..ASSET:arbitration_priority_list.[{. "configVersion": 32,. "PrivilegedExperiences": [. "ShorelinePrivilegedExperienceID",. "SHOPPING_AUTO_SHOW_COUPONS_CHECKOUT",. "SHOPPING_AUTO_SHOW_LOWER_PRICE_FOUND",. "SHOPPING_AUTO_SHOW_BING_SEARCH",. "SHOPPING_AUTO_SHOW_REBATES",. "SHOPPING_AUTO_SHOW_REBATES_CONFIRMATION",. "SHOPPING_AUTO_SHOW_REBATES_DEACTI

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:ASCII text
                              Category:dropped
                              Size (bytes):332
                              Entropy (8bit):5.174721360329439
                              Encrypted:false
                              SSDEEP:
                              MD5:62A8F67D2EEADECEC42D2AF0DE1373A3
                              SHA1:BF20B122CFB27771F9702809FB2847CCCB8FBFDF
                              SHA-256:AC485DB8CB5F5D333E1D254226F11E112CBC32696BD3F4804987830CC5B53E2A
                              SHA-512:2B77362375AD5806075C8871D17A07C353FD20565929BE0040265B37610B3500A99631FB35409753BFF041FDC89BED9283766E1F06EEF226ABC76335086E3E0F
                              Malicious:false
                              Reputation:unknown
                              Preview:2024/04/16-10:33:53.809 1574 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/MANIFEST-000001.2024/04/16-10:33:53.811 1574 Recovering log #3.2024/04/16-10:33:54.426 1574 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/000003.log .

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DIPS

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x3, schema 4, UTF-8, version-valid-for 1
                              Category:dropped
                              Size (bytes):28672
                              Entropy (8bit):0.4622898812621716
                              Encrypted:false
                              SSDEEP:
                              MD5:5D28AC266D8EDC53BD78A9CA6F78E2EF
                              SHA1:F03F0807085A6BE12C00EF28AB12BBD7BBC1A54D
                              SHA-256:BA6C22B762967112BB5FDD9CB312C6104EEC440F8A80E95F9640D4281DB637E9
                              SHA-512:64A10B20800C1F92D6AC3E10463DB61D47B2E2C551C790F25A5052E12DD0520981C830222BFA548CFE24369D1E187F9806CB8915FDE5114C0C4C97240DED0D66
                              Malicious:false
                              Reputation:unknown
                              Preview:SQLite format 3......@ ..........................................................................j..........g.....8...n................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DashTrackerDatabase

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 5, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 5
                              Category:dropped
                              Size (bytes):10240
                              Entropy (8bit):0.8708334089814068
                              Encrypted:false
                              SSDEEP:
                              MD5:92F9F7F28AB4823C874D79EDF2F582DE
                              SHA1:2D4F1B04C314C79D76B7FF3F50056ECA517C338B
                              SHA-256:6318FCD9A092D1F5B30EBD9FB6AEC30B1AEBD241DC15FE1EEED3B501571DA3C7
                              SHA-512:86FEF0E05F871A166C3FAB123B0A4B95870DCCECBE20B767AF4BDFD99653184BBBFE4CE1EDF17208B7700C969B65B8166EE264287B613641E7FDD55A6C09E6D4
                              Malicious:false
                              Reputation:unknown
                              Preview:SQLite format 3......@ ..........................................................................j...v... .. .....M....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DawnCache\data_0

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
                              Category:dropped
                              Size (bytes):8192
                              Entropy (8bit):0.01057775872642915
                              Encrypted:false
                              SSDEEP:
                              MD5:CF89D16BB9107C631DAABF0C0EE58EFB
                              SHA1:3AE5D3A7CF1F94A56E42F9A58D90A0B9616AE74B
                              SHA-256:D6A5FE39CD672781B256E0E3102F7022635F1D4BB7CFCC90A80FFFE4D0F3877E
                              SHA-512:8CB5B059C8105EB91E74A7D5952437AAA1ADA89763C5843E7B0F1B93D9EBE15ED40F287C652229291FAC02D712CF7FF5ECECEF276BA0D7DDC35558A3EC3F77B0
                              Malicious:false
                              Reputation:unknown
                              Preview:............$...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DawnCache\data_1

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:data
                              Category:dropped
                              Size (bytes):270336
                              Entropy (8bit):0.0018090556708630734
                              Encrypted:false
                              SSDEEP:
                              MD5:E570DF4EA1D813F0F9D9A911AA690297
                              SHA1:8CAF737B144E8FBAADED528F559608B47A84B5C5
                              SHA-256:54AF62EF91EBBF52C909E1966976633D62F9ABFDB07C854603EE5EC4FD245BB0
                              SHA-512:036DB81AA872E0C0169A26264796441EA0B0F4F4DFEA3C45F784E06D231D7D2DD88206A3D2FFBB843F7B4DBCE25213FD582BF65AEFAA617EF99D514D15634E99
                              Malicious:false
                              Reputation:unknown
                              Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DawnCache\data_2

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:data
                              Category:dropped
                              Size (bytes):8192
                              Entropy (8bit):0.011852361981932763
                              Encrypted:false
                              SSDEEP:
                              MD5:0962291D6D367570BEE5454721C17E11
                              SHA1:59D10A893EF321A706A9255176761366115BEDCB
                              SHA-256:EC1702806F4CC7C42A82FC2B38E89835FDE7C64BB32060E0823C9077CA92EFB7
                              SHA-512:F555E961B69E09628EAF9C61F465871E6984CD4D31014F954BB747351DAD9CEA6D17C1DB4BCA2C1EB7F187CB5F3C0518748C339C8B43BBD1DBD94AEAA16F58ED
                              Malicious:false
                              Reputation:unknown
                              Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DawnCache\index

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
                              Category:dropped
                              Size (bytes):262512
                              Entropy (8bit):9.553120663130604E-4
                              Encrypted:false
                              SSDEEP:
                              MD5:EE8A7BC52F49870FFAB6EDC28189A423
                              SHA1:695EC61C58E4DA34290BD47208FF0426A050BC4E
                              SHA-256:3C53E3D234CDFD874937293CF42B26F685473A8E844217007127AB4062516859
                              SHA-512:F567F418BA553DFEC66E077C5B805E9DB978FD6D0BBC05D50E221BC58D7B6C737EDBAE809E04A3408144F7E65611A225159EA99FDD3B5B7755C66DA7DF96FEBD
                              Malicious:false
                              Reputation:unknown
                              Preview:.........................................xb..t/.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:ASCII text
                              Category:dropped
                              Size (bytes):338
                              Entropy (8bit):5.169626695868185
                              Encrypted:false
                              SSDEEP:
                              MD5:E77C21092E80462CB2225AF31929200C
                              SHA1:8ABDE62E94D6140A29F213CA4456D2F392395ACE
                              SHA-256:CE094DA17ABE284ECAE36ABF59B57ED8CEA37D6B07F68DD6F982797BC6435C02
                              SHA-512:99D3EBE1E13447423FA0EA69E2947DC59840B8410F681CCB4279BDE4F5C194B48E5BEC1AFEC65138B3383857BB6D4E5EE4533448BEBFC17FBC01A1F366F96EB9
                              Malicious:false
                              Reputation:unknown
                              Preview:2024/04/16-10:33:51.142 44 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/MANIFEST-000001.2024/04/16-10:33:51.143 44 Recovering log #3.2024/04/16-10:33:51.143 44 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/000003.log .

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeHubAppUsage\EdgeHubAppUsageSQLite.db

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 6
                              Category:dropped
                              Size (bytes):20480
                              Entropy (8bit):0.6140470972257319
                              Encrypted:false
                              SSDEEP:
                              MD5:04C4EE2EC41704B031921CE02067D4D7
                              SHA1:A7F063CC132CC1B03CED9AC3C456AA7780E9652B
                              SHA-256:B53CBD30BD0E9105035E65E6E0F8200F5B6917B447490361DFCF575A56B17215
                              SHA-512:9210DA6EEFC1403E8465CD5D2614F6BCD88C507B5FEB9892755D22779816BD7D63219E2A23968C4C60B985FE2D0AD9F1A9701755F80EE02BBC5BD6FFF8FCDEB2
                              Malicious:false
                              Reputation:unknown
                              Preview:SQLite format 3......@ ..........................................................................j...%.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\000003.log

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:data
                              Category:dropped
                              Size (bytes):392643
                              Entropy (8bit):5.409231769036368
                              Encrypted:false
                              SSDEEP:
                              MD5:53D5F1DBCE8E7B525AB53E26B1F0A0C0
                              SHA1:AD23FCC32E8AE658F446528FCA93FB41A2C0397B
                              SHA-256:53B0E3FBCB853D146CC7FA4F33045F3995328C6A9FE9C47C467D9938CB3F2FF4
                              SHA-512:AD8EC24B29C03922C6B637DC0B359F19F12E81DCD7AB200E45200703813D0E4CC6C73CA6D29251BC2803BCB2DD3600CE8D818D837B4790443EEE796B4F966DEC
                              Malicious:false
                              Reputation:unknown
                              Preview:...m.................DB_VERSION.1.M.................&QUERY_TIMESTAMP:domains_config_gz2.*.*.13357730034661326..QUERY:domains_config_gz2.*.*..[{"name":"domains_config_gz","url":"https://edgeassetservice.azureedge.net/assets/domains_config_gz/2.8.75/asset?sv=2017-07-29&sr=c&sig=R83mlHRCqeHRG9T0loza5cz3U8zjuZzQy2wVvoSHGHw%3D&st=2021-01-01T00%3A00%3A00Z&se=2024-06-30T00%3A00%3A00Z&sp=r&assetgroup=EntityExtractionDomainsConfig","version":{"major":2,"minor":8,"patch":75},"hash":"EwG2gkfquexLj6u3yjHyiL4YQwdU318k1Hub+1rSDMI=","size":391864}].xW..}...............ASSET_VERSION:domains_config_gz.2.8.75..ASSET:domains_config_gz...{"config": {"token_limit": 1600, "page_cutoff": 4320, "default_locale_map": {"bg": "bg-bg", "bs": "bs-ba", "el": "el-gr", "en": "en-us", "es": "es-mx", "et": "et-ee", "cs": "cs-cz", "da": "da-dk", "de": "de-de", "fa": "fa-ir", "fi": "fi-fi", "fr": "fr-fr", "he": "he-il", "hr": "hr-hr", "hu": "hu-hu", "id": "id-id", "is": "is-is", "it": "it-it", "ja": "ja-jp", "ko": "ko-k

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\LOG

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:ASCII text
                              Category:dropped
                              Size (bytes):305
                              Entropy (8bit):5.176926635349206
                              Encrypted:false
                              SSDEEP:
                              MD5:20D40377EB0C2BC6D5831F4529DF842D
                              SHA1:64DB1EE8E386613C5EE8123D70FFB957BADBF235
                              SHA-256:A528558DC81FE6FB4739D442F02B38E1DA428FB81E26DD15AEFFCAD282A58A19
                              SHA-512:32668492007116243065E919CF776F1E74E694F74D0E52DD556A148EEB8C9349E6086F7B0223300558171BE277879E65845D1EA6B029EEBF71FB1572F1F7FBBC
                              Malicious:false
                              Reputation:unknown
                              Preview:2024/04/16-10:33:54.049 7e0 Creating DB C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtractionAssetStore.db since it was missing..2024/04/16-10:33:54.159 7e0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtractionAssetStore.db/MANIFEST-000001.

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\domains_config.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:modified
                              Size (bytes):374811
                              Entropy (8bit):5.396166914983505
                              Encrypted:false
                              SSDEEP:
                              MD5:8DF51B96D708F0953FDC83CB07128FC1
                              SHA1:594DEE3D615361F6FD08B2A7F529CDD7EA8D836B
                              SHA-256:513A799C39B4D5C008E1AF43236923E83FC36B6A982DB2E43AA88CB6CB5E2E17
                              SHA-512:569CD9CCC6C96834E729AD3A5A6D7271C429EC380E671F0AEF1129632191AF26CE742E7A8124EC927AC55B40480295CE978A24A1BC1298BF66193CC23BD0C3DC
                              Malicious:false
                              Reputation:unknown
                              Preview:{"aee_config":{"ar":{"price_regex":{"ae":"(((ae|aed|\\x{062F}\\x{0660}\\x{0625}\\x{0660}|\\x{062F}\\.\\x{0625}|dhs|dh)\\s*\\d{1,3})|(\\d{1,3}\\s*(ae|aed|\\x{062F}\\x{0660}\\x{0625}\\x{0660}|\\x{062F}\\.\\x{0625}|dhs|dh)))","dz":"(((dzd|da|\\x{062F}\\x{062C})\\s*\\d{1,3})|(\\d{1,3}\\s*(dzd|da|\\x{062F}\\x{062C})))","eg":"(((e\\x{00a3}|egp)\\s*\\d{1,3})|(\\d{1,3}\\s*(e\\x{00a3}|egp)))","ma":"(((mad|dhs|dh)\\s*\\d{1,3})|(\\d{1,3}\\s*(mad|dhs|dh)))","sa":"((\\d{1,3}\\s*(sar\\s*\\x{fdfc}|sar|sr|\\x{fdfc}|\\.\\x{0631}\\.\\x{0633}))|((sar\\s*\\x{fdfc}|sar|sr|\\x{fdfc}|\\.\\x{0631}\\.\\x{0633})\\s*\\d{1,3}))"},"product_terms":"((\\x{0623}\\x{0636}\\x{0641}\\s*\\x{0625}\\x{0644}\\x{0649}\\s*\\x{0627}\\x{0644}\\x{0639}\\x{0631}\\x{0628}\\x{0629})|(\\x{0623}\\x{0636}\\x{0641}\\s*\\x{0625}\\x{0644}\\x{0649}\\s*\\x{0627}\\x{0644}\\x{062D}\\x{0642}\\x{064A}\\x{0628}\\x{0629})|(\\x{0627}\\x{0634}\\x{062A}\\x{0631}\\x{064A}\\s*\\x{0627}\\x{0644}\\x{0622}\\x{0646})|(\\x{062E}\\x{064A}\\x{0627}\\x{0631}

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\000003.log

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:data
                              Category:dropped
                              Size (bytes):418
                              Entropy (8bit):1.8784775129881184
                              Encrypted:false
                              SSDEEP:
                              MD5:BF097D724FDF1FCA9CF3532E86B54696
                              SHA1:4039A5DD607F9FB14018185F707944FE7BA25EF7
                              SHA-256:1B8B50A996172C16E93AC48BCB94A3592BEED51D3EF03F87585A1A5E6EC37F6B
                              SHA-512:31857C157E5B02BCA225B189843CE912A792A7098CEA580B387977B29E90A33C476DF99AD9F45AD5EB8DA1EFFD8AC3A78870988F60A32D05FA2DA8F47794FACE
                              Malicious:false
                              Reputation:unknown
                              Preview:.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5...............

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:ASCII text
                              Category:dropped
                              Size (bytes):314
                              Entropy (8bit):5.171059188160976
                              Encrypted:false
                              SSDEEP:
                              MD5:63369296339B8A9476B4D734C676C0F7
                              SHA1:2C5F4804CFB37707AD41EA6BC6914E2A0B48DAA3
                              SHA-256:716E7E1797DC94BDDC1DF3958CF021704810B06E46D780806BF60E352177953E
                              SHA-512:CB9BE8E201738141D2F77C5261720F573CBB7A1ECD683EDF856A8CB9E4FBED2FEE525D3E4CAE7109A3DDB2103CF2A430AD0E7951FB3C8BF0A060AFC8A9E28276
                              Malicious:false
                              Reputation:unknown
                              Preview:2024/04/16-10:33:51.186 44 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/MANIFEST-000001.2024/04/16-10:33:51.249 44 Recovering log #3.2024/04/16-10:33:51.250 44 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/000003.log .

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:ASCII text
                              Category:dropped
                              Size (bytes):318
                              Entropy (8bit):5.1614834163407375
                              Encrypted:false
                              SSDEEP:
                              MD5:D938448BD2B7D7359583F446B95E6217
                              SHA1:811AADBFD611DBC96B3D6A65DD6D874EA93AF975
                              SHA-256:13D4C835F51F3F2A9125BD12619F0424ADAB1E232378494D5F84020411ACCFF6
                              SHA-512:B00C8BCC0A9B29F53D0CD9F8D091AD5391756427A33D1A30CAC198AE92834CA883ACF24051646A22E7E2E4611D8A74420B572D4E6F89984FA829B2B091222F82
                              Malicious:false
                              Reputation:unknown
                              Preview:2024/04/16-10:33:51.254 44 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/MANIFEST-000001.2024/04/16-10:33:51.255 44 Recovering log #3.2024/04/16-10:33:51.256 44 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/000003.log .

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\000003.log

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:data
                              Category:dropped
                              Size (bytes):1254
                              Entropy (8bit):1.8784775129881184
                              Encrypted:false
                              SSDEEP:
                              MD5:826B4C0003ABB7604485322423C5212A
                              SHA1:6B8EF07391CD0301C58BB06E8DEDCA502D59BCB4
                              SHA-256:C56783C3A6F28D9F7043D2FB31B8A956369F25E6CE6441EB7C03480334341A63
                              SHA-512:0474165157921EA84062102743EE5A6AFE500F1F87DE2E87DBFE36C32CFE2636A0AE43D8946342740A843D5C2502EA4932623C609B930FE8511FE7356D4BAA9C
                              Malicious:false
                              Reputation:unknown
                              Preview:.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5........

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:ASCII text
                              Category:dropped
                              Size (bytes):317
                              Entropy (8bit):5.1610283238658745
                              Encrypted:false
                              SSDEEP:
                              MD5:E62EE0E9279B16308E4DB398FCD7DC4F
                              SHA1:34A012D3EA705FB3ED1EF09AF8178A9D64519F6F
                              SHA-256:DE18815DA17DED1300D038249CA0BCBB5C88C56B2EC4279ECBB59AB999256544
                              SHA-512:821A607404F25C5D9D840495B356E143513C06BF67884FE865F9E1247946237200AE3DD6026EC568CA58843E344F68EC872D747775E4FDC756221FBD2AF0E068
                              Malicious:false
                              Reputation:unknown
                              Preview:2024/04/16-10:33:51.653 ea8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/MANIFEST-000001.2024/04/16-10:33:51.654 ea8 Recovering log #3.2024/04/16-10:33:51.654 ea8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/000003.log .

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha\1.2.1_0\_metadata\computed_hashes.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):429
                              Entropy (8bit):5.809210454117189
                              Encrypted:false
                              SSDEEP:
                              MD5:5D1D9020CCEFD76CA661902E0C229087
                              SHA1:DCF2AA4A1C626EC7FFD9ABD284D29B269D78FCB6
                              SHA-256:B829B0DF7E3F2391BFBA70090EB4CE2BA6A978CCD665EEBF1073849BDD4B8FB9
                              SHA-512:5F6E72720E64A7AC19F191F0179992745D5136D41DCDC13C5C3C2E35A71EB227570BD47C7B376658EF670B75929ABEEBD8EF470D1E24B595A11D320EC1479E3C
                              Malicious:false
                              Reputation:unknown
                              Preview:{"file_hashes":[{"block_hashes":["OdZL4YFLwCTKbdslekC6/+U9KTtDUk+T+nnpVOeRzUc=","6RbL+qKART8FehO4s7U0u67iEI8/jaN+8Kg3kII+uy4=","CuN6+RcZAysZCfrzCZ8KdWDkQqyaIstSrcmsZ/c2MVs="],"block_size":4096,"path":"content.js"},{"block_hashes":["OdZL4YFLwCTKbdslekC6/+U9KTtDUk+T+nnpVOeRzUc=","UL53sQ5hOhAmII/Yx6muXikzahxM+k5gEmVOh7xJ3Rw=","u6MdmVNzBUfDzMwv2LEJ6pXR8k0nnvpYRwOL8aApwP8="],"block_size":4096,"path":"content_new.js"}],"version":2}

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Favicons

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 2, database pages 19, cookie 0x8, schema 4, UTF-8, version-valid-for 2
                              Category:dropped
                              Size (bytes):40960
                              Entropy (8bit):4.322073541387884
                              Encrypted:false
                              SSDEEP:
                              MD5:7431E680B288F1075FB97F381F7E7C92
                              SHA1:DDC9E9516794A707784ADA69D1747E04D30E2FF9
                              SHA-256:656AC28796BF55A42B0B342ED73BE7B70882F8DF6C91F90EAAA0ED0E779C0F39
                              SHA-512:9ABBCC8988622D201E633C05C49FD100D3EBEC83D738A57BA3654F4B31FD0B38B920610FD04715E3EACFE6DD0B3C20B2BBACE5E8206AC95DF15C1E926B06EFE8
                              Malicious:false
                              Reputation:unknown
                              Preview:SQLite format 3......@ ..........................................................................j..........g....._.c...~.2.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................s...;+...indexfavicon_bitmaps_icon_idfavico

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_1

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:data
                              Category:dropped
                              Size (bytes):270336
                              Entropy (8bit):0.0018164538716206493
                              Encrypted:false
                              SSDEEP:
                              MD5:F3AA439BB4A453B2336B7B31BAC4B81D
                              SHA1:00441138495DA70F62BB71C38C0127616BF2413A
                              SHA-256:45E53B0252C82E10B2392F56F1C80785F1381DEC5DBD0E4E9976E9858DD804B4
                              SHA-512:89A11056022D1778E22529556A5C69AAA896E685BEC7D35E0E46232884A452D63A00C004944E8E5948D6717F2CAFB6BF13AACC090273266AD55A7A07F69001E6
                              Malicious:false
                              Reputation:unknown
                              Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_3

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:data
                              Category:dropped
                              Size (bytes):8192
                              Entropy (8bit):0.012340643231932763
                              Encrypted:false
                              SSDEEP:
                              MD5:41876349CB12D6DB992F1309F22DF3F0
                              SHA1:5CF26B3420FC0302CD0A71E8D029739B8765BE27
                              SHA-256:E09F42C398D688DCE168570291F1F92D079987DEDA3099A34ADB9E8C0522B30C
                              SHA-512:E9A4FC1F7CB6AE2901F8E02354A92C4AAA7A53C640DCF692DB42A27A5ACC2A3BFB25A0DE0EB08AB53983132016E7D43132EA4292E439BB636AAFD53FB6EF907E
                              Malicious:false
                              Reputation:unknown
                              Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\index

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
                              Category:dropped
                              Size (bytes):262512
                              Entropy (8bit):9.553120663130604E-4
                              Encrypted:false
                              SSDEEP:
                              MD5:645F7ACCA59D189E653FD880375A4F92
                              SHA1:1C0E7BCC7299EA7006D45ADAC02ABDFCB1DE608F
                              SHA-256:C5E20CF88091D04DD459A389A78B2597706A27FB7C375F64BF00A9E32BC9C7B2
                              SHA-512:C8C9A29FC964B4F9D9F4B645E5853E893D908B72CEF033599F9865D28ACF766E766875044E0E17B35B02EF28E521BE46C12E0DF23D9663527C57254C3A9B9F43
                              Malicious:false
                              Reputation:unknown
                              Preview:........................................m.a..t/.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 38, cookie 0x1f, schema 4, UTF-8, version-valid-for 2
                              Category:dropped
                              Size (bytes):155648
                              Entropy (8bit):0.6195856540997604
                              Encrypted:false
                              SSDEEP:
                              MD5:BDE575CA55414B0CDC71A233128EF694
                              SHA1:21D4EB94F3B97EE09397FD784B52D474AD464342
                              SHA-256:A37237A17C56EC8FBFA892653E14BCCD075B1EC84E1BD2109D14EDE27CA1DBEA
                              SHA-512:22A4B10C52079A845607AC695F070CD4308CDB32B79318CB437DB622D243E1328D67D63690B9672185CD8D54999A00E80694443011981D88B56E7ED137E438E3
                              Malicious:false
                              Reputation:unknown
                              Preview:SQLite format 3......@ .......&..................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps (copy)

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:ASCII text, with very long lines (1597), with CRLF line terminators
                              Category:dropped
                              Size (bytes):0
                              Entropy (8bit):0.0
                              Encrypted:false
                              SSDEEP:
                              MD5:3D8183370B5E2A9D11D43EBEF474B305
                              SHA1:155AB0A46E019E834FA556F3D818399BFF02162B
                              SHA-256:6A30BADAD93601FC8987B8239D8907BCBE65E8F1993E4D045D91A77338A2A5B4
                              SHA-512:B7AD04F10CD5DE147BDBBE2D642B18E9ECB2D39851BE1286FDC65FF83985EA30278C95263C98999B6D94683AE1DB86436877C30A40992ACA1743097A2526FE81
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "current_locale": "en-GB",.. "hub_apps": [ {.. "auto_show": {.. "enabled": true,.. "fre_notification": {.. "enabled": true,.. "header": "Was opening this pane helpful to you?",.. "show_count": 2,.. "text": "Was opening this pane helpful to you?".. },.. "settings_description": "We'll automatically open Bing Chat in the sidebar to show you relevant web experiences alongside your web content",.. "settings_title": "Automatically open Bing Chat in the sidebar",.. "triggering_configs|flight:msHubAppsMsnArticleAutoShowTriggering": [ {.. "show_count_basis": "signal",.. "signal_name": "IsMsnArticleAutoOpenFromP1P2",.. "signal_threshold": 0.5.. } ],.. "triggering_configs|flight:msUndersidePersistentChat": [ {.. "signal_name": "IsUndersidePersistentChatLink",.. "signal_threshold": 0.5.. } ],.. "triggering_co

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps Icons

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 11, cookie 0x3, schema 4, UTF-8, version-valid-for 6
                              Category:dropped
                              Size (bytes):45056
                              Entropy (8bit):3.549022827525731
                              Encrypted:false
                              SSDEEP:
                              MD5:E3B20813CACA1AD2851705E502BF7073
                              SHA1:D54EABCAF2AEC8EFDB46525CE3991E1B3B190DF4
                              SHA-256:97F89C2F37E03E9761E243A45870F13B147A27371C8606BD1975033E03517288
                              SHA-512:2B003EF9640759ADE7792EC6A8991D60E939DF63AB6A8A358D4DD637A9D8E9CE730786117D77A3668979604763ED62F581935D33D507608C2696A2911051A74A
                              Malicious:false
                              Reputation:unknown
                              Preview:SQLite format 3......@ ..........................................................................j..........g...:.8....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:ASCII text
                              Category:dropped
                              Size (bytes):401
                              Entropy (8bit):5.2616664300306475
                              Encrypted:false
                              SSDEEP:
                              MD5:0E7A85C5141E34AD4F6CF2139C05A7E9
                              SHA1:362B859270F5825EB6CB2F7E06CD6FAC5605B371
                              SHA-256:688286752CEE5049760850379A4B88FE9BBE66F76718227F751942A675824A30
                              SHA-512:C561A2BF5D7EEE3567DACFD19E25E81A4AFCDABADF09C7A46F032C89913CE6E90EEC0DC90FCA21F62803B599C1A06B2002DA9417704AD2D9D5435A5813DB5912
                              Malicious:false
                              Reputation:unknown
                              Preview:2024/04/16-10:33:52.345 a70 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/MANIFEST-000001.2024/04/16-10:33:52.346 a70 Recovering log #3.2024/04/16-10:33:52.346 a70 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/000003.log .

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\000003.log

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:data
                              Category:dropped
                              Size (bytes):1258
                              Entropy (8bit):5.427553716424481
                              Encrypted:false
                              SSDEEP:
                              MD5:F65616CB7E0D7AF7802227104E5BE93F
                              SHA1:8DE996F451C12F81C80A4078EF44051DED82B06E
                              SHA-256:BCAE1093F90039ECC6BABBF1F4E3EE9D1DA48271D72CB603FA1BDE775201E2AA
                              SHA-512:5FEEEDBF6405EC25FDCC541937B927DC541E5E74F7CDADC9DAFAF0C0DA07886973C7AF5B7BE0A6DB51A85C07F814D1E35717A6AAAC802D5EF40976E58D9ADE7E
                              Malicious:false
                              Reputation:unknown
                              Preview:VV.p'................VERSION.1..META:https://ntp.msn.com.............!_https://ntp.msn.com..LastKnownPV..1713256436080.-_https://ntp.msn.com..LastVisuallyReadyMarker..1713256438294.._https://ntp.msn.com..bkgdV~.{"cachedVideoId":-1,"lastUpdatedTime":1713256436166,"schedule":[10,31,-1,-1,-1,18,-1],"scheduleFixed":[10,31,-1,-1,-1,18,-1]}.%_https://ntp.msn.com..clean_meta_flag..1.5_https://ntp.msn.com..enableUndersideAutoOpenFromEdge..false.&_https://ntp.msn.com..oneSvcUniTunMode..header."_https://ntp.msn.com..pageVersions..{"dhp":"20240415.544"}.*_https://ntp.msn.com..pivotSelectionSource..sticky.#_https://ntp.msn.com..selectedPivot..myFeed.#_https://ntp.msn.com..switchedPivot..myFeed.V_https://ntp.msn.com..Tue Apr 16 2024 10:33:55 GMT+0200 (Central European Summer Time).!_https://ntp.msn.com..storageTest....................!_https://ntp.msn.com..LastKnownPV.-_https://ntp.msn.com..LastVisuallyReadyMarker.._https://ntp.msn.com..bkgdV.%_https://ntp.msn.com..clean_meta_flag.5_https://ntp.ms

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:ASCII text
                              Category:dropped
                              Size (bytes):332
                              Entropy (8bit):5.1901796520179735
                              Encrypted:false
                              SSDEEP:
                              MD5:A55C73FED0E7B53D4F2CB9B82F29538F
                              SHA1:B4E5313F57A7C9FB70F1D9CCF332E8E7FAB3908D
                              SHA-256:BA359195D92B0B1396F763D72826BB62DA1199542976E413B082368E97B5B0B3
                              SHA-512:F5FDCA6192BADB4C604FD90731F54ECFA3FB3099DFA9B55021C130371D24F308B071F5479067065F0C7B1841B9DC6B02477CB04634D55A9A977534BB78950082
                              Malicious:false
                              Reputation:unknown
                              Preview:2024/04/16-10:33:51.284 19fc Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/MANIFEST-000001.2024/04/16-10:33:51.286 19fc Recovering log #3.2024/04/16-10:33:51.289 19fc Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/000003.log .

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\72dd6352-f548-4606-9297-21cd8c0bd643.tmp

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):40
                              Entropy (8bit):4.1275671571169275
                              Encrypted:false
                              SSDEEP:
                              MD5:20D4B8FA017A12A108C87F540836E250
                              SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                              SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                              SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                              Malicious:false
                              Reputation:unknown
                              Preview:{"SDCH":{"dictionaries":{},"version":2}}

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\7a8191d1-3546-48a4-9efe-2495306f3402.tmp

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):649
                              Entropy (8bit):5.2804969423763195
                              Encrypted:false
                              SSDEEP:
                              MD5:F17CFB14BD1DF4639319E1927EB43BB6
                              SHA1:ADFE15273A308DF0F86EED15577F62CA6EAE12E8
                              SHA-256:8D8362772887ED07228BF8F6B430CD10A26B7DC6AD502736FF0485232932A4DE
                              SHA-512:F2AC5647E08974735FFF7B0055EAE950D1505E26ED45BB10287421661805D95BDAE6A1255DE65B4CE3EF1159FE67D3AC9827E6852BD357D5518ACB5E5E478D55
                              Malicious:false
                              Reputation:unknown
                              Preview:{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13360322032249476","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"server":"https://clients2.google.com"},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13360322032901980","port":443,"protocol_str":"quic"}],"anonymization":["JAAAAB0AAABodHRwczovL2dvb2dsZXVzZXJjb250ZW50LmNvbQAAAA==",false],"server":"https://clients2.googleusercontent.com"}],"supports_quic":{"address":"192.168.2.16","used_quic":true},"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"4G"}}}

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Cookies

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 10, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 10
                              Category:dropped
                              Size (bytes):20480
                              Entropy (8bit):1.7786727259448794
                              Encrypted:false
                              SSDEEP:
                              MD5:32E2BCECB7E841A8C8335DFCB2C3B4FE
                              SHA1:FC71A5E201AB248FB7027902E0BF43CAA7142701
                              SHA-256:4E07E845ADABB8CC3867E0E10D25B8D60F071C6CD2F42A66286E365A4FE26CFF
                              SHA-512:C2A7F67D5728C6B46F3D3B5639EE29387BBBFC6231F9860B68F13830BAD3F6A5E28573A2147A54A80DB4F8FAEC5FF3DB1BA3C9BD5B496AA412B7D640DC774C3E
                              Malicious:false
                              Reputation:unknown
                              Preview:SQLite format 3......@ ..........................................................................j...$......g..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State (copy)

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):0
                              Entropy (8bit):0.0
                              Encrypted:false
                              SSDEEP:
                              MD5:285252A2F6327D41EAB203DC2F402C67
                              SHA1:ACEDB7BA5FBC3CE914A8BF386A6F72CA7BAA33C6
                              SHA-256:5DFC321417FC31359F23320EA68014EBFD793C5BBED55F77DAB4180BBD4A2026
                              SHA-512:11CE7CB484FEE66894E63C31DB0D6B7EF66AD0327D4E7E2EB85F3BCC2E836A3A522C68D681E84542E471E54F765E091EFE1EE4065641B0299B15613EB32DCC0D
                              Malicious:false
                              Reputation:unknown
                              Preview:{"net":{"http_server_properties":{"servers":[],"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"4G"}}}

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State~RF32461.TMP (copy)

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):0
                              Entropy (8bit):0.0
                              Encrypted:false
                              SSDEEP:
                              MD5:285252A2F6327D41EAB203DC2F402C67
                              SHA1:ACEDB7BA5FBC3CE914A8BF386A6F72CA7BAA33C6
                              SHA-256:5DFC321417FC31359F23320EA68014EBFD793C5BBED55F77DAB4180BBD4A2026
                              SHA-512:11CE7CB484FEE66894E63C31DB0D6B7EF66AD0327D4E7E2EB85F3BCC2E836A3A522C68D681E84542E471E54F765E091EFE1EE4065641B0299B15613EB32DCC0D
                              Malicious:false
                              Reputation:unknown
                              Preview:{"net":{"http_server_properties":{"servers":[],"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"4G"}}}

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Reporting and NEL

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 9, cookie 0x4, schema 4, UTF-8, version-valid-for 6
                              Category:modified
                              Size (bytes):36864
                              Entropy (8bit):1.4832807087392434
                              Encrypted:false
                              SSDEEP:
                              MD5:CEEE3D2C6EE72B217EEB8817EA907CD2
                              SHA1:5FF3852C2C94BEB656C5597A4462C6C949D8488D
                              SHA-256:88189F573B5884C9EFD530047F9A46787412EC36E4E034783F8015389D3DC8A2
                              SHA-512:724A3221EF64C14B04B009FE7B8DBD1026E90907A0B4CA68A591337BF9D45AFA0FDF7575C42523653907C00EC624D29DD1580FF34D7E17D6321A55FE5CA699D6
                              Malicious:false
                              Reputation:unknown
                              Preview:SQLite format 3......@ ..........................................................................j..........g...D.........7............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries (copy)

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):0
                              Entropy (8bit):0.0
                              Encrypted:false
                              SSDEEP:
                              MD5:20D4B8FA017A12A108C87F540836E250
                              SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                              SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                              SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                              Malicious:false
                              Reputation:unknown
                              Preview:{"SDCH":{"dictionaries":{},"version":2}}

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Token Bindings

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 2
                              Category:dropped
                              Size (bytes):20480
                              Entropy (8bit):0.4716248163409303
                              Encrypted:false
                              SSDEEP:
                              MD5:72E9D82D6C1742197EEA43EC203C6825
                              SHA1:275AE552E437747FD707962111675AA2C8DEEB0F
                              SHA-256:0DB0BA239E0421208146C4FBB809F2DBD960019FE4F4EC4CBC894C29627DD759
                              SHA-512:C62C7C0C9BBE1CFAE2FEF39FBDF70BB5316713D87453096676BD854A19FDD8BC62F1608F8BE3602AD8770B94C13FFE5A9516F05A95548615CB78ED9CEADC7EA9
                              Malicious:false
                              Reputation:unknown
                              Preview:SQLite format 3......@ ..........................................................................j.......q..g...q.0....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\a48af8c5-d3d8-4be2-b309-2caf816a582c.tmp

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):111
                              Entropy (8bit):4.718418993774295
                              Encrypted:false
                              SSDEEP:
                              MD5:285252A2F6327D41EAB203DC2F402C67
                              SHA1:ACEDB7BA5FBC3CE914A8BF386A6F72CA7BAA33C6
                              SHA-256:5DFC321417FC31359F23320EA68014EBFD793C5BBED55F77DAB4180BBD4A2026
                              SHA-512:11CE7CB484FEE66894E63C31DB0D6B7EF66AD0327D4E7E2EB85F3BCC2E836A3A522C68D681E84542E471E54F765E091EFE1EE4065641B0299B15613EB32DCC0D
                              Malicious:false
                              Reputation:unknown
                              Preview:{"net":{"http_server_properties":{"servers":[],"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"4G"}}}

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Nurturing\campaign_history

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 3
                              Category:dropped
                              Size (bytes):20480
                              Entropy (8bit):0.8024195212890469
                              Encrypted:false
                              SSDEEP:
                              MD5:46EDAE9A257690D0F0113262903FC779
                              SHA1:3743EBAEA077D0970A30B40EA36135C8EAB0BDAC
                              SHA-256:A17EE4A87C39F35505B7CF9715E0F63F87F62DDDD9956569774AE6664B3C4BA1
                              SHA-512:663973F9EA720B3FBEA37008253A9D21734589FD34A88F8739D71CDEDBEA67A49BE45DEFE5E3F7D75EF1EA018EAAC39948BCE0305FC8332921A63B23880E8912
                              Malicious:false
                              Reputation:unknown
                              Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences (copy)

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:Unicode text, UTF-8 text, with very long lines (17159), with no line terminators
                              Category:dropped
                              Size (bytes):0
                              Entropy (8bit):0.0
                              Encrypted:false
                              SSDEEP:
                              MD5:26754F06D9101C1B23EF4E0EFD2BB391
                              SHA1:90AE8F57F32394F3E8654311BE2D3C7147C2423D
                              SHA-256:1E1632026226C10D3408DF79A01F7E8D2B019F19AAD5D4E8C4FFC418A4F9A7E7
                              SHA-512:B9B973727BE176BC8297A00E2FCFDEDD52EEECA2D30166E2E211EF4F263E3C5868F4E4527847CC9E0DABA50AB516485FE2122C5FAC8519F7E9F99199E5CDA258
                              Malicious:false
                              Reputation:unknown
                              Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13357730031466038","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13341058280410352","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117794":{"last_path":""},"380c71d3-10bf-4a5d-9a06-c932e4b7d1d8":{"last_path":""},"3a2f4dee-d482-4ef8-baef-cb22b6496

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF32442.TMP (copy)

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:Unicode text, UTF-8 text, with very long lines (17159), with no line terminators
                              Category:dropped
                              Size (bytes):0
                              Entropy (8bit):0.0
                              Encrypted:false
                              SSDEEP:
                              MD5:26754F06D9101C1B23EF4E0EFD2BB391
                              SHA1:90AE8F57F32394F3E8654311BE2D3C7147C2423D
                              SHA-256:1E1632026226C10D3408DF79A01F7E8D2B019F19AAD5D4E8C4FFC418A4F9A7E7
                              SHA-512:B9B973727BE176BC8297A00E2FCFDEDD52EEECA2D30166E2E211EF4F263E3C5868F4E4527847CC9E0DABA50AB516485FE2122C5FAC8519F7E9F99199E5CDA258
                              Malicious:false
                              Reputation:unknown
                              Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13357730031466038","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13341058280410352","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117794":{"last_path":""},"380c71d3-10bf-4a5d-9a06-c932e4b7d1d8":{"last_path":""},"3a2f4dee-d482-4ef8-baef-cb22b6496

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences (copy)

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):0
                              Entropy (8bit):0.0
                              Encrypted:false
                              SSDEEP:
                              MD5:4A13C592764F16530C95B1F112666C4D
                              SHA1:B2F5D8670DF973DA6E567A853C30AC29BF4ED69F
                              SHA-256:66431D3623518E0F899E0260AD65172805825EF799239F9D8A8FE6BF860D7503
                              SHA-512:8603CDEBE374168F802D7448D6F3E7945BBEF89F04EEA7FC906D6187A6EEB6C0B19AC29A8F982549AF730E1CDFB2F760C0D0A0D635276B0CE7DFEC0644F3981F
                              Malicious:false
                              Reputation:unknown
                              Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13357730031140904","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13357730031140904","location":5,"ma

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences~RF32433.TMP (copy)

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):0
                              Entropy (8bit):0.0
                              Encrypted:false
                              SSDEEP:
                              MD5:4A13C592764F16530C95B1F112666C4D
                              SHA1:B2F5D8670DF973DA6E567A853C30AC29BF4ED69F
                              SHA-256:66431D3623518E0F899E0260AD65172805825EF799239F9D8A8FE6BF860D7503
                              SHA-512:8603CDEBE374168F802D7448D6F3E7945BBEF89F04EEA7FC906D6187A6EEB6C0B19AC29A8F982549AF730E1CDFB2F760C0D0A0D635276B0CE7DFEC0644F3981F
                              Malicious:false
                              Reputation:unknown
                              Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13357730031140904","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13357730031140904","location":5,"ma

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\000003.log

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:data
                              Category:dropped
                              Size (bytes):209
                              Entropy (8bit):4.781750903806468
                              Encrypted:false
                              SSDEEP:
                              MD5:7C1B96DAB9280D6BA57513C7B67D992F
                              SHA1:B2EE388821413E5CE5D9ECD38998F71B23FFCC69
                              SHA-256:103E2BB870EF8E0155FCAEE58BB8B3421B45B580F087A72E59F67C1205C4422B
                              SHA-512:765944240657437099C01890941F471D54F628E611E51DF6F50D8CA2902D874E98C664EBDBBFDC1C63E7BCADCFDC006D0B2D0DBC7B6FA4B6D790E859EF3C8D5D
                              Malicious:false
                              Reputation:unknown
                              Preview:....I................URES:0...INITDATA_NEXT_RESOURCE_ID.1..INITDATA_DB_VERSION.2r..;................REG:https://ntp.msn.com/.0..REGID_TO_ORIGIN:0MeN+.................URES:0..PRES:0.J4...................PRES:0

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\LOG

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:ASCII text
                              Category:dropped
                              Size (bytes):293
                              Entropy (8bit):5.174774493034927
                              Encrypted:false
                              SSDEEP:
                              MD5:E2A45EBE10B5289B4A23D8BF7FF02042
                              SHA1:7050EAB4C665CE2DDDA3BEF72C8D57EE16B0BF30
                              SHA-256:DC993613F0460D6AC7EEBE91F5631C7E27DA31F7DE614E106C3E3BE4431B6167
                              SHA-512:5DF248BE7EEC4A02B2E4165261EF4A6AFB243F87CF6C98C72BD9D1F4B48CB7632A5B8AB23764D52B41CC32F9F9F4CAB4D213C677106B252DE1121E03337DE95B
                              Malicious:false
                              Reputation:unknown
                              Preview:2024/04/16-10:33:58.279 ea8 Creating DB C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database since it was missing..2024/04/16-10:33:58.291 ea8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database/MANIFEST-000001.

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:data
                              Category:modified
                              Size (bytes):117608
                              Entropy (8bit):5.580464287128792
                              Encrypted:false
                              SSDEEP:
                              MD5:6D65B419D7AEA6B15D37FD79F013E673
                              SHA1:8A5A468EC1901C9CB5BE209849814EF8348CCB0E
                              SHA-256:8A876414179C5DBC39168170587539C533BE57821EB6B5A1756B49C8DE307473
                              SHA-512:4453F2D5134D90FF8E800440E08780F2070EBD5A165D28CDC6FC36CA6A6C71C41CE45111A6BEFDB5F699D00A6D7EE71EABF3359CD09C6D1EF18823E49BDA25EE
                              Malicious:false
                              Reputation:unknown
                              Preview:0\r..m..........rSG.....0!function(e,t){if("object"==typeof exports&&"object"==typeof module)module.exports=t();else if("function"==typeof define&&define.amd)define([],t);else{var s=t();for(var a in s)("object"==typeof exports?exports:e)[a]=s[a]}}(self,(()=>(()=>{"use strict";var e={894:()=>{try{self["workbox:cacheable-response:6.4.0"]&&_()}catch(e){}},81:()=>{try{self["workbox:core:6.4.0"]&&_()}catch(e){}},485:()=>{try{self["workbox:expiration:6.4.0"]&&_()}catch(e){}},484:()=>{try{self["workbox:navigation-preload:6.4.0"]&&_()}catch(e){}},248:()=>{try{self["workbox:precaching:6.4.0"]&&_()}catch(e){}},492:()=>{try{self["workbox:routing:6.4.0"]&&_()}catch(e){}},154:()=>{try{self["workbox:strategies:6.4.0"]&&_()}catch(e){}}},t={};function s(a){var n=t[a];if(void 0!==n)return n.exports;var r=t[a]={exports:{}};return e[a](r,r.exports,s),r.exports}s.g=function(){if("object"==typeof globalThis)return globalThis;try{return this||new Function("return this")()}catch(e){if("object"==typeof window

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_1

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:data
                              Category:dropped
                              Size (bytes):199553
                              Entropy (8bit):6.403663030182366
                              Encrypted:false
                              SSDEEP:
                              MD5:0C1EA8FC39B1DAE3214D65DA449DE7BA
                              SHA1:9C50AE9692EE6B213531B73EB68617DFEB935E2B
                              SHA-256:5F39FFDAE9985DF397154376B80537F36316B6565C29555DFAD5C432109731A6
                              SHA-512:D8A704156A757314A4D86278BBAA55DFAA665961D193B39E216864F7EED4E2A9FF68F22949B6C6813C58F2869400D5D88FFE0A93E83772AF5191FE8BB1B0A397
                              Malicious:false
                              Reputation:unknown
                              Preview:0\r..m..........rSG.....0....Lp.................;s......*(........,T.8..`,.....L`.....,T...`......L`......Rc^.......exports...Rcbed.....module....Rc.(......define....Rb..C.....amd....D..H...........".. ...".. ...!...a..2....]".. ...!...-.....!...|..c.....>a...8v............*.........".. ...!........./..4.....).....$Sb............I`....Da......... ..f..........`...p...0...j...p..H.......Q..b].....https://ntp.msn.com/edge/ntp/service-worker.js?bundles=latest&riverAgeMinutes=2880&enableNetworkFirst=true&navAgeMinutes=2880&enableNavPreload=true&enableEmptySectionRoute=true&enableFallbackVerticalsFeed=true&networkTimeoutSeconds=5...a........Db............D`........A.`............,T.,.`......L`.....,T...`>....DL`.....DSb.....................q....c................I`....Da.....r...,T.`.`z.....L`..........a............a.........Dr8................/....-.......}....4.........../...-..........\....-........(Sb.............q.`....Da....z....T...d..........0..........0e........@............

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\temp-index

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:data
                              Category:dropped
                              Size (bytes):48
                              Entropy (8bit):2.8270049474208716
                              Encrypted:false
                              SSDEEP:
                              MD5:79AF1BA6DE75713B64351C03940DB220
                              SHA1:34862F3F3F07BB17A051047C5C12804CD8F746F5
                              SHA-256:18D0EFFACBEB832F7CE304BE1B75442C241559E4B1E434E3CB22E9EF8BEA1521
                              SHA-512:DCD1B0D5E43A0529CD0598AE869C3A44D97426301929400452BEC8AE609F8436E085C5D62B8972C1E692B85795D53352518CE8DF53537BCBA9D5FFD8D2380709
                              Malicious:false
                              Reputation:unknown
                              Preview:(.....!.oy retne........................H.]..t/.

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index (copy)

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:data
                              Category:dropped
                              Size (bytes):0
                              Entropy (8bit):0.0
                              Encrypted:false
                              SSDEEP:
                              MD5:A38878358984BD435140AB2D562850B7
                              SHA1:C1D0A4DDCA88E1D6C200683BEEA652BE3B4522CF
                              SHA-256:2C7B379D7E0A8CAE05C4A82ACD980BDA071328930FF18D8CDB5891895391D42A
                              SHA-512:D6D0B0FFB83B237B158CEF05AACA67FA1AA1F1107D667F3C1EE5A52199D37D15B422C4B17DBC150742BDA047FBF74AE49A85D0A6F769C04E91766333762AAEA0
                              Malicious:false
                              Reputation:unknown
                              Preview:(......boy retne.........................3...t/.

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RF32433.TMP (copy)

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:data
                              Category:dropped
                              Size (bytes):0
                              Entropy (8bit):0.0
                              Encrypted:false
                              SSDEEP:
                              MD5:A38878358984BD435140AB2D562850B7
                              SHA1:C1D0A4DDCA88E1D6C200683BEEA652BE3B4522CF
                              SHA-256:2C7B379D7E0A8CAE05C4A82ACD980BDA071328930FF18D8CDB5891895391D42A
                              SHA-512:D6D0B0FFB83B237B158CEF05AACA67FA1AA1F1107D667F3C1EE5A52199D37D15B422C4B17DBC150742BDA047FBF74AE49A85D0A6F769C04E91766333762AAEA0
                              Malicious:false
                              Reputation:unknown
                              Preview:(......boy retne.........................3...t/.

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:data
                              Category:dropped
                              Size (bytes):6849
                              Entropy (8bit):3.542824080229877
                              Encrypted:false
                              SSDEEP:
                              MD5:ACDDA583828862110F663C4DC6DBF908
                              SHA1:3BDDC652366C19364C51C062C8F6A5D20EE7A728
                              SHA-256:00DD54CB08F331A0DEC2206A194435F34E149F2CC3FB6DBD69CEF0103253E86B
                              SHA-512:E800945125C1F345AEAFAA4E08188A93297F86DD9694391990081996CA138B8C46879F9EAE82C666BEB6A54B87E6B1C6B6FE9A2A8FCDFCA92D24D0BB24787BE7
                              Malicious:false
                              Reputation:unknown
                              Preview:*...#................version.1..namespace-..&f.................&f.................&f.................&f.................&f.................PSb................next-map-id.1.Cnamespace-6221b261_2331_4888_bcd8_77a95e726f6a-https://ntp.msn.com/.0d.C.................map-0-shd_sweeper./{.".x.-.m.s.-.f.l.i.g.h.t.I.d.".:.".m.s.n.a.l.l.e.x.p.u.s.e.r.s.,.p.r.g.-.s.p.-.l.i.v.e.a.p.i.,.p.r.g.-.a.d.-.b.s.w.p.t.o.5.0.,.p.r.g.-.a.d.-.b.s.w.p.t.o.,.p.r.g.-.a.d.-.h.p.d.i.s.p.r.f.s.h.,.p.r.g.-.c.g.-.h.o.m.e.p.a.g.e.2.,.p.r.g.-.h.p.-.c.g.i.n.,.p.r.g.-.h.p.-.c.g.i.n._.p.1.,.p.r.g.-.h.p.-.c.g.i.n._.s.2.,.p.r.g.-.b.d.-.t.o.p.-.f.2.,.p.r.g.-.s.h.-.b.d.-.d.f.2.,.m.m.s.-.s.c.-.s.c._.c.o.n.4.,.p.r.g.-.a.r.b.-.r.s.z.,.c.p.r.g.-.w.p.o.i.n.f.o.p.-.t.2.,.1.s.-.w.p.o.-.v.i.e.w.s.i.n.f.v.2.,.p.r.g.-.w.p.o.-.i.n.f.o.p.,.a.d.s.-.w.t.u.n.e.-.t.,.s.i.d.-.w.1.-.a.d.d.g.n.o.i.s.e.,.s.i.d.a.m.o.-.w.1.-.s.t.a.g.e.-.2.,.p.r.g.-.s.h.-.f.a.s.h.i.o.n.-.c.,.p.r.g.-.1.s.w.-.s.a.l.2.e.l.t.7.,.p.r.g.-.1.s.w.-.s.a.-.o.f.f.v.3.2.t.1.

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:ASCII text
                              Category:dropped
                              Size (bytes):320
                              Entropy (8bit):5.1578976095345155
                              Encrypted:false
                              SSDEEP:
                              MD5:A0DC22F8FE22737F76B5222CA74DA091
                              SHA1:88672D1679D3145FCDEEB1935BA53B19BB45B56E
                              SHA-256:7E81AB5AB6620648B4318FA6BC5063F5302A8B226C8C52217DFF4A6D58755430
                              SHA-512:075693759CB77398428322FE62957B19AF819E4CB1C0DEFAFB0631D31CF983703B7406B9509A8650EF1236AEAACA388CA23E1AA177F3E0757227668A2E8BC430
                              Malicious:false
                              Reputation:unknown
                              Preview:2024/04/16-10:33:51.515 19fc Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/MANIFEST-000001.2024/04/16-10:33:51.518 19fc Recovering log #3.2024/04/16-10:33:51.522 19fc Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/000003.log .

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Session_13357730033649796

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:data
                              Category:dropped
                              Size (bytes):7448
                              Entropy (8bit):4.086345024375283
                              Encrypted:false
                              SSDEEP:
                              MD5:92FC70F32415760A58B24061A8C63FB2
                              SHA1:AAC3CA35D462BC2010E854244101DA18B7E05989
                              SHA-256:19CCF0F0C9E39DA6899D54CAA03D1FD8343DE0AFA9C2C6A1B895ACB192CC2123
                              SHA-512:31720ECEC25F372C3C871BE7F5EDC85CBD031909903BB4AA536C4C2CE9BBEEB24F9356AB4FC61536A4B757540A2E9335D4DA4B6B211171EF72A9EBB8769F20FB
                              Malicious:false
                              Reputation:unknown
                              Preview:SNSS.......*.N............*.N......."*.N............*.N........*.N........+.N........+.N.....!..+.N................................*.N.+.N.1..,...+.N.$...6221b261_2331_4888_bcd8_77a95e726f6a...*.N........+.N.....Q..........*.N....*.N........................*.N.....................5..0...*.N.&...{544A81F3-86CF-4601-B565-C8CB2CA3983A}.....*.N........*.N........................+.N............+.N.........edge://newtab/......N.e.w. .t.a.b...........!...............................................................x...............................x........g..2....g..2................................... ...................................................r...h.t.t.p.s.:././.n.t.p...m.s.n...c.o.m./.e.d.g.e./.n.t.p.?.l.o.c.a.l.e.=.e.n.-.G.B.&.t.i.t.l.e.=.N.e.w.%.2.0.t.a.b.&.d.s.p.=.1.&.s.p.=.B.i.n.g.&.i.s.F.R.E.M.o.d.a.l.B.a.c.k.g.r.o.u.n.d.=.1.&.s.t.a.r.t.p.a.g.e.=.1.&.P.C.=.U.5.3.1.....................................8.......0.......8...............................................................

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Tabs_13357730050532307

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:data
                              Category:dropped
                              Size (bytes):3664
                              Entropy (8bit):3.842547780160094
                              Encrypted:false
                              SSDEEP:
                              MD5:12D9970C46B70175707F152F106E70AD
                              SHA1:D87DB8D0099DFBD138A3590385C3EDC98D7F3E4D
                              SHA-256:940FB2B1EA2024F0014CF178113E8B67C3EE7B28FB04B5A5CD7F56B91E4FF5A4
                              SHA-512:5BA7CD874E0EFA2FC28D852314F1A258E1F2C3C0FDE0289F79E12458626C0746D32AB2892F2E1578AB6F87A23656E88CD3068FE50CCF836E6A895BA479662425
                              Malicious:false
                              Reputation:unknown
                              Preview:SNSS.......-.N..........t/........-.N.....Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47...........................Microsoft Edge......117.....Not;A=Brand.....8.......Chromium....117.........Microsoft Edge......117.0.2045.47.......Not;A=Brand.....8.0.0.0.....Chromium....117.0.5938.132......117.0.2045.47.......Windows.....10.0.0......x86.............64.................-.N.........edge://newtab/......N.e.w. .t.a.b...........!...............................................................x...............................x........g..2....g..2................................... ...................................................r...h.t.t.p.s.:././.n.t.p...m.s.n...c.o.m./.e.d.g.e./.n.t.p.?.l.o.c.a.l.e.=.e.n.-.G.B.&.t.i.t.l.e.=.N.e.w.%.2.0.t.a.b.&.d.s.p.=.1.&.s.p.=.B.i.n.g.&.i.s.F.R.E.M.o.d.a.l.B.a.c.k.g.r.o.u.n.d.=.1.&.s.t.a.r.t.p.a.g.e.=.1.&.P.C.=.U.5.3.1.....................................8.......0.......8..

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Shortcuts

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 1
                              Category:dropped
                              Size (bytes):20480
                              Entropy (8bit):0.44194574462308833
                              Encrypted:false
                              SSDEEP:
                              MD5:B35F740AA7FFEA282E525838EABFE0A6
                              SHA1:A67822C17670CCE0BA72D3E9C8DA0CE755A3421A
                              SHA-256:5D599596D116802BAD422497CF68BE59EEB7A9135E3ED1C6BEACC48F73827161
                              SHA-512:05C0D33516B2C1AB6928FB34957AD3E03CB0A8B7EEC0FD627DD263589655A16DEA79100B6CC29095C3660C95FD2AFB2E4DD023F0597BD586DD664769CABB67F8
                              Malicious:false
                              Reputation:unknown
                              Preview:SQLite format 3......@ ..........................................................................j..........g....."....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\000003.log

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:data
                              Category:dropped
                              Size (bytes):100
                              Entropy (8bit):4.545875388957412
                              Encrypted:false
                              SSDEEP:
                              MD5:4A8AF3BD0490AC159C7FB4A3F03B214D
                              SHA1:6A16B90610E9070A3AE57B7690BCA5A12ADE010A
                              SHA-256:17753FEF552E8D8E06F3A0D99872473A74C735FA47630F5E0B9D1900269CC66A
                              SHA-512:FA1FBFBCE619D05827EDFDB5B751D52EC7DAEA1D8C5C3C55B461D9A65DFB4A0C066DCE13D5A0109F4D244B53FD1E2740D17397E4F9A37C86C283650BE41353BA
                              Malicious:false
                              Reputation:unknown
                              Preview:.On.!................database_metadata.1..^=5............... 806b9ba4c71ee770bde1effc5f33c190.......

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:ASCII text
                              Category:dropped
                              Size (bytes):345
                              Entropy (8bit):5.121372309774055
                              Encrypted:false
                              SSDEEP:
                              MD5:5935FDD5A3BBEAB56E2B84F6350FE36A
                              SHA1:BC546A64A5092F2B8311C2D579185B4ECE3CCD89
                              SHA-256:14560B0CB3CEECAFFD8E95063FA04A70743371289B00F2C429B256D5D1CB5957
                              SHA-512:EBF372A1A7CDBFECFE0621F5CF8C134BC054302264CFA6F36C620BC0A3C1C1D5508058CC75207A9FDD100CFB59AA3F6FF696EACF08EF0C734A957243FAFFB2E8
                              Malicious:false
                              Reputation:unknown
                              Preview:2024/04/16-10:33:51.136 ea8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/MANIFEST-000001.2024/04/16-10:33:51.137 ea8 Recovering log #3.2024/04/16-10:33:51.136 ea8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/000003.log .

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_1

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:data
                              Category:dropped
                              Size (bytes):270336
                              Entropy (8bit):0.0018238520723782249
                              Encrypted:false
                              SSDEEP:
                              MD5:C193EF70026BC90C39168344FED6BCC4
                              SHA1:151DC332F44AB2C378C1AC8DCBECB1C434881FD8
                              SHA-256:53B289B960F122CC5A8D4BD5A1D6C75B63A45B8F1661C00F09B317FCF8F55E10
                              SHA-512:B1952B0EE101ED3E3B48400DBDA653A366F691B81E054649EE91541447770A071D14523D59FF91AC4982C14B16F10618169F2EFBCDF91BFEB66F6335CBB28F4B
                              Malicious:false
                              Reputation:unknown
                              Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_1

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:data
                              Category:dropped
                              Size (bytes):270336
                              Entropy (8bit):0.0012471779557650352
                              Encrypted:false
                              SSDEEP:
                              MD5:F50F89A0A91564D0B8A211F8921AA7DE
                              SHA1:112403A17DD69D5B9018B8CEDE023CB3B54EAB7D
                              SHA-256:B1E963D702392FB7224786E7D56D43973E9B9EFD1B89C17814D7C558FFC0CDEC
                              SHA-512:BF8CDA48CF1EC4E73F0DD1D4FA5562AF1836120214EDB74957430CD3E4A2783E801FA3F4ED2AFB375257CAEED4ABE958265237D6E0AACF35A9EDE7A2E8898D58
                              Malicious:false
                              Reputation:unknown
                              Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:ASCII text
                              Category:dropped
                              Size (bytes):430
                              Entropy (8bit):5.2417261619989555
                              Encrypted:false
                              SSDEEP:
                              MD5:F0DD26AC39445E422BCC8C60C67A8A26
                              SHA1:0D0CEF290BDABADC681B99734471127A5FBED17E
                              SHA-256:8543DDFBDFD99C17105931936D6216C4A0A17A44ED07454886EEB86AE1ED51E7
                              SHA-512:3D18C597D3EAD4789CFD4D056F045E158B5F00E2D6134706522EFCD47D978769749CABBC27DE33F1EFB03058622905932ED96ECECDB0353D8A958F29AFA0C2BA
                              Malicious:false
                              Reputation:unknown
                              Preview:2024/04/16-10:33:51.564 19fc Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/MANIFEST-000001.2024/04/16-10:33:51.566 19fc Recovering log #3.2024/04/16-10:33:51.574 19fc Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/000003.log .

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Trust Tokens

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 9, cookie 0x7, schema 4, UTF-8, version-valid-for 4
                              Category:dropped
                              Size (bytes):36864
                              Entropy (8bit):0.3886039372934488
                              Encrypted:false
                              SSDEEP:
                              MD5:DEA619BA33775B1BAEEC7B32110CB3BD
                              SHA1:949B8246021D004B2E772742D34B2FC8863E1AAA
                              SHA-256:3669D76771207A121594B439280A67E3A6B1CBAE8CE67A42C8312D33BA18854B
                              SHA-512:7B9741E0339B30D73FACD4670A9898147BE62B8F063A59736AFDDC83D3F03B61349828F2AE88F682D42C177AE37E18349FD41654AEBA50DDF10CD6DC70FA5879
                              Malicious:false
                              Reputation:unknown
                              Preview:SQLite format 3......@ ..........................................................................j..........g...}.....$.X..............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\000003.log

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:data
                              Category:dropped
                              Size (bytes):80
                              Entropy (8bit):3.4921535629071894
                              Encrypted:false
                              SSDEEP:
                              MD5:69449520FD9C139C534E2970342C6BD8
                              SHA1:230FE369A09DEF748F8CC23AD70FD19ED8D1B885
                              SHA-256:3F2E9648DFDB2DDB8E9D607E8802FEF05AFA447E17733DD3FD6D933E7CA49277
                              SHA-512:EA34C39AEA13B281A6067DE20AD0CDA84135E70C97DB3CDD59E25E6536B19F7781E5FC0CA4A11C3618D43FC3BD3FBC120DD5C1C47821A248B8AD351F9F4E6367
                              Malicious:false
                              Reputation:unknown
                              Preview:*...#................version.1..namespace-..&f.................&f...............

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:ASCII text
                              Category:dropped
                              Size (bytes):418
                              Entropy (8bit):5.2160994738772315
                              Encrypted:false
                              SSDEEP:
                              MD5:F206CE02AB681DA1CAEFC545B4938689
                              SHA1:92BC544BC887F8C9285FCCEEE3428629D0BAA13A
                              SHA-256:61299409C26C24015C02956F5455F6F938F930AB833396894D13DC9944356680
                              SHA-512:3E522351F8C1EE318723DDBB4DAA6CEB0307ED29D728267D83F9BFABA4D68D15D331DA5F28FC062A82E7F896A7B0A1D47E06DB7B3B66DD6B63168A0CBBA555B1
                              Malicious:false
                              Reputation:unknown
                              Preview:2024/04/16-10:34:07.239 19fc Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/MANIFEST-000001.2024/04/16-10:34:07.240 19fc Recovering log #3.2024/04/16-10:34:07.244 19fc Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/000003.log .

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG.old (copy)

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:ASCII text
                              Category:dropped
                              Size (bytes):0
                              Entropy (8bit):0.0
                              Encrypted:false
                              SSDEEP:
                              MD5:F206CE02AB681DA1CAEFC545B4938689
                              SHA1:92BC544BC887F8C9285FCCEEE3428629D0BAA13A
                              SHA-256:61299409C26C24015C02956F5455F6F938F930AB833396894D13DC9944356680
                              SHA-512:3E522351F8C1EE318723DDBB4DAA6CEB0307ED29D728267D83F9BFABA4D68D15D331DA5F28FC062A82E7F896A7B0A1D47E06DB7B3B66DD6B63168A0CBBA555B1
                              Malicious:false
                              Reputation:unknown
                              Preview:2024/04/16-10:34:07.239 19fc Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/MANIFEST-000001.2024/04/16-10:34:07.240 19fc Recovering log #3.2024/04/16-10:34:07.244 19fc Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/000003.log .

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:ASCII text
                              Category:dropped
                              Size (bytes):324
                              Entropy (8bit):5.212188133075618
                              Encrypted:false
                              SSDEEP:
                              MD5:C2B1D2B0EF9CF4F54CE8C47DAC06F827
                              SHA1:B4C451742E5A307FB51AC584A379507225CA2970
                              SHA-256:6240911FC4DAC175F6BC642119B3F4024EFF60BDB9D2E76D59754B890779B9B9
                              SHA-512:0F72A092246FEC7339C36DBDBBAA6B81F325E1779CD14B4019561885795605E6C7097DC9DCD62E19D9827E271ECC28DE8B30D04F6F11B9505EE0FBDA4F2721E4
                              Malicious:false
                              Reputation:unknown
                              Preview:2024/04/16-10:33:51.138 19e8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/MANIFEST-000001.2024/04/16-10:33:51.139 19e8 Recovering log #3.2024/04/16-10:33:51.139 19e8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/000003.log .

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:data
                              Category:dropped
                              Size (bytes):131072
                              Entropy (8bit):0.005567161523650777
                              Encrypted:false
                              SSDEEP:
                              MD5:6E6A86C5D5192680EB61C5D582E8E682
                              SHA1:42FFCD2747D4EAF2156C00FACEB0C5AA7C328E03
                              SHA-256:AE15FA743F8B72221DCD0A1749B8621835C69C97A89CA59F91CB24F3A07EB94D
                              SHA-512:7E52ED4CE280A10B7191B28AC2363C4231D33BD1B17EB4ACC67241317158313F7DE09F145127FDFCFC504B1638AF3F7E9E183717927AC6B35EAAF5BD93245AE8
                              Malicious:false
                              Reputation:unknown
                              Preview:VLnk.....?.......v|..lON................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Web Data

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 10, database pages 91, cookie 0x36, schema 4, UTF-8, version-valid-for 10
                              Category:dropped
                              Size (bytes):196608
                              Entropy (8bit):1.265405925381668
                              Encrypted:false
                              SSDEEP:
                              MD5:76284F150A6BDF7666238316808BDE15
                              SHA1:98173E21BB5B6A6345396165F6C33404967A706E
                              SHA-256:802647A44A6D1AB2117E338F5BF4D80A5156CD5E89DCB45888BE21E84F0CA24F
                              SHA-512:EB58AE8DCA35541E9F928FC24370BFF40D9FD0EE498E3754A0FAB5594FFD03B3A196ADCE9EC651949CA935C25ED0D5647C331F0208BBDB3C9B1E6824CF498895
                              Malicious:false
                              Reputation:unknown
                              Preview:SQLite format 3......@ .......[...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\WebStorage\QuotaManager

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 10, cookie 0x7, schema 4, UTF-8, version-valid-for 1
                              Category:dropped
                              Size (bytes):40960
                              Entropy (8bit):0.4662638243272684
                              Encrypted:false
                              SSDEEP:
                              MD5:685569DA724616D1FEAE2B13E998E421
                              SHA1:7B598DE4F57C7771D661608065DE6BDABF34CBF8
                              SHA-256:91904C30EA82C00B3C7D8EA5C37AFFCF1AA6A229AE3B809C5D325D297EE972D5
                              SHA-512:0B2304F5D527B512F5A22B5D594F8452C0D58762A15DD024E6D3832D64098A4FFC75B39BD059F4B9DD4E8DD2149E10CE5A03ECE3D08A58DCC6F1CAFEDAB84FAD
                              Malicious:false
                              Reputation:unknown
                              Preview:SQLite format 3......@ ..........................................................................j.......w..g...........M...w..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\arbitration_service_config.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:ASCII text, with very long lines (3951), with CRLF line terminators
                              Category:dropped
                              Size (bytes):11755
                              Entropy (8bit):5.190465908239046
                              Encrypted:false
                              SSDEEP:
                              MD5:07301A857C41B5854E6F84CA00B81EA0
                              SHA1:7441FC1018508FF4F3DBAA139A21634C08ED979C
                              SHA-256:2343C541E095E1D5F202E8D2A0807113E69E1969AF8E15E3644C51DB0BF33FBF
                              SHA-512:00ADE38E9D2F07C64648202F1D5F18A2DFB2781C0517EAEBCD567D8A77DBB7CB40A58B7C7D4EC03336A63A20D2E11DD64448F020C6FF72F06CA870AA2B4765E0
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "DefaultCohort": {.. "21f3388b-c2a5-4791-8f6e-a4cad6d17f4f.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.BingHomePage.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Covid.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Finance.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Jobs.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.KnowledgeCard.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Local.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.NTP3PCLICK.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.NotifySearchPage.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Recipe.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.SearchPage.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Sports.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Travel.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Weather.Bubble": 1,.. "2cb2db96-3bd0-403e-abe2-9269b3761041.Bubble": 1,.

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\databases\Databases.db

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x4, schema 4, UTF-8, version-valid-for 1
                              Category:dropped
                              Size (bytes):28672
                              Entropy (8bit):0.3410017321959524
                              Encrypted:false
                              SSDEEP:
                              MD5:98643AF1CA5C0FE03CE8C687189CE56B
                              SHA1:ECADBA79A364D72354C658FD6EA3D5CF938F686B
                              SHA-256:4DC3BF7A36AB5DA80C0995FAF61ED0F96C4DE572F2D6FF9F120F9BC44B69E444
                              SHA-512:68B69FCE8EF5AB1DDA2994BA4DB111136BD441BC3EFC0251F57DC20A3095B8420669E646E2347EAB7BAF30CACA4BCF74BD88E049378D8DE57DE72E4B8A5FF74B
                              Malicious:false
                              Reputation:unknown
                              Preview:SQLite format 3......@ ..........................................................................j..........g.....P....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\fe6a02eb-322f-41bd-8a9c-f99c57441dcb.tmp

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:Unicode text, UTF-8 text, with very long lines (19156), with no line terminators
                              Category:dropped
                              Size (bytes):19160
                              Entropy (8bit):5.463148072769391
                              Encrypted:false
                              SSDEEP:
                              MD5:6397CBAB892EE54A5E5DC7526C966559
                              SHA1:77F67403235F7C338DDD880CEC65C1482481C0FC
                              SHA-256:3C9852898D00C26DDA8D41CEAEF5FDCC5E04DE1AE83492AA7FD0BAB33F975133
                              SHA-512:85B3C5C1AE763A07C746A52840D299B56F1D4E634D6E3CC54625AFB7965E7C7A0772E8F4FBA3539C80EFBD4A5413B12AD6EC53C1BA511F1048432C448F32743C
                              Malicious:false
                              Reputation:unknown
                              Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13357730031466038","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13341058280410352","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117794":{"last_path":""},"380c71d3-10bf-4a5d-9a06-c932e4b7d1d8":{"last_path":""},"3a2f4dee-d482-4ef8-baef-cb22b6496

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:SQLite 3.x database, last written using SQLite version 3042000, writer version 2, read version 2, file counter 8, database pages 11, cookie 0x7, schema 4, UTF-8, version-valid-for 8
                              Category:dropped
                              Size (bytes):45056
                              Entropy (8bit):2.0203721121247735
                              Encrypted:false
                              SSDEEP:
                              MD5:8002A8FDF0FBCBC5983211CE42E080D6
                              SHA1:E4F29732F86E71B7B5D5C2292F96DA0526F54FB7
                              SHA-256:4D12FDA90F777BE63551B457786D6148A26F3B6FA51C9836D00B69853F46BF48
                              SHA-512:2D06E7B2C94920A19E85EB058184017FB7CBC6A8C4F985F54E6A3A823B4AB37A53E25F9F92FFD88B17529BE222AC42C4868FA250DBB1DFEE116319D7994F48B5
                              Malicious:false
                              Reputation:unknown
                              Preview:SQLite format 3......@ ..........................................................................j..................?.P................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-shm

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:data
                              Category:dropped
                              Size (bytes):32768
                              Entropy (8bit):0.18183332768819435
                              Encrypted:false
                              SSDEEP:
                              MD5:07DEF3FCF20B256CBDDC5AE9D9B7CA65
                              SHA1:E87964C5B09BBDA881C2B023FA65960A0308161B
                              SHA-256:ED150FADB638ADAA10154FADF7CDA982F0377A2D5C9279AF1D54BCD984EDF6A8
                              SHA-512:6EC9F74992582A8D077B63EA1558C42FD49EA34437AA80ADDC077043F064624A1FF9555CF79D98D1D2D99BA430541062D48C50252F29C1EB95FFA07FA93D009E
                              Malicious:false
                              Reputation:unknown
                              Preview:..-.....'.....................s^..>l_....._../...-.....'.....................s^..>l_....._../.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-wal

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:SQLite Write-Ahead Log, version 3007000
                              Category:dropped
                              Size (bytes):712792
                              Entropy (8bit):1.77994231627327
                              Encrypted:false
                              SSDEEP:
                              MD5:AB1671C0C3D054FE546169FC0138F40A
                              SHA1:6608FC0DA3C33983103272F90D8AD652478F1FC1
                              SHA-256:D91B1D30364D8AD33D64F71F1211287C3A68EEC9C60CAAAF6244D9EAEAB1B5D0
                              SHA-512:C6135578FA45C3D1FEB9D8EF1ECBA2F467E17537A44FD92A06A0C46A5043825307512EC282B695979CD67666E20E5BAAD619E65F4563F87DC4B72ED7F63A481D
                              Malicious:false
                              Reputation:unknown
                              Preview:7....-..........^..>l_.....q..$.........^..>l_..X....9I4SQLite format 3......@ ..........................................................................j.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:data
                              Category:dropped
                              Size (bytes):572
                              Entropy (8bit):3.6837924007666425
                              Encrypted:false
                              SSDEEP:
                              MD5:D9D3915EB506026162C5DAA6EAA56961
                              SHA1:49832AF3697A7463D05E0E1BC4681F961B1EC2CD
                              SHA-256:D17396DF5BDFDEEF9E51A18257101D1925324CEA5EF157D3B2DE9D54710187F1
                              SHA-512:2487F63F656CB03B888E8231AF497C9D548C9CC4C2C65B0ABEC9427EF8902D25A4FF677A424AB418975B3FF177B73F7E541EC6D31B1472B170989C6472F7E9E9
                              Malicious:false
                              Reputation:unknown
                              Preview:A..r.................20_1_1...1.,U.................20_1_1...1?.Q;0................39_config..........6.....n ...1u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=................9.p;...............#38_h.......6.Z..W.F..........................V.e................2.s.;...............#38_h.......6.Z..W.F..........................

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:ASCII text
                              Category:dropped
                              Size (bytes):317
                              Entropy (8bit):5.21503422237168
                              Encrypted:false
                              SSDEEP:
                              MD5:A1958547F323227A58B7C85381CCF187
                              SHA1:62084FE03D9BFADA03AFC89884C1B9B5E89FEFDC
                              SHA-256:F48E7DB5ED3B417956A7720E4D20D442CFC79B039C7F7D7B19E717C6F80CCA9D
                              SHA-512:1C71F7E70F07271801006A9DEA8F9AB3FFD0F175B4BAB336087AA84B8B589427AE98ACADBFA46F00AECB739098B90866695559B49D5394AE4FEEDA56234735E8
                              Malicious:false
                              Reputation:unknown
                              Preview:2024/04/16-10:33:51.490 a70 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/MANIFEST-000001.2024/04/16-10:33:51.490 a70 Recovering log #3.2024/04/16-10:33:51.491 a70 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/000003.log .

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:data
                              Category:dropped
                              Size (bytes):816
                              Entropy (8bit):4.0647916882227655
                              Encrypted:false
                              SSDEEP:
                              MD5:3BE72D8D40752B3A97028FDB2931FABA
                              SHA1:A27EA4726857A948F0A4B074062B674469A9A371
                              SHA-256:3C18553C8C3F7E801855F3579AC57F3C156D783BBA27FB35C6D2FB6CB89BD902
                              SHA-512:8EBD4D6980BB7796615217E72BC65953C920B68B9259341CD52858C1E889EC90339E2A304FE0C971D6C6EF9AFC4A00CFB3E5CC89C7B2DF8737A0C7EC241BDADC
                              Malicious:false
                              Reputation:unknown
                              Preview:.h.6.................__global... .t...................__global... .9..b.................33_..........................33_........v.................21_.....vuNX.................21_.....<...................20_.....X...................20_.....W.J+.................19_......qY.................18_.....'}2..................37_.......c..................38_......i...................39_.....Owa..................20_.....4.9..................20_.....B.I..................19_..........................18_.....2.1..................37_..........................38_......=.%.................39_.....p.j..................9_.....JJ...................9_.....|.&R.................__global... ./....................__global... ..T...................__global... ...G..................__global... ......................__global... .

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:ASCII text
                              Category:dropped
                              Size (bytes):335
                              Entropy (8bit):5.22945110506609
                              Encrypted:false
                              SSDEEP:
                              MD5:876605E11CE42BE02D14A24F51848143
                              SHA1:9EC9EF6DB4E9B10F4999E44C077E92539D42344D
                              SHA-256:5B901A52DE599063ACFBF8732090C6FCF59CBAD409AA10DE150E971612890CCF
                              SHA-512:3DF28BC3D1A08F9473D9D346378197B8EB6CA5C37DAE795241E6E0BF50230BD65AA79D68F0F4822EE2388DDA174AC9D2C9B8E821882F73072A2314E025D22463
                              Malicious:false
                              Reputation:unknown
                              Preview:2024/04/16-10:33:51.481 9f0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/MANIFEST-000001.2024/04/16-10:33:51.482 9f0 Recovering log #3.2024/04/16-10:33:51.486 9f0 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/000003.log .

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\data_1

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:data
                              Category:dropped
                              Size (bytes):270336
                              Entropy (8bit):0.0018090556708630736
                              Encrypted:false
                              SSDEEP:
                              MD5:C7EF4BA01CBAAF5F0078A40691EB4891
                              SHA1:9D76CD427A288E03961EA13E622DBEE66DAD84DF
                              SHA-256:3156EACF59A28155B0A0FFCB3996F25DF723A2AFAE34176EBB7C9B98ACFD7F65
                              SHA-512:1A95A7CBFC84FCEC43F7184B88DFBA98210ED0719E5EF69922958DA05AA62D7B26543E22AB9A3B6F67DF6B3C5F6B736E69075391111ECC19EBCEAB8AEADB2081
                              Malicious:false
                              Reputation:unknown
                              Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GraphiteDawnCache\data_1

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:data
                              Category:dropped
                              Size (bytes):270336
                              Entropy (8bit):0.0018164538716206491
                              Encrypted:false
                              SSDEEP:
                              MD5:5428D140134E80E1F0816481309653D4
                              SHA1:72C6ABB9E9D8293C4FFAD051DC0201ED466E4BD5
                              SHA-256:FEE2675C20D92DB58C25CF7F9CFF08466B79C197A03426CEF25F51E3DBD03446
                              SHA-512:F29B06E50312C8A78947BD93327CA93C32AB412F210027694DF21BCF5E070983EC20ED22B85A8DE6831B6CD24585EF36E77FBF8FFDE34BE053BAD176AF307CA7
                              Malicious:false
                              Reputation:unknown
                              Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Browser

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:data
                              Category:dropped
                              Size (bytes):120
                              Entropy (8bit):3.32524464792714
                              Encrypted:false
                              SSDEEP:
                              MD5:A397E5983D4A1619E36143B4D804B870
                              SHA1:AA135A8CC2469CFD1EF2D7955F027D95BE5DFBD4
                              SHA-256:9C70F766D3B84FC2BB298EFA37CC9191F28BEC336329CC11468CFADBC3B137F4
                              SHA-512:4159EA654152D2810C95648694DD71957C84EA825FCCA87B36F7E3282A72B30EF741805C610C5FA847CA186E34BDE9C289AAA7B6931C5B257F1D11255CD2A816
                              Malicious:false
                              Reputation:unknown
                              Preview:C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.M.i.c.r.o.s.o.f.t.\.E.d.g.e.\.A.p.p.l.i.c.a.t.i.o.n.\.m.s.e.d.g.e...e.x.e.

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Version

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:ASCII text, with no line terminators
                              Category:dropped
                              Size (bytes):13
                              Entropy (8bit):2.7192945256669794
                              Encrypted:false
                              SSDEEP:
                              MD5:BF16C04B916ACE92DB941EBB1AF3CB18
                              SHA1:FA8DAEAE881F91F61EE0EE21BE5156255429AA8A
                              SHA-256:7FC23C9028A316EC0AC25B09B5B0D61A1D21E58DFCF84C2A5F5B529129729098
                              SHA-512:F0B7DF5517596B38D57C57B5777E008D6229AB5B1841BBE74602C77EEA2252BF644B8650C7642BD466213F62E15CC7AB5A95B28E26D3907260ED1B96A74B65FB
                              Malicious:false
                              Reputation:unknown
                              Preview:117.0.2045.47

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State (copy)

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):0
                              Entropy (8bit):0.0
                              Encrypted:false
                              SSDEEP:
                              MD5:1418D421BC24E1432C0994EB65C6DDEE
                              SHA1:E9DF598C67D1E390F9C4EC1CDC6226FEE08F9153
                              SHA-256:4C482683541CD79C3C8542CDD3A6C661A5675D417CD6FAA62ED73AF4D52B392B
                              SHA-512:50047D3F87643F1D40F3B6E0B5FF0B0274A3F703608B2D24CAFEAC5D3C4C2518F3E5E55D7BEFD8A46CA754F64734C81CEA8B22AFDBC9272779DF91D73959C327
                              Malicious:false
                              Reputation:unknown
                              Preview:{"abusive_adblocker_etag":"\"8ABCE35666CBACA121128B98C75E78308AAC1CE803625FAFB4A7AFA722C77CA4\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF2bada.TMP (copy)

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):0
                              Entropy (8bit):0.0
                              Encrypted:false
                              SSDEEP:
                              MD5:1418D421BC24E1432C0994EB65C6DDEE
                              SHA1:E9DF598C67D1E390F9C4EC1CDC6226FEE08F9153
                              SHA-256:4C482683541CD79C3C8542CDD3A6C661A5675D417CD6FAA62ED73AF4D52B392B
                              SHA-512:50047D3F87643F1D40F3B6E0B5FF0B0274A3F703608B2D24CAFEAC5D3C4C2518F3E5E55D7BEFD8A46CA754F64734C81CEA8B22AFDBC9272779DF91D73959C327
                              Malicious:false
                              Reputation:unknown
                              Preview:{"abusive_adblocker_etag":"\"8ABCE35666CBACA121128B98C75E78308AAC1CE803625FAFB4A7AFA722C77CA4\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF2bc03.TMP (copy)

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):0
                              Entropy (8bit):0.0
                              Encrypted:false
                              SSDEEP:
                              MD5:1418D421BC24E1432C0994EB65C6DDEE
                              SHA1:E9DF598C67D1E390F9C4EC1CDC6226FEE08F9153
                              SHA-256:4C482683541CD79C3C8542CDD3A6C661A5675D417CD6FAA62ED73AF4D52B392B
                              SHA-512:50047D3F87643F1D40F3B6E0B5FF0B0274A3F703608B2D24CAFEAC5D3C4C2518F3E5E55D7BEFD8A46CA754F64734C81CEA8B22AFDBC9272779DF91D73959C327
                              Malicious:false
                              Reputation:unknown
                              Preview:{"abusive_adblocker_etag":"\"8ABCE35666CBACA121128B98C75E78308AAC1CE803625FAFB4A7AFA722C77CA4\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF2e2f3.TMP (copy)

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):0
                              Entropy (8bit):0.0
                              Encrypted:false
                              SSDEEP:
                              MD5:1418D421BC24E1432C0994EB65C6DDEE
                              SHA1:E9DF598C67D1E390F9C4EC1CDC6226FEE08F9153
                              SHA-256:4C482683541CD79C3C8542CDD3A6C661A5675D417CD6FAA62ED73AF4D52B392B
                              SHA-512:50047D3F87643F1D40F3B6E0B5FF0B0274A3F703608B2D24CAFEAC5D3C4C2518F3E5E55D7BEFD8A46CA754F64734C81CEA8B22AFDBC9272779DF91D73959C327
                              Malicious:false
                              Reputation:unknown
                              Preview:{"abusive_adblocker_etag":"\"8ABCE35666CBACA121128B98C75E78308AAC1CE803625FAFB4A7AFA722C77CA4\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF30a80.TMP (copy)

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):0
                              Entropy (8bit):0.0
                              Encrypted:false
                              SSDEEP:
                              MD5:1418D421BC24E1432C0994EB65C6DDEE
                              SHA1:E9DF598C67D1E390F9C4EC1CDC6226FEE08F9153
                              SHA-256:4C482683541CD79C3C8542CDD3A6C661A5675D417CD6FAA62ED73AF4D52B392B
                              SHA-512:50047D3F87643F1D40F3B6E0B5FF0B0274A3F703608B2D24CAFEAC5D3C4C2518F3E5E55D7BEFD8A46CA754F64734C81CEA8B22AFDBC9272779DF91D73959C327
                              Malicious:false
                              Reputation:unknown
                              Preview:{"abusive_adblocker_etag":"\"8ABCE35666CBACA121128B98C75E78308AAC1CE803625FAFB4A7AFA722C77CA4\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF32442.TMP (copy)

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):0
                              Entropy (8bit):0.0
                              Encrypted:false
                              SSDEEP:
                              MD5:1418D421BC24E1432C0994EB65C6DDEE
                              SHA1:E9DF598C67D1E390F9C4EC1CDC6226FEE08F9153
                              SHA-256:4C482683541CD79C3C8542CDD3A6C661A5675D417CD6FAA62ED73AF4D52B392B
                              SHA-512:50047D3F87643F1D40F3B6E0B5FF0B0274A3F703608B2D24CAFEAC5D3C4C2518F3E5E55D7BEFD8A46CA754F64734C81CEA8B22AFDBC9272779DF91D73959C327
                              Malicious:false
                              Reputation:unknown
                              Preview:{"abusive_adblocker_etag":"\"8ABCE35666CBACA121128B98C75E78308AAC1CE803625FAFB4A7AFA722C77CA4\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Nurturing\campaign_history

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 6
                              Category:dropped
                              Size (bytes):20480
                              Entropy (8bit):0.6773696719930975
                              Encrypted:false
                              SSDEEP:
                              MD5:6FFCCB198DC6B17E165460E6E246B03C
                              SHA1:014A46B0E6E84089E1C20FA232F54CA737D5F023
                              SHA-256:D1B2EC8C9906C3418837FFB8E116AA59C026DE2D67B2AFDA956F14D0DC3851AF
                              SHA-512:846AE3D0A49A14BF82203A0FEDAD6E794F7E68C22A40EE0E014FEA99DFC676FAE4AFEB2C56F324E4361E83A35458C63E2ABAA7B28B6D23B20FA29EF47CBE87B3
                              Malicious:false
                              Reputation:unknown
                              Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\ShaderCache\data_1

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:data
                              Category:modified
                              Size (bytes):270336
                              Entropy (8bit):0.0018164538716206493
                              Encrypted:false
                              SSDEEP:
                              MD5:4C10CA4CBA894132562424E827C4A67A
                              SHA1:8DE8B13042C0C370E7C48A074221B4520EAD8BEF
                              SHA-256:2DB85523080391199AA8C715317878F1BFDF41F931A0264DA2D869D969BF02B5
                              SHA-512:DAA0AFCA1A24DFC44DB85675E2968B99A7C43562343DFF8FA229A00F9C69B1221F65C33315F32DAFD6966624B313CA974A809C4311C4C3CAC892A3C289563FC0
                              Malicious:false
                              Reputation:unknown
                              Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSettings

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:ASCII text, with no line terminators
                              Category:dropped
                              Size (bytes):47
                              Entropy (8bit):4.3818353308528755
                              Encrypted:false
                              SSDEEP:
                              MD5:48324111147DECC23AC222A361873FC5
                              SHA1:0DF8B2267ABBDBD11C422D23338262E3131A4223
                              SHA-256:D8D672F953E823063955BD9981532FC3453800C2E74C0CC3653D091088ABD3B3
                              SHA-512:E3B5DB7BA5E4E3DE3741F53D91B6B61D6EB9ECC8F4C07B6AE1C2293517F331B716114BAB41D7935888A266F7EBDA6FABA90023EFFEC850A929986053853F1E02
                              Malicious:false
                              Reputation:unknown
                              Preview:customSettings_F95BA787499AB4FA9EFFF472CE383A14

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSettings_F95BA787499AB4FA9EFFF472CE383A14

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):35
                              Entropy (8bit):4.014438730983427
                              Encrypted:false
                              SSDEEP:
                              MD5:BB57A76019EADEDC27F04EB2FB1F1841
                              SHA1:8B41A1B995D45B7A74A365B6B1F1F21F72F86760
                              SHA-256:2BAE8302F9BD2D87AE26ACF692663DF1639B8E2068157451DA4773BD8BD30A2B
                              SHA-512:A455D7F8E0BE9A27CFB7BE8FE0B0E722B35B4C8F206CAD99064473F15700023D5995CC2C4FAFDB8FBB50F0BAB3EC8B241E9A512C0766AAAE1A86C3472C589FFD
                              Malicious:false
                              Reputation:unknown
                              Preview:{"forceServiceDetermination":false}

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:ASCII text, with no line terminators
                              Category:dropped
                              Size (bytes):81
                              Entropy (8bit):4.3439888556902035
                              Encrypted:false
                              SSDEEP:
                              MD5:177F4D75F4FEE84EF08C507C3476C0D2
                              SHA1:08E17AEB4D4066AC034207420F1F73DD8BE3FAA0
                              SHA-256:21EE7A30C2409E0041CDA6C04EEE72688EB92FE995DC94487FF93AD32BD8F849
                              SHA-512:94FC142B3CC4844BF2C0A72BCE57363C554356C799F6E581AA3012E48375F02ABD820076A8C2902A3C6BE6AC4D8FA8D4F010D4FF261327E878AF5E5EE31038FB
                              Malicious:false
                              Reputation:unknown
                              Preview:edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):130439
                              Entropy (8bit):3.80180718117079
                              Encrypted:false
                              SSDEEP:
                              MD5:EB75CEFFE37E6DF9C171EE8380439EDA
                              SHA1:F00119BA869133D64E4F7F0181161BD47968FA23
                              SHA-256:48B11410DC937A1723BF4C5AD33ECDB286D8EC69544241BC373F753E64B396C1
                              SHA-512:044C5113D877CE2E3B42CF07670620937ED7BE2D8B3BF2BAB085C43EF4F64598A7AC56328DDBBE7F0F3CFB9EA49D38CA332BB4ECBFEDBE24AE53B14334A30C8E
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "geoidMaps": {.. "au": "https://australia.smartscreen.microsoft.com/",.. "ch": "https://switzerland.smartscreen.microsoft.com/",.. "eu": "https://europe.smartscreen.microsoft.com/",.. "ffl4": "https://unitedstates1.ss.wd.microsoft.us/",.. "ffl4mod": "https://unitedstates4.ss.wd.microsoft.us/",.. "ffl5": "https://unitedstates2.ss.wd.microsoft.us/",.. "in": "https://india.smartscreen.microsoft.com/",.. "test": "https://eu-9.smartscreen.microsoft.com/",.. "uk": "https://unitedkingdom.smartscreen.microsoft.com/",.. "us": "https://unitedstates.smartscreen.microsoft.com/",.. "gw_au": "https://australia.smartscreen.microsoft.com/",.. "gw_ch": "https://switzerland.smartscreen.microsoft.com/",.. "gw_eu": "https://europe.smartscreen.microsoft.com/",.. "gw_ffl4": "https://unitedstates1.ss.wd.microsoft.us/",.. "gw_ffl4mod": "https://unitedstates4.ss.wd.microsoft.us/",.. "gw_ffl5": "https://unitedstates2.ss.wd.microsoft.us/",.. "gw_in": "https

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:ASCII text, with no line terminators
                              Category:dropped
                              Size (bytes):40
                              Entropy (8bit):4.346439344671015
                              Encrypted:false
                              SSDEEP:
                              MD5:6A3A60A3F78299444AACAA89710A64B6
                              SHA1:2A052BF5CF54F980475085EEF459D94C3CE5EF55
                              SHA-256:61597278D681774EFD8EB92F5836EB6362975A74CEF807CE548E50A7EC38E11F
                              SHA-512:C5D0419869A43D712B29A5A11DC590690B5876D1D95C1F1380C2F773CA0CB07B173474EE16FE66A6AF633B04CC84E58924A62F00DCC171B2656D554864BF57A4
                              Malicious:false
                              Reputation:unknown
                              Preview:synchronousLookupUris_638343870221005468

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris_638343870221005468

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:data
                              Category:dropped
                              Size (bytes):57
                              Entropy (8bit):4.556488479039065
                              Encrypted:false
                              SSDEEP:
                              MD5:3A05EAEA94307F8C57BAC69C3DF64E59
                              SHA1:9B852B902B72B9D5F7B9158E306E1A2C5F6112C8
                              SHA-256:A8EF112DF7DAD4B09AAA48C3E53272A2EEC139E86590FD80E2B7CBD23D14C09E
                              SHA-512:6080AEF2339031FAFDCFB00D3179285E09B707A846FD2EA03921467DF5930B3F9C629D37400D625A8571B900BC46021047770BAC238F6BAC544B48FB3D522FB0
                              Malicious:false
                              Reputation:unknown
                              Preview:9.......murmur3.............,M.h...Z...8.\..<&Li.H..[.?m

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:ASCII text, with no line terminators
                              Category:dropped
                              Size (bytes):29
                              Entropy (8bit):4.030394788231021
                              Encrypted:false
                              SSDEEP:
                              MD5:52E2839549E67CE774547C9F07740500
                              SHA1:B172E16D7756483DF0CA0A8D4F7640DD5D557201
                              SHA-256:F81B7B9CE24F5A2B94182E817037B5F1089DC764BC7E55A9B0A6227A7E121F32
                              SHA-512:D80E7351E4D83463255C002D3FDCE7E5274177C24C4C728D7B7932D0BE3EBCFEB68E1E65697ED5E162E1B423BB8CDFA0864981C4B466D6AD8B5E724D84B4203B
                              Malicious:false
                              Reputation:unknown
                              Preview:topTraffic_638004170464094982

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic_170540185939602997400506234197983529371

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:data
                              Category:dropped
                              Size (bytes):575056
                              Entropy (8bit):7.999649474060713
                              Encrypted:true
                              SSDEEP:
                              MD5:BE5D1A12C1644421F877787F8E76642D
                              SHA1:06C46A95B4BD5E145E015FA7E358A2D1AC52C809
                              SHA-256:C1CE928FBEF4EF5A4207ABAFD9AB6382CC29D11DDECC215314B0522749EF6A5A
                              SHA-512:FD5B100E2F192164B77F4140ADF6DE0322F34D7B6F0CF14AED91BACAB18BB8F195F161F7CF8FB10651122A598CE474AC4DC39EDF47B6A85C90C854C2A3170960
                              Malicious:false
                              Reputation:unknown
                              Preview:...._+jE.`..}....S..1....G}s..E....y".Wh.^.W.H...-...#.A...KR...9b........>k......bU.IVo...D......Y..[l.yx.......'c=..I0.....E.d...-...1 ....m../C...OQ.........qW..<:N.....38.u..X-..s....<..U.,Mi..._.......`.Y/.........^..,.E..........j@..G8..N.... ..Ea...4.+.79k.!T.-5W..!..@+..!.P..LDG.....V."....L.... .(#..$..&......C.....%A.T}....K_.S..'Q.".d....s....(j.D!......Ov..)*d0)."(..%..-..G..L.}....i.....m9;.....t.w..0....f?..-..M.c.3.....N7K.T..D>.3.x...z..u$5!..4..T.....U.O^L{.5..=E..'..;.}(|.6.:..f!.>...?M.8......P.D.J.I4.<...*.y.E....>....i%.6..Y.@..n.....M..r..C.f.;..<..0.H...F....h.......HB1]1....u..:...H..k....B.Q..J...@}j~.#...'Y.J~....I...ub.&..L[z..1.W/.Ck....M.......[.......N.F..z*.{nZ~d.V.4.u.K.V.......X.<p..cz..>*....X...W..da3(..g..Z$.L4.j=~.p.l.\.[e.&&.Y ...U)..._.^r0.,.{_......`S..[....(.\..p.bt.g..%.$+....f.....d....Im..f...W ......G..i_8a..ae..7....pS.....z-H..A.s.4.3..O.r.....u.S......a.}..v.-/..... ...a.x#./:...sS&U.().xL...pg

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic_638004170464094982

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:raw G3 (Group 3) FAX, byte-padded
                              Category:dropped
                              Size (bytes):460992
                              Entropy (8bit):7.999625908035124
                              Encrypted:true
                              SSDEEP:
                              MD5:E9C502DB957CDB977E7F5745B34C32E6
                              SHA1:DBD72B0D3F46FA35A9FE2527C25271AEC08E3933
                              SHA-256:5A6B49358772DB0B5C682575F02E8630083568542B984D6D00727740506569D4
                              SHA-512:B846E682427CF144A440619258F5AA5C94CAEE7612127A60E4BD3C712F8FF614DA232D9A488E27FC2B0D53FD6ACF05409958AEA3B21EA2C1127821BD8E87A5CA
                              Malicious:false
                              Reputation:unknown
                              Preview:...2lI.5.<C.;.{....._+jE.`..}....-...#.A...KR...l.M0,s...).9..........x.......F.b......jU....y.h'....L<...*..Z..*%.*..._...g.4yu...........'c=..I0..........qW..<:N....<..U.,Mi..._......'(..U.9.!........u....7...4. ..Ea...4.+.79k.!T.-5W..!..@+..$..t|1.E..7F...+..xf....z&_Q...-.B...)8R.c....0.......B.M.Z...0....&v..<..H...3.....N7K.T..D>.8......P.D.J.I4.B.H.VHy...@.Wc.Cl..6aD..j.....E..*4..mI..X]2.GH.G.L...E.F.=.J...@}j~.#...'Y.L[z..1.W/.Ck....L..X........J.NYd........>...N.F..z*.{nZ~d.N..../..6.\L...Q...+.w..p...>.S.iG...0]..8....S..)`B#.v..^.*.T.?...Z.rz.D'.!.T.w....S..8....V.4.u.K.V.......W.6s...Y.).[.c.X.S..........5.X7F...tQ....z.L.X..(3#j...8...i.[..j$.Q....0...]"W.c.H..n..2Te.ak...c..-F(..W2.b....3.]......c.d|.../....._...f.....d....Im..g.b..R.q.<x*x...i2..r.I()Iat..b.j.r@K.+5..C.....nJ.>*P,.V@.....s.4.3..O.r.....smd7...L.....].u&1../t.*.......uXb...=@.....wv......]....#.{$.w......i.....|.....?....E7...}$+..t).E.U..Q..~.`.)..Y@.6.h.......%(

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\uriCache

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:ASCII text, with no line terminators
                              Category:dropped
                              Size (bytes):9
                              Entropy (8bit):3.169925001442312
                              Encrypted:false
                              SSDEEP:
                              MD5:B6F7A6B03164D4BF8E3531A5CF721D30
                              SHA1:A2134120D4712C7C629CDCEEF9DE6D6E48CA13FA
                              SHA-256:3D6F3F8F1456D7CE78DD9DFA8187318B38E731A658E513F561EE178766E74D39
                              SHA-512:4B473F45A5D45D420483EA1D9E93047794884F26781BBFE5370A554D260E80AD462E7EEB74D16025774935C3A80CBB2FD1293941EE3D7B64045B791B365F2B63
                              Malicious:false
                              Reputation:unknown
                              Preview:uriCache_

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\uriCache_

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):483
                              Entropy (8bit):4.998079430810446
                              Encrypted:false
                              SSDEEP:
                              MD5:8F4DFA791F3FEAC74E0961E23DBA148B
                              SHA1:66BC9885B00048EF6D5F3FAC8892692CBFF902C9
                              SHA-256:F3447EEEE3BD37F067EAFB8AADA8877E69C77ECAC66782010BD0030ACEC6436D
                              SHA-512:3E6277A62EF1A9CC1B381AE5A369C49AC2C8E0C908ABDC204E72B2F0378AB3B5B903EDB0591AC161C268297A4BB9EE40DE2586555F52480065AA884FA8219AF6
                              Malicious:false
                              Reputation:unknown
                              Preview:{"version":1,"cache_data":[{"file_hash":"a2f7a245c81bd28b","server_context":"1;f94c025f-7523-6972-b613-ce2c246c55ce;unkn:100;0.01","result":1,"expiration_time":1713357248711625},{"file_hash":"dba5990f9aa95ab2","server_context":"1;c5faad59-a2e3-31f2-b86e-aaf958e12824;phsh:005;7e-05","result":0,"expiration_time":1713357247090072},{"file_hash":"8bb02c2e63c7c7d2","server_context":"1;c5faad59-a2e3-31f2-b86e-aaf958e12824;phsh:005;7e-05","result":0,"expiration_time":1713357246284490}]}

                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Variations

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):86
                              Entropy (8bit):4.3751917412896075
                              Encrypted:false
                              SSDEEP:
                              MD5:E9E365607374115B92E4ABE4B9628101
                              SHA1:D5054EA9B22317DCA83801EB3586017BFCC0E2A8
                              SHA-256:5CD2C4D9F13524923046198C92213691539407E04FA520CDAE9EADE1BAD3D91D
                              SHA-512:A84D65ED53E43883E5ECB7848FBD48F5305A63E6975E6AF480CF85532879720061106BE54F2A5888EBC3569F7123081A0E6EB48CCB8D7DBA3E1DA1C8A3C50401
                              Malicious:false
                              Reputation:unknown
                              Preview:{"user_experience_metrics.stability.exited_cleanly":false,"variations_crash_streak":3}

                              C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:data
                              Category:dropped
                              Size (bytes):2278
                              Entropy (8bit):3.8540092951384137
                              Encrypted:false
                              SSDEEP:
                              MD5:48869B92C8CDB4699E4C403757EE29B1
                              SHA1:74F3EFF37D84C0F3553786DA014F8800476D27E6
                              SHA-256:F9F0C89970CF136BC4A0DEE0EA1DEDDAAE20E1CDC62E87548EBBD3F64DF3A06C
                              SHA-512:71EAC5985FDB594450D6ABF10ECCA5BEC391A0BAA1838C2180686F7F4B73EEA8DF4F9AB581DA7DADE30ECAA502B3B03F40313E525E3EBF4A09D6C954F0B8AD74
                              Malicious:false
                              Reputation:unknown
                              Preview:{.".T.B.D.a.t.a.S.t.o.r.e.O.b.j.e.c.t.".:.{.".H.e.a.d.e.r.".:.{.".O.b.j.e.c.t.T.y.p.e.".:.".T.o.k.e.n.R.e.s.p.o.n.s.e.".,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.a.j.o.r.".:.2.,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.i.n.o.r.".:.1.}.,.".O.b.j.e.c.t.D.a.t.a.".:.{.".S.y.s.t.e.m.D.e.f.i.n.e.d.P.r.o.p.e.r.t.i.e.s.".:.{.".R.e.q.u.e.s.t.I.n.d.e.x.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".W.i.p.w.W.M.+.N.H.l.b.C.D.m.s.Z.p.8.S.O.s.j.h.t.F.B.s.=.".}.,.".E.x.p.i.r.a.t.i.o.n.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.I.B.l.M.e.G.P.2.g.E.=.".}.,.".S.t.a.t.u.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.A.A.A.A.A.=.=.".}.,.".R.e.s.p.o.n.s.e.B.y.t.e.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.t.r.u.e.,.".V.a.l.u.e.".:.".A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.y.e.p.7.I.T.

                              C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\cf7513a936f7effbb38627e56f8d1fce10eb12cc.tbres

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:data
                              Category:dropped
                              Size (bytes):4622
                              Entropy (8bit):3.9988149701058275
                              Encrypted:false
                              SSDEEP:
                              MD5:1BC2C000D882D16B10CEB1E878CC0DD5
                              SHA1:72B8D0ECA74F0835D75D53332D73BFFB22403B14
                              SHA-256:0F054AEC2C4D5EEEB37E256E81856DFE4E72E340BDACA4DFFCACDAAC2F8EA6C1
                              SHA-512:EE39C63265834E1A895955A1A8DAEDA3C83529AC9A4CF1852723A827E54C7F78332489D1F137101148ACB8EEE2E20081A6896C4CAC2A4B253BE6BE608277B29A
                              Malicious:false
                              Reputation:unknown
                              Preview:{.".T.B.D.a.t.a.S.t.o.r.e.O.b.j.e.c.t.".:.{.".H.e.a.d.e.r.".:.{.".O.b.j.e.c.t.T.y.p.e.".:.".T.o.k.e.n.R.e.s.p.o.n.s.e.".,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.a.j.o.r.".:.2.,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.i.n.o.r.".:.1.}.,.".O.b.j.e.c.t.D.a.t.a.".:.{.".S.y.s.t.e.m.D.e.f.i.n.e.d.P.r.o.p.e.r.t.i.e.s.".:.{.".R.e.q.u.e.s.t.I.n.d.e.x.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".z.3.U.T.q.T.b.3.7./.u.z.h.i.f.l.b.4.0.f.z.h.D.r.E.s.w.=.".}.,.".E.x.p.i.r.a.t.i.o.n.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".g.T.i.v.F.9.m.P.2.g.E.=.".}.,.".S.t.a.t.u.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.w.A.A.A.A.=.=.".}.,.".R.e.s.p.o.n.s.e.B.y.t.e.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.t.r.u.e.,.".V.a.l.u.e.".:.".A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.y.e.p.7.I.T.

                              C:\Users\user\AppData\Local\Temp\0d799a00-273f-4f0c-9380-6c8edf37d399.tmp

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:Google Chrome extension, version 3
                              Category:dropped
                              Size (bytes):11185
                              Entropy (8bit):7.951995436832936
                              Encrypted:false
                              SSDEEP:
                              MD5:78E47DDA17341BED7BE45DCCFD89AC87
                              SHA1:1AFDE30E46997452D11E4A2ADBBF35CCE7A1404F
                              SHA-256:67D161098BE68CD24FEBC0C7B48F515F199DDA72F20AE3BBB97FCF2542BB0550
                              SHA-512:9574A66D3756540479DC955C4057144283E09CAE11CE11EBCE801053BB48E536E67DC823B91895A9E3EE8D3CB27C065D5E9030C39A26CBF3F201348385B418A5
                              Malicious:false
                              Reputation:unknown
                              Preview:Cr24..............0.."0...*.H.............0.........N.......E#......9e.u.q...VYY..@.+.C..k.O..bK.`..6.G..%.....3Z...e _.6....F..1p..K.Z......./ .3...OT..`..0...Y...FT..43.th.y...}....p.L...2S.&i.`..o...f.oH.....N..:..ijT.3.F{.0.,.f?'f.CQt;b_"Pc.. ..~S.I.c.8Z.;.....{G.a......k...>.`.o..%.$>;.....g.............jg?.R..@.:..........&..{...x@.Py..;kT....%F".S..w...N....9...A..@X.t!i.@..1;......1E..X.....[.~$....J......;=T.;)k..Y...$......S......M.P..P..>..=..u.....2p...w.9..1qw.a\A..Vj .C.....A..Cf1.r6.A...L. _m...[..l.Wr_../.. .B..9!.!+..ZG.K.......0.."0...*.H.............0.........^SUd%Q.L].......Cl2o...\[.....'*...;R=....N.C5....d. .....J.C>u.kr..Y..syJC.XS.q..E.n?....(G.5..)2.G..!.M.SS.{..U....!.EE..M[.#qs.A.1...g)nQ.c..G....Bd..7... .O.BI..KXQ..4.d.K.0......g.....-p....Z.E{...M&.~n.TE7..{0....5.#.C+3.y)pd9.e.........@..3.9..B.....I....2nX........2.?.~..S....]G.N.....Lr.O.Ve....9..D1.G..W)...P.?=.#..7.R.lz..a.wX.e..h.h.~....v..RP.@X....d.G

                              C:\Users\user\AppData\Local\Temp\32ecc927-b1be-4923-8f9a-f66b6531deb8.tmp

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
                              Category:dropped
                              Size (bytes):528779
                              Entropy (8bit):7.928469359678987
                              Encrypted:false
                              SSDEEP:
                              MD5:4458C02CF2455747C4423CD72FE1062E
                              SHA1:53CA46AC15A2ED9A441D04525906EC20D7FD06C5
                              SHA-256:45762F300B15C7780407AB53C8EA9B1D6FD75CC8B854358B589FBB724AE6E6CE
                              SHA-512:BEFFDEB19B8FBB53715315AF2F5342F0579449CEB9A53E1D282EA3FCEC695CA0FE0242FFFC21A349FDEC5F442F58633F50E8C4EAB60BF4C050233DB048B8F597
                              Malicious:false
                              Reputation:unknown
                              Preview:.PNG........IHDR... ... .....szz.....tEXtSoftware.Adobe ImageReadyq.e<...qiTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.5-c014 79.151481, 2013/03/13-12:09:15 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:695f8e9f-409d-324a-b50a-1e3067707628" xmpMM:DocumentID="xmp.did:91EA24D7191011E5B1FF9488C51C29D1" xmpMM:InstanceID="xmp.iid:91EA24D6191011E5B1FF9488C51C29D1" xmp:CreatorTool="Adobe Photoshop CC (Windows)"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:6a6b844a-8117-4c4c-9b2f-30d3769ed7c7" stRef:documentID="xmp.did:695f8e9f-409d-324a-b50a-1e3067707628"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>^.i.....IDATx.bb .0..;./..;@...A.P9F...y

                              C:\Users\user\AppData\Local\Temp\a2beff01-a1e4-4ca9-b050-99801fedcd7b.tmp

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:PNG image data, 342 x 126, 8-bit colormap, non-interlaced
                              Category:dropped
                              Size (bytes):7530
                              Entropy (8bit):7.939299447353715
                              Encrypted:false
                              SSDEEP:
                              MD5:A96BE32BF33CCDC6C0B4137ECB5FD563
                              SHA1:2CDDF8A54326A15323660D44FAD9C0DC485C8D12
                              SHA-256:A6B4FC12406A93652C8856AAA158CE23A3D119B9E6FCFA01ACECB568B0BE001C
                              SHA-512:A6194A915071E400BFB865E21091649A741588EAC78D61850647A7FD2DEEABA3E030C7B07675E7B09AEC50CCF1B33A655737B8E6A31A4DC86A054E1CC108F927
                              Malicious:false
                              Reputation:unknown
                              Preview:.PNG........IHDR...V...~.....H..^....PLTE....ZB.|S.........E.TE.E.TF........(L{.......E.+Fm.......................WL..................UI....Jh......\O...~.L<.OE.........[.k..o.\..f.V....eY.{...u.j......~.......\.bR^......{.`.T.b..r._T.ob.L;.V..w.y..N..z.}j..r._........WK.......{n.n..F...n.sb.lY.h..........b...........{...o.d.a.N3.....n....l....O..U..j..y....S.w.....y.?&..m..R..........s.n..{..^..V...y.-....D..........D...:f..S....Y..b..[{."h..S.....g.T..dx..x.;^.qR....Fs.!L.r...'....oo..0......i.0K......fF...o..0%.}..D....Wi..D.2,.CZ.s?p.2.Ud.c....4..@.b-.:~..#. .......K..y.dy..<:.%9...:Y.J'.$Eo.....>]..}Y.>.6<X>6.bW.d4.......cxTA......dI.OA..S-K.....tRNS... .vvv....p..l.....IDATx...;..0..a...[w..=;.`!>..X..FW...?..)tY..2......*d.*..&N.K.N.v....T..n.]U$.V+L.X.Fq..kV..fq'.X!...!}~..|...P0.........Y+feVf=....0...n.R."E(..H

                              C:\Users\user\AppData\Local\Temp\cb4d1871-cb3d-496f-90e0-a97b90e80040.tmp

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1366x720, components 3
                              Category:dropped
                              Size (bytes):103469
                              Entropy (8bit):7.5851113512003785
                              Encrypted:false
                              SSDEEP:
                              MD5:37CF67E6E5D3AE47CF40406A1E8BE94F
                              SHA1:2A6F868ADC761DB9C03869E238BEA0D67D1FE6CE
                              SHA-256:B4B4DBE335296D0CCF9C659D671A54C2FA06F8B4E41228CF03E1D21F7C8F9D03
                              SHA-512:51F2C8B56592237378BE92C3EFCD814FC3E144120D109B15A7341AB03F9674251EE8B21BB172E6E021100F4EF792A5114D5B94F86EE0B157FD3386975BEC94CD
                              Malicious:false
                              Reputation:unknown
                              Preview:......Exif..II*.................Ducky.......2......Adobe.d...........................................................#"""#''''''''''..................................................!! !!''''''''''........V.."....................................................................................!1..AQ..aq."2....R..T....Br.#S.U..b..3Cs...t6.c.$D.5uV...4d.E&....%F......................!1..AQaq....."2......BRbr3CS....#..4.............?......1f.n..T......TP....E...........P.....@.........E..@......E.P........@........E.....P.P..A@@.E..@.P.P..AP.P..AP..@....T..AP.E..P.Z .. ....."... .....7.H...w.....t.....T....M.."... P..n.n..t5..*B.P..*(.................*.....................( ..................*.. .".... .".......(.. .".....*.. ....o......E.6... ..*..."........."J......Ah......@.@@....:@{6..wCp..3...((.(......................*...@..(...."....................*......*.. ........T.......@.@@........AP.P..@.E@....E@.d.E@.@@..@.P.T..@..@..P.D...@M........EO..."...=.wCp.....R......P.@......

                              C:\Users\user\AppData\Local\Temp\cv_debug.log

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):1420
                              Entropy (8bit):5.398621283893709
                              Encrypted:false
                              SSDEEP:
                              MD5:64C0305DB55CE71CDDFCC2CDFE9C7538
                              SHA1:89AC889409C2FCF4D40BB6A4222F69C6C39A9DC5
                              SHA-256:56EE3F1D985E26AFD9A994BAE892AB8EE0C99E471EB9C7C037173BDEDBC5B09F
                              SHA-512:E2DED7C707E7A01AB3AD81C4FCA2AF78E8258A97B48F275F497445CC8BDFB43FCEA0C177778CAEA3497162C040B65F172AD63982FF6D8670D8723BF7AE1EFD1A
                              Malicious:false
                              Reputation:unknown
                              Preview:{"logTime": "1006/090722", "correlationVector":"rmkayOhJfEabcRCB2/Bp31","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1006/090722", "correlationVector":"jqHPV/yTVN5KYgOfDN/5Rr","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1006/090722", "correlationVector":"25C1A0EE3BD244A1BB83CF2641B12F1A","action":"FETCH_UX_CONFIG", "result":""}.{"logTime": "1006/093120", "correlationVector":"a/GaihlkzouX6tpAQ3civy","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1006/093121", "correlationVector":"2831F27CA5B645488E2DF2452C16A59E","action":"FETCH_UX_CONFIG", "result":""}.{"logTime": "1006/093243", "correlationVector":"7DhT8FK3VbHYWFgub0ZtsN","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1006/093243", "correlationVector":"83EFC8979E1A419495133BAFAFA5A23F","action":"FETCH_UX_CONFIG", "result":""}.{"logTime": "1006/093745", "correlationVector":"Bxyvid0fodNJ7Wehc/BC7P","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1006/093746", "correlationVector":"B1516CBB

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_1825921390\CRX_INSTALL\_metadata\verified_contents.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):1753
                              Entropy (8bit):5.8889033066924155
                              Encrypted:false
                              SSDEEP:
                              MD5:738E757B92939B24CDBBD0EFC2601315
                              SHA1:77058CBAFA625AAFBEA867052136C11AD3332143
                              SHA-256:D23B2BA94BA22BBB681E6362AE5870ACD8A3280FA9E7241B86A9E12982968947
                              SHA-512:DCA3E12DD5A9F1802DB6D11B009FCE2B787E79B9F730094367C9F26D1D87AF1EA072FF5B10888648FB1231DD83475CF45594BB0C9915B655EE363A3127A5FFC2
                              Malicious:false
                              Reputation:unknown
                              Preview:[.. {.. "description": "treehash per file",.. "signed_content": {.. "payload": "eyJpdGVtX2lkIjoiam1qZmxnanBjcGVwZWFmbW1nZHBma29na2doY3BpaGEiLCJpdGVtX3ZlcnNpb24iOiIxLjIuMSIsInByb3RvY29sX3ZlcnNpb24iOjEsImNvbnRlbnRfaGFzaGVzIjpbeyJmb3JtYXQiOiJ0cmVlaGFzaCIsImRpZ2VzdCI6InNoYTI1NiIsImJsb2NrX3NpemUiOjQwOTYsImhhc2hfYmxvY2tfc2l6ZSI6NDA5NiwiZmlsZXMiOlt7InBhdGgiOiJjb250ZW50LmpzIiwicm9vdF9oYXNoIjoiQS13R1JtV0VpM1lybmxQNktneUdrVWJ5Q0FoTG9JZnRRZGtHUnBEcnp1QSJ9LHsicGF0aCI6ImNvbnRlbnRfbmV3LmpzIiwicm9vdF9oYXNoIjoiVU00WVRBMHc5NFlqSHVzVVJaVTFlU2FBSjFXVENKcHhHQUtXMGxhcDIzUSJ9LHsicGF0aCI6Im1hbmlmZXN0Lmpzb24iLCJyb290X2hhc2giOiJKNXYwVTkwRmN0ejBveWJMZmZuNm5TbHFLU0h2bHF2YkdWYW9FeWFOZU1zIn1dfV19",.. "signatures": [.. {.. "header": {.. "kid": "publisher".. },.. "protected": "eyJhbGciOiJSUzI1NiJ9",.. "signature": "UglEEilkOml5P1W0X6wc-_dB87PQB73uMir11923av57zPKujb4IUe_lbGpn7cRZsy6x-8i9eEKxAW7L2TSmYqrcp4XtiON6ppcf27FWACXOUJDax9wlMr-EOtyZhykCnB9vR

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_1825921390\CRX_INSTALL\content.js

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:Unicode text, UTF-8 text, with very long lines (8031), with no line terminators
                              Category:dropped
                              Size (bytes):9815
                              Entropy (8bit):6.1716321262973315
                              Encrypted:false
                              SSDEEP:
                              MD5:3D20584F7F6C8EAC79E17CCA4207FB79
                              SHA1:3C16DCC27AE52431C8CDD92FBAAB0341524D3092
                              SHA-256:0D40A5153CB66B5BDE64906CA3AE750494098F68AD0B4D091256939EEA243643
                              SHA-512:315D1B4CC2E70C72D7EB7D51E0F304F6E64AC13AE301FD2E46D585243A6C936B2AD35A0964745D291AE9B317C316A29760B9B9782C88CC6A68599DB531F87D59
                              Malicious:false
                              Reputation:unknown
                              Preview:(()=>{"use strict";var e={1:(e,o)=>{Object.defineProperty(o,"__esModule",{value:!0}),o.newCwsPromotionalButtonCta=o.chromeToEdgeCwsButtonCtaMapping=void 0,o.chromeToEdgeCwsButtonCtaMapping={"...... ... Chrome":"...... ....","........ .. Chrome":".....",........:"..........",".......... .. Chrome":"..........","Chrome . .....":"...","Chrome .... ....":"....","Afegeix a Chrome":"Obt.n","Suprimeix de Chrome":"Suprimeix","P.idat do Chromu":"Z.skat","Odstranit z Chromu":"Odebrat","F.j til Chrome":"F.","Fjern fra Chrome":"Fjerne",Hinzuf.gen:"Abrufen","Aus Chrome entfernen":"Entfernen","Add to Chrome":"Get","Remove from Chrome":"Remove","A.adir a Chrome":"Obtener",Desinstalar:"Quitar","Agregar a Chrome":"Obtener","Eliminar de Chrome":"Quitar","Lisa Chrome'i":"Hangi","Chrome'ist eemaldamine":"Eemalda",.......H:"........","......... ... .. Chr

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_1825921390\CRX_INSTALL\content_new.js

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:Unicode text, UTF-8 text, with very long lines (8604), with no line terminators
                              Category:dropped
                              Size (bytes):10388
                              Entropy (8bit):6.174387413738973
                              Encrypted:false
                              SSDEEP:
                              MD5:3DE1E7D989C232FC1B58F4E32DE15D64
                              SHA1:42B152EA7E7F31A964914F344543B8BF14B5F558
                              SHA-256:D4AA4602A1590A4B8A1BCE8B8D670264C9FB532ADC97A72BC10C43343650385A
                              SHA-512:177E5BDF3A1149B0229B6297BAF7B122602F7BD753F96AA41CCF2D15B2BCF6AF368A39BB20336CCCE121645EC097F6BEDB94666C74ACB6174EB728FBFC43BC2A
                              Malicious:false
                              Reputation:unknown
                              Preview:(()=>{"use strict";var e={1:(e,o)=>{Object.defineProperty(o,"__esModule",{value:!0}),o.newCwsPromotionalButtonCta=o.chromeToEdgeCwsButtonCtaMapping=void 0,o.chromeToEdgeCwsButtonCtaMapping={"...... ... Chrome":"...... ....","........ .. Chrome":".....",........:"..........",".......... .. Chrome":"..........","Chrome . .....":"...","Chrome .... ....":"....","Afegeix a Chrome":"Obt.n","Suprimeix de Chrome":"Suprimeix","P.idat do Chromu":"Z.skat","Odstranit z Chromu":"Odebrat","F.j til Chrome":"F.","Fjern fra Chrome":"Fjerne",Hinzuf.gen:"Abrufen","Aus Chrome entfernen":"Entfernen","Add to Chrome":"Get","Remove from Chrome":"Remove","A.adir a Chrome":"Obtener",Desinstalar:"Quitar","Agregar a Chrome":"Obtener","Eliminar de Chrome":"Quitar","Lisa Chrome'i":"Hangi","Chrome'ist eemaldamine":"Eemalda",.......H:"........","......... ... .. Chr

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_1825921390\CRX_INSTALL\manifest.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):962
                              Entropy (8bit):5.698567446030411
                              Encrypted:false
                              SSDEEP:
                              MD5:E805E9E69FD6ECDCA65136957B1FB3BE
                              SHA1:2356F60884130C86A45D4B232A26062C7830E622
                              SHA-256:5694C91F7D165C6F25DAF0825C18B373B0A81EA122C89DA60438CD487455FD6A
                              SHA-512:049662EF470D2B9E030A06006894041AE6F787449E4AB1FBF4959ADCB88C6BB87A957490212697815BB3627763C01B7B243CF4E3C4620173A95795884D998A75
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "content_scripts": [ {.. "js": [ "content.js" ],.. "matches": [ "https://chrome.google.com/webstore/*" ].. }, {.. "js": [ "content_new.js" ],.. "matches": [ "https://chromewebstore.google.com/*" ].. } ],.. "description": "Edge relevant text changes on select websites to improve user experience and precisely surfaces the action they want to take.",.. "key": "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu06p2Mjoy6yJDUUjCe8Hnqvtmjll73XqcbylxFZZWe+MCEAEK+1D0Nxrp0+IuWJL02CU3jbuR5KrJYoezA36M1oSGY5lIF/9NhXWEx5GrosxcBjxqEsdWv/eDoOOEbIvIO0ziMv7T1SUnmAA07wwq8DXWYuwlkZU/PA0Mxx0aNZ5+QyMfYqRmMpwxkwPG8gyU7kmacxgCY1v7PmmZo1vSIEOBYrxl064w5Q6s/dpalSJM9qeRnvRMLsszGY/J2bjQ1F0O2JfIlBjCOUg/89+U8ZJ1mObOFrKO4um8QnenXtH0WGmsvb5qBNrvbWNPuFgr2+w5JYlpSQ+O8zUCb8QZwIDAQAB",.. "manifest_version": 3,.. "name": "Edge relevant text changes",.. "update_url": "https://edge.microsoft.com/extensionwebstorebase/v1/crx",.. "version": "1.2.1"..}..

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\128.png

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
                              Category:dropped
                              Size (bytes):4982
                              Entropy (8bit):7.929761711048726
                              Encrypted:false
                              SSDEEP:
                              MD5:913064ADAAA4C4FA2A9D011B66B33183
                              SHA1:99EA751AC2597A080706C690612AEEEE43161FC1
                              SHA-256:AFB4CE8882EF7AE80976EBA7D87F6E07FCDDC8E9E84747E8D747D1E996DEA8EB
                              SHA-512:162BF69B1AD5122C6154C111816E4B87A8222E6994A72743ED5382D571D293E1467A2ED2FC6CC27789B644943CF617A56DA530B6A6142680C5B2497579A632B5
                              Malicious:false
                              Reputation:unknown
                              Preview:.PNG........IHDR..............>a....=IDATx..]}...U..;...O.Q..QH.I(....v..E....GUb*..R[.4@%..hK..B..(.B..". ....&)U#.%...jZ...JC.8.....{.cfvgf.3;.....}ow.....{...P.B...*T.P.B...*Tx...=.Q..wv.w.....|.e.1.$.P.?..l_\.n.}...~.g.....Q...A.f....m.....{,...C2 %..X.......FE.1.N..f...Q..D.K87.....:g..Q.{............3@$.8.....{.....q....G.. .....5..y......)XK..F...D.......... ."8...J#.eM.i....H.E.....a.RIP.`......)..T.....! .[p`X.`..L.a....e. .T..2.....H..p$..02...j....\..........s{...Ymm~.a........f.$./.[.{..C.2:.0..6..]....`....NW.....0..o.T..$;k.2......_...k..{,.+........{..6...L..... .dw...l$..}...K...EV....0......P...e....k....+Go....qw.9.1...X2\..qfw0v.....N...{...l.."....f.A..I..+#.v....'..~E.N-k.........{...l.$..ga..1...$......x$X=}.N..S..B$p..`..`.ZG:c..RA.(.0......Gg.A.I..>...3u.u........_..KO.m.........C...,..c.......0...@_..m...-..7.......4LZ......j@.......\..'....u. QJ.:G..I`.w'B0..w.H..'b.0- ......|..}./.....e..,.K.1........W.u.v. ...\.o

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\af\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):908
                              Entropy (8bit):4.512512697156616
                              Encrypted:false
                              SSDEEP:
                              MD5:12403EBCCE3AE8287A9E823C0256D205
                              SHA1:C82D43C501FAE24BFE05DB8B8F95ED1C9AC54037
                              SHA-256:B40BDE5B612CFFF936370B32FB0C58CC205FC89937729504C6C0B527B60E2CBA
                              SHA-512:153401ECDB13086D2F65F9B9F20ACB3CEFE5E2AEFF1C31BA021BE35BF08AB0634812C33D1D34DA270E5693A8048FC5E2085E30974F6A703F75EA1622A0CA0FFD
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": "SKEP NUWE".. },.. "explanationofflinedisabled": {.. "message": "Jy is vanlyn. As jy Google Dokumente sonder 'n internetverbinding wil gebruik, moet jy die volgende keer as jy aan die internet gekoppel is na instellings op die Google Dokumente-tuisblad gaan en vanlynsinkronisering aanskakel.".. },.. "explanationofflineenabled": {.. "message": "Jy is vanlyn, maar jy kan nog steeds beskikbare l.ers redigeer of nuwes skep.".. },.. "extdesc": {.. "message": "Skep, wysig en bekyk jou dokumente, sigblaaie en aanbiedings . alles sonder toegang tot die internet.".. },.. "extname": {.. "message": "Google Vanlyn Dokumente".. },.. "learnmore": {.. "message": "Kom meer te wete".. },.. "popuphelptext": {.. "message": "Skryf, redigeer en werk saam, waar jy ook al is, met of sonder 'n internetverbinding.".. }..}..

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\am\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):1285
                              Entropy (8bit):4.702209356847184
                              Encrypted:false
                              SSDEEP:
                              MD5:9721EBCE89EC51EB2BAEB4159E2E4D8C
                              SHA1:58979859B28513608626B563138097DC19236F1F
                              SHA-256:3D0361A85ADFCD35D0DE74135723A75B646965E775188F7DCDD35E3E42DB788E
                              SHA-512:FA3689E8663565D3C1C923C81A620B006EA69C99FB1EB15D07F8F45192ED9175A6A92315FA424159C1163382A3707B25B5FC23E590300C62CBE2DACE79D84871
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": "... ...".. },.. "explanationofflinedisabled": {.. "message": "..... .. .... Google ..... ........ ..... ..... .Google .... ... .. .. .. ..... .... ....... .. ....... ... .. .. ..... .. ..... ....".. },.. "explanationofflineenabled": {.. "message": "..... .. .... ... .. .... .... ..... .... ... ..... .... .....".. },.. "extdesc": {.. "message": "...... ..... .... ... .. ..... ...... ..... .... .. ..... . .... .. ...... .....".. },.. "extname": {.. "message": "..... .. Goog

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\ar\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):1244
                              Entropy (8bit):4.5533961615623735
                              Encrypted:false
                              SSDEEP:
                              MD5:3EC93EA8F8422FDA079F8E5B3F386A73
                              SHA1:24640131CCFB21D9BC3373C0661DA02D50350C15
                              SHA-256:ABD0919121956AB535E6A235DE67764F46CFC944071FCF2302148F5FB0E8C65A
                              SHA-512:F40E879F85BC9B8120A9B7357ED44C22C075BF065F45BEA42BD5316AF929CBD035D5D6C35734E454AEF5B79D378E51A77A71FA23F9EBD0B3754159718FCEB95C
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": "..... ....".. },.. "explanationofflinedisabled": {.. "message": "... ... ...... ........ ....... Google ... ..... .......... ..... ... ......... .. ...... ........ ........ Google ..... ........ ... ..... .. ..... ....... .... .... .... ..........".. },.. "explanationofflineenabled": {.. "message": "... ... ...... .... .. .... ....... ..... ....... ....... .. ..... ..... ......".. },.. "extdesc": {.. "message": "..... ......... ...... ........ ....... ......... ........ ....... .. ... ... ..... .........".. },.. "extname": {.. "message": "....... Google ... ......".. },.. "learnmore": {.. "messa

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\az\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):977
                              Entropy (8bit):4.867640976960053
                              Encrypted:false
                              SSDEEP:
                              MD5:9A798FD298008074E59ECC253E2F2933
                              SHA1:1E93DA985E880F3D3350FC94F5CCC498EFC8C813
                              SHA-256:628145F4281FA825D75F1E332998904466ABD050E8B0DC8BB9B6A20488D78A66
                              SHA-512:9094480379F5AB711B3C32C55FD162290CB0031644EA09A145E2EF315DA12F2E55369D824AF218C3A7C37DD9A276AEEC127D8B3627D3AB45A14B0191ED2BBE70
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": "YEN.S.N. YARADIN".. },.. "explanationofflinedisabled": {.. "message": "Oflayns.n.z. Google S.n.di internet ba.lant.s. olmadan istifad. etm.k ist.yirsinizs., Google S.n.din .sas s.hif.sind. ayarlara gedin v. n.vb.ti d.f. internet. qo.ulanda oflayn sinxronizasiyan. aktiv edin.".. },.. "explanationofflineenabled": {.. "message": "Oflayns.n.z, amma m.vcud fayllar. redakt. ed. v. yenil.rini yarada bil.rsiniz.".. },.. "extdesc": {.. "message": "S.n.d, c.dv.l v. t.qdimatlar.n ham.s.n. internet olmadan redakt. edin, yarad.n v. bax.n.".. },.. "extname": {.. "message": "Google S.n.d Oflayn".. },.. "learnmore": {.. "message": ".trafl. M.lumat".. },.. "popuphelptext": {.. "message": "Harda olma..n.zdan v. internet. qo.ulu olub-olmad...n.zdan as.l. olmayaraq, yaz.n, redakt. edin v. .m.kda.l.q edin.".. }..}..

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\be\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):3107
                              Entropy (8bit):3.535189746470889
                              Encrypted:false
                              SSDEEP:
                              MD5:68884DFDA320B85F9FC5244C2DD00568
                              SHA1:FD9C01E03320560CBBB91DC3D1917C96D792A549
                              SHA-256:DDF16859A15F3EB3334D6241975CA3988AC3EAFC3D96452AC3A4AFD3644C8550
                              SHA-512:7FF0FBD555B1F9A9A4E36B745CBFCAD47B33024664F0D99E8C080BE541420D1955D35D04B5E973C07725573E592CD0DD84FDBB867C63482BAFF6929ADA27CCDE
                              Malicious:false
                              Reputation:unknown
                              Preview:{"createnew":{"message":"\u0421\u0422\u0412\u0410\u0420\u042b\u0426\u042c \u041d\u041e\u0412\u042b"},"explanationofflinedisabled":{"message":"\u0412\u044b \u045e \u043f\u0430\u0437\u0430\u0441\u0435\u0442\u043a\u0430\u0432\u044b\u043c \u0440\u044d\u0436\u044b\u043c\u0435. \u041a\u0430\u0431 \u043a\u0430\u0440\u044b\u0441\u0442\u0430\u0446\u0446\u0430 \u0414\u0430\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u043c\u0456 Google \u0431\u0435\u0437 \u043f\u0430\u0434\u043a\u043b\u044e\u0447\u044d\u043d\u043d\u044f \u0434\u0430 \u0456\u043d\u0442\u044d\u0440\u043d\u044d\u0442\u0443, \u043f\u0435\u0440\u0430\u0439\u0434\u0437\u0456\u0446\u0435 \u0434\u0430 \u043d\u0430\u043b\u0430\u0434 \u043d\u0430 \u0433\u0430\u043b\u043e\u045e\u043d\u0430\u0439 \u0441\u0442\u0430\u0440\u043e\u043d\u0446\u044b \u0414\u0430\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u045e Google \u0456 \u045e\u043a\u043b\u044e\u0447\u044b\u0446\u0435 \u0441\u0456\u043d\u0445\u0440\u0430\u043d\u0456\u0437\u0430\u0446\u044b\u044e

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\bg\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):1389
                              Entropy (8bit):4.561317517930672
                              Encrypted:false
                              SSDEEP:
                              MD5:2E6423F38E148AC5A5A041B1D5989CC0
                              SHA1:88966FFE39510C06CD9F710DFAC8545672FFDCEB
                              SHA-256:AC4A8B5B7C0B0DD1C07910F30DCFBDF1BCB701CFCFD182B6153FD3911D566C0E
                              SHA-512:891FCDC6F07337970518322C69C6026896DD3588F41F1E6C8A1D91204412CAE01808F87F9F2DEA1754458D70F51C3CEF5F12A9E3FC011165A42B0844C75EC683
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": ".........".. },.. "explanationofflinedisabled": {.. "message": "...... .... .. .. .......... Google ......... ... ........ ......, ........ ........... . ......... ........ .. Google ......... . ........ ...... .............. ......... ..., ...... ..... ...... . .........".. },.. "explanationofflineenabled": {.. "message": "...... ..., .. ... ...... .. ........... ......... ....... ... .. ......... .....".. },.. "extdesc": {.. "message": "............, .......... . ............ ...... ........., .......... ....... . ........... . ...... .... ... ...... .. .........".. },..

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\bn\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):1763
                              Entropy (8bit):4.25392954144533
                              Encrypted:false
                              SSDEEP:
                              MD5:651375C6AF22E2BCD228347A45E3C2C9
                              SHA1:109AC3A912326171D77869854D7300385F6E628C
                              SHA-256:1DBF38E425C5C7FC39E8077A837DF0443692463BA1FBE94E288AB5A93242C46E
                              SHA-512:958AA7CF645FAB991F2ECA0937BA734861B373FB1C8BCC001599BE57C65E0917F7833A971D93A7A6423C5F54A4839D3A4D5F100C26EFA0D2A068516953989F9D
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": ".... .... ....".. },.. "explanationofflinedisabled": {.. "message": ".... ....... ....... .... ......... ..... ..... Google ........ ....... ...., Google .......... ........ ....... ... ... .... ... .... ... ........... .... ....... .... ... ...... ..... .... .....".. },.. "explanationofflineenabled": {.. "message": ".... ....... ......, ...... .... .... ...... .......... ........ .... .. .... .... .... .... .......".. },.. "extdesc":

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\ca\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):930
                              Entropy (8bit):4.569672473374877
                              Encrypted:false
                              SSDEEP:
                              MD5:D177261FFE5F8AB4B3796D26835F8331
                              SHA1:4BE708E2FFE0F018AC183003B74353AD646C1657
                              SHA-256:D6E65238187A430FF29D4C10CF1C46B3F0FA4B91A5900A17C5DFD16E67FFC9BD
                              SHA-512:E7D730304AED78C0F4A78DADBF835A22B3D8114FB41D67B2B26F4FE938B572763D3E127B7C1C81EBE7D538DA976A7A1E7ADC40F918F88AFADEA2201AE8AB47D0
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": "CREA'N UN DE NOU".. },.. "explanationofflinedisabled": {.. "message": "No tens connexi.. Per utilitzar Documents de Google sense connexi. a Internet, ves a la configuraci. de la p.gina d'inici d'aquest servei i activa l'opci. per sincronitzar-se sense connexi. la propera vegada que estiguis connectat a la xarxa.".. },.. "explanationofflineenabled": {.. "message": "Tot i que no tens connexi., pots editar o crear fitxers.".. },.. "extdesc": {.. "message": "Edita, crea i consulta documents, fulls de c.lcul i presentacions, tot sense acc.s a Internet.".. },.. "extname": {.. "message": "Documents de Google sense connexi.".. },.. "learnmore": {.. "message": "M.s informaci.".. },.. "popuphelptext": {.. "message": "Escriu text, edita fitxers i col.labora-hi siguis on siguis, amb o sense connexi. a Internet.".. }..}..

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\cs\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):913
                              Entropy (8bit):4.947221919047
                              Encrypted:false
                              SSDEEP:
                              MD5:CCB00C63E4814F7C46B06E4A142F2DE9
                              SHA1:860936B2A500CE09498B07A457E0CCA6B69C5C23
                              SHA-256:21AE66CE537095408D21670585AD12599B0F575FF2CB3EE34E3A48F8CC71CFAB
                              SHA-512:35839DAC6C985A6CA11C1BFF5B8B5E59DB501FCB91298E2C41CB0816B6101BF322445B249EAEA0CEF38F76D73A4E198F2B6E25EEA8D8A94EA6007D386D4F1055
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": "VYTVO.IT".. },.. "explanationofflinedisabled": {.. "message": "Jste offline. Pokud chcete Dokumenty Google pou..vat bez p.ipojen. k.internetu, a. budete p...t. online, p.ejd.te do nastaven. na domovsk. str.nce Dokument. Google a.zapn.te offline synchronizaci.".. },.. "explanationofflineenabled": {.. "message": "Jste offline, ale st.le m..ete upravovat dostupn. soubory nebo vytv..et nov..".. },.. "extdesc": {.. "message": "Upravujte, vytv..ejte a.zobrazujte sv. dokumenty, tabulky a.prezentace . v.e bez p..stupu k.internetu.".. },.. "extname": {.. "message": "Dokumenty Google offline".. },.. "learnmore": {.. "message": "Dal.. informace".. },.. "popuphelptext": {.. "message": "Pi.te, upravujte a.spolupracujte kdekoli, s.p.ipojen.m k.internetu i.bez n.j.".. }..}..

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\cy\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):806
                              Entropy (8bit):4.815663786215102
                              Encrypted:false
                              SSDEEP:
                              MD5:A86407C6F20818972B80B9384ACFBBED
                              SHA1:D1531CD0701371E95D2A6BB5EDCB79B949D65E7C
                              SHA-256:A482663292A913B02A9CDE4635C7C92270BF3C8726FD274475DC2C490019A7C9
                              SHA-512:D9FBF675514A890E9656F83572208830C6D977E34D5744C298A012515BC7EB5A17726ADD0D9078501393BABD65387C4F4D3AC0CC0F7C60C72E09F336DCA88DE7
                              Malicious:false
                              Reputation:unknown
                              Preview:{"createnew":{"message":"CREU NEWYDD"},"explanationofflinedisabled":{"message":"Rydych chi all-lein. I ddefnyddio Dogfennau Google heb gysylltiad \u00e2'r rhyngrwyd, ewch i'r gosodiadau ar dudalen hafan Dogfennau Google a throi 'offine sync' ymlaen y tro nesaf y byddwch wedi'ch cysylltu \u00e2'r rhyngrwyd."},"explanationofflineenabled":{"message":"Rydych chi all-lein, ond gallwch barhau i olygu'r ffeiliau sydd ar gael neu greu rhai newydd."},"extdesc":{"message":"Gallwch olygu, creu a gweld eich dogfennau, taenlenni a chyflwyniadau \u2013 i gyd heb fynediad i'r rhyngrwyd."},"extname":{"message":"Dogfennau Google All-lein"},"learnmore":{"message":"DYSGU MWY"},"popuphelptext":{"message":"Ysgrifennwch, golygwch a chydweithiwch lle bynnag yr ydych, gyda chysylltiad \u00e2'r rhyngrwyd neu hebddo."}}.

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\da\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):883
                              Entropy (8bit):4.5096240460083905
                              Encrypted:false
                              SSDEEP:
                              MD5:B922F7FD0E8CCAC31B411FC26542C5BA
                              SHA1:2D25E153983E311E44A3A348B7D97AF9AAD21A30
                              SHA-256:48847D57C75AF51A44CBF8F7EF1A4496C2007E58ED56D340724FDA1604FF9195
                              SHA-512:AD0954DEEB17AF04858DD5EC3D3B3DA12DFF7A666AF4061DEB6FD492992D95DB3BAF751AB6A59BEC7AB22117103A93496E07632C2FC724623BB3ACF2CA6093F3
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": "OPRET NYT".. },.. "explanationofflinedisabled": {.. "message": "Du er offline. Hvis du vil bruge Google Docs uden en internetforbindelse, kan du g. til indstillinger p. startsiden for Google Docs og aktivere offlinesynkronisering, n.ste gang du har internetforbindelse.".. },.. "explanationofflineenabled": {.. "message": "Du er offline, men du kan stadig redigere tilg.ngelige filer eller oprette nye.".. },.. "extdesc": {.. "message": "Rediger, opret og se dine dokumenter, regneark og pr.sentationer helt uden internetadgang.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "F. flere oplysninger".. },.. "popuphelptext": {.. "message": "Skriv, rediger og samarbejd, uanset hvor du er, og uanset om du har internetforbindelse.".. }..}..

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\de\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):1031
                              Entropy (8bit):4.621865814402898
                              Encrypted:false
                              SSDEEP:
                              MD5:D116453277CC860D196887CEC6432FFE
                              SHA1:0AE00288FDE696795CC62FD36EABC507AB6F4EA4
                              SHA-256:36AC525FA6E28F18572D71D75293970E0E1EAD68F358C20DA4FDC643EEA2C1C5
                              SHA-512:C788C3202A27EC220E3232AE25E3C855F3FDB8F124848F46A3D89510C564641A2DFEA86D5014CEA20D3D2D3C1405C96DBEB7CCAD910D65C55A32FDCA8A33FDD4
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": "NEU ERSTELLEN".. },.. "explanationofflinedisabled": {.. "message": "Sie sind offline. Um Google Docs ohne Internetverbindung zu verwenden, gehen Sie auf der Google Docs-Startseite auf \"Einstellungen\" und schalten die Offlinesynchronisierung ein, wenn Sie das n.chste Mal mit dem Internet verbunden sind.".. },.. "explanationofflineenabled": {.. "message": "Sie sind offline, aber k.nnen weiterhin verf.gbare Dateien bearbeiten oder neue Dateien erstellen.".. },.. "extdesc": {.. "message": "Mit der Erweiterung k.nnen Sie Dokumente, Tabellen und Pr.sentationen bearbeiten, erstellen und aufrufen.. ganz ohne Internetverbindung.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Weitere Informationen".. },.. "popuphelptext": {.. "message": "Mit oder ohne Internetverbindung: Sie k.nnen von .berall Dokumente erstellen, .ndern und zusammen mit anderen

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\el\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):1613
                              Entropy (8bit):4.618182455684241
                              Encrypted:false
                              SSDEEP:
                              MD5:9ABA4337C670C6349BA38FDDC27C2106
                              SHA1:1FC33BE9AB4AD99216629BC89FBB30E7AA42B812
                              SHA-256:37CA6AB271D6E7C9B00B846FDB969811C9CE7864A85B5714027050795EA24F00
                              SHA-512:8564F93AD8485C06034A89421CE74A4E719BBAC865E33A7ED0B87BAA80B7F7E54B240266F2EDB595DF4E6816144428DB8BE18A4252CBDCC1E37B9ECC9F9D7897
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": ".......... ....".. },.. "explanationofflinedisabled": {.. "message": "..... ..... ......... ... .. ............... .. ....... Google ..... ....... ... ........., ......... .... ......... .... ...... ...... ... ........ Google ... ............. ... ........... ..... ........ ... ....... .... ... .. ..... ............ ... ..........".. },.. "explanationofflineenabled": {.. "message": "..... ..... ........ .... ........ .. .............. .. ......... ...... . .. ............. ... .......".. },.. "extdesc": {.. "message": ".............., ............ ... ..... .. ......., .

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\en_CA\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):851
                              Entropy (8bit):4.4858053753176526
                              Encrypted:false
                              SSDEEP:
                              MD5:07FFBE5F24CA348723FF8C6C488ABFB8
                              SHA1:6DC2851E39B2EE38F88CF5C35A90171DBEA5B690
                              SHA-256:6895648577286002F1DC9C3366F558484EB7020D52BBF64A296406E61D09599C
                              SHA-512:7ED2C8DB851A84F614D5DAF1D5FE633BD70301FD7FF8A6723430F05F642CEB3B1AD0A40DE65B224661C782FFCEC69D996EBE3E5BB6B2F478181E9A07D8CD41F6
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": "CREATE NEW".. },.. "explanationofflinedisabled": {.. "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet.".. },.. "explanationofflineenabled": {.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extdesc": {.. "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Learn More".. },.. "popuphelptext": {.. "message": "Write, edit, and collaborate wherever you are, with or without an internet connection.".. }..}..

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\en_GB\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):848
                              Entropy (8bit):4.494568170878587
                              Encrypted:false
                              SSDEEP:
                              MD5:3734D498FB377CF5E4E2508B8131C0FA
                              SHA1:AA23E39BFE526B5E3379DE04E00EACBA89C55ADE
                              SHA-256:AB5CDA04013DCE0195E80AF714FBF3A67675283768FFD062CF3CF16EDB49F5D4
                              SHA-512:56D9C792954214B0DE56558983F7EB7805AC330AF00E944E734340BE41C68E5DD03EDDB17A63BC2AB99BDD9BE1F2E2DA5BE8BA7C43D938A67151082A9041C7BA
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": "CREATE NEW".. },.. "explanationofflinedisabled": {.. "message": "You're offline. To use Google Docs without an Internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the Internet.".. },.. "explanationofflineenabled": {.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extdesc": {.. "message": "Edit, create and view your documents, spreadsheets and presentations . all without Internet access.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Learn more".. },.. "popuphelptext": {.. "message": "Write, edit and collaborate wherever you are, with or without an Internet connection.".. }..}..

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\en_US\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):1425
                              Entropy (8bit):4.461560329690825
                              Encrypted:false
                              SSDEEP:
                              MD5:578215FBB8C12CB7E6CD73FBD16EC994
                              SHA1:9471D71FA6D82CE1863B74E24237AD4FD9477187
                              SHA-256:102B586B197EA7D6EDFEB874B97F95B05D229EA6A92780EA8544C4FF1E6BC5B1
                              SHA-512:E698B1A6A6ED6963182F7D25AC12C6DE06C45D14499DDC91E81BDB35474E7EC9071CFEBD869B7D129CB2CD127BC1442C75E408E21EB8E5E6906A607A3982B212
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createNew": {.. "description": "Text shown in the extension pop up for creating a new document",.. "message": "CREATE NEW".. },.. "explanationOfflineDisabled": {.. "description": "Text shown in the extension popup when the user is offline and offline is disabled.",.. "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet.".. },.. "explanationOfflineEnabled": {.. "description": "Text shown in the extension popup when the user is offline and offline is enabled.",.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extDesc": {.. "description": "Extension description",.. "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access.".. },.. "extName": {.. "description": "Extension name",..

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\es\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):961
                              Entropy (8bit):4.537633413451255
                              Encrypted:false
                              SSDEEP:
                              MD5:F61916A206AC0E971CDCB63B29E580E3
                              SHA1:994B8C985DC1E161655D6E553146FB84D0030619
                              SHA-256:2008F4FAAB71AB8C76A5D8811AD40102C380B6B929CE0BCE9C378A7CADFC05EB
                              SHA-512:D9C63B2F99015355ACA04D74A27FD6B81170750C4B4BE7293390DC81EF4CD920EE9184B05C61DC8979B6C2783528949A4AE7180DBF460A2620DBB0D3FD7A05CF
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": "CREAR".. },.. "explanationofflinedisabled": {.. "message": "No tienes conexi.n. Para usar Documentos de Google sin conexi.n a Internet, ve a Configuraci.n en la p.gina principal de Documentos de Google y activa la sincronizaci.n sin conexi.n la pr.xima vez que te conectes a Internet.".. },.. "explanationofflineenabled": {.. "message": "No tienes conexi.n. Aun as., puedes crear archivos o editar los que est.n disponibles.".. },.. "extdesc": {.. "message": "Edita, crea y consulta tus documentos, hojas de c.lculo y presentaciones; todo ello, sin acceso a Internet.".. },.. "extname": {.. "message": "Documentos de Google sin conexi.n".. },.. "learnmore": {.. "message": "M.s informaci.n".. },.. "popuphelptext": {.. "message": "Escribe o edita contenido y colabora con otras personas desde cualquier lugar, con o sin conexi.n a Internet.".. }..}..

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\es_419\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):959
                              Entropy (8bit):4.570019855018913
                              Encrypted:false
                              SSDEEP:
                              MD5:535331F8FB98894877811B14994FEA9D
                              SHA1:42475E6AFB6A8AE41E2FC2B9949189EF9BBE09FB
                              SHA-256:90A560FF82605DB7EDA26C90331650FF9E42C0B596CEDB79B23598DEC1B4988F
                              SHA-512:2CE9C69E901AB5F766E6CFC1E592E1AF5A07AA78D154CCBB7898519A12E6B42A21C5052A86783ABE3E7A05043D4BD41B28960FEDDB30169FF7F7FE7208C8CFE9
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": "CREAR NUEVO".. },.. "explanationofflinedisabled": {.. "message": "No tienes conexi.n. Para usar Documentos de Google sin conexi.n a Internet, ve a la configuraci.n de la p.gina principal de Documentos de Google y activa la sincronizaci.n sin conexi.n la pr.xima vez que est.s conectado a Internet.".. },.. "explanationofflineenabled": {.. "message": "No tienes conexi.n, pero a.n puedes modificar los archivos disponibles o crear otros nuevos.".. },.. "extdesc": {.. "message": "Edita, crea y consulta tus documentos, hojas de c.lculo y presentaciones aunque no tengas acceso a Internet".. },.. "extname": {.. "message": "Documentos de Google sin conexi.n".. },.. "learnmore": {.. "message": "M.s informaci.n".. },.. "popuphelptext": {.. "message": "Escribe, modifica y colabora dondequiera que est.s, con conexi.n a Internet o sin ella.".. }..}..

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\et\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):968
                              Entropy (8bit):4.633956349931516
                              Encrypted:false
                              SSDEEP:
                              MD5:64204786E7A7C1ED9C241F1C59B81007
                              SHA1:586528E87CD670249A44FB9C54B1796E40CDB794
                              SHA-256:CC31B877238DA6C1D51D9A6155FDE565727A1956572F466C387B7E41C4923A29
                              SHA-512:44FCF93F3FB10A3DB68D74F9453995995AB2D16863EC89779DB451A4D90F19743B8F51095EEC3ECEF5BD0C5C60D1BF3DFB0D64DF288DCCFBE70C129AE350B2C6
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": "LOO UUS".. },.. "explanationofflinedisabled": {.. "message": "Teil ei ole v.rgu.hendust. Teenuse Google.i dokumendid kasutamiseks ilma Interneti-.henduseta avage j.rgmine kord, kui olete Internetiga .hendatud, teenuse Google.i dokumendid avalehel seaded ja l.litage sisse v.rgu.henduseta s.nkroonimine.".. },.. "explanationofflineenabled": {.. "message": "Teil ei ole v.rgu.hendust, kuid saate endiselt saadaolevaid faile muuta v.i uusi luua.".. },.. "extdesc": {.. "message": "Saate luua, muuta ja vaadata oma dokumente, arvustustabeleid ning esitlusi ilma Interneti-.henduseta.".. },.. "extname": {.. "message": "V.rgu.henduseta Google.i dokumendid".. },.. "learnmore": {.. "message": "Lisateave".. },.. "popuphelptext": {.. "message": "Kirjutage, muutke ja tehke koost..d .ksk.ik kus olenemata sellest, kas teil on Interneti-.hendus.".. }..}..

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\eu\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):838
                              Entropy (8bit):4.4975520913636595
                              Encrypted:false
                              SSDEEP:
                              MD5:29A1DA4ACB4C9D04F080BB101E204E93
                              SHA1:2D0E4587DDD4BAC1C90E79A88AF3BD2C140B53B1
                              SHA-256:A41670D52423BA69C7A65E7E153E7B9994E8DD0370C584BDA0714BD61C49C578
                              SHA-512:B7B7A5A0AA8F6724B0FA15D65F25286D9C66873F03080CBABA037BDEEA6AADC678AC4F083BC52C2DB01BEB1B41A755ED67BBDDB9C0FE4E35A004537A3F7FC458
                              Malicious:false
                              Reputation:unknown
                              Preview:{"createnew":{"message":"SORTU"},"explanationofflinedisabled":{"message":"Ez zaude konektatuta Internetera. Google Dokumentuak konexiorik gabe erabiltzeko, joan Google Dokumentuak zerbitzuaren orri nagusiko ezarpenetara eta aktibatu konexiorik gabeko sinkronizazioa Internetera konektatzen zaren hurrengoan."},"explanationofflineenabled":{"message":"Ez zaude konektatuta Internetera, baina erabilgarri dauden fitxategiak edita ditzakezu, baita beste batzuk sortu ere."},"extdesc":{"message":"Editatu, sortu eta ikusi dokumentuak, kalkulu-orriak eta aurkezpenak Interneteko konexiorik gabe."},"extname":{"message":"Google Dokumentuak konexiorik gabe"},"learnmore":{"message":"Lortu informazio gehiago"},"popuphelptext":{"message":"Edonon zaudela ere, ez duzu zertan konektatuta egon idatzi, editatu eta lankidetzan jardun ahal izateko."}}.

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\fa\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):1305
                              Entropy (8bit):4.673517697192589
                              Encrypted:false
                              SSDEEP:
                              MD5:097F3BA8DE41A0AAF436C783DCFE7EF3
                              SHA1:986B8CABD794E08C7AD41F0F35C93E4824AC84DF
                              SHA-256:7C4C09D19AC4DA30CC0F7F521825F44C4DFBC19482A127FBFB2B74B3468F48F1
                              SHA-512:8114EA7422E3B20AE3F08A3A64A6FFE1517A7579A3243919B8F789EB52C68D6F5A591F7B4D16CEE4BD337FF4DAF4057D81695732E5F7D9E761D04F859359FADB
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": "..... ... ....".. },.. "explanationofflinedisabled": {.. "message": "...... ...... .... ....... .. ....... Google .... ..... ........ .... ... .. .. ....... ... ..... .. ....... .. .... .... ....... Google ..... . .......... ...... .. .... .....".. },.. "explanationofflineenabled": {.. "message": "...... ..... ... ...... ......... ......... .. .. .. ..... ..... ...... .... .. ........ ..... ..... .....".. },.. "extdesc": {.. "message": "...... ............ . ........ .. ....... ..... . ...... .... . ... ... ..... .... ...... .. ........".. },.. "extname": {.. "message": "....... Google .

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\fi\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):911
                              Entropy (8bit):4.6294343834070935
                              Encrypted:false
                              SSDEEP:
                              MD5:B38CBD6C2C5BFAA6EE252D573A0B12A1
                              SHA1:2E490D5A4942D2455C3E751F96BD9960F93C4B60
                              SHA-256:2D752A5DBE80E34EA9A18C958B4C754F3BC10D63279484E4DF5880B8FD1894D2
                              SHA-512:6E65207F4D8212736059CC802C6A7104E71A9CC0935E07BD13D17EC46EA26D10BC87AD923CD84D78781E4F93231A11CB9ED8D3558877B6B0D52C07CB005F1C0C
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": "LUO UUSI".. },.. "explanationofflinedisabled": {.. "message": "Olet offline-tilassa. Jos haluat k.ytt.. Google Docsia ilman internetyhteytt., siirry Google Docsin etusivulle ja ota asetuksissa k.ytt..n offline-synkronointi, kun seuraavan kerran olet yhteydess. internetiin.".. },.. "explanationofflineenabled": {.. "message": "Olet offline-tilassa. Voit kuitenkin muokata k.ytett.viss. olevia tiedostoja tai luoda uusia.".. },.. "extdesc": {.. "message": "Muokkaa, luo ja katso dokumentteja, laskentataulukoita ja esityksi. ilman internetyhteytt..".. },.. "extname": {.. "message": "Google Docsin offline-tila".. },.. "learnmore": {.. "message": "Lis.tietoja".. },.. "popuphelptext": {.. "message": "Kirjoita, muokkaa ja tee yhteisty.t. paikasta riippumatta, my.s ilman internetyhteytt..".. }..}..

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\fil\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):939
                              Entropy (8bit):4.451724169062555
                              Encrypted:false
                              SSDEEP:
                              MD5:FCEA43D62605860FFF41BE26BAD80169
                              SHA1:F25C2CE893D65666CC46EA267E3D1AA080A25F5B
                              SHA-256:F51EEB7AAF5F2103C1043D520E5A4DE0FA75E4DC375E23A2C2C4AFD4D9293A72
                              SHA-512:F66F113A26E5BCF54B9AAFA69DAE3C02C9C59BD5B9A05F829C92AF208C06DC8CCC7A1875CBB7B7CE425899E4BA27BFE8CE2CDAF43A00A1B9F95149E855989EE0
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": "GUMAWA NG BAGO".. },.. "explanationofflinedisabled": {.. "message": "Naka-offline ka. Upang magamit ang Google Docs nang walang koneksyon sa internet, pumunta sa mga setting sa homepage ng Google Docs at i-on ang offline na pag-sync sa susunod na nakakonekta ka sa internet.".. },.. "explanationofflineenabled": {.. "message": "Naka-offline ka, ngunit maaari mo pa ring i-edit ang mga available na file o gumawa ng mga bago.".. },.. "extdesc": {.. "message": "I-edit, gawin, at tingnan ang iyong mga dokumento, spreadsheet, at presentation . lahat ng ito nang walang access sa internet.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Matuto Pa".. },.. "popuphelptext": {.. "message": "Magsulat, mag-edit at makipag-collaborate nasaan ka man, nang mayroon o walang koneksyon sa internet.".. }..}..

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\fr\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):977
                              Entropy (8bit):4.622066056638277
                              Encrypted:false
                              SSDEEP:
                              MD5:A58C0EEBD5DC6BB5D91DAF923BD3A2AA
                              SHA1:F169870EEED333363950D0BCD5A46D712231E2AE
                              SHA-256:0518287950A8B010FFC8D52554EB82E5D93B6C3571823B7CECA898906C11ABCC
                              SHA-512:B04AFD61DE490BC838354E8DC6C22BE5C7AC6E55386FFF78489031ACBE2DBF1EAA2652366F7A1E62CE87CFCCB75576DA3B2645FEA1645B0ECEB38B1FA3A409E8
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": "CR.ER".. },.. "explanationofflinedisabled": {.. "message": "Vous .tes hors connexion. Pour pouvoir utiliser Google.Docs sans connexion Internet, acc.dez aux param.tres de la page d'accueil de Google.Docs et activez la synchronisation hors connexion lors de votre prochaine connexion . Internet.".. },.. "explanationofflineenabled": {.. "message": "Vous .tes hors connexion, mais vous pouvez quand m.me modifier les fichiers disponibles ou cr.er des fichiers.".. },.. "extdesc": {.. "message": "Modifiez, cr.ez et consultez des documents, feuilles de calcul et pr.sentations, sans acc.s . Internet.".. },.. "extname": {.. "message": "Google.Docs hors connexion".. },.. "learnmore": {.. "message": "En savoir plus".. },.. "popuphelptext": {.. "message": "R.digez des documents, modifiez-les et collaborez o. que vous soyez, avec ou sans connexion Internet.".. }..}..

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\fr_CA\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):972
                              Entropy (8bit):4.621319511196614
                              Encrypted:false
                              SSDEEP:
                              MD5:6CAC04BDCC09034981B4AB567B00C296
                              SHA1:84F4D0E89E30ED7B7ACD7644E4867FFDB346D2A5
                              SHA-256:4CAA46656ECC46A420AA98D3307731E84F5AC1A89111D2E808A228C436D83834
                              SHA-512:160590B6EC3DCF48F3EA7A5BAA11A8F6FA4131059469623E00AD273606B468B3A6E56D199E97DAA0ECB6C526260EBAE008570223F2822811F441D1C900DC33D6
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": "CR.ER".. },.. "explanationofflinedisabled": {.. "message": "Vous .tes hors connexion. Pour utiliser Google.Documents sans connexion Internet, acc.dez aux param.tres sur la page d'accueil Google.Documents et activez la synchronisation hors ligne la prochaine fois que vous .tes connect. . Internet.".. },.. "explanationofflineenabled": {.. "message": "Vous .tes hors connexion, mais vous pouvez toujours modifier les fichiers disponibles ou en cr.er.".. },.. "extdesc": {.. "message": "Modifiez, cr.ez et consultez vos documents, vos feuilles de calcul et vos pr.sentations, le tout sans acc.s . Internet.".. },.. "extname": {.. "message": "Google.Documents hors connexion".. },.. "learnmore": {.. "message": "En savoir plus".. },.. "popuphelptext": {.. "message": ".crivez, modifiez et collaborez o. que vous soyez, avec ou sans connexion Internet.".. }..}..

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\gl\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):990
                              Entropy (8bit):4.497202347098541
                              Encrypted:false
                              SSDEEP:
                              MD5:6BAAFEE2F718BEFBC7CD58A04CCC6C92
                              SHA1:CE0BDDDA2FA1F0AD222B604C13FF116CBB6D02CF
                              SHA-256:0CF098DFE5BBB46FC0132B3CF0C54B06B4D2C8390D847EE2A65D20F9B7480F4C
                              SHA-512:3DA23E74CD6CF9C0E2A0C4DBA60301281D362FB0A2A908F39A55ABDCA4CC69AD55638C63CC3BEFD44DC032F9CBB9E2FDC1B4C4ABE292917DF8272BA25B82AF20
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": "CREAR NOVO".. },.. "explanationofflinedisabled": {.. "message": "Est.s sen conexi.n. Para utilizar Documentos de Google sen conexi.n a Internet, accede .s opci.ns de configuraci.n na p.xina de inicio de Documentos de Google e activa a sincronizaci.n sen conexi.n a pr.xima vez que esteas conectado a Internet.".. },.. "explanationofflineenabled": {.. "message": "Est.s sen conexi.n. A.nda podes editar os ficheiros dispo.ibles ou crear outros novos.".. },.. "extdesc": {.. "message": "Modifica, crea e consulta os teus documentos, follas de c.lculo e presentaci.ns sen necesidade de acceder a Internet.".. },.. "extname": {.. "message": "Documentos de Google sen conexi.n".. },.. "learnmore": {.. "message": "M.is informaci.n".. },.. "popuphelptext": {.. "message": "Escribe, edita e colabora esteas onde esteas, tanto se tes conexi.n a Internet como se non a tes.".. }..}..

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\gu\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):1658
                              Entropy (8bit):4.294833932445159
                              Encrypted:false
                              SSDEEP:
                              MD5:BC7E1D09028B085B74CB4E04D8A90814
                              SHA1:E28B2919F000B41B41209E56B7BF3A4448456CFE
                              SHA-256:FE8218DF25DB54E633927C4A1640B1A41B8E6CB3360FA386B5382F833B0B237C
                              SHA-512:040A8267D67DB05BBAA52F1FAC3460F58D35C5B73AA76BBF17FA78ACC6D3BFB796A870DD44638F9AC3967E35217578A20D6F0B975CEEEEDBADFC9F65BE7E72C9
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": ".... .....".. },.. "explanationofflinedisabled": {.. "message": "... ...... ... ........ ....... ... Google .......... ..... .... ...., ... .... .... ...... ........ .... ...... ... ...... Google ........ ...... .. ........ .. ... ... ...... ....... .... ....".. },.. "explanationofflineenabled": {.. "message": "... ...... .., ..... ... ... .. ...... ..... ....... ... ... .. .... ... ..... ... ...".. },.. "extdesc": {.. "message": "..... ........., ..

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\hi\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):1672
                              Entropy (8bit):4.314484457325167
                              Encrypted:false
                              SSDEEP:
                              MD5:98A7FC3E2E05AFFFC1CFE4A029F47476
                              SHA1:A17E077D6E6BA1D8A90C1F3FAF25D37B0FF5A6AD
                              SHA-256:D2D1AFA224CDA388FF1DC8FAC24CDA228D7CE09DE5D375947D7207FA4A6C4F8D
                              SHA-512:457E295C760ABFD29FC6BBBB7FC7D4959287BCA7FB0E3E99EB834087D17EED331DEF18138838D35C48C6DDC8A0134AFFFF1A5A24033F9B5607B355D3D48FDF88
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": "... .....".. },.. "explanationofflinedisabled": {.. "message": ".. ...... .... ....... ....... .. .... Google ........ .. ..... .... .. ..., .... ... ....... .. ...... .... .. Google ........ .. ........ .. ...... ... .... .. ...... ....... .... .....".. },.. "explanationofflineenabled": {.. "message": ".. ...... ..., ..... .. .. .. ...... ...... ..... .. .... ... .. .. ...... ... .... ....".. },.. "extdesc": {.. "message": ".... .... ....... ...... ..

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\hr\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):935
                              Entropy (8bit):4.6369398601609735
                              Encrypted:false
                              SSDEEP:
                              MD5:25CDFF9D60C5FC4740A48EF9804BF5C7
                              SHA1:4FADECC52FB43AEC084DF9FF86D2D465FBEBCDC0
                              SHA-256:73E6E246CEEAB9875625CD4889FBF931F93B7B9DEAA11288AE1A0F8A6E311E76
                              SHA-512:EF00B08496427FEB5A6B9FB3FE2E5404525BE7C329D9DD2A417480637FD91885837D134A26980DCF9F61E463E6CB68F09A24402805807E656AF16B116A75E02C
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": "IZRADI NOVI".. },.. "explanationofflinedisabled": {.. "message": "Vi ste izvan mre.e. Da biste koristili Google dokumente bez internetske veze, idite na postavke na po.etnoj stranici Google dokumenata i uklju.ite izvanmre.nu sinkronizaciju sljede.i put kada se pove.ete s internetom.".. },.. "explanationofflineenabled": {.. "message": "Vi ste izvan mre.e, no i dalje mo.ete ure.ivati dostupne datoteke i izra.ivati nove.".. },.. "extdesc": {.. "message": "Uredite, izradite i pregledajte dokumente, prora.unske tablice i prezentacije . sve bez pristupa internetu.".. },.. "extname": {.. "message": "Google dokumenti izvanmre.no".. },.. "learnmore": {.. "message": "Saznajte vi.e".. },.. "popuphelptext": {.. "message": "Pi.ite, ure.ujte i sura.ujte gdje god se nalazili, povezani s internetom ili izvanmre.no.".. }..}..

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\hu\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):1065
                              Entropy (8bit):4.816501737523951
                              Encrypted:false
                              SSDEEP:
                              MD5:8930A51E3ACE3DD897C9E61A2AEA1D02
                              SHA1:4108506500C68C054BA03310C49FA5B8EE246EA4
                              SHA-256:958C0F664FCA20855FA84293566B2DDB7F297185619143457D6479E6AC81D240
                              SHA-512:126B80CD3428C0BC459EEAAFCBE4B9FDE2541A57F19F3EC7346BAF449F36DC073A9CF015594A57203255941551B25F6FAA6D2C73C57C44725F563883FF902606
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": ".J L.TREHOZ.SA".. },.. "explanationofflinedisabled": {.. "message": "Jelenleg offline .llapotban van. Ha a Google Dokumentumokat internetkapcsolat n.lk.l szeretn. haszn.lni, a legk.zelebbi internethaszn.lata sor.n nyissa meg a Google Dokumentumok kezd.oldal.n tal.lhat. be.ll.t.sokat, .s tiltsa le az offline szinkroniz.l.s be.ll.t.st.".. },.. "explanationofflineenabled": {.. "message": "Offline .llapotban van, de az el.rhet. f.jlokat .gy is szerkesztheti, valamint l.trehozhat .jakat.".. },.. "extdesc": {.. "message": "Szerkesszen, hozzon l.tre .s tekintsen meg dokumentumokat, t.bl.zatokat .s prezent.ci.kat . ak.r internetkapcsolat n.lk.l is.".. },.. "extname": {.. "message": "Google Dokumentumok Offline".. },.. "learnmore": {.. "message": "Tov.bbi inform.ci.".. },.. "popuphelptext": {.. "message": ".rjon, szerkesszen .s dolgozzon egy.tt m.sokkal

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\hy\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):2771
                              Entropy (8bit):3.7629875118570055
                              Encrypted:false
                              SSDEEP:
                              MD5:55DE859AD778E0AA9D950EF505B29DA9
                              SHA1:4479BE637A50C9EE8A2F7690AD362A6A8FFC59B2
                              SHA-256:0B16E3F8BD904A767284345AE86A0A9927C47AFE89E05EA2B13AD80009BDF9E4
                              SHA-512:EDAB2FCC14CABB6D116E9C2907B42CFBC34F1D9035F43E454F1F4D1F3774C100CBADF6B4C81B025810ED90FA91C22F1AEFE83056E4543D92527E4FE81C7889A8
                              Malicious:false
                              Reputation:unknown
                              Preview:{"createnew":{"message":"\u054d\u054f\u0535\u0542\u053e\u0535\u053c \u0546\u0548\u0550"},"explanationofflinedisabled":{"message":"Google \u0553\u0561\u057d\u057f\u0561\u0569\u0572\u0569\u0565\u0580\u0568 \u0576\u0561\u0587 \u0561\u0576\u0581\u0561\u0576\u0581 \u057c\u0565\u056a\u056b\u0574\u0578\u0582\u0574 \u0585\u0563\u057f\u0561\u0563\u0578\u0580\u056e\u0565\u056c\u0578\u0582 \u0570\u0561\u0574\u0561\u0580 \u0574\u056b\u0561\u0581\u0565\u0584 \u0570\u0561\u0574\u0561\u0581\u0561\u0576\u0581\u056b\u0576, \u0562\u0561\u0581\u0565\u0584 \u056e\u0561\u057c\u0561\u0575\u0578\u0582\u0569\u0575\u0561\u0576 \u0563\u056c\u056d\u0561\u057e\u0578\u0580 \u0567\u057b\u0568, \u0561\u0576\u0581\u0565\u0584 \u056f\u0561\u0580\u0563\u0561\u057e\u0578\u0580\u0578\u0582\u0574\u0576\u0565\u0580 \u0587 \u0574\u056b\u0561\u0581\u0580\u0565\u0584 \u0561\u0576\u0581\u0561\u0576\u0581 \u0570\u0561\u0574\u0561\u056a\u0561\u0574\u0561\u0581\u0578\u0582\u0574\u0568:"},"explanationofflineenabled":{"message":"\u

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\id\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):858
                              Entropy (8bit):4.474411340525479
                              Encrypted:false
                              SSDEEP:
                              MD5:34D6EE258AF9429465AE6A078C2FB1F5
                              SHA1:612CAE151984449A4346A66C0A0DF4235D64D932
                              SHA-256:E3C86DDD2EFEBE88EED8484765A9868202546149753E03A61EB7C28FD62CFCA1
                              SHA-512:20427807B64A0F79A6349F8A923152D9647DA95C05DE19AD3A4BF7DB817E25227F3B99307C8745DD323A6591B515221BD2F1E92B6F1A1783BDFA7142E84601B1
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": "BUAT BARU".. },.. "explanationofflinedisabled": {.. "message": "Anda sedang offline. Untuk menggunakan Google Dokumen tanpa koneksi internet, buka setelan di beranda Google Dokumen dan aktifkan sinkronisasi offline saat terhubung ke internet.".. },.. "explanationofflineenabled": {.. "message": "Anda sedang offline, namun Anda masih dapat mengedit file yang tersedia atau membuat file baru.".. },.. "extdesc": {.. "message": "Edit, buat, dan lihat dokumen, spreadsheet, dan presentasi . tanpa perlu akses internet.".. },.. "extname": {.. "message": "Google Dokumen Offline".. },.. "learnmore": {.. "message": "Pelajari Lebih Lanjut".. },.. "popuphelptext": {.. "message": "Tulis, edit, dan gabungkan di mana saja, dengan atau tanpa koneksi internet.".. }..}..

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\is\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):954
                              Entropy (8bit):4.631887382471946
                              Encrypted:false
                              SSDEEP:
                              MD5:1F565FB1C549B18AF8BBFED8DECD5D94
                              SHA1:B57F4BDAE06FF3DFC1EB3E56B6F2F204D6F63638
                              SHA-256:E16325D1A641EF7421F2BAFCD6433D53543C89D498DD96419B03CBA60B9C7D60
                              SHA-512:A60B8E042A9BCDCC136B87948E9924A0B24D67C6CA9803904B876F162A0AD82B9619F1316BE9FF107DD143B44F7E6F5DF604ABFE00818DEB40A7D62917CDA69F
                              Malicious:false
                              Reputation:unknown
                              Preview:{"createnew":{"message":"B\u00daA TIL N\u00ddTT"},"explanationofflinedisabled":{"message":"\u00de\u00fa ert \u00e1n nettengingar. Til a\u00f0 nota Google skj\u00f6l \u00e1n nettengingar skaltu opna stillingarnar \u00e1 heimas\u00ed\u00f0u Google skjala og virkja samstillingu \u00e1n nettengingar n\u00e6st \u00feegar \u00fe\u00fa tengist netinu."},"explanationofflineenabled":{"message":"Engin nettenging. \u00de\u00fa getur samt sem \u00e1\u00f0ur breytt tilt\u00e6kum skr\u00e1m e\u00f0a b\u00fai\u00f0 til n\u00fdjar."},"extdesc":{"message":"Breyttu, b\u00fa\u00f0u til og sko\u00f0a\u00f0u skj\u00f6lin \u00fe\u00edn, t\u00f6flureikna og kynningar \u2014 allt \u00e1n nettengingar."},"extname":{"message":"Google skj\u00f6l \u00e1n nettengingar"},"learnmore":{"message":"Frekari uppl\u00fdsingar"},"popuphelptext":{"message":"Skrifa\u00f0u, breyttu og starfa\u00f0u me\u00f0 \u00f6\u00f0rum hvort sem nettenging er til sta\u00f0ar e\u00f0a ekki."}}.

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\it\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):899
                              Entropy (8bit):4.474743599345443
                              Encrypted:false
                              SSDEEP:
                              MD5:0D82B734EF045D5FE7AA680B6A12E711
                              SHA1:BD04F181E4EE09F02CD53161DCABCEF902423092
                              SHA-256:F41862665B13C0B4C4F562EF1743684CCE29D4BCF7FE3EA494208DF253E33885
                              SHA-512:01F305A280112482884485085494E871C66D40C0B03DE710B4E5F49C6A478D541C2C1FDA2CEAF4307900485946DEE9D905851E98A2EB237642C80D464D1B3ADA
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": "CREA NUOVO".. },.. "explanationofflinedisabled": {.. "message": "Sei offline. Per utilizzare Documenti Google senza una connessione Internet, apri le impostazioni nella home page di Documenti Google e attiva la sincronizzazione offline la prossima volta che ti colleghi a Internet.".. },.. "explanationofflineenabled": {.. "message": "Sei offline, ma puoi comunque modificare i file disponibili o crearne di nuovi.".. },.. "extdesc": {.. "message": "Modifica, crea e visualizza documenti, fogli di lavoro e presentazioni, senza accesso a Internet.".. },.. "extname": {.. "message": "Documenti Google offline".. },.. "learnmore": {.. "message": "Ulteriori informazioni".. },.. "popuphelptext": {.. "message": "Scrivi, modifica e collabora ovunque ti trovi, con o senza una connessione Internet.".. }..}..

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\iw\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):2230
                              Entropy (8bit):3.8239097369647634
                              Encrypted:false
                              SSDEEP:
                              MD5:26B1533C0852EE4661EC1A27BD87D6BF
                              SHA1:18234E3ABAF702DF9330552780C2F33B83A1188A
                              SHA-256:BBB81C32F482BA3216C9B1189C70CEF39CA8C2181AF3538FFA07B4C6AD52F06A
                              SHA-512:450BFAF0E8159A4FAE309737EA69CA8DD91CAAFD27EF662087C4E7716B2DCAD3172555898E75814D6F11487F4F254DE8625EF0CFEA8DF0133FC49E18EC7FD5D2
                              Malicious:false
                              Reputation:unknown
                              Preview:{"createnew":{"message":"\u05d9\u05e6\u05d9\u05e8\u05ea \u05d7\u05d3\u05e9"},"explanationofflinedisabled":{"message":"\u05d0\u05d9\u05df \u05dc\u05da \u05d7\u05d9\u05d1\u05d5\u05e8 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e8\u05e0\u05d8. \u05db\u05d3\u05d9 \u05dc\u05d4\u05e9\u05ea\u05de\u05e9 \u05d1-Google Docs \u05dc\u05dc\u05d0 \u05d7\u05d9\u05d1\u05d5\u05e8 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e8\u05e0\u05d8, \u05d1\u05d4\u05ea\u05d7\u05d1\u05e8\u05d5\u05ea \u05d4\u05d1\u05d0\u05d4 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e8\u05e0\u05d8, \u05d9\u05e9 \u05dc\u05e2\u05d1\u05d5\u05e8 \u05dc\u05e7\u05d8\u05e2 \u05d4\u05d4\u05d2\u05d3\u05e8\u05d5\u05ea \u05d1\u05d3\u05e3 \u05d4\u05d1\u05d9\u05ea \u05e9\u05dc Google Docs \u05d5\u05dc\u05d4\u05e4\u05e2\u05d9\u05dc \u05e1\u05e0\u05db\u05e8\u05d5\u05df \u05d1\u05de\u05e6\u05d1 \u05d0\u05d5\u05e4\u05dc\u05d9\u05d9\u05df."},"explanationofflineenabled":{"message":"\u05d0\u05d9\u05df \u05dc\u05da \u05d7\u05d9\u05d1\u05d5\u05e8 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\ja\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):1160
                              Entropy (8bit):5.292894989863142
                              Encrypted:false
                              SSDEEP:
                              MD5:15EC1963FC113D4AD6E7E59AE5DE7C0A
                              SHA1:4017FC6D8B302335469091B91D063B07C9E12109
                              SHA-256:34AC08F3C4F2D42962A3395508818B48CA323D22F498738CC9F09E78CB197D73
                              SHA-512:427251F471FA3B759CA1555E9600C10F755BC023701D058FF661BEC605B6AB94CFB3456C1FEA68D12B4D815FFBAFABCEB6C12311DD1199FC783ED6863AF97C0F
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": "....".. },.. "explanationofflinedisabled": {.. "message": "....................... Google ............................... Google .............. [..] .......[.......] ...........".. },.. "explanationofflineenabled": {.. "message": ".............................................".. },.. "extdesc": {.. "message": ".........................................................".. },.. "extname": {.. "message": "Google ..... ......".. },.. "learnmore": {.. "message": "..".. },.. "popuphelp

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\ka\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):3264
                              Entropy (8bit):3.586016059431306
                              Encrypted:false
                              SSDEEP:
                              MD5:83F81D30913DC4344573D7A58BD20D85
                              SHA1:5AD0E91EA18045232A8F9DF1627007FE506A70E0
                              SHA-256:30898BBF51BDD58DB397FF780F061E33431A38EF5CFC288B5177ECF76B399F26
                              SHA-512:85F97F12AD4482B5D9A6166BB2AE3C4458A582CF575190C71C1D8E0FB87C58482F8C0EFEAD56E3A70EDD42BED945816DB5E07732AD27B8FFC93F4093710DD58F
                              Malicious:false
                              Reputation:unknown
                              Preview:{"createnew":{"message":"\u10d0\u10ee\u10da\u10d8\u10e1 \u10e8\u10d4\u10e5\u10db\u10dc\u10d0"},"explanationofflinedisabled":{"message":"\u10d7\u10e5\u10d5\u10d4\u10dc \u10ee\u10d0\u10d6\u10d2\u10d0\u10e0\u10d4\u10e8\u10d4 \u10ee\u10d0\u10e0\u10d7. Google Docs-\u10d8\u10e1 \u10d8\u10dc\u10e2\u10d4\u10e0\u10dc\u10d4\u10e2\u10d7\u10d0\u10dc \u10d9\u10d0\u10d5\u10e8\u10d8\u10e0\u10d8\u10e1 \u10d2\u10d0\u10e0\u10d4\u10e8\u10d4 \u10d2\u10d0\u10db\u10dd\u10e1\u10d0\u10e7\u10d4\u10dc\u10d4\u10d1\u10da\u10d0\u10d3 \u10d2\u10d0\u10d3\u10d0\u10d3\u10d8\u10d7 \u10de\u10d0\u10e0\u10d0\u10db\u10d4\u10e2\u10e0\u10d4\u10d1\u10d6\u10d4 Google Docs-\u10d8\u10e1 \u10db\u10d7\u10d0\u10d5\u10d0\u10e0 \u10d2\u10d5\u10d4\u10e0\u10d3\u10d6\u10d4 \u10d3\u10d0 \u10e9\u10d0\u10e0\u10d7\u10d4\u10d7 \u10ee\u10d0\u10d6\u10d2\u10d0\u10e0\u10d4\u10e8\u10d4 \u10e1\u10d8\u10dc\u10e5\u10e0\u10dd\u10dc\u10d8\u10d6\u10d0\u10ea\u10d8\u10d0, \u10e0\u10dd\u10d3\u10d4\u10e1\u10d0\u10ea \u10e8\u10d4\u10db\u10d3\u10d2\u10dd\u10

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\kk\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):3235
                              Entropy (8bit):3.6081439490236464
                              Encrypted:false
                              SSDEEP:
                              MD5:2D94A58795F7B1E6E43C9656A147AD3C
                              SHA1:E377DB505C6924B6BFC9D73DC7C02610062F674E
                              SHA-256:548DC6C96E31A16CE355DC55C64833B08EF3FBA8BF33149031B4A685959E3AF4
                              SHA-512:F51CC857E4CF2D4545C76A2DCE7D837381CE59016E250319BF8D39718BE79F9F6EE74EA5A56DE0E8759E4E586D93430D51651FC902376D8A5698628E54A0F2D8
                              Malicious:false
                              Reputation:unknown
                              Preview:{"createnew":{"message":"\u0416\u0410\u04a2\u0410\u0421\u042b\u041d \u0416\u0410\u0421\u0410\u0423"},"explanationofflinedisabled":{"message":"\u0421\u0456\u0437 \u043e\u0444\u043b\u0430\u0439\u043d \u0440\u0435\u0436\u0438\u043c\u0456\u043d\u0434\u0435\u0441\u0456\u0437. Google Docs \u049b\u043e\u043b\u0434\u0430\u043d\u0431\u0430\u0441\u044b\u043d \u0436\u0435\u043b\u0456 \u0431\u0430\u0439\u043b\u0430\u043d\u044b\u0441\u044b\u043d\u0441\u044b\u0437 \u049b\u043e\u043b\u0434\u0430\u043d\u0443 \u04af\u0448\u0456\u043d, \u043a\u0435\u043b\u0435\u0441\u0456 \u0436\u043e\u043b\u044b \u0436\u0435\u043b\u0456\u0433\u0435 \u049b\u043e\u0441\u044b\u043b\u0493\u0430\u043d\u0434\u0430, Google Docs \u043d\u0435\u0433\u0456\u0437\u0433\u0456 \u0431\u0435\u0442\u0456\u043d\u0435\u043d \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043b\u0435\u0440 \u0431\u04e9\u043b\u0456\u043c\u0456\u043d \u043a\u0456\u0440\u0456\u043f, \u043e\u0444\u043b\u0430\u0439\u043d \u0440\u0435\u0436\u0438\u043c\u0456\u

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\km\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):3122
                              Entropy (8bit):3.891443295908904
                              Encrypted:false
                              SSDEEP:
                              MD5:B3699C20A94776A5C2F90AEF6EB0DAD9
                              SHA1:1F9B968B0679A20FA097624C9ABFA2B96C8C0BEA
                              SHA-256:A6118F0A0DE329E07C01F53CD6FB4FED43E54C5F53DB4CD1C7F5B2B4D9FB10E6
                              SHA-512:1E8D15B8BFF1D289434A244172F9ED42B4BB6BCB6372C1F300B01ACEA5A88167E97FEDABA0A7AE3BEB5E24763D1B09046AE8E30745B80E2E2FE785C94DF362F6
                              Malicious:false
                              Reputation:unknown
                              Preview:{"createnew":{"message":"\u1794\u1784\u17d2\u1780\u17be\u178f\u200b\u1790\u17d2\u1798\u17b8"},"explanationofflinedisabled":{"message":"\u17a2\u17d2\u1793\u1780\u200b\u1782\u17d2\u1798\u17b6\u1793\u200b\u17a2\u17ca\u17b8\u1793\u1792\u17ba\u178e\u17b7\u178f\u17d4 \u178a\u17be\u1798\u17d2\u1794\u17b8\u200b\u1794\u17d2\u179a\u17be Google \u17af\u1780\u179f\u17b6\u179a\u200b\u1794\u17b6\u1793\u200b\u200b\u178a\u17c4\u1799\u200b\u200b\u1798\u17b7\u1793\u1798\u17b6\u1793\u200b\u200b\u200b\u17a2\u17ca\u17b8\u1793\u1792\u17ba\u178e\u17b7\u178f \u179f\u17bc\u1798\u200b\u200b\u1791\u17c5\u200b\u1780\u17b6\u1793\u17cb\u200b\u1780\u17b6\u179a\u200b\u1780\u17c6\u178e\u178f\u17cb\u200b\u1793\u17c5\u200b\u179b\u17be\u200b\u1782\u17c1\u17a0\u1791\u17c6\u1796\u17d0\u179a Google \u17af\u1780\u179f\u17b6\u179a \u1793\u17b7\u1784\u200b\u1794\u17be\u1780\u200b\u1780\u17b6\u179a\u1792\u17d2\u179c\u17be\u200b\u179f\u1798\u1780\u17b6\u179b\u1780\u1798\u17d2\u1798\u200b\u200b\u200b\u1782\u17d2\u1798\u17b6\u1793

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\kn\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):1880
                              Entropy (8bit):4.295185867329351
                              Encrypted:false
                              SSDEEP:
                              MD5:8E16966E815C3C274EEB8492B1EA6648
                              SHA1:7482ED9F1C9FD9F6F9BA91AB15921B19F64C9687
                              SHA-256:418FF53FCA505D54268413C796E4DF80E947A09F399AB222A90B81E93113D5B5
                              SHA-512:85B28202E874B1CF45B37BA05B87B3D8D6FE38E89C6011C4240CF6B563EA6DA60181D712CCE20D07C364F4A266A4EC90C4934CC8B7BB2013CB3B22D755796E38
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": "........ .....".. },.. "explanationofflinedisabled": {.. "message": ".... ..................... ......... ............. Google ...... ....., Google ...... ............ ............... .... ..... ...... .... .... ............ ............. ........ ..... ... .....".. },.. "explanationofflineenabled": {.. "message": ".... ...................., .... .... .... ......... ........... ............ .... ........ .........."..

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\ko\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):1042
                              Entropy (8bit):5.3945675025513955
                              Encrypted:false
                              SSDEEP:
                              MD5:F3E59EEEB007144EA26306C20E04C292
                              SHA1:83E7BDFA1F18F4C7534208493C3FF6B1F2F57D90
                              SHA-256:C52D9B955D229373725A6E713334BBB31EA72EFA9B5CF4FBD76A566417B12CAC
                              SHA-512:7808CB5FF041B002CBD78171EC5A0B4DBA3E017E21F7E8039084C2790F395B839BEE04AD6C942EED47CCB53E90F6DE818A725D1450BF81BA2990154AFD3763AF
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": ".. ...".. },.. "explanationofflinedisabled": {.. "message": ".... ...... ... .. .. Google Docs. ..... Google Docs .... .... .... .... .... ..... . .... .... ..... ......".. },.. "explanationofflineenabled": {.. "message": ".... ...... ... .. ... ... ..... ... ... .. . .....".. },.. "extdesc": {.. "message": ".... .... ... .., ...... . ....... .., .., ......".. },.. "extname": {.. "message": "Google Docs ....".. },.. "learnmore": {.. "message": "... ....".. },.. "popuphelptext": {.. "message": "... .. ... .... ..... .... .... .....

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\lo\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):2535
                              Entropy (8bit):3.8479764584971368
                              Encrypted:false
                              SSDEEP:
                              MD5:E20D6C27840B406555E2F5091B118FC5
                              SHA1:0DCECC1A58CEB4936E255A64A2830956BFA6EC14
                              SHA-256:89082FB05229826BC222F5D22C158235F025F0E6DF67FF135A18BD899E13BB8F
                              SHA-512:AD53FC0B153005F47F9F4344DF6C4804049FAC94932D895FD02EEBE75222CFE77EEDD9CD3FDC4C88376D18C5972055B00190507AA896488499D64E884F84F093
                              Malicious:false
                              Reputation:unknown
                              Preview:{"createnew":{"message":"\u0eaa\u0ec9\u0eb2\u0e87\u0ec3\u0edd\u0ec8"},"explanationofflinedisabled":{"message":"\u0e97\u0ec8\u0eb2\u0e99\u0ead\u0ead\u0e9a\u0ea5\u0eb2\u0e8d\u0ea2\u0eb9\u0ec8. \u0ec0\u0e9e\u0eb7\u0ec8\u0ead\u0ec3\u0e8a\u0ec9 Google Docs \u0ec2\u0e94\u0e8d\u0e9a\u0ecd\u0ec8\u0ec0\u0e8a\u0eb7\u0ec8\u0ead\u0ea1\u0e95\u0ecd\u0ec8\u0ead\u0eb4\u0e99\u0ec0\u0e95\u0eb5\u0ec0\u0e99\u0eb1\u0e94, \u0ec3\u0eab\u0ec9\u0ec4\u0e9b\u0e97\u0eb5\u0ec8\u0e81\u0eb2\u0e99\u0e95\u0eb1\u0ec9\u0e87\u0e84\u0ec8\u0eb2\u0ec3\u0e99\u0edc\u0ec9\u0eb2 Google Docs \u0ec1\u0ea5\u0ec9\u0ea7\u0ec0\u0e9b\u0eb5\u0e94\u0ec3\u0e8a\u0ec9\u0e81\u0eb2\u0e99\u0e8a\u0eb4\u0ec9\u0e87\u0ec1\u0e9a\u0e9a\u0ead\u0ead\u0e9a\u0ea5\u0eb2\u0e8d\u0ec3\u0e99\u0ec0\u0e97\u0eb7\u0ec8\u0ead\u0e95\u0ecd\u0ec8\u0ec4\u0e9b\u0e97\u0eb5\u0ec8\u0e97\u0ec8\u0eb2\u0e99\u0ec0\u0e8a\u0eb7\u0ec8\u0ead\u0ea1\u0e95\u0ecd\u0ec8\u0ead\u0eb4\u0e99\u0ec0\u0e95\u0eb5\u0ec0\u0e99\u0eb1\u0e94."},"explanationofflineenabled":{"message":"\u0e97\u0ec

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\lt\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):1028
                              Entropy (8bit):4.797571191712988
                              Encrypted:false
                              SSDEEP:
                              MD5:970544AB4622701FFDF66DC556847652
                              SHA1:14BEE2B77EE74C5E38EBD1DB09E8D8104CF75317
                              SHA-256:5DFCBD4DFEAEC3ABE973A78277D3BD02CD77AE635D5C8CD1F816446C61808F59
                              SHA-512:CC12D00C10B970189E90D47390EEB142359A8D6F3A9174C2EF3AE0118F09C88AB9B689D9773028834839A7DFAF3AAC6747BC1DCB23794A9F067281E20B8DC6EA
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": "SUKURTI NAUJ.".. },.. "explanationofflinedisabled": {.. "message": "Esate neprisijung.. Jei norite naudoti .Google. dokumentus be interneto ry.io, pagrindiniame .Google. dokument. puslapyje eikite . nustatym. skilt. ir .junkite sinchronizavim. neprisijungus, kai kit. kart. b.site prisijung. prie interneto.".. },.. "explanationofflineenabled": {.. "message": "Esate neprisijung., bet vis tiek galite redaguoti pasiekiamus failus arba sukurti nauj..".. },.. "extdesc": {.. "message": "Redaguokite, kurkite ir per.i.r.kite savo dokumentus, skai.iuokles ir pristatymus . visk. darykite be prieigos prie interneto.".. },.. "extname": {.. "message": ".Google. dokumentai neprisijungus".. },.. "learnmore": {.. "message": "Su.inoti daugiau".. },.. "popuphelptext": {.. "message": "Ra.ykite, redaguokite ir bendradarbiaukite bet kurioje vietoje naudodami interneto ry.. arba

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\lv\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):994
                              Entropy (8bit):4.700308832360794
                              Encrypted:false
                              SSDEEP:
                              MD5:A568A58817375590007D1B8ABCAEBF82
                              SHA1:B0F51FE6927BB4975FC6EDA7D8A631BF0C1AB597
                              SHA-256:0621DE9161748F45D53052ED8A430962139D7F19074C7FFE7223ECB06B0B87DB
                              SHA-512:FCFBADEC9F73975301AB404DB6B09D31457FAC7CCAD2FA5BE348E1CAD6800F87CB5B56DE50880C55BBADB3C40423351A6B5C2D03F6A327D898E35F517B1C628C
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": "IZVEIDOT JAUNU".. },.. "explanationofflinedisabled": {.. "message": "J.s esat bezsaist.. Lai lietotu pakalpojumu Google dokumenti bez interneta savienojuma, n.kamaj. reiz., kad ir izveidots savienojums ar internetu, atveriet Google dokumentu s.kumlapas iestat.jumu izv.lni un iesl.dziet sinhroniz.ciju bezsaist..".. },.. "explanationofflineenabled": {.. "message": "J.s esat bezsaist., ta.u varat redi..t pieejamos failus un izveidot jaunus.".. },.. "extdesc": {.. "message": "Redi..jiet, veidojiet un skatiet savus dokumentus, izkl.jlapas un prezent.cijas, neizmantojot savienojumu ar internetu.".. },.. "extname": {.. "message": "Google dokumenti bezsaist.".. },.. "learnmore": {.. "message": "Uzziniet vair.k".. },.. "popuphelptext": {.. "message": "Rakstiet, redi..jiet un sadarbojieties ar interneta savienojumu vai bez t. neatkar.gi no t., kur atrodaties.".. }..}..

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\ml\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):2091
                              Entropy (8bit):4.358252286391144
                              Encrypted:false
                              SSDEEP:
                              MD5:4717EFE4651F94EFF6ACB6653E868D1A
                              SHA1:B8A7703152767FBE1819808876D09D9CC1C44450
                              SHA-256:22CA9415E294D9C3EC3384B9D08CDAF5164AF73B4E4C251559E09E529C843EA6
                              SHA-512:487EAB4938F6BC47B1D77DD47A5E2A389B94E01D29849E38E96C95CABC7BD98679451F0E22D3FEA25C045558CD69FDDB6C4FEF7C581141F1C53C4AA17578D7F7
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": "....... ............".. },.. "explanationofflinedisabled": {.. "message": "...... ........... ........... ............. ..... Google ....... ..........., Google ....... .......... ............. .... ...... ...... ... ............... .................... '.......... ................' .........".. },.. "explanationofflineenabled": {.. "message": "................., .......... ......... ....... ...... ..............

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\mn\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):2778
                              Entropy (8bit):3.595196082412897
                              Encrypted:false
                              SSDEEP:
                              MD5:83E7A14B7FC60D4C66BF313C8A2BEF0B
                              SHA1:1CCF1D79CDED5D65439266DB58480089CC110B18
                              SHA-256:613D8751F6CC9D3FA319F4B7EA8B2BD3BED37FD077482CA825929DD7C12A69A8
                              SHA-512:3742E24FFC4B5283E6EE496813C1BDC6835630D006E8647D427C3DE8B8E7BF814201ADF9A27BFAB3ABD130B6FEC64EBB102AC0EB8DEDFE7B63D82D3E1233305D
                              Malicious:false
                              Reputation:unknown
                              Preview:{"createnew":{"message":"\u0428\u0418\u041d\u0418\u0419\u0413 \u04ae\u04ae\u0421\u0413\u042d\u0425"},"explanationofflinedisabled":{"message":"\u0422\u0430 \u043e\u0444\u043b\u0430\u0439\u043d \u0431\u0430\u0439\u043d\u0430. Google \u0414\u043e\u043a\u044b\u0433 \u0438\u043d\u0442\u0435\u0440\u043d\u044d\u0442\u0433\u04af\u0439\u0433\u044d\u044d\u0440 \u0430\u0448\u0438\u0433\u043b\u0430\u0445\u044b\u043d \u0442\u0443\u043b\u0434 \u0434\u0430\u0440\u0430\u0430\u0433\u0438\u0439\u043d \u0443\u0434\u0430\u0430 \u0438\u043d\u0442\u0435\u0440\u043d\u044d\u0442\u044d\u0434 \u0445\u043e\u043b\u0431\u043e\u0433\u0434\u043e\u0445\u0434\u043e\u043e Google \u0414\u043e\u043a\u044b\u043d \u043d\u04af\u04af\u0440 \u0445\u0443\u0443\u0434\u0430\u0441\u043d\u0430\u0430\u0441 \u0442\u043e\u0445\u0438\u0440\u0433\u043e\u043e \u0434\u043e\u0442\u043e\u0440\u0445 \u043e\u0444\u043b\u0430\u0439\u043d \u0441\u0438\u043d\u043a\u0438\u0439\u0433 \u0438\u0434\u044d\u0432\u0445\u0436\u04af\u04af\u043b\u043d\u0

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\mr\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):1719
                              Entropy (8bit):4.287702203591075
                              Encrypted:false
                              SSDEEP:
                              MD5:3B98C4ED8874A160C3789FEAD5553CFA
                              SHA1:5550D0EC548335293D962AAA96B6443DD8ABB9F6
                              SHA-256:ADEB082A9C754DFD5A9D47340A3DDCC19BF9C7EFA6E629A2F1796305F1C9A66F
                              SHA-512:5139B6C6DF9459C7B5CDC08A98348891499408CD75B46519BA3AC29E99AAAFCC5911A1DEE6C3A57E3413DBD0FAE72D7CBC676027248DCE6364377982B5CE4151
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": ".... .... ...".. },.. "explanationofflinedisabled": {.. "message": "...... ...... ..... ......... ....... ....... ..... Google ....... ............, Google ....... .............. .......... .. ... ..... .... ...... ......... ...... ...... ...... .... .... ....".. },.. "explanationofflineenabled": {.. "message": "...... ...... ...., ..... ...... ...... ...... .... ....... ... ..... .... .... ... .....".. },.. "extdesc": {.. "message": "..... ..

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\ms\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):936
                              Entropy (8bit):4.457879437756106
                              Encrypted:false
                              SSDEEP:
                              MD5:7D273824B1E22426C033FF5D8D7162B7
                              SHA1:EADBE9DBE5519BD60458B3551BDFC36A10049DD1
                              SHA-256:2824CF97513DC3ECC261F378BFD595AE95A5997E9D1C63F5731A58B1F8CD54F9
                              SHA-512:E5B611BBFAB24C9924D1D5E1774925433C65C322769E1F3B116254B1E9C69B6DF1BE7828141EEBBF7524DD179875D40C1D8F29C4FB86D663B8A365C6C60421A7
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": "BUAT BAHARU".. },.. "explanationofflinedisabled": {.. "message": "Anda berada di luar talian. Untuk menggunakan Google Docs tanpa sambungan Internet, pergi ke tetapan di halaman utama Google Docs dan hidupkan penyegerakan luar talian apabila anda disambungkan ke Internet selepas ini.".. },.. "explanationofflineenabled": {.. "message": "Anda berada di luar talian, tetapi anda masih boleh mengedit fail yang tersedia atau buat fail baharu.".. },.. "extdesc": {.. "message": "Edit, buat dan lihat dokumen, hamparan dan pembentangan anda . kesemuanya tanpa akses Internet.".. },.. "extname": {.. "message": "Google Docs Luar Talian".. },.. "learnmore": {.. "message": "Ketahui Lebih Lanjut".. },.. "popuphelptext": {.. "message": "Tulis, edit dan bekerjasama di mana-mana sahaja anda berada, dengan atau tanpa sambungan Internet.".. }..}..

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\my\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):3830
                              Entropy (8bit):3.5483353063347587
                              Encrypted:false
                              SSDEEP:
                              MD5:342335A22F1886B8BC92008597326B24
                              SHA1:2CB04F892E430DCD7705C02BF0A8619354515513
                              SHA-256:243BEFBD6B67A21433DCC97DC1A728896D3A070DC20055EB04D644E1BB955FE7
                              SHA-512:CD344D060E30242E5A4705547E807CE3CE2231EE983BB9A8AD22B3E7598A7EC87399094B04A80245AD51D039370F09D74FE54C0B0738583884A73F0C7E888AD8
                              Malicious:false
                              Reputation:unknown
                              Preview:{"createnew":{"message":"\u1021\u101e\u1005\u103a \u1015\u103c\u102f\u101c\u102f\u1015\u103a\u101b\u1014\u103a"},"explanationofflinedisabled":{"message":"\u101e\u1004\u103a \u1021\u1031\u102c\u1037\u1016\u103a\u101c\u102d\u102f\u1004\u103a\u1038\u1016\u103c\u1005\u103a\u1014\u1031\u1015\u102b\u101e\u100a\u103a\u104b \u1021\u1004\u103a\u1010\u102c\u1014\u1000\u103a\u1001\u103b\u102d\u1010\u103a\u1006\u1000\u103a\u1019\u103e\u102f \u1019\u101b\u103e\u102d\u1018\u1032 Google Docs \u1000\u102d\u102f \u1021\u101e\u102f\u1036\u1038\u1015\u103c\u102f\u101b\u1014\u103a \u1014\u1031\u102c\u1000\u103a\u1010\u1005\u103a\u1000\u103c\u102d\u1019\u103a \u101e\u1004\u103a\u1021\u1004\u103a\u1010\u102c\u1014\u1000\u103a\u1001\u103b\u102d\u1010\u103a\u1006\u1000\u103a\u101e\u100a\u1037\u103a\u1021\u1001\u102b Google Docs \u1015\u1004\u103a\u1019\u1005\u102c\u1019\u103b\u1000\u103a\u1014\u103e\u102c\u101b\u103e\u102d \u1006\u1000\u103a\u1010\u1004\u103a\u1019\u103b\u102c\u1038\u101e\u102d\u102f\u1037\u1

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\ne\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):1898
                              Entropy (8bit):4.187050294267571
                              Encrypted:false
                              SSDEEP:
                              MD5:B1083DA5EC718D1F2F093BD3D1FB4F37
                              SHA1:74B6F050D918448396642765DEF1AD5390AB5282
                              SHA-256:E6ED0A023EF31705CCCBAF1E07F2B4B2279059296B5CA973D2070417BA16F790
                              SHA-512:7102B90ABBE2C811E8EE2F1886A73B1298D4F3D5D05F0FFDB57CF78B9A49A25023A290B255BAA4895BB150B388BAFD9F8432650B8C70A1A9A75083FFFCD74F1A
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": ".... ....... .........".. },.. "explanationofflinedisabled": {.. "message": "..... ...... .......... .... ........ .... .... Google ........ ...... .... ..... ..... ... .......... ....... .... Google ........ .......... ..... .......... .. ...... ..... .... ..... ......... .. ..........".. },.. "explanationofflineenabled": {.. "message": "..... ...... ........., .. ..... ... ... ...... ....... ....... .. .... ....... ....

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\nl\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):914
                              Entropy (8bit):4.513485418448461
                              Encrypted:false
                              SSDEEP:
                              MD5:32DF72F14BE59A9BC9777113A8B21DE6
                              SHA1:2A8D9B9A998453144307DD0B700A76E783062AD0
                              SHA-256:F3FE1FFCB182183B76E1B46C4463168C746A38E461FD25CA91FF2A40846F1D61
                              SHA-512:E0966F5CCA5A8A6D91C58D716E662E892D1C3441DAA5D632E5E843839BB989F620D8AC33ED3EDBAFE18D7306B40CD0C4639E5A4E04DA2C598331DACEC2112AAD
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": "NIEUW MAKEN".. },.. "explanationofflinedisabled": {.. "message": "Je bent offline. Wil je Google Documenten zonder internetverbinding gebruiken, ga dan de volgende keer dat je verbinding met internet hebt naar 'Instellingen' op de homepage van Google Documenten en zet 'Offline synchronisatie' aan.".. },.. "explanationofflineenabled": {.. "message": "Je bent offline, maar je kunt nog wel beschikbare bestanden bewerken of nieuwe bestanden maken.".. },.. "extdesc": {.. "message": "Bewerk, maak en bekijk je documenten, spreadsheets en presentaties. Allemaal zonder internettoegang.".. },.. "extname": {.. "message": "Offline Documenten".. },.. "learnmore": {.. "message": "Meer informatie".. },.. "popuphelptext": {.. "message": "Overal schrijven, bewerken en samenwerken, met of zonder internetverbinding.".. }..}..

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\no\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):878
                              Entropy (8bit):4.4541485835627475
                              Encrypted:false
                              SSDEEP:
                              MD5:A1744B0F53CCF889955B95108367F9C8
                              SHA1:6A5A6771DFF13DCB4FD425ED839BA100B7123DE0
                              SHA-256:21CEFF02B45A4BFD60D144879DFA9F427949A027DD49A3EB0E9E345BD0B7C9A8
                              SHA-512:F55E43F14514EECB89F6727A0D3C234149609020A516B193542B5964D2536D192F40CC12D377E70C683C269A1BDCDE1C6A0E634AA84A164775CFFE776536A961
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": "OPPRETT NYTT".. },.. "explanationofflinedisabled": {.. "message": "Du er uten nett. For . bruke Google Dokumenter uten internettilkobling, g. til innstillingene p. Google Dokumenter-nettsiden og sl. p. synkronisering uten nett neste gang du er koblet til Internett.".. },.. "explanationofflineenabled": {.. "message": "Du er uten nett, men du kan likevel endre tilgjengelige filer eller opprette nye.".. },.. "extdesc": {.. "message": "Rediger, opprett og se dokumentene, regnearkene og presentasjonene dine . uten nettilgang.".. },.. "extname": {.. "message": "Google Dokumenter uten nett".. },.. "learnmore": {.. "message": "Finn ut mer".. },.. "popuphelptext": {.. "message": "Skriv, rediger eller samarbeid uansett hvor du er, med eller uten internettilkobling.".. }..}..

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\pa\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):2766
                              Entropy (8bit):3.839730779948262
                              Encrypted:false
                              SSDEEP:
                              MD5:97F769F51B83D35C260D1F8CFD7990AF
                              SHA1:0D59A76564B0AEE31D0A074305905472F740CECA
                              SHA-256:BBD37D41B7DE6F93948FA2437A7699D4C30A3C39E736179702F212CB36A3133C
                              SHA-512:D91F5E2D22FC2D7F73C1F1C4AF79DB98FCFD1C7804069AE9B2348CBC729A6D2DFF7FB6F44D152B0BDABA6E0D05DFF54987E8472C081C4D39315CEC2CBC593816
                              Malicious:false
                              Reputation:unknown
                              Preview:{"createnew":{"message":"\u0a28\u0a35\u0a3e\u0a02 \u0a2c\u0a23\u0a3e\u0a13"},"explanationofflinedisabled":{"message":"\u0a24\u0a41\u0a38\u0a40\u0a02 \u0a06\u0a2b\u0a3c\u0a32\u0a3e\u0a08\u0a28 \u0a39\u0a4b\u0964 \u0a07\u0a70\u0a1f\u0a30\u0a28\u0a48\u0a71\u0a1f \u0a15\u0a28\u0a48\u0a15\u0a36\u0a28 \u0a26\u0a47 \u0a2c\u0a3f\u0a28\u0a3e\u0a02 Google Docs \u0a28\u0a42\u0a70 \u0a35\u0a30\u0a24\u0a23 \u0a32\u0a08, \u0a05\u0a17\u0a32\u0a40 \u0a35\u0a3e\u0a30 \u0a1c\u0a26\u0a4b\u0a02 \u0a24\u0a41\u0a38\u0a40\u0a02 \u0a07\u0a70\u0a1f\u0a30\u0a28\u0a48\u0a71\u0a1f \u0a26\u0a47 \u0a28\u0a3e\u0a32 \u0a15\u0a28\u0a48\u0a15\u0a1f \u0a39\u0a4b\u0a35\u0a4b \u0a24\u0a3e\u0a02 Google Docs \u0a2e\u0a41\u0a71\u0a16 \u0a2a\u0a70\u0a28\u0a47 '\u0a24\u0a47 \u0a38\u0a48\u0a1f\u0a3f\u0a70\u0a17\u0a3e\u0a02 \u0a35\u0a3f\u0a71\u0a1a \u0a1c\u0a3e\u0a13 \u0a05\u0a24\u0a47 \u0a06\u0a2b\u0a3c\u0a32\u0a3e\u0a08\u0a28 \u0a38\u0a3f\u0a70\u0a15 \u0a28\u0a42\u0a70 \u0a1a\u0a3e\u0a32\u0a42 \u0a15\u0a30\u0a4b\u0964"},"expla

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\pl\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):978
                              Entropy (8bit):4.879137540019932
                              Encrypted:false
                              SSDEEP:
                              MD5:B8D55E4E3B9619784AECA61BA15C9C0F
                              SHA1:B4A9C9885FBEB78635957296FDDD12579FEFA033
                              SHA-256:E00FF20437599A5C184CA0C79546CB6500171A95E5F24B9B5535E89A89D3EC3D
                              SHA-512:266589116EEE223056391C65808255EDAE10EB6DC5C26655D96F8178A41E283B06360AB8E08AC3857D172023C4F616EF073D0BEA770A3B3DD3EE74F5FFB2296B
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": "UTW.RZ NOWY".. },.. "explanationofflinedisabled": {.. "message": "Jeste. offline. Aby korzysta. z Dokument.w Google bez po..czenia internetowego, otw.rz ustawienia na stronie g..wnej Dokument.w Google i w..cz synchronizacj. offline nast.pnym razem, gdy b.dziesz mie. dost.p do internetu.".. },.. "explanationofflineenabled": {.. "message": "Jeste. offline, ale nadal mo.esz edytowa. dost.pne pliki i tworzy. nowe.".. },.. "extdesc": {.. "message": "Edytuj, tw.rz i wy.wietlaj swoje dokumenty, arkusze kalkulacyjne oraz prezentacje bez konieczno.ci ..czenia si. z internetem.".. },.. "extname": {.. "message": "Dokumenty Google offline".. },.. "learnmore": {.. "message": "Wi.cej informacji".. },.. "popuphelptext": {.. "message": "Pisz, edytuj i wsp..pracuj, gdziekolwiek jeste. . niezale.nie od tego, czy masz po..czenie z internetem.".. }..}..

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\pt_BR\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):907
                              Entropy (8bit):4.599411354657937
                              Encrypted:false
                              SSDEEP:
                              MD5:608551F7026E6BA8C0CF85D9AC11F8E3
                              SHA1:87B017B2D4DA17E322AF6384F82B57B807628617
                              SHA-256:A73EEA087164620FA2260D3910D3FBE302ED85F454EDB1493A4F287D42FC882F
                              SHA-512:82F52F8591DB3C0469CC16D7CBFDBF9116F6D5B5D2AD02A3D8FA39CE1378C64C0EA80AB8509519027F71A89EB8BBF38A8702D9AD26C8E6E0F499BF7DA18BF747
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": "CRIAR NOVO".. },.. "explanationofflinedisabled": {.. "message": "Voc. est. off-line. Para usar o Documentos Google sem conex.o com a Internet, na pr.xima vez que se conectar, acesse as configura..es na p.gina inicial do Documentos Google e ative a sincroniza..o off-line.".. },.. "explanationofflineenabled": {.. "message": "Voc. est. off-line, mas mesmo assim pode editar os arquivos dispon.veis ou criar novos arquivos.".. },.. "extdesc": {.. "message": "Edite, crie e veja seus documentos, planilhas e apresenta..es sem precisar de acesso . Internet.".. },.. "extname": {.. "message": "Documentos Google off-line".. },.. "learnmore": {.. "message": "Saiba mais".. },.. "popuphelptext": {.. "message": "Escreva, edite e colabore onde voc. estiver, com ou sem conex.o com a Internet.".. }..}..

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\pt_PT\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):914
                              Entropy (8bit):4.604761241355716
                              Encrypted:false
                              SSDEEP:
                              MD5:0963F2F3641A62A78B02825F6FA3941C
                              SHA1:7E6972BEAB3D18E49857079A24FB9336BC4D2D48
                              SHA-256:E93B8E7FB86D2F7DFAE57416BB1FB6EE0EEA25629B972A5922940F0023C85F90
                              SHA-512:22DD42D967124DA5A2209DD05FB6AD3F5D0D2687EA956A22BA1E31C56EC09DEB53F0711CD5B24D672405358502E9D1C502659BB36CED66CAF83923B021CA0286
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": "CRIAR NOVO".. },.. "explanationofflinedisabled": {.. "message": "Est. offline. Para utilizar o Google Docs sem uma liga..o . Internet, aceda .s defini..es na p.gina inicial do Google Docs e ative a sincroniza..o offline da pr.xima vez que estiver ligado . Internet.".. },.. "explanationofflineenabled": {.. "message": "Est. offline, mas continua a poder editar os ficheiros dispon.veis ou criar novos ficheiros.".. },.. "extdesc": {.. "message": "Edite, crie e veja os documentos, as folhas de c.lculo e as apresenta..es, tudo sem precisar de aceder . Internet.".. },.. "extname": {.. "message": "Google Docs offline".. },.. "learnmore": {.. "message": "Saber mais".. },.. "popuphelptext": {.. "message": "Escreva edite e colabore onde quer que esteja, com ou sem uma liga..o . Internet.".. }..}..

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\ro\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):937
                              Entropy (8bit):4.686555713975264
                              Encrypted:false
                              SSDEEP:
                              MD5:BED8332AB788098D276B448EC2B33351
                              SHA1:6084124A2B32F386967DA980CBE79DD86742859E
                              SHA-256:085787999D78FADFF9600C9DC5E3FF4FB4EB9BE06D6BB19DF2EEF8C284BE7B20
                              SHA-512:22596584D10707CC1C8179ED3ABE46EF2C314CF9C3D0685921475944B8855AAB660590F8FA1CFDCE7976B4BB3BD9ABBBF053F61F1249A325FD0094E1C95692ED
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": "CREEAZ. UN DOCUMENT".. },.. "explanationofflinedisabled": {.. "message": "E.ti offline. Pentru a utiliza Documente Google f.r. conexiune la internet, intr. .n set.rile din pagina principal. Documente Google .i activeaz. sincronizarea offline data viitoare c.nd e.ti conectat(.) la internet.".. },.. "explanationofflineenabled": {.. "message": "E.ti offline, dar po.i .nc. s. editezi fi.ierele disponibile sau s. creezi altele.".. },.. "extdesc": {.. "message": "Editeaz., creeaz. .i acceseaz. documente, foi de calcul .i prezent.ri - totul f.r. acces la internet.".. },.. "extname": {.. "message": "Documente Google Offline".. },.. "learnmore": {.. "message": "Afl. mai multe".. },.. "popuphelptext": {.. "message": "Scrie, editeaz. .i colaboreaz. oriunde ai fi, cu sau f.r. conexiune la internet.".. }..}..

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\ru\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):1337
                              Entropy (8bit):4.69531415794894
                              Encrypted:false
                              SSDEEP:
                              MD5:51D34FE303D0C90EE409A2397FCA437D
                              SHA1:B4B9A7B19C62D0AA95D1F10640A5FBA628CCCA12
                              SHA-256:BE733625ACD03158103D62BC0EEF272CA3F265AC30C87A6A03467481A177DAE3
                              SHA-512:E8670DED44DC6EE30E5F41C8B2040CF8A463CD9A60FC31FA70EB1D4C9AC1A3558369792B5B86FA761A21F5266D5A35E5C2C39297F367DAA84159585C19EC492A
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": ".......".. },.. "explanationofflinedisabled": {.. "message": "..... ............ Google ......... ... ........., ............ . .... . ......... ............. . ......-...... . .......... .. ......... .........".. },.. "explanationofflineenabled": {.. "message": "... ........... . .......... .. ...... ......... ..... ..... . ............. .., . ....... ........ ......-.......".. },.. "extdesc": {.. "message": ".........., .............. . ............ ........., ....... . ........... ... ....... . ..........".. },.. "extname": {.. "message": "Google.......... ......".. },.. "learnmore": {.

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\si\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):2846
                              Entropy (8bit):3.7416822879702547
                              Encrypted:false
                              SSDEEP:
                              MD5:B8A4FD612534A171A9A03C1984BB4BDD
                              SHA1:F513F7300827FE352E8ECB5BD4BB1729F3A0E22A
                              SHA-256:54241EBE651A8344235CC47AFD274C080ABAEBC8C3A25AFB95D8373B6A5670A2
                              SHA-512:C03E35BFDE546AEB3245024EF721E7E606327581EFE9EAF8C5B11989D9033BDB58437041A5CB6D567BAA05466B6AAF054C47F976FD940EEEDF69FDF80D79095B
                              Malicious:false
                              Reputation:unknown
                              Preview:{"createnew":{"message":"\u0db1\u0dc0 \u0dbd\u0dda\u0d9b\u0db1\u0dba\u0d9a\u0dca \u0dc3\u0dcf\u0daf\u0db1\u0dca\u0db1"},"explanationofflinedisabled":{"message":"\u0d94\u0db6 \u0db1\u0ddc\u0db6\u0dd0\u0db3\u0dd2\u0dba. \u0d85\u0db1\u0dca\u0dad\u0dbb\u0dca\u0da2\u0dcf\u0dbd \u0dc3\u0db8\u0dca\u0db6\u0db1\u0dca\u0db0\u0dad\u0dcf\u0dc0\u0d9a\u0dca \u0db1\u0ddc\u0db8\u0dd0\u0dad\u0dd2\u0dc0 Google Docs \u0db7\u0dcf\u0dc0\u0dd2\u0dad \u0d9a\u0dd2\u0dbb\u0dd3\u0db8\u0da7, Google Docs \u0db8\u0dd4\u0dbd\u0dca \u0db4\u0dd2\u0da7\u0dd4\u0dc0 \u0db8\u0dad \u0dc3\u0dd0\u0d9a\u0dc3\u0dd3\u0db8\u0dca \u0dc0\u0dd9\u0dad \u0d9c\u0ddc\u0dc3\u0dca \u0d94\u0db6 \u0d8a\u0dc5\u0d9f \u0d85\u0dc0\u0dc3\u0dca\u0dae\u0dcf\u0dc0\u0dda \u0d85\u0db1\u0dca\u0dad\u0dbb\u0dca\u0da2\u0dcf\u0dbd\u0dba\u0da7 \u0dc3\u0db6\u0dd0\u0db3\u0dd2 \u0dc0\u0dd2\u0da7 \u0db1\u0ddc\u0db6\u0dd0\u0db3\u0dd2 \u0dc3\u0db8\u0db8\u0dd4\u0dc4\u0dd4\u0dbb\u0dca\u0dad \u0d9a\u0dd2\u0dbb\u0dd3\u0db8 \u0d9a\u0dca\u200d\u0dbb\u0dd2\u0dba\u0dc

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\sk\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):934
                              Entropy (8bit):4.882122893545996
                              Encrypted:false
                              SSDEEP:
                              MD5:8E55817BF7A87052F11FE554A61C52D5
                              SHA1:9ABDC0725FE27967F6F6BE0DF5D6C46E2957F455
                              SHA-256:903060EC9E76040B46DEB47BBB041D0B28A6816CB9B892D7342FC7DC6782F87C
                              SHA-512:EFF9EC7E72B272DDE5F29123653BC056A4BC2C3C662AE3C448F8CB6A4D1865A0679B7E74C1B3189F3E262109ED6BC8F8D2BDE14AEFC8E87E0F785AE4837D01C7
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": "VYTVORI. NOV.".. },.. "explanationofflinedisabled": {.. "message": "Ste offline. Ak chcete pou.i. Dokumenty Google bez pripojenia na internet, po najbli..om pripojen. na internet prejdite do nastaven. na domovskej str.nke Dokumentov Google a.zapnite offline synchroniz.ciu.".. },.. "explanationofflineenabled": {.. "message": "Ste offline, no st.le m..ete upravova. dostupn. s.bory a.vytv.ra. nov..".. },.. "extdesc": {.. "message": ".prava, tvorba a.zobrazenie dokumentov, tabuliek a.prezent.ci.. To v.etko bez pr.stupu na internet.".. },.. "extname": {.. "message": "Dokumenty Google v re.ime offline".. },.. "learnmore": {.. "message": ".al.ie inform.cie".. },.. "popuphelptext": {.. "message": "P..te, upravujte a.spolupracuje, kdeko.vek ste, a.to s.pripojen.m na internet aj bez neho.".. }..}..

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\sl\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):963
                              Entropy (8bit):4.6041913416245
                              Encrypted:false
                              SSDEEP:
                              MD5:BFAEFEFF32813DF91C56B71B79EC2AF4
                              SHA1:F8EDA2B632610972B581724D6B2F9782AC37377B
                              SHA-256:AAB9CF9098294A46DC0F2FA468AFFF7CA7C323A1A0EFA70C9DB1E3A4DA05D1D4
                              SHA-512:971F2BBF5E9C84DE3D31E5F2A4D1A00D891A2504F8AF6D3F75FC19056BFD059A270C4C9836AF35258ABA586A1888133FB22B484F260C1CBC2D1D17BC3B4451AA
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": "USTVARI NOVO".. },.. "explanationofflinedisabled": {.. "message": "Nimate vzpostavljene povezave. .e .elite uporabljati Google Dokumente brez internetne povezave, odprite nastavitve na doma.i strani Google Dokumentov in vklopite sinhronizacijo brez povezave, ko naslednji. vzpostavite internetno povezavo.".. },.. "explanationofflineenabled": {.. "message": "Nimate vzpostavljene povezave, vendar lahko .e vedno urejate razpolo.ljive datoteke ali ustvarjate nove.".. },.. "extdesc": {.. "message": "Urejajte, ustvarjajte in si ogledujte dokumente, preglednice in predstavitve . vse to brez internetnega dostopa.".. },.. "extname": {.. "message": "Google Dokumenti brez povezave".. },.. "learnmore": {.. "message": "Ve. o tem".. },.. "popuphelptext": {.. "message": "Pi.ite, urejajte in sodelujte, kjer koli ste, z internetno povezavo ali brez nje.".. }..}..

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\sr\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):1320
                              Entropy (8bit):4.569671329405572
                              Encrypted:false
                              SSDEEP:
                              MD5:7F5F8933D2D078618496C67526A2B066
                              SHA1:B7050E3EFA4D39548577CF47CB119FA0E246B7A4
                              SHA-256:4E8B69E864F57CDDD4DC4E4FAF2C28D496874D06016BC22E8D39E0CB69552769
                              SHA-512:0FBAB56629368EEF87DEEF2977CA51831BEB7DEAE98E02504E564218425C751853C4FDEAA40F51ECFE75C633128B56AE105A6EB308FD5B4A2E983013197F5DBA
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": "....... ....".. },.. "explanationofflinedisabled": {.. "message": "...... .... .. ..... ......... Google ......... ... ........ ...., ..... . .......... .. ........ ........ Google .......... . ........ ...... .............. ... ....... ... ...... ........ .. ...........".. },.. "explanationofflineenabled": {.. "message": "...... ..., ... . .... ...... .. ....... ...... . ........ ........ ... .. ....... .....".. },.. "extdesc": {.. "message": "....... . ........... ........., ...... . ............ . ....... ...... . ... . ... .. ... ........ .........".. },.. "extname": {.. "message

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\sv\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):884
                              Entropy (8bit):4.627108704340797
                              Encrypted:false
                              SSDEEP:
                              MD5:90D8FB448CE9C0B9BA3D07FB8DE6D7EE
                              SHA1:D8688CAC0245FD7B886D0DEB51394F5DF8AE7E84
                              SHA-256:64B1E422B346AB77C5D1C77142685B3FF7661D498767D104B0C24CB36D0EB859
                              SHA-512:6D58F49EE3EF0D3186EA036B868B2203FE936CE30DC8E246C32E90B58D9B18C624825419346B62AF8F7D61767DBE9721957280AA3C524D3A5DFB1A3A76C00742
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": "SKAPA NYTT".. },.. "explanationofflinedisabled": {.. "message": "Du .r offline. Om du vill anv.nda Google Dokument utan internetuppkoppling, .ppna inst.llningarna p. Google Dokuments startsida och aktivera offlinesynkronisering n.sta g.ng du .r ansluten till internet.".. },.. "explanationofflineenabled": {.. "message": "Du .r offline, men det g.r fortfarande att redigera tillg.ngliga filer eller skapa nya.".. },.. "extdesc": {.. "message": "Redigera, skapa och visa dina dokument, kalkylark och presentationer . helt utan internet.tkomst.".. },.. "extname": {.. "message": "Google Dokument Offline".. },.. "learnmore": {.. "message": "L.s mer".. },.. "popuphelptext": {.. "message": "Skriv, redigera och samarbeta .verallt, med eller utan internetanslutning.".. }..}..

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\sw\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):980
                              Entropy (8bit):4.50673686618174
                              Encrypted:false
                              SSDEEP:
                              MD5:D0579209686889E079D87C23817EDDD5
                              SHA1:C4F99E66A5891973315D7F2BC9C1DAA524CB30DC
                              SHA-256:0D20680B74AF10EF8C754FCDE259124A438DCE3848305B0CAF994D98E787D263
                              SHA-512:D59911F91ED6C8FF78FD158389B4D326DAF4C031B940C399569FE210F6985E23897E7F404B7014FC7B0ACEC086C01CC5F76354F7E5D3A1E0DEDEF788C23C2978
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": "FUNGUA MPYA".. },.. "explanationofflinedisabled": {.. "message": "Haupo mtandaoni. Ili uweze kutumia Hati za Google bila muunganisho wa intaneti, wakati utakuwa umeunganishwa kwenye intaneti, nenda kwenye sehemu ya mipangilio kwenye ukurasa wa kwanza wa Hati za Google kisha uwashe kipengele cha usawazishaji nje ya mtandao.".. },.. "explanationofflineenabled": {.. "message": "Haupo mtandaoni, lakini bado unaweza kubadilisha faili zilizopo au uunde mpya.".. },.. "extdesc": {.. "message": "Badilisha, unda na uangalie hati, malahajedwali na mawasilisho yako . yote bila kutumia muunganisho wa intaneti.".. },.. "extname": {.. "message": "Hati za Google Nje ya Mtandao".. },.. "learnmore": {.. "message": "Pata Maelezo Zaidi".. },.. "popuphelptext": {.. "message": "Andika hati, zibadilishe na ushirikiane na wengine popote ulipo, iwe una muunganisho wa intaneti au huna.".. }..}..

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\ta\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):1941
                              Entropy (8bit):4.132139619026436
                              Encrypted:false
                              SSDEEP:
                              MD5:DCC0D1725AEAEAAF1690EF8053529601
                              SHA1:BB9D31859469760AC93E84B70B57909DCC02EA65
                              SHA-256:6282BF9DF12AD453858B0B531C8999D5FD6251EB855234546A1B30858462231A
                              SHA-512:6243982D764026D342B3C47C706D822BB2B0CAFFA51F0591D8C878F981EEF2A7FC68B76D012630B1C1EB394AF90EB782E2B49329EB6538DD5608A7F0791FDCF5
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": "..... ....... .........".. },.. "explanationofflinedisabled": {.. "message": ".......... ........... .... ....... ..... Google ......... .........., ...... .... ........... ......... ...., Google ... ................... ................ ......, ........ ......... ..........".. },.. "explanationofflineenabled": {.. "message": ".......... ..........., .......... .......... .......... ......... ........... ...... .....

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\te\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):1969
                              Entropy (8bit):4.327258153043599
                              Encrypted:false
                              SSDEEP:
                              MD5:385E65EF723F1C4018EEE6E4E56BC03F
                              SHA1:0CEA195638A403FD99BAEF88A360BD746C21DF42
                              SHA-256:026C164BAE27DBB36A564888A796AA3F188AAD9E0C37176D48910395CF772CEA
                              SHA-512:E55167CB5638E04DF3543D57C8027B86B9483BFCAFA8E7C148EDED66454AEBF554B4C1CF3C33E93EC63D73E43800D6A6E7B9B1A1B0798B6BDB2F699D3989B052
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": "..... ...... ........ ......".. },.. "explanationofflinedisabled": {.. "message": ".... ........... ........ ......... ........ ....... Google Docs... .............., .... ............ ....... ..... ...... .... Google Docs .... ...... ............. ......, ........ ........ ... .......".. },.. "explanationofflineenabled": {.. "message": ".... ........... ......., .... .... ........ .......... .... ....... ..... ....... .... ..

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\th\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):1674
                              Entropy (8bit):4.343724179386811
                              Encrypted:false
                              SSDEEP:
                              MD5:64077E3D186E585A8BEA86FF415AA19D
                              SHA1:73A861AC810DABB4CE63AD052E6E1834F8CA0E65
                              SHA-256:D147631B2334A25B8AA4519E4A30FB3A1A85B6A0396BC688C68DC124EC387D58
                              SHA-512:56DD389EB9DD335A6214E206B3BF5D63562584394D1DE1928B67D369E548477004146E6CB2AD19D291CB06564676E2B2AC078162356F6BC9278B04D29825EF0C
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": ".........".. },.. "explanationofflinedisabled": {.. "message": ".............. ............. Google .................................... ............................... Google ...... .................................................................".. },.. "explanationofflineenabled": {.. "message": "................................................................".. },.. "extdesc": {.. "message": "..... ..... ........

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\tr\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):1063
                              Entropy (8bit):4.853399816115876
                              Encrypted:false
                              SSDEEP:
                              MD5:76B59AAACC7B469792694CF3855D3F4C
                              SHA1:7C04A2C1C808FA57057A4CCEEE66855251A3C231
                              SHA-256:B9066A162BEE00FD50DC48C71B32B69DFFA362A01F84B45698B017A624F46824
                              SHA-512:2E507CA6874DE8028DC769F3D9DFD9E5494C268432BA41B51568D56F7426F8A5F2E5B111DDD04259EB8D9A036BB4E3333863A8FC65AAB793BCEF39EDFE41403B
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": "YEN. OLU.TUR".. },.. "explanationofflinedisabled": {.. "message": ".nternet'e ba.l. de.ilsiniz. Google Dok.manlar'. .nternet ba.lant.s. olmadan kullanmak i.in, .nternet'e ba.lanabildi.inizde Google Dok.manlar ana sayfas.nda Ayarlar'a gidin ve .evrimd... senkronizasyonu etkinle.tirin.".. },.. "explanationofflineenabled": {.. "message": ".nternet'e ba.l. de.ilsiniz. Ancak, yine de mevcut dosyalar. d.zenleyebilir veya yeni dosyalar olu.turabilirsiniz.".. },.. "extdesc": {.. "message": "Dok.man, e-tablo ve sunu olu.turun, bunlar. d.zenleyin ve g.r.nt.leyin. T.m bu i.lemleri internet eri.imi olmadan yapabilirsiniz.".. },.. "extname": {.. "message": "Google Dok.manlar .evrimd...".. },.. "learnmore": {.. "message": "Daha Fazla Bilgi".. },.. "popuphelptext": {.. "message": ".nternet ba.lant.n.z olsun veya olmas.n, nerede olursan.z olun yaz.n, d.zenl

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\uk\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):1333
                              Entropy (8bit):4.686760246306605
                              Encrypted:false
                              SSDEEP:
                              MD5:970963C25C2CEF16BB6F60952E103105
                              SHA1:BBDDACFEEE60E22FB1C130E1EE8EFDA75EA600AA
                              SHA-256:9FA26FF09F6ACDE2457ED366C0C4124B6CAC1435D0C4FD8A870A0C090417DA19
                              SHA-512:1BED9FE4D4ADEED3D0BC8258D9F2FD72C6A177C713C3B03FC6F5452B6D6C2CB2236C54EA972ECE7DBFD756733805EB2352CAE44BAB93AA8EA73BB80460349504
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": "........".. },.. "explanationofflinedisabled": {.. "message": ".. . ...... ....... ... ............. Google ........... ... ......... . .........., ......... . ............ .. ........ ........ Google .......... . ......... ......-............., .... ...... . .......".. },.. "explanationofflineenabled": {.. "message": ".. . ...... ......, ..... ... .... ...... .......... ........ ..... ... .......... .....".. },.. "extdesc": {.. "message": "........., ......... . ............ ........., .......... ....... .. ........... ... ....... .. ..........".. },.. "extname": {.. "message": "Goo

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\ur\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):1263
                              Entropy (8bit):4.861856182762435
                              Encrypted:false
                              SSDEEP:
                              MD5:8B4DF6A9281333341C939C244DDB7648
                              SHA1:382C80CAD29BCF8AAF52D9A24CA5A6ECF1941C6B
                              SHA-256:5DA836224D0F3A96F1C5EB5063061AAD837CA9FC6FED15D19C66DA25CF56F8AC
                              SHA-512:FA1C015D4EA349F73468C78FDB798D462EEF0F73C1A762298798E19F825E968383B0A133E0A2CE3B3DF95F24C71992235BFC872C69DC98166B44D3183BF8A9E5
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": "... ......".. },.. "explanationofflinedisabled": {.. "message": ".. .. .... .... Google Docs .. .... ....... ..... ....... .... ..... .... ... .. .. ....... .. ..... ... .. Google Docs ... ... .. ....... .. ..... ... .. .... ...... ..... .. .. .....".. },.. "explanationofflineenabled": {.. "message": ".. .. .... ... .... .. ... ... ...... ..... ... ..... .. .... ... .. ... ..... ... .... ....".. },.. "extdesc": {.. "message": ".......... .......... ... ....... . .... ... ....... .. ..... .. .... ...... ..... .... ... ..... .......".. },.. "extname": {.. "message": "Google Docs .. ....".. },.. "learnmore": {..

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\vi\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):1074
                              Entropy (8bit):5.062722522759407
                              Encrypted:false
                              SSDEEP:
                              MD5:773A3B9E708D052D6CBAA6D55C8A5438
                              SHA1:5617235844595D5C73961A2C0A4AC66D8EA5F90F
                              SHA-256:597C5F32BC999746BC5C2ED1E5115C523B7EB1D33F81B042203E1C1DF4BBCAFE
                              SHA-512:E5F906729E38B23F64D7F146FA48F3ABF6BAED9AAFC0E5F6FA59F369DC47829DBB4BFA94448580BD61A34E844241F590B8D7AEC7091861105D8EBB2590A3BEE9
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": "T.O M.I".. },.. "explanationofflinedisabled": {.. "message": "B.n .ang ngo.i tuy.n. .. s. d.ng Google T.i li.u m. kh.ng c.n k.t n.i Internet, .i ..n c.i ..t tr.n trang ch. c.a Google T.i li.u v. b.t ..ng b. h.a ngo.i tuy.n v.o l.n ti.p theo b.n ...c k.t n.i v.i m.ng Internet.".. },.. "explanationofflineenabled": {.. "message": "B.n .ang ngo.i tuy.n, tuy nhi.n b.n v.n c. th. ch.nh s.a c.c t.p c. s.n ho.c t.o c.c t.p m.i.".. },.. "extdesc": {.. "message": "Ch.nh s.a, t.o v. xem t.i li.u, b.ng t.nh v. b.n tr.nh b.y . t.t c. m. kh.ng c.n truy c.p Internet.".. },.. "extname": {.. "message": "Google T.i li.u ngo.i tuy.n".. },.. "learnmore": {.. "message": "Ti.m hi..u th.m".. },.. "popuphelptext": {.. "message": "Vi.t, ch.nh s.a v. c.ng t.c

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\zh_CN\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):879
                              Entropy (8bit):5.7905809868505544
                              Encrypted:false
                              SSDEEP:
                              MD5:3E76788E17E62FB49FB5ED5F4E7A3DCE
                              SHA1:6904FFA0D13D45496F126E58C886C35366EFCC11
                              SHA-256:E72D0BB08CC3005556E95A498BD737E7783BB0E56DCC202E7D27A536616F5EE0
                              SHA-512:F431E570AB5973C54275C9EEF05E49E6FE2D6C17000F98D672DD31F9A1FAD98E0D50B5B0B9CF85D5BBD3B655B93FD69768C194C8C1688CB962AA75FF1AF9BDB6
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": "..".. },.. "explanationofflinedisabled": {.. "message": "....................... Google ................ Google ....................".. },.. "explanationofflineenabled": {.. "message": ".............................".. },.. "extdesc": {.. "message": "...................... - ........".. },.. "extname": {.. "message": "Google .......".. },.. "learnmore": {.. "message": "....".. },.. "popuphelptext": {.. "message": "...............................".. }..}..

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\zh_HK\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):1205
                              Entropy (8bit):4.50367724745418
                              Encrypted:false
                              SSDEEP:
                              MD5:524E1B2A370D0E71342D05DDE3D3E774
                              SHA1:60D1F59714F9E8F90EF34138D33FBFF6DD39E85A
                              SHA-256:30F44CFAD052D73D86D12FA20CFC111563A3B2E4523B43F7D66D934BA8DACE91
                              SHA-512:D2225CF2FA94B01A7B0F70A933E1FDCF69CDF92F76C424CE4F9FCC86510C481C9A87A7B71F907C836CBB1CA41A8BEBBD08F68DBC90710984CA738D293F905272
                              Malicious:false
                              Reputation:unknown
                              Preview:{"createnew":{"message":"\u5efa\u7acb\u65b0\u9805\u76ee"},"explanationofflinedisabled":{"message":"\u60a8\u8655\u65bc\u96e2\u7dda\u72c0\u614b\u3002\u5982\u8981\u5728\u6c92\u6709\u4e92\u806f\u7db2\u9023\u7dda\u7684\u60c5\u6cc1\u4e0b\u4f7f\u7528\u300cGoogle \u6587\u4ef6\u300d\uff0c\u8acb\u524d\u5f80\u300cGoogle \u6587\u4ef6\u300d\u9996\u9801\u7684\u8a2d\u5b9a\uff0c\u4e26\u5728\u4e0b\u6b21\u9023\u63a5\u4e92\u806f\u7db2\u6642\u958b\u555f\u96e2\u7dda\u540c\u6b65\u529f\u80fd\u3002"},"explanationofflineenabled":{"message":"\u60a8\u8655\u65bc\u96e2\u7dda\u72c0\u614b\uff0c\u4f46\u60a8\u4ecd\u53ef\u4ee5\u7de8\u8f2f\u53ef\u7528\u6a94\u6848\u6216\u5efa\u7acb\u65b0\u6a94\u6848\u3002"},"extdesc":{"message":"\u7de8\u8f2f\u3001\u5efa\u7acb\u53ca\u67e5\u770b\u60a8\u7684\u6587\u4ef6\u3001\u8a66\u7b97\u8868\u548c\u7c21\u5831\uff0c\u5b8c\u5168\u4e0d\u9700\u4f7f\u7528\u4e92\u806f\u7db2\u3002"},"extname":{"message":"\u300cGoogle \u6587\u4ef6\u300d\u96e2\u7dda\u7248"},"learnmore":{"message":"\u77ad\u89e3\u8a

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\zh_TW\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):843
                              Entropy (8bit):5.76581227215314
                              Encrypted:false
                              SSDEEP:
                              MD5:0E60627ACFD18F44D4DF469D8DCE6D30
                              SHA1:2BFCB0C3CA6B50D69AD5745FA692BAF0708DB4B5
                              SHA-256:F94C6DDEDF067642A1AF18D629778EC65E02B6097A8532B7E794502747AEB008
                              SHA-512:6FF517EED4381A61075AC7C8E80C73FAFAE7C0583BA4FA7F4951DD7DBE183C253702DEE44B3276EFC566F295DAC1592271BE5E0AC0C7D2C9F6062054418C7C27
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "createnew": {.. "message": ".....".. },.. "explanationofflinedisabled": {.. "message": ".................. Google ................ Google .................".. },.. "explanationofflineenabled": {.. "message": ".........................".. },.. "extdesc": {.. "message": ".............................".. },.. "extname": {.. "message": "Google .....".. },.. "learnmore": {.. "message": "....".. },.. "popuphelptext": {.. "message": "................................".. }..}..

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_locales\zu\messages.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):912
                              Entropy (8bit):4.65963951143349
                              Encrypted:false
                              SSDEEP:
                              MD5:71F916A64F98B6D1B5D1F62D297FDEC1
                              SHA1:9386E8F723C3F42DA5B3F7E0B9970D2664EA0BAA
                              SHA-256:EC78DDD4CCF32B5D76EC701A20167C3FBD146D79A505E4FB0421FC1E5CF4AA63
                              SHA-512:30FA4E02120AF1BE6E7CC7DBB15FAE5D50825BD6B3CF28EF21D2F2E217B14AF5B76CFCC165685C3EDC1D09536BFCB10CA07E1E2CC0DA891CEC05E19394AD7144
                              Malicious:false
                              Reputation:unknown
                              Preview:{"createnew":{"message":"DALA ENTSHA"},"explanationofflinedisabled":{"message":"Awuxhunyiwe ku-inthanethi. Ukuze usebenzise i-Google Amadokhumenti ngaphandle koxhumano lwe-inthanethi, iya kokuthi izilungiselelo ekhasini lasekhaya le-Google Amadokhumenti bese uvula ukuvumelanisa okungaxhunyiwe ku-inthanethi ngesikhathi esilandelayo lapho uxhunywe ku-inthanethi."},"explanationofflineenabled":{"message":"Awuxhunyiwe ku-inthanethi, kodwa usangakwazi ukuhlela amafayela atholakalayo noma udale amasha."},"extdesc":{"message":"Hlela, dala, futhi ubuke amadokhumenti akho, amaspredishithi, namaphrezentheshini \u2014 konke ngaphandle kokufinyelela kwe-inthanethi."},"extname":{"message":"I-Google Amadokhumenti engaxhumekile ku-intanethi"},"learnmore":{"message":"Funda kabanzi"},"popuphelptext":{"message":"Bhala, hlela, futhi hlanganyela noma yikuphi lapho okhona, unalo noma ungenalo uxhumano lwe-inthanethi."}}.

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\_metadata\verified_contents.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):18518
                              Entropy (8bit):5.708460608391745
                              Encrypted:false
                              SSDEEP:
                              MD5:F1346F53663087A18F734B324E159F65
                              SHA1:A1A79C373D154E6630DE9D46FD8902C0F6ACB860
                              SHA-256:8A65785DEEBA93A107A2FE5060305873A40379CD8B2B848607DDE45ED9130E03
                              SHA-512:FB6B92BEA01BF399D981260966A419AE328CAE7331970FED90DC9D158403B75F07ED1A7740771B56411E3730C946F831E2B1788B5A22E3139F17670FC9C7E48F
                              Malicious:false
                              Reputation:unknown
                              Preview:[{"description":"treehash per file","signed_content":{"payload":"eyJjb250ZW50X2hhc2hlcyI6W3siYmxvY2tfc2l6ZSI6NDA5NiwiZGlnZXN0Ijoic2hhMjU2IiwiZmlsZXMiOlt7InBhdGgiOiIxMjgucG5nIiwicm9vdF9oYXNoIjoiZ2NWZy0xWWgySktRNVFtUmtjZGNmamU1dzVIc1JNN1ZCTmJyaHJ4eGZ5ZyJ9LHsiY2Fub25pY2FsX2pzb25fcm9vdF9oYXNoIjoiOE1xa2JXMkFQWkVpbzlQTHlYNVItT3o1bGs5a29sbnlWTWtvYlVabk15YyIsInBhdGgiOiJfbG9jYWxlcy9hZi9tZXNzYWdlcy5qc29uIiwicm9vdF9oYXNoIjoicWhJZ1d4Q0hVTS1mb0plRVlhYllpQjVPZ05vZ3FFYllKTnBBYWRuSkdFYyJ9LHsiY2Fub25pY2FsX2pzb25fcm9vdF9oYXNoIjoiV0E0cW96b3R5ZzJrcUpKU0FEYWNVMGNDbEdJYjlmMmp1ejhYalh0YUhybyIsInBhdGgiOiJfbG9jYWxlcy9hbS9tZXNzYWdlcy5qc29uIiwicm9vdF9oYXNoIjoiWk9BYndwSzZMcUZwbFhiOHhFVTJjRWRTRHVpVjRwRE03aURDVEpNMjJPOCJ9LHsiY2Fub25pY2FsX2pzb25fcm9vdF9oYXNoIjoiQlk4QVRlUUktWHNqLWFSbVZfTi03dHVzUlJyQUNkU25yU3NhT2d3R3pTWSIsInBhdGgiOiJfbG9jYWxlcy9hci9tZXNzYWdlcy5qc29uIiwicm9vdF9oYXNoIjoiUjJVaEZjdTVFcEJfUUZtU19QeGstWWRrSVZqd3l6WEoxdURVZEMyRE9BSSJ9LHsiY2Fub25pY2FsX2pzb25fcm9vdF9oYXNoIjoiX0pLU3pRcGk4TVczZE5WZldwN281STVjX09

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\dasherSettingSchema.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):854
                              Entropy (8bit):4.284628987131403
                              Encrypted:false
                              SSDEEP:
                              MD5:4EC1DF2DA46182103D2FFC3B92D20CA5
                              SHA1:FB9D1BA3710CF31A87165317C6EDC110E98994CE
                              SHA-256:6C69CE0FE6FAB14F1990A320D704FEE362C175C00EB6C9224AA6F41108918CA6
                              SHA-512:939D81E6A82B10FF73A35C931052D8D53D42D915E526665079EEB4820DF4D70F1C6AEBAB70B59519A0014A48514833FEFD687D5A3ED1B06482223A168292105D
                              Malicious:false
                              Reputation:unknown
                              Preview:{. "type": "object",. "properties": {. "allowedDocsOfflineDomains": {. "type": "array",. "items": {. "type": "string". },. "title": "Allow users to enable Docs offline for the specified managed domains.",. "description": "Users on managed devices will be able to enable docs offline if they are part of the specified managed domains.". },. "autoEnabledDocsOfflineDomains": {. "type": "array",. "items": {. "type": "string". },. "title": "Auto enable Docs offline for the specified managed domains in certain eligible situations.",. "description": "Users on managed devices, in certain eligible situations, will be able to automatically access and edit recent files offline for the managed domains set in this property. They can still disable it from Drive settings.". }. }.}.

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\eventpage_bin_prod.js

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:ASCII text, with very long lines (3422)
                              Category:dropped
                              Size (bytes):82340
                              Entropy (8bit):5.380000995741104
                              Encrypted:false
                              SSDEEP:
                              MD5:4902A531B4D907B2B81AF35251CADF2C
                              SHA1:7875EE813923CB16B0F0C4DE3C49C08C85CE52A1
                              SHA-256:C3CE23C47225A594425A1290E49CED80FF9F3360D787767B6C45C80314FCF666
                              SHA-512:A7B8E713F33B1155D8D45B8B635B318262EA21F3D0856FA0409ED6636F84CB9E38B78FB0E0296C3A253953FBFBF11FD68AF6C5EDB00A17A90A9129161CCDC7EE
                              Malicious:false
                              Reputation:unknown
                              Preview:'use strict';function m(){return function(){}}var p;function aa(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}var ba="function"==typeof Object.defineProperties?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a};.function ca(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");}var q=ca(this);function t(a,b){if(b)a:{var c=q;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&null!=b&&ba(c,a,{configurable:!0,writable:!0,value:b})}}.t("Symbol",function(a){function b(f){if(this instanceof b)throw new TypeError("Symbol is not a constructor");return new c(d+(f||"")+"_"+e++,f)}function c(f,g){this.g=f;ba(this,"description",{configurable:!

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\manifest.json

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):2397
                              Entropy (8bit):5.423775942969832
                              Encrypted:false
                              SSDEEP:
                              MD5:C2CFE399D41AD342B3ECDE0211F98725
                              SHA1:345AB6BA0CB69246F480AE4273F68869AC8011DA
                              SHA-256:DB3991C5788FC6968DF25180898EF42AD974192DFE0AED4E12969219A1EB8565
                              SHA-512:CEE1AB92EED7169C33BBDA701FA56EF850705B3F2AE802E772ABF870837022671F06EBA69DED628AF868DB827871CCBF3F551FCEF201041EEABF89ADAA546FB7
                              Malicious:false
                              Reputation:unknown
                              Preview:{.. "author": {.. "email": "docs-hosted-app-own@google.com".. },.. "background": {.. "persistent": false,.. "scripts": [ "eventpage_bin_prod.js" ].. },.. "content_capabilities": {.. "matches": [ "https://docs.google.com/*", "https://drive.google.com/*", "https://drive-autopush.corp.google.com/*", "https://drive-daily-0.corp.google.com/*", "https://drive-daily-1.corp.google.com/*", "https://drive-daily-2.corp.google.com/*", "https://drive-daily-3.corp.google.com/*", "https://drive-daily-4.corp.google.com/*", "https://drive-daily-5.corp.google.com/*", "https://drive-daily-6.corp.google.com/*", "https://drive-preprod.corp.google.com/*", "https://drive-staging.corp.google.com/*" ],.. "permissions": [ "clipboardRead", "clipboardWrite", "unlimitedStorage" ].. },.. "content_security_policy": "script-src 'self'; object-src 'self'",.. "default_locale": "en_US",.. "description": "__MSG_extDesc__",.. "externally_connectable": {.. "matches": [ "htt

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\CRX_INSTALL\page_embed_script.js

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:ASCII text
                              Category:dropped
                              Size (bytes):291
                              Entropy (8bit):4.644891151983713
                              Encrypted:false
                              SSDEEP:
                              MD5:EE9839F99DED6F38DC561DB846B51E80
                              SHA1:DD2128A473C2FF47471400C81EFF416285DE606E
                              SHA-256:06E08E421EB7F0FE7959D68E27D40A9146A54503090D95CFAC6F2FFD72A78769
                              SHA-512:C8D77607F00CB8012CD056CE61CB77918EC43621270511303E09577F89CC57D4954E22E2C8C3FB1029AAE29F8142DAAE2E938CD5590AD0E5DE6DB1208AFEF874
                              Malicious:false
                              Reputation:unknown
                              Preview:(function(){window._docs_chrome_extension_exists=!0;window._docs_chrome_extension_features_version=2;window._docs_chrome_extension_permissions="alarms clipboardRead clipboardWrite storage unlimitedStorage offscreen".split(" ");window._docs_chrome_extension_manifest_version=2;}).call(this);.

                              C:\Users\user\AppData\Local\Temp\scoped_dir7000_748222456\f788de51-c192-46b6-8b99-4a21e9e7c04c.tmp

                              Download File
                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              File Type:Google Chrome extension, version 3
                              Category:dropped
                              Size (bytes):98960
                              Entropy (8bit):7.702941019514499
                              Encrypted:false
                              SSDEEP:
                              MD5:FC21C3084ECE86A867515F4112126D22
                              SHA1:7AD412386EEDA21136AB332EDCED98AF075CCCD2
                              SHA-256:378723490592C0627AC18A287F9A9CB74970C3C6E10A177C322282BFC1D01E01
                              SHA-512:37777D2F86D5586B5DB02FE8DF853814FF0B1FCF0141ADB8CF0A42CE3C15C5DA8F65DE89E2DEB8C13040302F95C6B0FF523A4288C5D38FF7977212AA011B1309
                              Malicious:false
                              Reputation:unknown
                              Preview:Cr24....d"........0.."0...*.H.............0.........^...1"...w.g..t..2J.G1.)X4..=&.?[j,Lz..j.u.e[I.q*Ba/X...P.h..L.....2%3_o.......H.)'.=.e...?.......j..3UH.|.X.M..u..s[.*..?$....F%....I....)..,-./.e5).f..O.q.^........9..(.._.ph2..^.YBPXf_8....h[.v...S.*1`.#..5.SF.:f-.#.65.i..b.]9...y2.'....k[........S.S.H.{..a./-X.....Q.B'E..^...+....3..../`L).&w.e...`...v.V.v.....$.RB..IH.7wJ..a..r....t..b.'.V.5.{.O....5.x........q..........R.I.P.o\.FCx......l.%..5.1......O)d/O H?..S..1.o.gK3.*.6Ug.5<..k.....\........Z............yK.W.?....C..gh...R/.W.....[0Y0...*.H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...H0F.!.....T...B.l........~_&.K..HH...!.....6]..~.g....n{.f...Q2..Ip..?s".>...........|[s...._.Z......o! 01".]@]]...`...$.t.....vWw.t...d.....CB....M6...0.....6.5M[.......y?.....t....g}..f......m*/.XJ}|s.....m#7.6[U_v[n.......^.j+...y.6:.."P.....}|.w..].>....C..?v......vK.}|.=^....GB.X..x=_.....p.q...#.g:...P....

                              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Apr 16 07:33:09 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                              Category:dropped
                              Size (bytes):2673
                              Entropy (8bit):3.980777814583255
                              Encrypted:false
                              SSDEEP:
                              MD5:D2FB5851B8AA683638D1ECE3C3117B18
                              SHA1:0EF5153E36C6EBDFB8CC8EAEE65FC7C58A9B351A
                              SHA-256:AC9636DE2ADFDB2332909F55F6323200E13BE13D7431341F5D22BD642CD178E6
                              SHA-512:C910B3148C824E499A5C353470A6D4CEAF42E9C178A7629A9154665409A41CCA2873F43270F377F1428831F1D41934CEBD217F7FDB8DB2B77AB9591B010EA498
                              Malicious:false
                              Reputation:unknown
                              Preview:L..................F.@.. ...$+.,....! .....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.X.D....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X"D....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X"D....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X"D..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X%D...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............Nn.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Apr 16 07:33:09 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                              Category:dropped
                              Size (bytes):2675
                              Entropy (8bit):3.997229472379148
                              Encrypted:false
                              SSDEEP:
                              MD5:66E87CEE6117662FA321EB74A3DEF33D
                              SHA1:7CC26BCEAE3AA8A23B2836BDF31D4A0BB65F3539
                              SHA-256:A32C7DF513C12D46C70931F3795FDD6C72B7560AD45D811AD894940ED4AB3DC1
                              SHA-512:5ABF5C067AAADE061B650203E01BF34C7BA372938595D266720D97D33DF2CE59A15C2983A4F0344EBDA8B9DF0996B28DF0FE1430AA2BFF6CCEDF75CEF9F6646E
                              Malicious:false
                              Reputation:unknown
                              Preview:L..................F.@.. ...$+.,....dd.....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.X.D....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X"D....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X"D....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X"D..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X%D...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............Nn.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Apr 16 07:33:09 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                              Category:dropped
                              Size (bytes):2677
                              Entropy (8bit):3.9967621741570087
                              Encrypted:false
                              SSDEEP:
                              MD5:7B0C8D41B1B6CD927F000F3EC50A5EF1
                              SHA1:D3C7E2CCED2DBA4D9148D9A5166C14B09B3E3F2F
                              SHA-256:0CAE28A7BBAC7C4654BDA0B6E29CE1000C1F5A110B55A848B3274F722BE3213D
                              SHA-512:1EDD55FA077F3A6A599800467E57428DA0006CE876ED1379A9BB9CB9AAB24522A5E072969416E019B09A8E788C79F45111CF54338B061FFC16FCA8D7716E22D3
                              Malicious:false
                              Reputation:unknown
                              Preview:L..................F.@.. ...$+.,....?......N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.X.D....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X"D....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X"D....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X"D..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X%D...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............Nn.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Apr 16 07:33:09 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                              Category:dropped
                              Size (bytes):2677
                              Entropy (8bit):3.9855293876500326
                              Encrypted:false
                              SSDEEP:
                              MD5:A8E90EB6B3156DE8626FDC529E307991
                              SHA1:4F729994B9AA78E6788983660C2BB946715EF22A
                              SHA-256:E486FCDAC9A9317D789666F1B4EB9ADA03B2403DD2A5933C2340347259542166
                              SHA-512:1FC27FEEF9F5C188E69BC2BB1BE851E815381BC70991E005D1BD210182EEB176DD37690EEA1070CB45DBD5D49F39BC65184CB173CE00C5A051D97BCDDF576C11
                              Malicious:false
                              Reputation:unknown
                              Preview:L..................F.@.. ...$+.,...........N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.X.D....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X"D....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X"D....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X"D..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X%D...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............Nn.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                              Chrome Cache Entry: 472

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:ASCII text, with very long lines (793)
                              Category:downloaded
                              Size (bytes):798
                              Entropy (8bit):5.1329144573470895
                              Encrypted:false
                              SSDEEP:
                              MD5:FA64141A112ADC02C15A50FD11BA7AAF
                              SHA1:28C5353FCC36FF57784E57B4805701785D43352A
                              SHA-256:394B210177A87F41EE720E03DF0BA192AFF111535516AC30F5BF46791A0B454D
                              SHA-512:9057B1A4B2809D8F2677197B62CE113E1DA86EF9CE8130A8C907A3E8D3E2A51C42A20851691F41ABB6622120A60E5B2E74150D46838B960B50D6AD11F1090522
                              Malicious:false
                              Reputation:unknown
                              URL:https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
                              Preview:)]}'.["",["child tax credits","verizon settlement class action lawsuit","sonic the hedgehog keanu reeves","michigan denard robinson","igba emulator ios","ancient rock formations lake mead","severe weather tornadoes","the stranger movie hulu review"],["","","","","","","",""],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:groupsinfo":"ChgIkk4SEwoRVHJlbmRpbmcgc2VhcmNoZXM\u003d","google:suggestdetail":[{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002}],"google:suggestrelevance":[1257,1256,1255,1254,1253,1252,1251,1250],"google:suggestsubtypes":[[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362]],"google:suggesttype":["QUERY","QUERY","QUERY","QUERY","QUERY","QUERY","QUERY","QUERY"]}]

                              Chrome Cache Entry: 473

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:ASCII text, with very long lines (761)
                              Category:downloaded
                              Size (bytes):766
                              Entropy (8bit):5.1496034639882104
                              Encrypted:false
                              SSDEEP:
                              MD5:06F39EA663E34EF1FA2B82A87C16E2C3
                              SHA1:AA9004FCB08A71EA8266BEC957FC383F6AC66DF3
                              SHA-256:0F449164087DE2DE73397ACCCFDB667814EB0A8B8CB79C5FD61AD2B3E4C963CE
                              SHA-512:476DD0A5DB076DAE3061E5330EE7C53516BCF35FC9051957D2E65568F0746A12D8F0D4F78323A2E6FFC992F544416EFA16910D832AF45E72C3433E5441B8730B
                              Malicious:false
                              Reputation:unknown
                              URL:https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
                              Preview:)]}'.["",["cryptocurrency bitcoin","sony ps5 pro","alison betts jeopardy","nba mvp voting 2024","usc valedictorian asna tabassum","dow jones stock market","aaron bradshaw ohio state","rock the block season 5 winners"],["","","","","","","",""],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:groupsinfo":"ChgIkk4SEwoRVHJlbmRpbmcgc2VhcmNoZXM\u003d","google:suggestdetail":[{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002}],"google:suggestrelevance":[1257,1256,1255,1254,1253,1252,1251,1250],"google:suggestsubtypes":[[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362]],"google:suggesttype":["QUERY","QUERY","QUERY","QUERY","QUERY","QUERY","QUERY","QUERY"]}]

                              Static File Info

                              No static file info