Windows Analysis Report
EpsilonFruit.exe

AV Detection

Source: C:\Users\user\AppData\Local\Temp\fb0541d2-f67e-4988-9a28-0539cb396a9a.tmp.node

Avira: detection malicious, Label: JS/PSW.Agent.zioqu

Source: C:\Users\user\AppData\Local\Temp\fb0541d2-f67e-4988-9a28-0539cb396a9a.tmp.node

ReversingLabs: Detection: 26%

Compliance

Source: EpsilonFruit.exe

Static PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE

Source: C:\Users\user\Desktop\EpsilonFruit.exe	File created: C:\Users\user\AppData\Local\Temp\nsx6326.tmp\7z-out\LICENSE.electron.txt			Jump to behavior
Source: C:\Users\user\Desktop\EpsilonFruit.exe	File created: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\LICENSE.electron.txt			Jump to behavior

Source: EpsilonFruit.exe

Static PE information: DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE

Spreading

Source: C:\Users\user\Desktop\EpsilonFruit.exe	File opened: C:\Users\user\AppData\Local\Temp\nsx6326.tmp\7z-out\resources			Jump to behavior
Source: C:\Users\user\Desktop\EpsilonFruit.exe	File opened: C:\Users\user			Jump to behavior
Source: C:\Users\user\Desktop\EpsilonFruit.exe	File opened: C:\Users\user\AppData\Local\Temp\nsx6326.tmp\7z-out\locales			Jump to behavior
Source: C:\Users\user\Desktop\EpsilonFruit.exe	File opened: C:\Users\user\AppData\Local\Temp\nsx6326.tmp\app-64.7z			Jump to behavior
Source: C:\Users\user\Desktop\EpsilonFruit.exe	File opened: C:\Users\user\Desktop\EpsilonFruit.exe			Jump to behavior
Source: C:\Users\user\Desktop\EpsilonFruit.exe	File opened: C:\Users\user\Desktop\desktop.ini			Jump to behavior

Networking

Source: Joe Sandbox View	IP Address: 34.117.186.192 34.117.186.192
Source: Joe Sandbox View	IP Address: 34.117.186.192 34.117.186.192
Source: Joe Sandbox View	IP Address: 162.159.61.3 162.159.61.3

Source: unknown	DNS query: name: ipinfo.io
Source: unknown	DNS query: name: ipinfo.io
Source: unknown	DNS query: name: ipinfo.io
Source: unknown	DNS query: name: ipinfo.io

Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: V8.MemoryHeapUsedV8.MemoryHeapCommittedmail.google.com.gmaildrive.google.com.docsplus.google.com.plusinbox.google.com.inboxcalendar.google.com.calendarwww.youtube.com.youtube.top10sina.com.cnfacebook.combaidu.comqq.comtwitter.comtaobao.comlive.com equals www.youtube.com (Youtube)
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: www.youtube.com equals www.youtube.com (Youtube)

Source: unknown

DNS traffic detected: queries for: ipinfo.io

Source: unknown

HTTP traffic detected: POST /dns-query HTTP/1.1Host: chrome.cloudflare-dns.comConnection: keep-aliveContent-Length: 128Accept: application/dns-messageAccept-Language: *User-Agent: ChromeAccept-Encoding: identityContent-Type: application/dns-message

Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://%s:80../../services/network/public/cpp/network_connection_tracker.ccOnNetworkChangedOnGetConn
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://.css
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://.jpg
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://127.0.0.1
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://EVSecure-crl.geotrust.com/GeoTrustPCA.crl0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://EVSecure-ocsp.geotrust.com0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://aia.startssl.com/certs/ca.crt0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://aia.startssl.com/certs/ca.crt02
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://aia1.wosign.com/ca1-class3-server.cer0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://aia1.wosign.com/ca1g2-server3.cer0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://ak.apnstatic.com/media/images/favicon_search-results.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://ak.apnstatic.com/media/images/favicon_search-results.icohttp://dts.search-results.com/sr?lng=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://apps.identrust.com/roots/dstrootcax3.p7c0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://arianna.libero.it/search/abin/integrata.cgi?query=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://autocomplete.nigma.ru/complete/query_help.php?suggest=true&q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://buscador.softonic.com/?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://buscador.terra.es/Default.aspx?source=Search&ca=s&query=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://buscador.terra.es/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://buscador.terra.es/favicon.icohttp://buscador.terra.es/Default.aspx?source=Search&ca=s&query=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://buscar.terra.com.ar/Default.aspx?source=Search&ca=s&query=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://buscar.terra.com.ar/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://buscar.terra.com.ar/favicon.icohttp://buscar.terra.com.ar/Default.aspx?source=Search&ca=s&que
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://certificates.godaddy.com/repository/gd_intermediate.crt0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://certificates.godaddy.com/repository100.
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://certs.godaddy.com/repository/1301
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://certs.starfieldtech.com/repository/1402
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://clients3.google.com/cert_upload_json
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://cps.root-x1.letsencrypt.org0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://crbug.com/1138528
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://crl.certigna.fr/certignarootca.crl01
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://crl.certum.pl/ca.crl0h
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://crl.certum.pl/ctnca.crl0k
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://crl.comodoca.com/AAACertificateServices.crl06
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://crl.comodoca.com/COMODOCertificationAuthority.crl0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://crl.dhimyotis.com/certignarootca.crl0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://crl.entrust.net/2048ca.crl0;
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://crl.entrust.net/g2ca.crl0;
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://crl.entrust.net/rootca1.crl0;
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://crl.geotrust.com/GeoTrustPCA-G3.crl0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://crl.geotrust.com/crls/gtglobal.crl04
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://crl.geotrust.com/crls/secureca.crl0F
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://crl.geotrust.com/crls/secureca.crl0N
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://crl.globalsign.com/root.crl0V
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://crl.globalsign.net/root.crl0=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://crl.godaddy.com/gdroot-g2.crl0F
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://crl.godaddy.com/gdroot.crl0F
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://crl.godaddy.com/gds1-20
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://crl.identrust.com/DSTROOTCAX3CRL.crl0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://crl.netsolssl.com/NetworkSolutionsCertificateAuthority.crl0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://crl.rootca1.amazontrust.com/rootca1.crl0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://crl.rootg2.amazontrust.com/rootg2.crl0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://crl.securetrust.com/SGCA.crl0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://crl.securetrust.com/STCA.crl0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://crl.starfieldtech.com/sfroot-g2.crl0L
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://crl.starfieldtech.com/sfroot.crl0L
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://crl.startssl.com/sfsca.crl0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://crl.startssl.com/sfsca.crl0f
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://crl.thawte.com/ThawtePCA-G3.crl0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://crl.thawte.com/ThawtePCA.crl0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://crl.thawte.com/ThawtePremiumServerCA.crl0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://crl.ws.symantec.com/universal-root.crl0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://crl.xrampsecurity.com/XGCA.crl0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootCA.crl07
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://crl3.digicert.com/DigiCertHighAssuranceEVRootCA.crl0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://crl4.digicert.com/DigiCertGlobalRootCA.crl0=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://crl4.digicert.com/DigiCertHighAssuranceEVRootCA.crl0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://crl4.digicert.com/DigiCertHighAssuranceEVRootCA.crl0=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://crls1.wosign.com/ca1.crl0m
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://crls1.wosign.com/ca1.crl0q
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://crt.rootca1.amazontrust.com/rootca1.cer0?
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://crt.rootg2.amazontrust.com/rootg2.cer0=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://csp.yahoo.com/beacon/csp?src=yahoocom-hpkp-report-only
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://csp.yahoo.com/beacon/csp?src=yahoocom-hpkp-report-only#
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://dts.search-results.com/sr?lng=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://en.softonic.com/s/
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://feed.snap.do/?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://feed.snapdo.com/?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://find.in.gr/?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://find.in.gr/Themes/1/Default/Media/Layout/icon_in.png
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://find.in.gr/Themes/1/Default/Media/Layout/icon_in.pnghttp://find.in.gr/?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://g.symcb.com/GeoTrustPCA-G3.crl0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://g.symcb.com/crls/gtglobal.crl0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://g.symcb.com/crls/gtglobal.crl0.
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://g.symcd.com0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://g.symcd.com0L
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://g1.delphi.lv/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://g1.delphi.lv/favicon.icohttp://www.delfi.lv/search_all/?ie=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://g1.symcb.com/GeoTrustPCA.crl0)
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://g1.symcb.com/crls/gtglobal.crl0/
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://g2.symcb.com0G
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://g2.symcb.com0L
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://hladaj.atlas.sk/fulltext/?phrase=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://html4/loose.dtd
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://i.rl0.ru/2011/icons/rambler.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://i.rl0.ru/2011/icons/rambler.icohttp://nova.rambler.ru/search?query=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://i.wp.pl/a/i/stg/500/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://i.wp.pl/a/i/stg/500/favicon.icohttp://szukaj.wp.pl/szukaj.html?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://imgs.sapo.pt/images/sapo.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://imgs.sapo.pt/images/sapo.icohttp://pesquisa.sapo.pt/?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://isearch.avg.com/search?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://isrg.trustid.ocsp.identrust.com0;
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://l.twimg.com/i/hpkp_report
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://linkurystoragenorthus.blob.core.windows.net/static/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://linkurystoragenorthus.blob.core.windows.net/static/favicon.icohttp://search.snapdo.com/?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://localhosthttp://127.0.0.1object-src
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://mixidj.delta-search.com/?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://mixidj.delta-search.com/home?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://ms1.iol.it/graph_hf/v.8.3.04/themes/default/img/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://ms1.iol.it/graph_hf/v.8.3.04/themes/default/img/favicon.icohttp://arianna.libero.it/search/ab
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://mysearch.sweetpacks.com/?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://mystart.incredibar.com/?search=
Source: EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://narwhaljs.org)
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://nigma.ru/?s=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://nigma.ru/themes/nigma/img/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://nigma.ru/themes/nigma/img/favicon.icohttp://nigma.ru/?s=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://nl.softonic.com/s/
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://nova.rambler.ru/search?query=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://nova.rambler.ru/suggest?v=3&query=
Source: EpsilonFruit.exe, 00000000.00000000.2093072712.000000000040A000.00000008.00000001.01000000.00000003.sdmp	String found in binary or memory: http://nsis.sf.net/NSIS_ErrorError
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://o.ss2.us/0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://ocsp.accv.es0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://ocsp.digicert.com0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://ocsp.digicert.com0K
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://ocsp.digicert.com0M
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://ocsp.entrust.net00
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://ocsp.entrust.net02
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://ocsp.entrust.net03
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://ocsp.geotrust.com0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://ocsp.geotrust.com0L
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://ocsp.globalsign.com/rootr10
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://ocsp.globalsign.com/rootr103
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://ocsp.godaddy.com/02
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://ocsp.godaddy.com/05
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://ocsp.godaddy.com/0J
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://ocsp.rootca1.amazontrust.com0:
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://ocsp.rootg2.amazontrust.com08
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://ocsp.starfieldtech.com/08
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://ocsp.starfieldtech.com/0;
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://ocsp.startssl.com/ca0-
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://ocsp.startssl.com/ca00
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://ocsp.startssl.com00
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://ocsp.thawte.com0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://ocsp.thawte.com0;
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://ocsp.ws.symantec.com0k
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://ocsp1.wosign.com/ca104
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://ocsp1.wosign.com/ca108
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://ok.hu/gfx/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://ok.hu/gfx/favicon.icohttp://ok.hu/katalogus?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://ok.hu/katalogus?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://pca-g3-ocsp.geotrust.com0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://pesquisa.sapo.pt/?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://pesquisa.sapo.pt/livesapo?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://radce.centrum.cz/?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://report-example.test/test
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://repository.certum.pl/ca.cer09
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://repository.certum.pl/ctnca.cer09
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://repository.swisssign.com/0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://s.ss2.us/r.crl0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://s1.symcb.com/pca3-g5.crl0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://s2.symcb.com0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://s2.symcb.com0k
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://search.avg.com/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://search.avg.com/favicon.icohttp://search.avg.com/search?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://search.avg.com/route/?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://search.avg.com/search?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://search.babylon.com/?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://search.babylon.com/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://search.babylon.com/favicon.icohttp://search.babylon.com/home?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://search.babylon.com/home?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://search.conduit.com/Results.aspx?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://search.goo.ne.jp/sgt.jsp?MT=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://search.goo.ne.jp/web.jsp?MT=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://search.imesh.net/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://search.imesh.net/favicon.icohttp://search.imesh.net/music?hl=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://search.imesh.net/music?hl=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://search.iminent.com/?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://search.iminent.com/SearchTheWeb/v6/1033/homepage/Default.aspx#q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://search.iminent.com/SearchTheWeb/v6/1033/homepage/Result.aspx#q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://search.iminent.com/Shared/Images/favicon_gl.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://search.iminent.com/Shared/Images/favicon_gl.icohttp://search.iminent.com/?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://search.incredibar.com/?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://search.incredibar.com/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://search.incredibar.com/favicon.icohttp://search.incredibar.com/search.php?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://search.incredibar.com/search.php?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://search.snap.do/?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://search.snapdo.com/?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://search.softonic.com/?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://search.softonic.com/img/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://search.softonic.com/img/favicon.icohttp://search.softonic.com/?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://search.sweetim.com/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://search.sweetim.com/favicon.icohttp://search.sweetim.com/search.asp?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://search.sweetim.com/search.asp?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://search.tut.by/?ru=1&query=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://search.tut.by/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://search.tut.by/favicon.icohttp://search.tut.by/?ru=1&query=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://search.walla.co.il/?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://searchatlas.centrum.cz/?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://searchfunmoods.com/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://searchfunmoods.com/favicon.icohttp://searchfunmoods.com/results.php?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://searchfunmoods.com/results.php?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://src.chromium.org/viewvc/blink/trunk/Source/devtools/front_end/SourceMap.js
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://start.iminent.com/?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://start.iminent.com/StartWeb/1033/homepage/#q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://start.sweetpacks.com/?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://start.sweetpacks.com/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://start.sweetpacks.com/favicon.icohttp://start.sweetpacks.com/search.asp?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://start.sweetpacks.com/search.asp?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://static.mediacentrum.sk/katalog/atlas.sk/images/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://static.mediacentrum.sk/katalog/atlas.sk/images/favicon.icohttps://hladaj.atlas.sk/fulltext/?p
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://subca.ocsp-certum.com0.
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://subca.ocsp-certum.com01
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://szukaj.wp.pl/szukaj.html?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://t.symcb.com/ThawtePCA.crl0)
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://t.symcd.com01
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://t1.symcb.com/ThawtePCA.crl0)
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://t1.symcb.com/ThawtePCA.crl0/
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://t2.symcb.com0;
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://t2.symcb.com0A
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://tools.ietf.org/html/rfc3986#section-2.1)
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://unisolated.invalid
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://unisolated.invalidsms_fetcherBlink.Sms.Receive.TimeSmsReceiveBlink.Sms.Receive.TimeCancelOnSu
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://userguide.icu-project.org/strings/properties
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.3waylabs.com/nw/WWW/products/wizcon/vt220.html
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.accv.es/fileadmin/Archivos/certificados/raizaccv1.crt0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.accv.es/fileadmin/Archivos/certificados/raizaccv1_der.crl0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.accv.es/legislacion_c.htm0U
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.accv.es00
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.aiim.org/pdfa/ns/id/
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.cert.fnmt.es/dpcs/0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.certplus.com/CRL/class2.crl0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.certum.pl/CPS0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.color.org
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.color.orgRegistryNameCustomOutputConditionIdentifierDestOutputProfile
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.conduit.com/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.conduit.com/favicon.icohttp://www.conduit.com/search?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.conduit.com/search?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.delfi.lt/paieska/?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.delfi.lv/search_all/?ie=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.delta-search.com/?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.delta-search.com/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.delta-search.com/favicon.icohttp://www.delta-search.com/home?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.delta-search.com/home?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.digicert.com/CACerts/DigiCertHighAssuranceEVRootCA.crt0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.digicert.com/ssl-cps-repository.htm0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.entrust.net/CPS0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.entrust.net/rpa0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.firmaprofesional.com/cps0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.geotrust.com/resources/cps0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.geotrust.com/resources/cps0)
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.geotrust.com/resources/cps06
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.geotrust.com/resources/cps0;
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.geotrust.com/resources/cps0A
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.keynectis.com/PC07
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.keynectis.com/PC08
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.midnight-commander.org/browser/lib/tty/key.c
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.neti.ee/api/suggestOS?suggestQuery=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.neti.ee/cgi-bin/otsing?query=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.neti.ee/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.neti.ee/favicon.icohttp://www.neti.ee/cgi-bin/otsing?query=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.quovadisglobal.com/cps0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.search-results.com/web?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.search.delta-search.com/?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.search.delta-search.com/home?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.searchnu.com/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.searchnu.com/favicon.icohttp://www.searchnu.com/web?hl=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.searchnu.com/web?hl=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.softonic.com.br/s/
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.softonic.com/s/
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.squid-cache.org/Doc/config/half_closed_clients/
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.startssl.com/intermediate.pdf0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.startssl.com/policy.pdf04
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.startssl.com/policy0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.startssl.com/sfsca.crl0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.startssl.com/sfsca.crt0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.symauth.com/cps0(
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.symauth.com/rpa0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.symauth.com/rpa0)
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.symauth.com/rpa00
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.walla.co.il/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.walla.co.il/favicon.icohttp://search.walla.co.il/?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.wosign.com/policy/0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.xfa.com/schema/xfa-package/
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.xfa.org/schema/xci/
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.xfa.org/schema/xdc/
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.xfa.org/schema/xfa-connection-set/
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.xfa.org/schema/xfa-data/
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.xfa.org/schema/xfa-data/1.0/
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.xfa.org/schema/xfa-data/1.0/xmlns:xfa
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.xfa.org/schema/xfa-form/
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.xfa.org/schema/xfa-locale-set/
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.xfa.org/schema/xfa-package/
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.xfa.org/schema/xfa-source-set/
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.xfa.org/schema/xfa-template/
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.yhs.delta-search.com/?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.yhs.delta-search.com/home?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www.zoznam.sk/hladaj.fcgi?s=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www1.delta-search.com/?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www1.delta-search.com/home?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www2.delta-search.com/?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://www2.delta-search.com/home?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://x.ss2.us/x.cer0&
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://../../net/third_party/quiche/src/quic/core/uber_received_packet_manager.ccReceived
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://ac.ecosia.org/autocomplete?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://ac.search.naver.com/nx/ac?of=os&ie=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://alekberg.net/privacy
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://alekberg.net/privacyalekberg.net
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://api.oceanhero.today/suggestions?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://api.qwant.com/api/suggest/?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://ar.search.yahoo.com/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://ar.search.yahoo.com/favicon.icohttps://ar.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://ar.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://ar.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://at.search.yahoo.com/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://at.search.yahoo.com/favicon.icohttps://at.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://at.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://at.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://au.search.yahoo.com/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://au.search.yahoo.com/favicon.icohttps://au.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://au.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://au.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://bit.ly/31yqMJR.
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://bit.ly/31yqMJR.GpuLockdownDefaultDaclf
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.htmlaudio
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://br.search.yahoo.com/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://br.search.yahoo.com/favicon.icohttps://br.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://br.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://br.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://bugs.chromium.org/p/dawn/issues/detail?id=42
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://bugs.chromium.org/p/dawn/issues/detail?id=426
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://bugs.chromium.org/p/dawn/issues/detail?id=426Support
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://bugs.chromium.org/p/dawn/issues/detail?id=42texture-compression-etc2Support
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://bugs.chromium.org/p/dawn/issues/detail?id=434
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://bugs.chromium.org/p/dawn/issues/detail?id=434Support
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://bugs.chromium.org/p/dawn/issues/detail?id=551
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://bugs.chromium.org/p/dawn/issues/detail?id=690
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://bugs.chromium.org/p/dawn/issues/detail?id=690depth32float-stencil8Support
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://bugs.chromium.org/p/dawn/issues/detail?id=716
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://bugs.chromium.org/p/dawn/issues/detail?id=716depth24unorm-stencil8Support
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://bugs.chromium.org/p/dawn/issues/detail?id=955
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://bugs.chromium.org/p/dawn/issues/detail?id=955texture-compression-astcSupport
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://bugs.chromium.org/p/v8/issues/detail?id=10201
Source: EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://bugs.chromium.org/p/v8/issues/detail?id=10704
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://bugs.chromium.org/p/v8/issues/detail?id=6593
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=745678
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://buscador.softonic.com/?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://buscador.terra.com.ar/Default.aspx?source=Search&ca=s&query=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://buscador.terra.es/Default.aspx?source=Search&ca=s&query=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://ca.search.yahoo.com/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://ca.search.yahoo.com/favicon.icohttps://ca.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://ca.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://ca.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://cdn.ecosia.org/assets/images/ico/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://certs.godaddy.com/repository/0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://certs.starfieldtech.com/repository/0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://ch.search.yahoo.com/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://ch.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://chrome-devtools-frontend.appspot.com/
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://chrome-devtools-frontend.appspot.com/%s%s/%s/NetworkResourceLoaderDevToolsAPI.streamWriteIns
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://chrome-devtools-frontend.appspot.com/serve_rev/%s/%s.html
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://chrome-devtools-frontend.appspot.com/serve_rev/%s/%s.html/devtools/page/%s?ws=%s%s%sMalforme
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://chrome.cloudflare-dns.com/dns-query
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://chrome.cloudflare-dns.com/dns-queryone.one.one.one1dot1dot1dot1.cloudflare-dns.com1.1.1.11.0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://chrome.google.com/webstore
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://chromium.dns.nextdns.io
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://chromium.googlesource.com/chromium/src/
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://cl.search.yahoo.com/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://cl.search.yahoo.com/favicon.icohttps://cl.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://cl.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://cl.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://cleanbrowsing.org/privacy
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://cleanbrowsing.org/privacyCleanBrowsing
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://clients2.google.com/service/update2/crx
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://clients3.google.com/ct_upload
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://clients3.google.com/ct_uploadhttps://log.getdropbox.com/log/expectcthttps://scotthelme.repor
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://co.search.yahoo.com/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://co.search.yahoo.com/favicon.icohttps://co.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://co.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://co.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://coccoc.com/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://coccoc.com/favicon.icohttps://coccoc.com/search#query=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://coccoc.com/search#query=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://code.google.com/p/chromium/issues/detail?id=25916
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://console.spec.whatwg.org/#clear
Source: EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://console.spec.whatwg.org/#console-namespace
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://console.spec.whatwg.org/#count
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://console.spec.whatwg.org/#count-map
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://console.spec.whatwg.org/#countreset
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://console.spec.whatwg.org/#table
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://crashpad.chromium.org/
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://crashpad.chromium.org/bug/new
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://crashpad.chromium.org/https://crashpad.chromium.org/bug/new
Source: EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://crbug.com/1038223.
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://crbug.com/1053756
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://crbug.com/1053756ICE
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://crbug.com/1161355
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://crbug.com/1214923
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://crbug.com/1234857.
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://crbug.com/1234857.Error
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://crbug.com/401439).
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://crbug.com/619103.
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://crbug.com/619103.Subsequence
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://crbug.com/954323
Source: EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://crbug.com/981419
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://crbug.com/dawn/1016
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://crbug.com/dawn/1071
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://crbug.com/dawn/1071:
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://crbug.com/dawn/1203
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://crbug.com/dawn/136
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://crbug.com/dawn/145
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://crbug.com/dawn/155
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://crbug.com/dawn/193
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://crbug.com/dawn/237
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://crbug.com/dawn/27
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://crbug.com/dawn/271
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://crbug.com/dawn/286
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://crbug.com/dawn/342
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://crbug.com/dawn/343
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://crbug.com/dawn/36
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://crbug.com/dawn/402
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://crbug.com/dawn/42
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://crbug.com/dawn/429
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://crbug.com/dawn/434
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://crbug.com/dawn/480
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://crbug.com/dawn/56
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://crbug.com/dawn/582
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://crbug.com/dawn/633
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://crbug.com/dawn/667
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://crbug.com/dawn/673
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://crbug.com/dawn/776
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://crbug.com/dawn/792
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://crbug.com/dawn/838:
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://crbug.com/dawn/840
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://crbug.com/dawn/960
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://crbug.com/new
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://crbug.com/newCheckIfAudioThreadIsAliveMedia.AudioThreadStatusCreating
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://crbug.com/tint.
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://crbug.com/tint.SPIRV
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://crbug.com/tint/1003
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://crbug.com/v8/7848
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://crbug.com/v8/8520
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://crbug.com/v8/8520turbo_fast_api_callsenable
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://creativecommons.org/licenses/by-sa/3.0/legalcode)
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://creativecommons.org/licenses/by-sa/3.0/legalcode)cprt
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://cs.chromium.org/chromium/src/v8/tools/SourceMap.js?rcl=dd10454c1d
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://dawn.googlesource.com/dawn/
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://de.search.yahoo.com/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://de.search.yahoo.com/favicon.icohttps://de.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://de.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://de.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://dev.chromium.org/throttling
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://developer.chrome.com/blog/enabling-shared-array-buffer/
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://developer.chrome.com/blog/immutable-document-domain
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://developer.chrome.com/docs/extensions/mv3/cross-origin-isolation/.
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://developer.mozilla.org/en-US/docs/SpiderMonkey/Parser_API
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Equality_comparisons_and_sameness#Loose_equa
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://developers.cloudflare.com/1.1.1.1/privacy/public-dns-resolver/
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://developers.cloudflare.com/1.1.1.1/privacy/public-dns-resolver/Cloudflare
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://developers.google.com/speed/public-dns/privacy
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://developers.google.com/speed/public-dns/privacyGoogle
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://developers.google.com/web/updates/2016/08/removing-document-write
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://dk.search.yahoo.com/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://dk.search.yahoo.com/favicon.icohttps://dk.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://dk.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://dl.gmx.com/apps/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://dl.gmx.com/apps/favicon.icohttps://search.gmx.com/web/result?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://dns.google/dns-query
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://dns.quad9.net/dns-query
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://dns.quad9.net/dns-querydns.quad9.netdns9.quad9.net9.9.9.9149.112.112.1122620:fe::fe2620:fe::
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://dns.sb/privacy/
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://dns.sb/privacy/DNS.SBhttps://doh.dns.sb/dns-query
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://dns.switch.ch/dns-query
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://dns.switch.ch/dns-querydns.switch.ch130.59.31.251130.59.31.2482001:620:0:ff::22001:620:0:ff:
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://dns10.quad9.net/dns-query
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://dns10.quad9.net/dns-querydns10.quad9.net9.9.9.10149.112.112.102620:fe::102620:fe::fe:10
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://dns11.quad9.net/dns-query
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://dns11.quad9.net/dns-querydns11.quad9.net9.9.9.11149.112.112.112620:fe::112620:fe::fe:11f
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://dns64.dns.google/dns-query
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://dnsnl.alekberg.net/dns-query
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://doh-01.spectrum.com/dns-query
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://doh-02.spectrum.com/dns-query
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://doh.cleanbrowsing.org/doh/adult-filter
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://doh.cleanbrowsing.org/doh/family-filter
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://doh.cleanbrowsing.org/doh/security-filter
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://doh.cox.net/dns-query
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://doh.cox.net/dns-querydot.cox.net68.105.28.1168.105.28.122001:578:3f::30
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://doh.dns.sb/dns-query
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://doh.familyshield.opendns.com/dns-query
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://doh.opendns.com/dns-query
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://doh.quickline.ch/dns-query
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://doh.xfinity.com/dns-query
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://duckduckgo.com/?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://duckduckgo.com/ac/?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://duckduckgo.com/chrome_newtab
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://duckduckgo.com/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://en.softonic.com/s/
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://encoding.spec.whatwg.org
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://encoding.spec.whatwg.org/#textdecoder
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://encoding.spec.whatwg.org/#textencoder
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://es.search.yahoo.com/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://es.search.yahoo.com/favicon.icohttps://es.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://es.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://es.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://esdiscuss.org/topic/isconstructor#content-11
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://fi.search.yahoo.com/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://fi.search.yahoo.com/favicon.icohttps://fi.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://fi.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://fr.search.yahoo.com/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://fr.search.yahoo.com/favicon.icohttps://fr.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://fr.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://fr.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://gist.github.com/XVilka/8346728#gistcomment-2823421
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/KhronosGroup/Vulkan-Docs/issues/1005)
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/WICG/construct-stylesheets/issues/119#issuecomment-588352418.
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/WICG/construct-stylesheets/issues/119#issuecomment-588352418.border-boxcontent-bo
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/WICG/conversion-measurement-api).
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/acornjs/acorn/blob/master/acorn/src/identifier.js#L23
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/acornjs/acorn/issues/575
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/antirez/linenoise
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/chalk/ansi-regex/blob/HEAD/index.js
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/chalk/supports-color
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/chromium/chromium/blob/HEAD/third_party/blink/public/platform/web_crypto_algorith
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/da-x/rxvt-unicode/tree/v9.22-with-24bit-color
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/electron/electron/issues/18397.
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/electron/electron/issues/18397.Module
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/estree/estree/blob/a27003adf4fd7bfad44de9cef372a2eacd527b1c/es5.md#regexpliteral
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/google/caja/blob/HEAD/src/com/google/caja/ses/repairES5.js
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/google/caja/blob/HEAD/src/com/google/caja/ses/startSES.js
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/google/closure-compiler/wiki/Source-Maps
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/gpuweb/gpuweb/issues/1565:
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/isaacs/color-support.
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/joyent/node/issues/3295.
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/libuv/libuv/pull/1501.
Source: EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/mafintosh/end-of-stream
Source: EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/mafintosh/pump
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/mysticatea/abort-controller
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/nodejs/node-v0.x-archive/issues/2876.
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/nodejs/node/commit/ec2822adaad76b126b5cccdeaa1addf2376c9aa6
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/nodejs/node/commit/f7620fb96d339f704932f9bb9a0dceb9952df2d4
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/nodejs/node/issues
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/nodejs/node/issues/10673
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/nodejs/node/issues/13435
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/nodejs/node/issues/19009
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/nodejs/node/issues/2006
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/nodejs/node/issues/2119
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/nodejs/node/issues/31074
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/nodejs/node/issues/3392
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/nodejs/node/issues/35475
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/nodejs/node/issues/35862
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/nodejs/node/issues/35981
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/nodejs/node/issues/39707
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/nodejs/node/pull/12342
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/nodejs/node/pull/12607
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/nodejs/node/pull/13870#discussion_r124515293
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/nodejs/node/pull/1771#issuecomment-119351671
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/nodejs/node/pull/21313
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/nodejs/node/pull/26334.
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/nodejs/node/pull/30380#issuecomment-552948364
Source: EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/nodejs/node/pull/30958
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/nodejs/node/pull/33515.
Source: EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/nodejs/node/pull/33661
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/nodejs/node/pull/3394
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/nodejs/node/pull/34010
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/nodejs/node/pull/34103#issuecomment-652002364
Source: EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/nodejs/node/pull/34375
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/nodejs/node/pull/34385
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/nodejs/node/pull/35949#issuecomment-722496598
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/nodejs/node/pull/36061#discussion_r533718029
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/nodejs/node/pull/38248
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/nodejs/node/pull/38433#issuecomment-828426932
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/nodejs/node/pull/38614)
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/standard-things/esm/issues/821.
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/tc39/ecma262/blob/HEAD/LICENSE.md
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/tc39/ecma262/issues/1209
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/tc39/proposal-ses/blob/e5271cc42a257a05dcae2fd94713ed2f46c08620/shim/src/freeze.j
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/tc39/proposal-weakrefs
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/w3c/ServiceWorker/issues/1356.
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/w3c/ServiceWorker/issues/1356.v8.produceCachev8.produceModuleCacheV8.CodeCacheSiz
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://github.com/w3c/webappsec-trusted-types/wiki/Trusted-Types-for-function-constructor
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://go.imgsmail.ru/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://go.imgsmail.ru/favicon.icohttps://go.mail.ru/search?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://go.mail.ru/chrome/newtab/
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://go.mail.ru/msearch?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://go.mail.ru/search?q=
Source: EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://goo.gl/LdLk22
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://goo.gl/LdLk22Empty
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://goo.gl/LdLk22Failed
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://goo.gl/Y0ZkNV).
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://goo.gl/rStTGz
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://goo.gl/t5IS6M).
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://goo.gl/yabPex
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://gpuweb.github.io/gpuweb/wgsl/#texel-formats
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://heycam.github.io/webidl/#Replaceable
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://heycam.github.io/webidl/#define-the-operations
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://heycam.github.io/webidl/#dfn-class-string
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://heycam.github.io/webidl/#dfn-default-iterator-object
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://heycam.github.io/webidl/#dfn-iterator-prototype-object
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://heycam.github.io/webidl/#es-interfaces
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://heycam.github.io/webidl/#es-iterable
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://heycam.github.io/webidl/#es-iterable-entries
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://heycam.github.io/webidl/#es-iterators
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://heycam.github.io/webidl/#es-namespaces
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://heycam.github.io/webidl/#es-operations
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://heycam.github.io/webidl/#es-stringifier
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://history.report-uri.com/r/d/ct/reportOnly
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://hk.search.yahoo.com/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://hk.search.yahoo.com/favicon.icohttps://hk.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://hk.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://hk.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://hladaj.atlas.sk/fulltext/?phrase=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://html.spec.whatwg.org/multipage/browsers.html#ascii-serialisation-of-an-origin
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://html.spec.whatwg.org/multipage/browsers.html#concept-origin-opaque
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://html.spec.whatwg.org/multipage/timers-and-user-prompts.html#dom-setinterval
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://html.spec.whatwg.org/multipage/webappapis.html#windoworworkerglobalscope
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://id.search.yahoo.com/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://id.search.yahoo.com/favicon.icohttps://id.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://id.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://id.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://in.search.yahoo.com/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://in.search.yahoo.com/favicon.icohttps://in.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://in.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://in.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://invisible-island.net/ncurses/terminfo.ti.html#toc-_Specials
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://invisible-island.net/xterm/ctlseqs/ctlseqs.html
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://isearch.avg.com/search?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://linux.die.net/man/1/dircolors).
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://log.getdropbox.com/hpkp
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://log.getdropbox.com/hpkpp
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://log.getdropbox.com/log/expectct
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://lss.sse-iacapps.com/query?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://m.so.com/index.php?ie=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://m.so.com/s?ie=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://m.sogou.com/web/
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://malaysia.search.yahoo.com/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://malaysia.search.yahoo.com/favicon.icohttps://malaysia.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://malaysia.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://malaysia.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
Source: EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://mathiasbynens.be/notes/javascript-encoding
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://matteomarescotti.report-uri.com/r/d/ct/reportOnly
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://metager.de/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://metager.de/favicon.icohttps://metager.de/meta/meta.ger3?eingabe=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://metager.de/meta/meta.ger3?eingabe=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://metager.org/meta/meta.ger3?eingabe=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://monitoring.url.loader.factory.invalid
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://monitoring.url.loader.factory.invalidPermissions
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://mx.search.yahoo.com/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://mx.search.yahoo.com/favicon.icohttps://mx.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://mx.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://mx.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://nextdns.io/privacy
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://nl.search.yahoo.com/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://nl.search.yahoo.com/favicon.icohttps://nl.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://nl.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://nl.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://nl.softonic.com/s/
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://no-color.org/
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://nodejs.org/
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://nodejs.org/api/cli.html#cli_unhandled_rejections_mode).
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://nodejs.org/api/fs.html
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://nodejs.org/api/fs.html#fs_stat_time_values)
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://nodejs.org/download/release/v16.13.0/node-v16.13.0-headers.tar.gz
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://nodejs.org/download/release/v16.13.0/node-v16.13.0.tar.gz
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://nodejs.org/download/release/v16.13.0/node-v16.13.0.tar.gzhttps://nodejs.org/download/release
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://nodejs.org/download/release/v16.13.0/win-x64/node.lib
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://nova.rambler.ru/search?query=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://nova.rambler.ru/suggest?v=3&query=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://nz.search.yahoo.com/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://nz.search.yahoo.com/favicon.icohttps://nz.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://nz.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://nz.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://oceanhero.today/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://oceanhero.today/favicon.icohttps://oceanhero.today/web?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://oceanhero.today/web?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://odvr.nic.cz/doh
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://odvr.nic.cz/dohodvr.nic.cz185.43.135.1193.17.47.12001:148f:fffe::12001:148f:ffff::1
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://pe.search.yahoo.com/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://pe.search.yahoo.com/favicon.icohttps://pe.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://pe.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://pe.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://perfetto.dev/docs/contributing/getting-started#community).
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://perfetto.dev/docs/contributing/getting-started#community).No
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://petalsearch.com/search?query=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://ph.search.yahoo.com/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://ph.search.yahoo.com/favicon.icohttps://ph.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://ph.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://ph.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://public.dns.iij.jp/
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://public.dns.iij.jp/IIJ
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://public.dns.iij.jp/dns-query
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://public.dns.iij.jp/dns-queryIijUShttps://nextdns.io/privacyNextDNShttps://chromium.dns.nextdn
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://qc.search.yahoo.com/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://qc.search.yahoo.com/favicon.icohttps://qc.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://qc.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://qc.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://redirector.gvt1.com/edgedl/chrome/dict/
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://scotthelme.report-uri.com/r/d/ct/reportOnly
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://se.search.yahoo.com/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://se.search.yahoo.com/favicon.icohttps://se.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://se.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://search-static-dre.dbankcdn.com/pc/v1/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://search-static-dre.dbankcdn.com/pc/v1/favicon.icohttps://petalsearch.com/search?query=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://search.avg.com/route/?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://search.daum.net/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://search.daum.net/favicon.icohttps://search.daum.net/search?w=tot&DA=JU5&q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://search.daum.net/search?w=tot&DA=JU5&q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://search.gmx.co.uk/web/result?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://search.gmx.com/web/result?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://search.gmx.es/web/result?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://search.gmx.fr/web/result?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://search.goo.ne.jp/cdn/common/img/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://search.goo.ne.jp/cdn/common/img/favicon.icohttps://search.goo.ne.jp/web.jsp?MT=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://search.goo.ne.jp/sgt.jsp?MT=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://search.goo.ne.jp/web.jsp?MT=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://search.naver.com/search.naver?ie=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://search.privacywall.org/suggest.php?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://search.seznam.cz/?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://search.seznam.cz/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://search.seznam.cz/favicon.icohttps://search.seznam.cz/?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://search.seznam.sk/?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://search.seznam.sk/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://search.seznam.sk/favicon.icohttps://search.seznam.sk/?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://search.softonic.com/?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://search.walla.co.il/?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://search.yahoo.co.jp/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://search.yahoo.co.jp/favicon.icohttps://search.yahoo.co.jp/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://search.yahoo.co.jp/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://search.yahoo.com/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://search.yahoo.com/favicon.icohttps://search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas_sfp&command=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://search.yahoo.com?fr=crmas_sfp
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://search.yahoo.com?fr=crmas_sfp?7
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://search.yahooapis.jp/AssistSearchService/V2/webassistSearch?p=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://searchatlas.centrum.cz/?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://searchatlas.centrum.cz/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://searchatlas.centrum.cz/favicon.icohttps://searchatlas.centrum.cz/?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://sg.search.yahoo.com/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://sg.search.yahoo.com/favicon.icohttps://sg.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://sg.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://sg.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://sourcemaps.info/spec.html
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://sp.ask.com/sh/i/a16/favicon/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://sp.ask.com/sh/i/a16/favicon/favicon.icohttps://www.ask.com/web?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://ssl.pstatic.net/sstatic/search/favicon/favicon_140327.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://ssl.pstatic.net/sstatic/search/favicon/favicon_140327.icohttps://search.naver.com/search.nav
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://stackoverflow.com/a/5501711/3561
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://storage.ape.yandex.net/get/browser/Doodles/yandex/drawable-xxhdpi/yandex.png
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://suche.gmx.at/web/result?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://suche.gmx.net/web/result?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://sug.so.360.cn/suggest?encodein=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://sugg.sogou.com/sugg/ajaj_json.jsp?type=addrbar&key=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://suggest.search.daum.net/sushi/opensearch/pc?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://suggest.seznam.cz/fulltext_ff?phrase=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://suggest.seznam.sk/fulltext_ff?phrase=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://suggest.yandex.by/suggest-ff.cgi?part=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://suggest.yandex.com.tr/suggest-ff.cgi?part=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://suggest.yandex.com/suggest-ff.cgi?part=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://suggest.yandex.kz/suggest-ff.cgi?part=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://suggest.yandex.ua/suggest-ff.cgi?part=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://suggestion.baidu.com/su?wd=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://suggestplugin.gmx.at/s?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://suggestplugin.gmx.co.uk/s?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://suggestplugin.gmx.com/s?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://suggestplugin.gmx.es/s?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://suggestplugin.gmx.fr/s?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://suggestplugin.gmx.net/s?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://suggests.go.mail.ru/chrome?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://tc39.es/ecma262/#sec-%typedarray%-intrinsic-object
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://tc39.es/ecma262/#sec-IsHTMLDDA-internal-slot
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://tc39.github.io/ecma262/#sec-%iteratorprototype%-object
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://tc39.github.io/ecma262/#sec-%typedarray%.of
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://tc39.github.io/ecma262/#sec-object.prototype.tostring
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://th.search.yahoo.com/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://th.search.yahoo.com/favicon.icohttps://th.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://th.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://th.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://tobiassachs.report-uri.com/r/d/ct/reportOnly
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://tools.ietf.org/html/rfc2397#section-2
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://tools.ietf.org/html/rfc3492#section-3.4
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://tools.ietf.org/html/rfc3492)
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://tools.ietf.org/html/rfc3986#section-3.2.2
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://tools.ietf.org/html/rfc5280#section-4.2.1.13
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://tools.ietf.org/html/rfc5280#section-5.2.7.
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://tools.ietf.org/html/rfc6455#section-1.3
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://tools.ietf.org/html/rfc6960
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://tools.ietf.org/html/rfc7230#section-3.2.2
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://tools.ietf.org/html/rfc7230#section-3.2.6
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://tools.ietf.org/html/rfc7540#section-8.1.2.5
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://tr.search.yahoo.com/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://tr.search.yahoo.com/favicon.icohttps://tr.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://tr.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://tw.search.yahoo.com/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://tw.search.yahoo.com/favicon.icohttps://tw.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://tw.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://tw.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://uk.search.yahoo.com/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://uk.search.yahoo.com/favicon.icohttps://uk.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://uk.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://uk.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://url.spec.whatwg.org/#cannot-have-a-username-password-port
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://url.spec.whatwg.org/#concept-url
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://url.spec.whatwg.org/#concept-url-origin
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://url.spec.whatwg.org/#concept-urlencoded-byte-serializer
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://url.spec.whatwg.org/#concept-urlencoded-parser
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://url.spec.whatwg.org/#concept-urlencoded-serializer
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://url.spec.whatwg.org/#special-scheme
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://url.spec.whatwg.org/#url
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://url.spec.whatwg.org/#url-serializing
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://url.spec.whatwg.org/#urlsearchparams
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://url.spec.whatwg.org/#urlsearchparams-stringification-behavior
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://v8.dev/blog/v8-release-89
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://ve.search.yahoo.com/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://ve.search.yahoo.com/favicon.icohttps://ve.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://ve.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://ve.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://vn.search.yahoo.com/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://vn.search.yahoo.com/favicon.icohttps://vn.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://vn.search.yahoo.com/search
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://vn.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://w3c.github.io/encrypted-media/#direct-individualization.
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://w3c.github.io/encrypted-media/#distinctive-identifier)
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://w3c.github.io/encrypted-media/#distinctive-permanent-
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://w3c.github.io/webappsec-subresource-integrity/#the-integrity-attribute
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://webrtc.org/web-apis/chrome/unified-plan/.
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://wiki.squid-cache.org/SquidFaq/InnerWorkings#What_is_a_half-closed_filedescriptor.3F
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.alphassl.com/repository/03
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.amd.com/en/support/apu/amd-series-processors/amd-a8-series-apu-for-laptops/a8-5550m-rade
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.ask.com/web?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.baidu.com/
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.baidu.com/#ie=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.baidu.com/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.baidu.com/favicon.icohttps://www.baidu.com/#ie=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.baidu.com/s?ie=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.chromestatus.com/feature/%s
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.chromestatus.com/feature/5082396709879808
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.chromestatus.com/feature/5148698084376576
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.chromestatus.com/feature/5527160148197376
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.chromestatus.com/feature/5629582019395584.
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.chromestatus.com/feature/5654791610957824
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.chromestatus.com/feature/5667793157488640
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.chromestatus.com/feature/5669008342777856
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.chromestatus.com/feature/5738264052891648
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.chromestatus.com/feature/5738264052891648Renderer.Font.PrimaryFont.FCPRenderer.Font.Prim
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.chromestatus.com/feature/5742188281462784.
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.chromestatus.com/feature/5742188281462784.CancelDeferredNavigationWillFailRequestDidComm
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.chromestatus.com/feature/5745543795965952
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.chromestatus.com/feature/5745543795965952blinkAddEventListenerAdded
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.chromestatus.com/feature/5749447073988608
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.chromestatus.com/feature/5749447073988608Added
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.chromestatus.com/feature/5851021045661696.
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.chromestatus.com/feature/5851021045661696.The
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.chromium.org/blink/origin-trials/portals
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.chromium.org/blink/origin-trials/portals.
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.chromium.org/blink/origin-trials/portals../../content/browser/prerender/prerender_commit
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.chromium.org/blink/origin-trials/portals.The
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.cisco.com/c/en/us/about/legal/privacy-full.html
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.delfi.lt/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.delfi.lt/favicon.icohttps://www.delfi.lt/paieska/?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.delfi.lt/paieska/?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.digicert.com/CPS0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.ecma-international.org/ecma-262/#sec-line-terminators
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.ecma-international.org/ecma-262/#sec-promise.all
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.ecma-international.org/ecma-262/#sec-timeclip
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.ecma-international.org/ecma-262/5.1/#sec-15.1.3.4
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.ecma-international.org/ecma-262/8.0/#prod-Alternative
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.ecma-international.org/ecma-262/8.0/#prod-Atom
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.ecma-international.org/ecma-262/8.0/#prod-CharacterClass
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.ecma-international.org/ecma-262/8.0/#prod-CharacterClassEscape
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.ecma-international.org/ecma-262/8.0/#prod-ClassAtom
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.ecma-international.org/ecma-262/8.0/#prod-ClassAtomNoDash
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.ecma-international.org/ecma-262/8.0/#prod-ClassRanges
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.ecma-international.org/ecma-262/8.0/#prod-ControlEscape
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.ecma-international.org/ecma-262/8.0/#prod-ControlLetter
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.ecma-international.org/ecma-262/8.0/#prod-DecimalDigits
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.ecma-international.org/ecma-262/8.0/#prod-DecimalEscape
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.ecma-international.org/ecma-262/8.0/#prod-Disjunction
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.ecma-international.org/ecma-262/8.0/#prod-Hex4Digits
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.ecma-international.org/ecma-262/8.0/#prod-HexDigit
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.ecma-international.org/ecma-262/8.0/#prod-HexDigits
Source: EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.ecma-international.org/ecma-262/8.0/#prod-HexEscapeSequence
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.ecma-international.org/ecma-262/8.0/#prod-NonemptyClassRanges
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.ecma-international.org/ecma-262/8.0/#prod-NonemptyClassRangesNoDash
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.ecma-international.org/ecma-262/8.0/#prod-OctalDigit
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.ecma-international.org/ecma-262/8.0/#prod-Pattern
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.ecma-international.org/ecma-262/8.0/#prod-PatternCharacter
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.ecma-international.org/ecma-262/8.0/#prod-Quantifier
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.ecma-international.org/ecma-262/8.0/#prod-QuantifierPrefix
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.ecma-international.org/ecma-262/8.0/#prod-RegExpUnicodeEscapeSequence
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.ecma-international.org/ecma-262/8.0/#prod-SyntaxCharacter
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.ecma-international.org/ecma-262/8.0/#prod-annexB-Assertion
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.ecma-international.org/ecma-262/8.0/#prod-annexB-AtomEscape
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.ecma-international.org/ecma-262/8.0/#prod-annexB-CharacterEscape
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.ecma-international.org/ecma-262/8.0/#prod-annexB-ClassControlLetter
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.ecma-international.org/ecma-262/8.0/#prod-annexB-ClassEscape
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.ecma-international.org/ecma-262/8.0/#prod-annexB-ExtendedAtom
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.ecma-international.org/ecma-262/8.0/#prod-annexB-ExtendedPatternCharacter
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.ecma-international.org/ecma-262/8.0/#prod-annexB-IdentityEscape
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.ecma-international.org/ecma-262/8.0/#prod-annexB-InvalidBracedQuantifier
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.ecma-international.org/ecma-262/8.0/#prod-annexB-LegacyOctalEscapeSequence
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.ecma-international.org/ecma-262/8.0/#prod-annexB-Term
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.ecma-international.org/ecma-262/8.0/#sec-atomescape
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.ecma-international.org/ecma-262/8.0/#sec-term
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.ecosia.org/search?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.geotrust.com/resources/cps04
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.geotrust.com/resources/cps06
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.geotrust.com/resources/repository0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.givero.com/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.givero.com/favicon.icohttps://www.givero.com/search?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.givero.com/search?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.givero.com/suggest?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.globalsign.com/repository/0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.globalsign.com/repository/03
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.google.com/images/branding/product/ico/googleg_lodp.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.google.com/speech-api/full-duplex/v1
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.google.com/speech-api/full-duplex/v1key=pair=output=pb/down?speech_recognition_downstrea
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.googleapis.com/geolocation/v1/geolocate
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.googleapis.com/geolocation/v1/geolocatemacAddresssignalStrengthsignalToNoiseRatiowifiAcc
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.googleapis.com/spelling/v%d/spelling/check?key=%s
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.googleapis.com/spelling/v%d/spelling/check?key=%serrorspellingCheckResponse.misspellings
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.gstatic.com/securitykey/a/google.com/origins.json
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.gstatic.com/securitykey/origins.json
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.gstatic.com/securitykey/origins.jsonhttps://www.gstatic.com/securitykey/a/google.com/ori
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.iana.org/assignments/tls-extensiontype-values
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.info.com/serp?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.info.com/static/www.info.com/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.info.com/static/www.info.com/favicon.icohttps://www.info.com/serp?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.intel.com/content/www/us/en/download-center/home.html
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.neti.ee/api/suggestOS?suggestVersion=1&suggestQuery=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.neti.ee/cgi-bin/otsing?query=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.nic.cz/odvr/
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.nic.cz/odvr/CZ.NIC
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.privacywall.org/images/favicon_32x32.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.privacywall.org/images/favicon_32x32.icohttps://www.privacywall.org/search/secure/?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.privacywall.org/search/secure/?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.quad9.net/home/privacy/
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.quad9.net/home/privacy/Quad9
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.qwant.com/?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.qwant.com/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.qwant.com/favicon.icohttps://www.qwant.com/?q=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.so.com/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.so.com/favicon.icohttps://www.so.com/s?ie=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.so.com/s?ie=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.softonic.com.br/s/
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.softonic.com/s/
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.sogou.com/images/logo/old/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.sogou.com/images/logo/old/favicon.icohttps://www.sogou.com/web?ie=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.sogou.com/web?ie=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.thawte.com/cps0
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.thawte.com/cps0)
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.thawte.com/cps02
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.thawte.com/cps07
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.unicode.org/Public/UNIDATA/EastAsianWidth.txt
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.yandex.by/chrome/newtab
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.yandex.com.tr/
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.yandex.com.tr/chrome/newtab
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.yandex.kz/chrome/newtab
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.yandex.ua/chrome/newtab
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.zoznam.sk/favicon.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.zoznam.sk/favicon.icohttps://www.zoznam.sk/hladaj.fcgi?s=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.zoznam.sk/hladaj.fcgi?s=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://wwww.certigna.fr/autorites/0m
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://xhr.spec.whatwg.org/.
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://yandex.by/
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://yandex.by/images/search/?rpt=imageview
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://yandex.by/images/search/?rpt=imageviewhttps://www.yandex.by/chrome/newtabhttps://storage.ape
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://yandex.com.tr/gorsel/search?rpt=imageview
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://yandex.com.tr/gorsel/search?rpt=imageviewhttps://www.yandex.com.tr/chrome/newtab
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://yandex.com/images/search?rpt=imageview
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://yandex.com/search/?text=
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://yandex.kz/
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://yandex.kz/images/search/?rpt=imageview
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://yandex.kz/images/search/?rpt=imageviewhttps://www.yandex.kz/chrome/newtab
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://yandex.ua/
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://yandex.ua/images/search/?rpt=imageview
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://yandex.ua/images/search/?rpt=imageviewhttps://www.yandex.ua/chrome/newtab
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://yastatic.net/lego/_/pDu9OWAQKB0s2J9IojKpiS_Eho.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://yastatic.net/lego/_/pDu9OWAQKB0s2J9IojKpiS_Eho.icohttps://yandex.by/
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://yastatic.net/lego/_/rBTjd6UOPk5913OSn5ZQVYMTQWQ.ico
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://yastatic.net/lego/_/rBTjd6UOPk5913OSn5ZQVYMTQWQ.icohttps://yandex.com/search/?text=

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443

Key, Mouse, Clipboard, Microphone and Screen Capturing

Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp

Binary or memory string: RegisterRawInputDevices() failed for RIDEV_REMOVE

memstr_73c894fd-f

System Summary

Source: Joe Sandbox View

Dropped File: C:\Users\user\AppData\Local\Temp\095e3122-2da5-4124-bb60-1d304745a2e6.tmp.node 8D6F5CAB1D6A99AC49772080C6F383F33A9BB983E0F8D02D0F3DE4B2BDD26215

Source: C:\Users\user\Desktop\EpsilonFruit.exe

Process token adjusted: Security

Jump to behavior

Source: EpsilonFruit.exe

Static PE information: invalid certificate

Source: EpsilonFruit.exe.0.dr	Static PE information: Number of sections : 12 > 10
Source: EpsilonFruit.exe0.0.dr	Static PE information: Number of sections : 12 > 10

Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp

Binary or memory string: Received fatal exception EXCEPTION_ACCESS_VIOLATIONEXCEPTION_ARRAY_BOUNDS_EXCEEDEDEXCEPTION_BREAKPOINTEXCEPTION_DATATYPE_MISALIGNMENTEXCEPTION_FLT_DENORMAL_OPERANDEXCEPTION_FLT_DIVIDE_BY_ZEROEXCEPTION_FLT_INEXACT_RESULTEXCEPTION_FLT_INVALID_OPERATIONEXCEPTION_FLT_OVERFLOWEXCEPTION_FLT_STACK_CHECKEXCEPTION_FLT_UNDERFLOWEXCEPTION_ILLEGAL_INSTRUCTIONEXCEPTION_IN_PAGE_ERROREXCEPTION_INT_DIVIDE_BY_ZEROEXCEPTION_INT_OVERFLOWEXCEPTION_INVALID_DISPOSITIONEXCEPTION_NONCONTINUABLE_EXCEPTIONEXCEPTION_PRIV_INSTRUCTIONEXCEPTION_SINGLE_STEPEXCEPTION_STACK_OVERFLOW%ls;%ls [0x(No symbol) [0x../../base/file_version_info_win.ccCreateFileVersionInfoWinCompanyNameCompanyShortNameInternalNameProductNameProductShortNameProductVersionFileDescriptionFileVersionOriginalFilenameSpecialBuild\StringFileInfo\%04x%04x\%ls\VarFileInfo\Translation\../../base/files/file_path_watcher_win.ccUpdateWatchDestroyWatchSetupWatchHandleOnObjectSignaled../../base/files/file_util_win.ccMakeAbsoluteFilePathDeleteFileAfterRebootReplaceFileWPathExistsDirectoryExistsC:\CreateAndOpenTemporaryFileInDirwb+CreateTemporaryDirInDirCreateNewTempDirectoryCreateDirectoryAndGetErrorReadFileCreateFile failed for path Writing file Only wrote out of byte(s) to GetCurrentDirectoryWSetCurrentDirectoryWGetMaximumPathComponentLengthMoveUnsafeCopyAndDeleteDirectoryWindows.FileDeleteLastRetryError vs EpsilonFruit.exe

Source: EpsilonFruit.exe

Static PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE

Source: classification engine

Classification label: mal76.evad.winEXE@16/125@3/2

Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe

File created: C:\Users\user\AppData\Roaming\EpsilonFruit

Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Mutant created: NULL
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:3920:120:WilError_03

Source: C:\Users\user\Desktop\EpsilonFruit.exe

File created: C:\Users\user\AppData\Local\Temp\nsh6315.tmp

Jump to behavior

Source: EpsilonFruit.exe

Static PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ

Source: C:\Users\user\Desktop\EpsilonFruit.exe

File read: C:\Users\desktop.ini

Jump to behavior

Source: C:\Users\user\Desktop\EpsilonFruit.exe

Key opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers

Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	File read: C:\Windows\System32\drivers\etc\hosts			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	File read: C:\Windows\System32\drivers\etc\hosts			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	File read: C:\Windows\System32\drivers\etc\hosts			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	File read: C:\Windows\System32\drivers\etc\hosts			Jump to behavior

Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	Binary or memory string: UPDATE %Q.sqlite_master SET tbl_name = %Q, name = CASE WHEN type='table' THEN %Q WHEN name LIKE 'sqliteX_autoindex%%' ESCAPE 'X' AND type='index' THEN 'sqlite_autoindex_' || %Q || substr(name,%d+18) ELSE name END WHERE tbl_name=%Q COLLATE nocase AND (type='table' OR type='index' OR type='trigger');
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	Binary or memory string: CREATE TABLE %Q.'%q_docsize'(docid INTEGER PRIMARY KEY, size BLOB);
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	Binary or memory string: CREATE TABLE IF NOT EXISTS %Q.'%q_stat'(id INTEGER PRIMARY KEY, value BLOB);
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	Binary or memory string: CREATE TABLE cookies(creation_utc INTEGER NOT NULL,host_key TEXT NOT NULL,top_frame_site_key TEXT NOT NULL,name TEXT NOT NULL,value TEXT NOT NULL,encrypted_value BLOB NOT NULL,path TEXT NOT NULL,expires_utc INTEGER NOT NULL,is_secure INTEGER NOT NULL,is_httponly INTEGER NOT NULL,last_access_utc INTEGER NOT NULL,has_expires INTEGER NOT NULL,is_persistent INTEGER NOT NULL,priority INTEGER NOT NULL,samesite INTEGER NOT NULL,source_scheme INTEGER NOT NULL,source_port INTEGER NOT NULL,is_same_party INTEGER NOT NULL);
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	Binary or memory string: CREATE TABLE %Q.'%q_segdir'(level INTEGER,idx INTEGER,start_block INTEGER,leaves_end_block INTEGER,end_block INTEGER,root BLOB,PRIMARY KEY(level, idx));
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	Binary or memory string: INSERT INTO %Q.sqlite_master VALUES('index',%Q,%Q,#%d,%Q);
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	Binary or memory string: CREATE TABLE %Q.'%q_segments'(blockid INTEGER PRIMARY KEY, block BLOB);

Source: C:\Users\user\Desktop\EpsilonFruit.exe

File read: C:\Users\user\Desktop\EpsilonFruit.exe

Jump to behavior

Source: unknown	Process created: C:\Users\user\Desktop\EpsilonFruit.exe "C:\Users\user\Desktop\EpsilonFruit.exe"
Source: C:\Users\user\Desktop\EpsilonFruit.exe	Process created: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Process created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /d /s /c "wmic CsProduct Get UUID"
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\wbem\WMIC.exe wmic CsProduct Get UUID
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Process created: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe "C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe" --type=gpu-process --user-data-dir="C:\Users\user\AppData\Roaming\EpsilonFruit" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1720 --field-trial-handle=1780,4446609396603804754,17593310329592071850,131072 --disable-features=PlzServiceWorker,SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Process created: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe "C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --user-data-dir="C:\Users\user\AppData\Roaming\EpsilonFruit" --mojo-platform-channel-handle=1948 --field-trial-handle=1780,4446609396603804754,17593310329592071850,131072 --disable-features=PlzServiceWorker,SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Process created: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe "C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe" --type=renderer --user-data-dir="C:\Users\user\AppData\Roaming\EpsilonFruit" --app-path="C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\resources\app.asar" --no-sandbox --no-zygote --lang=en-GB --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=4 --launch-time-ticks=4714222268 --mojo-platform-channel-handle=2188 --field-trial-handle=1780,4446609396603804754,17593310329592071850,131072 --disable-features=PlzServiceWorker,SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Process created: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe "C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-GB --service-sandbox-type=audio --user-data-dir="C:\Users\user\AppData\Roaming\EpsilonFruit" --mojo-platform-channel-handle=2300 --field-trial-handle=1780,4446609396603804754,17593310329592071850,131072 --disable-features=PlzServiceWorker,SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8
Source: C:\Users\user\Desktop\EpsilonFruit.exe	Process created: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Process created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /d /s /c "wmic CsProduct Get UUID"			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Process created: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe "C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe" --type=gpu-process --user-data-dir="C:\Users\user\AppData\Roaming\EpsilonFruit" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1720 --field-trial-handle=1780,4446609396603804754,17593310329592071850,131072 --disable-features=PlzServiceWorker,SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Process created: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe "C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --user-data-dir="C:\Users\user\AppData\Roaming\EpsilonFruit" --mojo-platform-channel-handle=1948 --field-trial-handle=1780,4446609396603804754,17593310329592071850,131072 --disable-features=PlzServiceWorker,SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Process created: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe "C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe" --type=renderer --user-data-dir="C:\Users\user\AppData\Roaming\EpsilonFruit" --app-path="C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\resources\app.asar" --no-sandbox --no-zygote --lang=en-GB --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=4 --launch-time-ticks=4714222268 --mojo-platform-channel-handle=2188 --field-trial-handle=1780,4446609396603804754,17593310329592071850,131072 --disable-features=PlzServiceWorker,SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Process created: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe "C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-GB --service-sandbox-type=audio --user-data-dir="C:\Users\user\AppData\Roaming\EpsilonFruit" --mojo-platform-channel-handle=2300 --field-trial-handle=1780,4446609396603804754,17593310329592071850,131072 --disable-features=PlzServiceWorker,SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8			Jump to behavior
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\wbem\WMIC.exe wmic CsProduct Get UUID			Jump to behavior

Source: C:\Users\user\Desktop\EpsilonFruit.exe	Section loaded: uxtheme.dll			Jump to behavior
Source: C:\Users\user\Desktop\EpsilonFruit.exe	Section loaded: userenv.dll			Jump to behavior
Source: C:\Users\user\Desktop\EpsilonFruit.exe	Section loaded: apphelp.dll			Jump to behavior
Source: C:\Users\user\Desktop\EpsilonFruit.exe	Section loaded: propsys.dll			Jump to behavior
Source: C:\Users\user\Desktop\EpsilonFruit.exe	Section loaded: dwmapi.dll			Jump to behavior
Source: C:\Users\user\Desktop\EpsilonFruit.exe	Section loaded: cryptbase.dll			Jump to behavior
Source: C:\Users\user\Desktop\EpsilonFruit.exe	Section loaded: oleacc.dll			Jump to behavior
Source: C:\Users\user\Desktop\EpsilonFruit.exe	Section loaded: ntmarta.dll			Jump to behavior
Source: C:\Users\user\Desktop\EpsilonFruit.exe	Section loaded: version.dll			Jump to behavior
Source: C:\Users\user\Desktop\EpsilonFruit.exe	Section loaded: shfolder.dll			Jump to behavior
Source: C:\Users\user\Desktop\EpsilonFruit.exe	Section loaded: kernel.appcore.dll			Jump to behavior
Source: C:\Users\user\Desktop\EpsilonFruit.exe	Section loaded: windows.storage.dll			Jump to behavior
Source: C:\Users\user\Desktop\EpsilonFruit.exe	Section loaded: wldp.dll			Jump to behavior
Source: C:\Users\user\Desktop\EpsilonFruit.exe	Section loaded: windows.staterepositoryps.dll			Jump to behavior
Source: C:\Users\user\Desktop\EpsilonFruit.exe	Section loaded: wintypes.dll			Jump to behavior
Source: C:\Users\user\Desktop\EpsilonFruit.exe	Section loaded: windows.fileexplorer.common.dll			Jump to behavior
Source: C:\Users\user\Desktop\EpsilonFruit.exe	Section loaded: iertutil.dll			Jump to behavior
Source: C:\Users\user\Desktop\EpsilonFruit.exe	Section loaded: ntshrui.dll			Jump to behavior
Source: C:\Users\user\Desktop\EpsilonFruit.exe	Section loaded: sspicli.dll			Jump to behavior
Source: C:\Users\user\Desktop\EpsilonFruit.exe	Section loaded: profapi.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: ffmpeg.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: uiautomationcore.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: dbghelp.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: msimg32.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: winmm.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: iphlpapi.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: version.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: userenv.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: dwrite.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: secur32.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: winhttp.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: dhcpcsvc.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: propsys.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: sspicli.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: cryptbase.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: powrprof.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: umpdc.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: uxtheme.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: mswsock.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: ntmarta.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: kbdus.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: kernel.appcore.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: mpr.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: profapi.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: dhcpcsvc6.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: dnsapi.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: drprov.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: winsta.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: ntlanman.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: davclnt.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: davhlpr.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: windows.storage.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: wldp.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: dpapi.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: nlaapi.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: textinputframework.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: coreuicomponents.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: coremessaging.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: coremessaging.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: wintypes.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: wintypes.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: wintypes.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: windows.ui.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: windowmanagementapi.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: inputhost.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: twinapi.appcore.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: twinapi.appcore.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: mscms.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: coloradapterclient.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: wtsapi32.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: mmdevapi.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: devobj.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: dataexchange.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: d3d11.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: dcomp.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: dxgi.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: dwmapi.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: windows.globalization.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: bcp47langs.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: bcp47mrm.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: twinapi.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: explorerframe.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: atlthunk.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: oleacc.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: directmanipulation.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: msspellcheckingfacility.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: onecoreuapcommonproxystub.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: napinsp.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: pnrpnsp.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: wshbth.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: winrnr.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: rasadhlp.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: fwpuclnt.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: msasn1.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: cryptsp.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: rsaenh.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: gpapi.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: cryptnet.dll			Jump to behavior
Source: C:\Windows\System32\wbem\WMIC.exe	Section loaded: iphlpapi.dll			Jump to behavior
Source: C:\Windows\System32\wbem\WMIC.exe	Section loaded: framedynos.dll			Jump to behavior
Source: C:\Windows\System32\wbem\WMIC.exe	Section loaded: sspicli.dll			Jump to behavior
Source: C:\Windows\System32\wbem\WMIC.exe	Section loaded: kernel.appcore.dll			Jump to behavior
Source: C:\Windows\System32\wbem\WMIC.exe	Section loaded: wbemcomn.dll			Jump to behavior
Source: C:\Windows\System32\wbem\WMIC.exe	Section loaded: msxml6.dll			Jump to behavior
Source: C:\Windows\System32\wbem\WMIC.exe	Section loaded: urlmon.dll			Jump to behavior
Source: C:\Windows\System32\wbem\WMIC.exe	Section loaded: iertutil.dll			Jump to behavior
Source: C:\Windows\System32\wbem\WMIC.exe	Section loaded: srvcli.dll			Jump to behavior
Source: C:\Windows\System32\wbem\WMIC.exe	Section loaded: netutils.dll			Jump to behavior
Source: C:\Windows\System32\wbem\WMIC.exe	Section loaded: uxtheme.dll			Jump to behavior
Source: C:\Windows\System32\wbem\WMIC.exe	Section loaded: vcruntime140.dll			Jump to behavior
Source: C:\Windows\System32\wbem\WMIC.exe	Section loaded: vcruntime140_1.dll			Jump to behavior
Source: C:\Windows\System32\wbem\WMIC.exe	Section loaded: amsi.dll			Jump to behavior
Source: C:\Windows\System32\wbem\WMIC.exe	Section loaded: userenv.dll			Jump to behavior
Source: C:\Windows\System32\wbem\WMIC.exe	Section loaded: profapi.dll			Jump to behavior
Source: C:\Windows\System32\wbem\WMIC.exe	Section loaded: vbscript.dll			Jump to behavior
Source: C:\Windows\System32\wbem\WMIC.exe	Section loaded: sxs.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: ffmpeg.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: uiautomationcore.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: dbghelp.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: msimg32.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: winmm.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: iphlpapi.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: version.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: userenv.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: dwrite.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: secur32.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: winhttp.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: dhcpcsvc.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: propsys.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: sspicli.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: cryptbase.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: powrprof.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: umpdc.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: uxtheme.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: mswsock.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: kernel.appcore.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: dxgi.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: resourcepolicyclient.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: mf.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: mfplat.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: rtworkq.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: msmpeg2vdec.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: mfperfhelper.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: cryptsp.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: dxva2.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: msvproc.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: dwmapi.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: dcomp.dll			Jump to behavior
Source: C:\Windows\explorer.exe	Section loaded: windows.cloudstore.schema.shell.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: ffmpeg.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: uiautomationcore.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: dbghelp.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: msimg32.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: winmm.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: iphlpapi.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: version.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: userenv.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: dwrite.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: secur32.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: winhttp.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: dhcpcsvc.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: propsys.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: sspicli.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: cryptbase.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: powrprof.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: umpdc.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: uxtheme.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: mswsock.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: ntmarta.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: kbdus.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: nlaapi.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: dhcpcsvc6.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: dnsapi.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: rasadhlp.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: fwpuclnt.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: ffmpeg.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: uiautomationcore.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: dbghelp.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: msimg32.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: winmm.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: iphlpapi.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: version.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: userenv.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: dwrite.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: secur32.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: winhttp.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: dhcpcsvc.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: propsys.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: sspicli.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: cryptbase.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: powrprof.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: umpdc.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: uxtheme.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: mswsock.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: kernel.appcore.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: ffmpeg.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: uiautomationcore.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: dbghelp.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: msimg32.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: winmm.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: iphlpapi.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: version.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: userenv.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: dwrite.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: secur32.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: winhttp.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: dhcpcsvc.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: propsys.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: sspicli.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: cryptbase.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: powrprof.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: umpdc.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: uxtheme.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: mswsock.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: kernel.appcore.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: mmdevapi.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: devobj.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: audioses.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: resourcepolicyclient.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: avrt.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: windows.ui.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: windowmanagementapi.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: textinputframework.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: inputhost.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: wintypes.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: twinapi.appcore.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: coremessaging.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: twinapi.appcore.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: coreuicomponents.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: coremessaging.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: coremessaging.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: wintypes.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: coreuicomponents.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Section loaded: ntmarta.dll			Jump to behavior

Source: C:\Users\user\Desktop\EpsilonFruit.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1f486a52-3cb1-48fd-8f50-b8dc300d9f9d}\InProcServer32

Jump to behavior

Source: EpsilonFruit.exe

Static file information: File size 73077368 > 1048576

Source: EpsilonFruit.exe

Static PE information: DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE

Data Obfuscation

Source: d3dcompiler_47.dll.0.dr

Static PE information: 0xF3329C94 [Sat Apr 18 07:26:12 2099 UTC]

Source: ffmpeg.dll.0.dr	Static PE information: section name: .00cfg
Source: ffmpeg.dll.0.dr	Static PE information: section name: _RDATA
Source: libEGL.dll.0.dr	Static PE information: section name: .00cfg
Source: libEGL.dll.0.dr	Static PE information: section name: _RDATA
Source: libGLESv2.dll.0.dr	Static PE information: section name: .00cfg
Source: libGLESv2.dll.0.dr	Static PE information: section name: _RDATA
Source: EpsilonFruit.exe.0.dr	Static PE information: section name: .00cfg
Source: EpsilonFruit.exe.0.dr	Static PE information: section name: .retplne
Source: EpsilonFruit.exe.0.dr	Static PE information: section name: .rodata
Source: EpsilonFruit.exe.0.dr	Static PE information: section name: CPADinfo
Source: EpsilonFruit.exe.0.dr	Static PE information: section name: _RDATA
Source: ffmpeg.dll0.0.dr	Static PE information: section name: .00cfg
Source: ffmpeg.dll0.0.dr	Static PE information: section name: _RDATA
Source: libEGL.dll0.0.dr	Static PE information: section name: .00cfg
Source: libEGL.dll0.0.dr	Static PE information: section name: _RDATA
Source: libGLESv2.dll0.0.dr	Static PE information: section name: .00cfg
Source: libGLESv2.dll0.0.dr	Static PE information: section name: _RDATA
Source: libEGL.dll1.0.dr	Static PE information: section name: .00cfg
Source: libEGL.dll1.0.dr	Static PE information: section name: _RDATA
Source: libGLESv2.dll1.0.dr	Static PE information: section name: .00cfg
Source: libGLESv2.dll1.0.dr	Static PE information: section name: _RDATA
Source: vk_swiftshader.dll.0.dr	Static PE information: section name: .00cfg
Source: vk_swiftshader.dll.0.dr	Static PE information: section name: _RDATA
Source: vulkan-1.dll.0.dr	Static PE information: section name: .00cfg
Source: vulkan-1.dll.0.dr	Static PE information: section name: _RDATA
Source: EpsilonFruit.exe0.0.dr	Static PE information: section name: .00cfg
Source: EpsilonFruit.exe0.0.dr	Static PE information: section name: .retplne
Source: EpsilonFruit.exe0.0.dr	Static PE information: section name: .rodata
Source: EpsilonFruit.exe0.0.dr	Static PE information: section name: CPADinfo
Source: EpsilonFruit.exe0.0.dr	Static PE information: section name: _RDATA
Source: fb0541d2-f67e-4988-9a28-0539cb396a9a.tmp.node.3.dr	Static PE information: section name: .didat
Source: fb0541d2-f67e-4988-9a28-0539cb396a9a.tmp.node.3.dr	Static PE information: section name: .00cfg
Source: fb0541d2-f67e-4988-9a28-0539cb396a9a.tmp.node.3.dr	Static PE information: section name: _RDATA
Source: 095e3122-2da5-4124-bb60-1d304745a2e6.tmp.node.3.dr	Static PE information: section name: _RDATA

Persistence and Installation Behavior

Source: C:\Users\user\Desktop\EpsilonFruit.exe	File created: C:\Users\user\AppData\Local\Temp\nsx6326.tmp\7z-out\swiftshader\libEGL.dll			Jump to dropped file
Source: C:\Users\user\Desktop\EpsilonFruit.exe	File created: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\libGLESv2.dll			Jump to dropped file
Source: C:\Users\user\Desktop\EpsilonFruit.exe	File created: C:\Users\user\AppData\Local\Temp\nsx6326.tmp\7z-out\d3dcompiler_47.dll			Jump to dropped file
Source: C:\Users\user\Desktop\EpsilonFruit.exe	File created: C:\Users\user\AppData\Local\Temp\nsx6326.tmp\7z-out\ffmpeg.dll			Jump to dropped file
Source: C:\Users\user\Desktop\EpsilonFruit.exe	File created: C:\Users\user\AppData\Local\Temp\nsx6326.tmp\7z-out\libEGL.dll			Jump to dropped file
Source: C:\Users\user\Desktop\EpsilonFruit.exe	File created: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\ffmpeg.dll			Jump to dropped file
Source: C:\Users\user\Desktop\EpsilonFruit.exe	File created: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\libEGL.dll			Jump to dropped file
Source: C:\Users\user\Desktop\EpsilonFruit.exe	File created: C:\Users\user\AppData\Local\Temp\nsx6326.tmp\7z-out\EpsilonFruit.exe			Jump to dropped file
Source: C:\Users\user\Desktop\EpsilonFruit.exe	File created: C:\Users\user\AppData\Local\Temp\nsx6326.tmp\7z-out\swiftshader\libGLESv2.dll			Jump to dropped file
Source: C:\Users\user\Desktop\EpsilonFruit.exe	File created: C:\Users\user\AppData\Local\Temp\nsx6326.tmp\System.dll			Jump to dropped file
Source: C:\Users\user\Desktop\EpsilonFruit.exe	File created: C:\Users\user\AppData\Local\Temp\nsx6326.tmp\7z-out\vk_swiftshader.dll			Jump to dropped file
Source: C:\Users\user\Desktop\EpsilonFruit.exe	File created: C:\Users\user\AppData\Local\Temp\nsx6326.tmp\7z-out\libGLESv2.dll			Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	File created: C:\Users\user\AppData\Local\Temp\fb0541d2-f67e-4988-9a28-0539cb396a9a.tmp.node			Jump to dropped file
Source: C:\Users\user\Desktop\EpsilonFruit.exe	File created: C:\Users\user\AppData\Local\Temp\nsx6326.tmp\nsis7z.dll			Jump to dropped file
Source: C:\Users\user\Desktop\EpsilonFruit.exe	File created: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe			Jump to dropped file
Source: C:\Users\user\Desktop\EpsilonFruit.exe	File created: C:\Users\user\AppData\Local\Temp\nsx6326.tmp\7z-out\resources\elevate.exe			Jump to dropped file
Source: C:\Users\user\Desktop\EpsilonFruit.exe	File created: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\d3dcompiler_47.dll			Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	File created: C:\Users\user\AppData\Local\Temp\095e3122-2da5-4124-bb60-1d304745a2e6.tmp.node			Jump to dropped file
Source: C:\Users\user\Desktop\EpsilonFruit.exe	File created: C:\Users\user\AppData\Local\Temp\nsx6326.tmp\7z-out\vulkan-1.dll			Jump to dropped file

Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	File created: C:\Users\user\AppData\Local\Temp\fb0541d2-f67e-4988-9a28-0539cb396a9a.tmp.node			Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	File created: C:\Users\user\AppData\Local\Temp\095e3122-2da5-4124-bb60-1d304745a2e6.tmp.node			Jump to dropped file

Source: C:\Users\user\Desktop\EpsilonFruit.exe	File created: C:\Users\user\AppData\Local\Temp\nsx6326.tmp\7z-out\LICENSE.electron.txt			Jump to behavior
Source: C:\Users\user\Desktop\EpsilonFruit.exe	File created: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\LICENSE.electron.txt			Jump to behavior

Hooking and other Techniques for Hiding and Protection

Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe

Registry key monitored for changes: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Spelling

Jump to behavior

Source: C:\Users\user\Desktop\EpsilonFruit.exe	Process information set: NOOPENFILEERRORBOX			Jump to behavior
Source: C:\Users\user\Desktop\EpsilonFruit.exe	Process information set: NOOPENFILEERRORBOX			Jump to behavior
Source: C:\Users\user\Desktop\EpsilonFruit.exe	Process information set: NOOPENFILEERRORBOX			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Process information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Process information set: NOOPENFILEERRORBOX			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Process information set: NOOPENFILEERRORBOX			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Process information set: NOOPENFILEERRORBOX			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Process information set: NOOPENFILEERRORBOX			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Process information set: NOOPENFILEERRORBOX			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Process information set: NOOPENFILEERRORBOX			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Process information set: NOOPENFILEERRORBOX			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Process information set: NOOPENFILEERRORBOX			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Process information set: NOOPENFILEERRORBOX			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Process information set: NOOPENFILEERRORBOX			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Process information set: NOOPENFILEERRORBOX			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Process information set: NOOPENFILEERRORBOX			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Process information set: NOOPENFILEERRORBOX			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Process information set: NOOPENFILEERRORBOX			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Process information set: NOOPENFILEERRORBOX			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Process information set: NOOPENFILEERRORBOX			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Process information set: NOOPENFILEERRORBOX			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Process information set: NOOPENFILEERRORBOX			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Process information set: NOOPENFILEERRORBOX			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Process information set: NOOPENFILEERRORBOX			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Process information set: NOOPENFILEERRORBOX			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Process information set: NOOPENFILEERRORBOX			Jump to behavior
Source: C:\Windows\System32\cmd.exe	Process information set: NOOPENFILEERRORBOX			Jump to behavior
Source: C:\Windows\System32\conhost.exe	Process information set: NOOPENFILEERRORBOX			Jump to behavior
Source: C:\Windows\System32\wbem\WMIC.exe	Process information set: NOOPENFILEERRORBOX			Jump to behavior
Source: C:\Windows\System32\wbem\WMIC.exe	Process information set: NOOPENFILEERRORBOX			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Process information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Process information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Process information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Process information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Process information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Process information set: NOOPENFILEERRORBOX			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Process information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Process information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Process information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX			Jump to behavior

Malware Analysis System Evasion

Source: Yara match

File source: C:\Users\user\AppData\Local\Temp\nsx6326.tmp\7z-out\resources\app.asar, type: DROPPED

Source: Yara match

File source: C:\Users\user\AppData\Local\Temp\nsx6326.tmp\7z-out\resources\app.asar, type: DROPPED

Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	File opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	File opened: HKEY_CURRENT_USER\SOFTWARE\Wine			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	File opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	File opened: HKEY_CURRENT_USER\SOFTWARE\Wine			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	File opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	File opened: HKEY_CURRENT_USER\SOFTWARE\Wine			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	File opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	File opened: HKEY_CURRENT_USER\SOFTWARE\Wine			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	File opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	File opened: HKEY_CURRENT_USER\SOFTWARE\Wine			Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	File opened / queried: C:\WINDOWS\system32\drivers\VBoxSF.sys			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Registry key queried: HKEY_LOCAL_MACHINE\HARDWARE\DEVICEMAP\Scsi\Scsi Port 0\Scsi Bus 0\Target Id 0\Logical Unit Id 0 name: Identifier			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	File opened / queried: C:\WINDOWS\system32\drivers\vmmouse.sys			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	File opened / queried: vmci			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	File opened / queried: C:\WINDOWS\system32\drivers\vmhgfs.sys			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	File opened / queried: C:\WINDOWS\system32\vboxtray.exe			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	File opened / queried: HGFS			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	File opened / queried: VBoxTrayIPC			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	File opened / queried: C:\WINDOWS\system32\vboxhook.dll			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Registry key queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System name: SystemBiosDate			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	File opened / queried: \pipe\VBoxTrayIPC			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	File opened / queried: C:\WINDOWS\system32\drivers\VBoxMouse.sys			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	File opened / queried: C:\WINDOWS\system32\vboxservice.exe			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	File opened / queried: C:\WINDOWS\system32\drivers\VBoxGuest.sys			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Registry key queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System name: SystemBiosVersion			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	File opened / queried: VBoxMiniRdrDN			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	File opened / queried: C:\WINDOWS\system32\drivers\VBoxVideo.sys			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Registry key queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System name: VideoBiosVersion			Jump to behavior

Source: C:\Windows\explorer.exe	Window / User API: foregroundWindowGot 890			Jump to behavior
Source: C:\Windows\explorer.exe	Window / User API: foregroundWindowGot 863			Jump to behavior

Source: C:\Users\user\Desktop\EpsilonFruit.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsx6326.tmp\7z-out\swiftshader\libEGL.dll			Jump to dropped file
Source: C:\Users\user\Desktop\EpsilonFruit.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\libGLESv2.dll			Jump to dropped file
Source: C:\Users\user\Desktop\EpsilonFruit.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsx6326.tmp\7z-out\libEGL.dll			Jump to dropped file
Source: C:\Users\user\Desktop\EpsilonFruit.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsx6326.tmp\7z-out\d3dcompiler_47.dll			Jump to dropped file
Source: C:\Users\user\Desktop\EpsilonFruit.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsx6326.tmp\7z-out\swiftshader\libGLESv2.dll			Jump to dropped file
Source: C:\Users\user\Desktop\EpsilonFruit.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\libEGL.dll			Jump to dropped file
Source: C:\Users\user\Desktop\EpsilonFruit.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsx6326.tmp\7z-out\vk_swiftshader.dll			Jump to dropped file
Source: C:\Users\user\Desktop\EpsilonFruit.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsx6326.tmp\System.dll			Jump to dropped file
Source: C:\Users\user\Desktop\EpsilonFruit.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsx6326.tmp\7z-out\libGLESv2.dll			Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\fb0541d2-f67e-4988-9a28-0539cb396a9a.tmp.node			Jump to dropped file
Source: C:\Users\user\Desktop\EpsilonFruit.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsx6326.tmp\nsis7z.dll			Jump to dropped file
Source: C:\Users\user\Desktop\EpsilonFruit.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsx6326.tmp\7z-out\resources\elevate.exe			Jump to dropped file
Source: C:\Users\user\Desktop\EpsilonFruit.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\d3dcompiler_47.dll			Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\095e3122-2da5-4124-bb60-1d304745a2e6.tmp.node			Jump to dropped file
Source: C:\Users\user\Desktop\EpsilonFruit.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsx6326.tmp\7z-out\vulkan-1.dll			Jump to dropped file

Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Key opened: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Keyboard Layouts\d0010809			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Key opened: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Keyboard Layouts\d0010809			Jump to behavior

Source: C:\Windows\System32\wbem\WMIC.exe

WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT UUID FROM Win32_ComputerSystemProduct

Source: C:\Users\user\Desktop\EpsilonFruit.exe	File Volume queried: C:\ FullSizeInformation			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	File Volume queried: C:\Users\user\AppData\Roaming\EpsilonFruit\Code Cache\js FullSizeInformation			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	File Volume queried: C:\Users\user\AppData\Roaming\EpsilonFruit\Code Cache\wasm FullSizeInformation			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	File Volume queried: C:\Users\user\AppData\Roaming\EpsilonFruit\blob_storage\70934334-64e0-4164-8c75-5626a0531b59 FullSizeInformation			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	File Volume queried: C:\Users\user\AppData\Roaming\EpsilonFruit\Cache\Cache_Data FullSizeInformation			Jump to behavior

Source: C:\Users\user\Desktop\EpsilonFruit.exe	File opened: C:\Users\user\AppData\Local\Temp\nsx6326.tmp\7z-out\resources			Jump to behavior
Source: C:\Users\user\Desktop\EpsilonFruit.exe	File opened: C:\Users\user			Jump to behavior
Source: C:\Users\user\Desktop\EpsilonFruit.exe	File opened: C:\Users\user\AppData\Local\Temp\nsx6326.tmp\7z-out\locales			Jump to behavior
Source: C:\Users\user\Desktop\EpsilonFruit.exe	File opened: C:\Users\user\AppData\Local\Temp\nsx6326.tmp\app-64.7z			Jump to behavior
Source: C:\Users\user\Desktop\EpsilonFruit.exe	File opened: C:\Users\user\Desktop\EpsilonFruit.exe			Jump to behavior
Source: C:\Users\user\Desktop\EpsilonFruit.exe	File opened: C:\Users\user\Desktop\desktop.ini			Jump to behavior

Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	Binary or memory string: VMware Virtual Webcam
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	Binary or memory string: VMware Fusion 4 has corrupt rendering with Win Vista+
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	Binary or memory string: VMnet
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	Binary or memory string: VMware, Inc.
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	Binary or memory string: Access-Control-Allow-Credentials: trueNet.RedirectChainLengthurl_chainload_state_paramdelegate_blocked_byhas_uploadis_pendingDelegateNet.URLRequest.ReferrerPolicyForRequest.SameOriginNet.URLRequest.ReferrerHasInformativePath.SameOriginNet.URLRequest.ReferrerPolicyForRequest.CrossOriginNet.URLRequest.ReferrerHasInformativePath.CrossOrigin../../net/url_request/url_request_job.ccOnDonenum_failuresrelease_after_msThrottling.RequestThrottled../../net/base/network_interfaces_win.ccWlanApiwlanapi.dllWlanQueryInterfaceWlanSetInterfaceVMnetGetAdaptersAddresses failed:
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	Binary or memory string: VMware Inc.
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E5C4000.00000002.00000001.01000000.00000008.sdmp	Binary or memory string: eb1a:2860eb1a:28201ce6:282012ab:03801943:22530c45:64d00c45:64d21bcf:298504ca:704704ca:704804f2:b3ed04f2:b3ca05c8:035d05c8:036904ca:709513d3:52570bda:57f20fd9:0066VMware Virtual WebcamMedia.VideoCapture.BlacklistedDeviceGoogle Camera AdapterIP Camera [JPEG/MJPEG]CyberLink Webcam SplitterEpocCam../../media/capture/video/video_capture_metrics.ccDevice supports Media.VideoCapture.Device.SupportedPixelFormatMedia.VideoCapture.Device.SupportedResolution
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	Binary or memory string: Gearway Electronics (Dong Guan) Co., Ltd.VMware Inc.Olimex Ltd.
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	Binary or memory string: Qemu Audio Device
Source: EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp	Binary or memory string: lgnW2/4/PEZB31jiVg88O8EckzXZOFKs7sjsLjBOlDW0JB9LeGna8gI4zJVSk/BwJVmcIGfE
Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp	Binary or memory string: VMware can crash with older drivers and WebGL content

Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe

Process information queried: ProcessInformation

Jump to behavior

HIPS / PFW / Operating System Protection Evasion

Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Process created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /d /s /c "wmic CsProduct Get UUID"			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Process created: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe "C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe" --type=gpu-process --user-data-dir="C:\Users\user\AppData\Roaming\EpsilonFruit" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1720 --field-trial-handle=1780,4446609396603804754,17593310329592071850,131072 --disable-features=PlzServiceWorker,SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Process created: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe "C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --user-data-dir="C:\Users\user\AppData\Roaming\EpsilonFruit" --mojo-platform-channel-handle=1948 --field-trial-handle=1780,4446609396603804754,17593310329592071850,131072 --disable-features=PlzServiceWorker,SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Process created: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe "C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe" --type=renderer --user-data-dir="C:\Users\user\AppData\Roaming\EpsilonFruit" --app-path="C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\resources\app.asar" --no-sandbox --no-zygote --lang=en-GB --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=4 --launch-time-ticks=4714222268 --mojo-platform-channel-handle=2188 --field-trial-handle=1780,4446609396603804754,17593310329592071850,131072 --disable-features=PlzServiceWorker,SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Process created: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe "C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-GB --service-sandbox-type=audio --user-data-dir="C:\Users\user\AppData\Roaming\EpsilonFruit" --mojo-platform-channel-handle=2300 --field-trial-handle=1780,4446609396603804754,17593310329592071850,131072 --disable-features=PlzServiceWorker,SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8			Jump to behavior
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\wbem\WMIC.exe wmic CsProduct Get UUID			Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Process created: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe "c:\users\user\appdata\local\temp\2f39p0isfknozlil2q9butg5j7v\epsilonfruit.exe" --type=gpu-process --user-data-dir="c:\users\user\appdata\roaming\epsilonfruit" --gpu-preferences=uaaaaaaaaadgaaayaaaaaaaaaaaaaaaaaabgaaaaaaawaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaegaaaaaaaaasaaaaaaaaaayaaaaagaaabaaaaaaaaaagaaaaaaaaaaqaaaaaaaaaaaaaaaoaaaaeaaaaaaaaaabaaaadgaaaagaaaaaaaaacaaaaaaaaaa= --mojo-platform-channel-handle=1720 --field-trial-handle=1780,4446609396603804754,17593310329592071850,131072 --disable-features=plzserviceworker,sparerendererforsiteperprocess,winretrievesuggestionsonlyondemand /prefetch:2
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Process created: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe "c:\users\user\appdata\local\temp\2f39p0isfknozlil2q9butg5j7v\epsilonfruit.exe" --type=utility --utility-sub-type=network.mojom.networkservice --lang=en-gb --service-sandbox-type=none --user-data-dir="c:\users\user\appdata\roaming\epsilonfruit" --mojo-platform-channel-handle=1948 --field-trial-handle=1780,4446609396603804754,17593310329592071850,131072 --disable-features=plzserviceworker,sparerendererforsiteperprocess,winretrievesuggestionsonlyondemand /prefetch:8
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Process created: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe "c:\users\user\appdata\local\temp\2f39p0isfknozlil2q9butg5j7v\epsilonfruit.exe" --type=renderer --user-data-dir="c:\users\user\appdata\roaming\epsilonfruit" --app-path="c:\users\user\appdata\local\temp\2f39p0isfknozlil2q9butg5j7v\resources\app.asar" --no-sandbox --no-zygote --lang=en-gb --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=4 --launch-time-ticks=4714222268 --mojo-platform-channel-handle=2188 --field-trial-handle=1780,4446609396603804754,17593310329592071850,131072 --disable-features=plzserviceworker,sparerendererforsiteperprocess,winretrievesuggestionsonlyondemand /prefetch:1
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Process created: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe "c:\users\user\appdata\local\temp\2f39p0isfknozlil2q9butg5j7v\epsilonfruit.exe" --type=utility --utility-sub-type=audio.mojom.audioservice --lang=en-gb --service-sandbox-type=audio --user-data-dir="c:\users\user\appdata\roaming\epsilonfruit" --mojo-platform-channel-handle=2300 --field-trial-handle=1780,4446609396603804754,17593310329592071850,131072 --disable-features=plzserviceworker,sparerendererforsiteperprocess,winretrievesuggestionsonlyondemand /prefetch:8
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Process created: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe "c:\users\user\appdata\local\temp\2f39p0isfknozlil2q9butg5j7v\epsilonfruit.exe" --type=gpu-process --user-data-dir="c:\users\user\appdata\roaming\epsilonfruit" --gpu-preferences=uaaaaaaaaadgaaayaaaaaaaaaaaaaaaaaabgaaaaaaawaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaegaaaaaaaaasaaaaaaaaaayaaaaagaaabaaaaaaaaaagaaaaaaaaaaqaaaaaaaaaaaaaaaoaaaaeaaaaaaaaaabaaaadgaaaagaaaaaaaaacaaaaaaaaaa= --mojo-platform-channel-handle=1720 --field-trial-handle=1780,4446609396603804754,17593310329592071850,131072 --disable-features=plzserviceworker,sparerendererforsiteperprocess,winretrievesuggestionsonlyondemand /prefetch:2			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Process created: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe "c:\users\user\appdata\local\temp\2f39p0isfknozlil2q9butg5j7v\epsilonfruit.exe" --type=utility --utility-sub-type=network.mojom.networkservice --lang=en-gb --service-sandbox-type=none --user-data-dir="c:\users\user\appdata\roaming\epsilonfruit" --mojo-platform-channel-handle=1948 --field-trial-handle=1780,4446609396603804754,17593310329592071850,131072 --disable-features=plzserviceworker,sparerendererforsiteperprocess,winretrievesuggestionsonlyondemand /prefetch:8			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Process created: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe "c:\users\user\appdata\local\temp\2f39p0isfknozlil2q9butg5j7v\epsilonfruit.exe" --type=renderer --user-data-dir="c:\users\user\appdata\roaming\epsilonfruit" --app-path="c:\users\user\appdata\local\temp\2f39p0isfknozlil2q9butg5j7v\resources\app.asar" --no-sandbox --no-zygote --lang=en-gb --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=4 --launch-time-ticks=4714222268 --mojo-platform-channel-handle=2188 --field-trial-handle=1780,4446609396603804754,17593310329592071850,131072 --disable-features=plzserviceworker,sparerendererforsiteperprocess,winretrievesuggestionsonlyondemand /prefetch:1			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Process created: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe "c:\users\user\appdata\local\temp\2f39p0isfknozlil2q9butg5j7v\epsilonfruit.exe" --type=utility --utility-sub-type=audio.mojom.audioservice --lang=en-gb --service-sandbox-type=audio --user-data-dir="c:\users\user\appdata\roaming\epsilonfruit" --mojo-platform-channel-handle=2300 --field-trial-handle=1780,4446609396603804754,17593310329592071850,131072 --disable-features=plzserviceworker,sparerendererforsiteperprocess,winretrievesuggestionsonlyondemand /prefetch:8			Jump to behavior

Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71DD15000.00000002.00000001.01000000.00000008.sdmp

Binary or memory string: ../../electron/shell/browser/ui/views/electron_views_delegate_win.ccGetAppbarAutohideEdgesShell_TrayWnd

Source: EpsilonFruit.exe, 00000003.00000000.2352475598.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp, EpsilonFruit.exe, 00000009.00000000.2411095575.00007FF71E8C1000.00000002.00000001.01000000.00000008.sdmp

Binary or memory string: ?@../../third_party/webrtc/modules/desktop_capture/win/cursor.ccCreateMouseCursorFromHCursorUnable to get cursor icon info. Error = Unable to get bitmap info. Error = Unable to get bitmap bits. Error = DwmIsCompositionEnabledDwmGetWindowAttribute../../third_party/webrtc/modules/desktop_capture/win/window_capture_utils.ccFail to create instance of VirtualDesktopManagerChrome_WidgetWin_Progman

Language, Device and Operating System Detection

Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Queries volume information: C:\ VolumeInformation			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Queries volume information: C:\Users\user VolumeInformation			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\resources\app.asar.unpacked\node_modules\screenshot-desktop\lib\win32\index.js VolumeInformation			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Queries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Queries volume information: C:\Windows\Fonts\segoeui.ttf VolumeInformation			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Queries volume information: C:\Windows\System32\spool\drivers\color\sRGB Color Space Profile.icm VolumeInformation			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Queries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Queries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2f39P0ISFknOZLiL2q9ButG5J7V\EpsilonFruit.exe	Queries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation			Jump to behavior