Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
T_AGM__1905.xml

Overview

General Information

Sample name:T_AGM__1905.xml
Analysis ID:1430762
MD5:46ceb761adb7c723d89d267eb722e6e7
SHA1:5d790d0e4dee292701e50ddce19b9750bb8c8cfc
SHA256:7589b7da04afe02e535953f9ecbfeeb81422eda8fcff6a31d83beb21cd2e46af
Tags:jar
Infos:

Detection

Score:2
Range:0 - 100
Whitelisted:false
Confidence:80%

Signatures

Creates a process in suspended mode (likely to inject code)
IP address seen in connection with other malware
Potential browser exploit detected (process start blacklist hit)
Sigma detected: Use Short Name Path in Command Line

Classification

Process Tree

  • System is w10x64
  • MSOXMLED.EXE (PID: 7708 cmdline: "C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLED.EXE" /verb open "C:\Users\user\Desktop\T_AGM__1905.xml" MD5: A2E6E2A1C125973A4967540FD08C9AF0)
    • iexplore.exe (PID: 7852 cmdline: "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\user\Desktop\T_AGM__1905.xml MD5: CFE2E6942AC1B72981B3105E22D3224E)
      • iexplore.exe (PID: 7912 cmdline: "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:7852 CREDAT:17410 /prefetch:2 MD5: 6F0F06D6AB125A99E43335427066A4A1)
        • ie_to_edge_stub.exe (PID: 7976 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exe" --from-ie-to-edge=3 --ie-frame-hwnd=10458 MD5: 89CF8972D683795DAB6901BC9456675D)
          • msedge.exe (PID: 8036 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --from-ie-to-edge=3 --ie-frame-hwnd=10458 MD5: 69222B8101B0601CC6663F8381E7E00F)
            • msedge.exe (PID: 7376 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2176 --field-trial-handle=2088,i,3537742655539462717,4247494418498581012,262144 /prefetch:3 MD5: 69222B8101B0601CC6663F8381E7E00F)
        • ssvagent.exe (PID: 8016 cmdline: "C:\PROGRA~2\Java\jre-1.8\bin\ssvagent.exe" -new MD5: F9A898A606E7F5A1CD7CFFA8079253A0)
  • msedge.exe (PID: 6876 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --from-ie-to-edge=3 --ie-frame-hwnd=10458 --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 7472 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2248 --field-trial-handle=2092,i,14795131593982425154,17100190454917439701,262144 /prefetch:3 MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 524 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6236 --field-trial-handle=2092,i,14795131593982425154,17100190454917439701,262144 /prefetch:8 MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 8596 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=3616 --field-trial-handle=2092,i,14795131593982425154,17100190454917439701,262144 /prefetch:8 MD5: 69222B8101B0601CC6663F8381E7E00F)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

Sigma detected: Use Short Name Path in Command Line
Source: Process startedAuthor: frack113, Nasreddine Bencherchali: Data: Command: "C:\PROGRA~2\Java\jre-1.8\bin\ssvagent.exe" -new, CommandLine: "C:\PROGRA~2\Java\jre-1.8\bin\ssvagent.exe" -new, CommandLine|base64offset|contains: w, Image: C:\Program Files (x86)\Java\jre-1.8\bin\ssvagent.exe, NewProcessName: C:\Program Files (x86)\Java\jre-1.8\bin\ssvagent.exe, OriginalFileName: C:\Program Files (x86)\Java\jre-1.8\bin\ssvagent.exe, ParentCommandLine: "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:7852 CREDAT:17410 /prefetch:2, ParentImage: C:\Program Files (x86)\Internet Explorer\iexplore.exe, ParentProcessId: 7912, ParentProcessName: iexplore.exe, ProcessCommandLine: "C:\PROGRA~2\Java\jre-1.8\bin\ssvagent.exe" -new, ProcessId: 8016, ProcessName: ssvagent.exe
Sigma detected: Modification of IE Registry Settings
Source: Registry Key setAuthor: frack113: Data: Details: 1, EventID: 13, EventType: SetValue, Image: C:\Program Files\Internet Explorer\iexplore.exe, ProcessId: 7852, TargetObject: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\SecuritySafe

Snort Signatures

No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: C:\Program Files (x86)\Internet Explorer\iexplore.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exe
Source: Joe Sandbox ViewIP Address: 162.159.61.3 162.159.61.3
Source: Joe Sandbox ViewIP Address: 239.255.255.250 239.255.255.250
Source: Joe Sandbox ViewIP Address: 13.107.246.69 13.107.246.69
Source: Joe Sandbox ViewIP Address: 152.195.19.97 152.195.19.97
Source: Joe Sandbox ViewIP Address: 172.64.41.3 172.64.41.3
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.69
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.69
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.69
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.69
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.69
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.69
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.69
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.69
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.69
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.69
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.69
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.69
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.69
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.69
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.69
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.69
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.69
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.69
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.69
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.69
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.69
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.69
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.69
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.69
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.69
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.69
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.69
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.69
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.69
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.69
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.69
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.69
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.69
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.69
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.69
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.69
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.69
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.69
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.69
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.69
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.69
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.69
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.69
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.69
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.69
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.69
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.69
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.69
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.69
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.69
Source: global trafficHTTP traffic detected: GET /crx/blobs/AfQPRnlBHVf9QbAmjPnmJQnDwEcerxafOq8p01cAfJ5QoFk2s6gAMnMY_23BNiizXK2e-3smriJGTe2WOZO9s5X2xejbvoKpPILOKN2-0t9ZbrurACaLAMZSmuXX9slHldVQ07B5bvw6KCm_x6CONA/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_76_1_0.crx HTTP/1.1Host: clients2.googleusercontent.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /filestreamingservice/files/bdc392b9-6b81-4aaa-b3ee-2fffd9562edb?P1=1714539437&P2=404&P3=2&P4=kVBY5XucgZSzbqI8oXPMOPFaYPQymIx3W%2bJzFDw74FbOzI8m4ZabeD483vK0wpOdnLAoocy2bPo4TO6vxQIO9w%3d%3d HTTP/1.1Host: msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.comConnection: keep-aliveMS-CV: yQRbHNvRyR1IPiowYUnZYvSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /assets/addressbar_uu_files.en-gb/1.0.2/asset?sv=2017-07-29&sr=c&sig=R83mlHRCqeHRG9T0loza5cz3U8zjuZzQy2wVvoSHGHw%3D&st=2021-01-01T00%3A00%3A00Z&se=2024-06-30T00%3A00%3A00Z&sp=r&assetgroup=AddressBar HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveEdge-Asset-Group: AddressBarSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: 000003.log.10.dr, uu_host_config.10.drString found in binary or memory: "www.facebook.com": "{\"Tier1\": [1103, 6061], \"Tier2\": [5445, 1780, 8220]}", equals www.facebook.com (Facebook)
Source: 000003.log.10.dr, uu_host_config.10.drString found in binary or memory: "www.linkedin.com": "{\"Tier1\": [1103, 214, 6061], \"Tier2\": [2771, 9515, 1780, 1303, 1099, 6081, 5581, 9396]}", equals www.linkedin.com (Linkedin)
Source: 000003.log.10.dr, uu_host_config.10.drString found in binary or memory: "www.youtube.com": "{\"Tier1\": [983, 6061, 1103], \"Tier2\": [2413, 8118, 1720, 5007]}", equals www.youtube.com (Youtube)
Source: msapplication.xml1.3.drString found in binary or memory: <browserconfig><msapplication><config><site src="http://www.facebook.com/"/><date>0xf4794dfb,0x01da9603</date><accdate>0xf4794dfb,0x01da9603</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Facebook.url"/></tile></msapplication></browserconfig> equals www.facebook.com (Facebook)
Source: msapplication.xml6.3.drString found in binary or memory: <browserconfig><msapplication><config><site src="http://www.twitter.com/"/><date>0xf47e1298,0x01da9603</date><accdate>0xf47e1298,0x01da9603</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Twitter.url"/></tile></msapplication></browserconfig> equals www.twitter.com (Twitter)
Source: msapplication.xml8.3.drString found in binary or memory: <browserconfig><msapplication><config><site src="http://www.youtube.com/"/><date>0xf48074e2,0x01da9603</date><accdate>0xf48074e2,0x01da9603</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Youtube.url"/></tile></msapplication></browserconfig> equals www.youtube.com (Youtube)
Source: unknownDNS traffic detected: queries for: clients2.googleusercontent.com
Source: unknownHTTP traffic detected: POST /dns-query HTTP/1.1Host: chrome.cloudflare-dns.comConnection: keep-aliveContent-Length: 128Accept: application/dns-messageAccept-Language: *User-Agent: ChromeAccept-Encoding: identityContent-Type: application/dns-message
Source: msapplication.xml.3.drString found in binary or memory: http://www.amazon.com/
Source: msapplication.xml2.3.drString found in binary or memory: http://www.google.com/
Source: msapplication.xml3.3.drString found in binary or memory: http://www.live.com/
Source: msapplication.xml4.3.drString found in binary or memory: http://www.nytimes.com/
Source: msapplication.xml5.3.drString found in binary or memory: http://www.reddit.com/
Source: msapplication.xml6.3.drString found in binary or memory: http://www.twitter.com/
Source: msapplication.xml7.3.drString found in binary or memory: http://www.wikipedia.com/
Source: msapplication.xml8.3.drString found in binary or memory: http://www.youtube.com/
Source: 94f19356-3775-4c71-ab56-92c65b80abf8.tmp.11.drString found in binary or memory: https://assets.msn.com
Source: manifest.json.10.drString found in binary or memory: https://chrome.google.com/webstore/
Source: manifest.json.10.drString found in binary or memory: https://chromewebstore.google.com/
Source: manifest.json0.10.drString found in binary or memory: https://clients2.google.com/service/update2/crx
Source: manifest.json0.10.drString found in binary or memory: https://docs.google.com/
Source: manifest.json0.10.drString found in binary or memory: https://drive-autopush.corp.google.com/
Source: manifest.json0.10.drString found in binary or memory: https://drive-daily-0.corp.google.com/
Source: manifest.json0.10.drString found in binary or memory: https://drive-daily-1.corp.google.com/
Source: manifest.json0.10.drString found in binary or memory: https://drive-daily-2.corp.google.com/
Source: manifest.json0.10.drString found in binary or memory: https://drive-daily-3.corp.google.com/
Source: manifest.json0.10.drString found in binary or memory: https://drive-daily-4.corp.google.com/
Source: manifest.json0.10.drString found in binary or memory: https://drive-daily-5.corp.google.com/
Source: manifest.json0.10.drString found in binary or memory: https://drive-daily-6.corp.google.com/
Source: manifest.json0.10.drString found in binary or memory: https://drive-preprod.corp.google.com/
Source: manifest.json0.10.drString found in binary or memory: https://drive-staging.corp.google.com/
Source: manifest.json0.10.drString found in binary or memory: https://drive.google.com/
Source: 000003.log.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/addressbar_uu_files.en-gb/1.0.2/asset?sv=2017-07-29&sr
Source: 000003.log.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/arbitration_priority_list/4.0.5/asset?sv=2017-07-29&sr
Source: content.js.10.dr, content_new.js.10.drString found in binary or memory: https://www.google.com/chrome
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49712 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49712
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
Source: classification engineClassification label: clean2.winXML@51/223@10/6
Source: C:\Program Files\Internet Explorer\iexplore.exeFile created: C:\Users\user\AppData\Local\Microsoft\Internet Explorer\RecoveryJump to behavior
Source: C:\Program Files\Internet Explorer\iexplore.exeFile created: C:\Users\user\AppData\Local\Temp\~DF7B94DF61E77CC8CC.TMPJump to behavior
Source: C:\Program Files\Internet Explorer\iexplore.exeFile read: C:\Users\desktop.iniJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exeKey opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
Source: unknownProcess created: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLED.EXE "C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLED.EXE" /verb open "C:\Users\user\Desktop\T_AGM__1905.xml"
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLED.EXEProcess created: C:\Program Files\Internet Explorer\iexplore.exe "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\user\Desktop\T_AGM__1905.xml
Source: C:\Program Files\Internet Explorer\iexplore.exeProcess created: C:\Program Files (x86)\Internet Explorer\iexplore.exe "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:7852 CREDAT:17410 /prefetch:2
Source: C:\Program Files (x86)\Internet Explorer\iexplore.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exe "C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exe" --from-ie-to-edge=3 --ie-frame-hwnd=10458
Source: C:\Program Files (x86)\Internet Explorer\iexplore.exeProcess created: C:\Program Files (x86)\Java\jre-1.8\bin\ssvagent.exe "C:\PROGRA~2\Java\jre-1.8\bin\ssvagent.exe" -new
Source: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --from-ie-to-edge=3 --ie-frame-hwnd=10458
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2176 --field-trial-handle=2088,i,3537742655539462717,4247494418498581012,262144 /prefetch:3
Source: unknownProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --from-ie-to-edge=3 --ie-frame-hwnd=10458 --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2248 --field-trial-handle=2092,i,14795131593982425154,17100190454917439701,262144 /prefetch:3
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6236 --field-trial-handle=2092,i,14795131593982425154,17100190454917439701,262144 /prefetch:8
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=3616 --field-trial-handle=2092,i,14795131593982425154,17100190454917439701,262144 /prefetch:8
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLED.EXEProcess created: C:\Program Files\Internet Explorer\iexplore.exe "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\user\Desktop\T_AGM__1905.xmlJump to behavior
Source: C:\Program Files\Internet Explorer\iexplore.exeProcess created: C:\Program Files (x86)\Internet Explorer\iexplore.exe "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:7852 CREDAT:17410 /prefetch:2Jump to behavior
Source: C:\Program Files (x86)\Internet Explorer\iexplore.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exe "C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exe" --from-ie-to-edge=3 --ie-frame-hwnd=10458Jump to behavior
Source: C:\Program Files (x86)\Internet Explorer\iexplore.exeProcess created: C:\Program Files (x86)\Java\jre-1.8\bin\ssvagent.exe "C:\PROGRA~2\Java\jre-1.8\bin\ssvagent.exe" -newJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --from-ie-to-edge=3 --ie-frame-hwnd=10458Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2176 --field-trial-handle=2088,i,3537742655539462717,4247494418498581012,262144 /prefetch:3Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2248 --field-trial-handle=2092,i,14795131593982425154,17100190454917439701,262144 /prefetch:3Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6236 --field-trial-handle=2092,i,14795131593982425154,17100190454917439701,262144 /prefetch:8Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=3616 --field-trial-handle=2092,i,14795131593982425154,17100190454917439701,262144 /prefetch:8Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLED.EXESection loaded: apphelp.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLED.EXESection loaded: appvisvsubsystems32.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLED.EXESection loaded: vcruntime140.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLED.EXESection loaded: c2r32.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLED.EXESection loaded: userenv.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLED.EXESection loaded: wininet.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLED.EXESection loaded: sspicli.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLED.EXESection loaded: iertutil.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLED.EXESection loaded: windows.storage.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLED.EXESection loaded: wldp.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLED.EXESection loaded: kernel.appcore.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLED.EXESection loaded: profapi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exeSection loaded: wininet.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exeSection loaded: urlmon.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exeSection loaded: iertutil.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exeSection loaded: srvcli.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exeSection loaded: netutils.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exeSection loaded: wldp.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exeSection loaded: propsys.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exeSection loaded: profapi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exeSection loaded: edputil.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exeSection loaded: windows.staterepositoryps.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exeSection loaded: appresolver.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exeSection loaded: bcp47langs.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exeSection loaded: slc.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exeSection loaded: userenv.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exeSection loaded: sppc.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exeSection loaded: onecorecommonproxystub.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
Source: C:\Program Files (x86)\Java\jre-1.8\bin\ssvagent.exeSection loaded: vcruntime140.dllJump to behavior
Source: C:\Program Files (x86)\Java\jre-1.8\bin\ssvagent.exeSection loaded: wininet.dllJump to behavior
Source: C:\Program Files (x86)\Java\jre-1.8\bin\ssvagent.exeSection loaded: version.dllJump to behavior
Source: C:\Program Files (x86)\Java\jre-1.8\bin\ssvagent.exeSection loaded: urlmon.dllJump to behavior
Source: C:\Program Files (x86)\Java\jre-1.8\bin\ssvagent.exeSection loaded: msvcp140.dllJump to behavior
Source: C:\Program Files (x86)\Java\jre-1.8\bin\ssvagent.exeSection loaded: iertutil.dllJump to behavior
Source: C:\Program Files (x86)\Java\jre-1.8\bin\ssvagent.exeSection loaded: srvcli.dllJump to behavior
Source: C:\Program Files (x86)\Java\jre-1.8\bin\ssvagent.exeSection loaded: netutils.dllJump to behavior
Source: C:\Program Files (x86)\Java\jre-1.8\bin\ssvagent.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Program Files (x86)\Java\jre-1.8\bin\ssvagent.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLED.EXEKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0358b920-0ac7-461f-98f4-58e32cd89148}\InProcServer32Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLED.EXEKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\CommonJump to behavior
Source: T_AGM__1905.xmlStatic file information: File size 2858660 > 1048576
Source: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Java\jre-1.8\bin\ssvagent.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Java\jre-1.8\bin\ssvagent.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: Web Data.10.drBinary or memory string: dev.azure.comVMware20,11696497155j
Source: Web Data.10.drBinary or memory string: global block list test formVMware20,11696497155
Source: Web Data.10.drBinary or memory string: turbotax.intuit.comVMware20,11696497155t
Source: Web Data.10.drBinary or memory string: Interactive Brokers - COM.HKVMware20,11696497155
Source: Web Data.10.drBinary or memory string: Interactive Brokers - HKVMware20,11696497155]
Source: Web Data.10.drBinary or memory string: secure.bankofamerica.comVMware20,11696497155|UE
Source: Web Data.10.drBinary or memory string: tasks.office.comVMware20,11696497155o
Source: Web Data.10.drBinary or memory string: Canara Change Transaction PasswordVMware20,11696497155
Source: Web Data.10.drBinary or memory string: Interactive Brokers - EU East & CentralVMware20,11696497155
Source: Web Data.10.drBinary or memory string: bankofamerica.comVMware20,11696497155x
Source: Web Data.10.drBinary or memory string: ms.portal.azure.comVMware20,11696497155
Source: Web Data.10.drBinary or memory string: trackpan.utiitsl.comVMware20,11696497155h
Source: Web Data.10.drBinary or memory string: Interactive Brokers - GDCDYNVMware20,11696497155p
Source: Web Data.10.drBinary or memory string: Interactive Brokers - EU WestVMware20,11696497155n
Source: Web Data.10.drBinary or memory string: interactivebrokers.co.inVMware20,11696497155d
Source: Web Data.10.drBinary or memory string: Canara Transaction PasswordVMware20,11696497155x
Source: Web Data.10.drBinary or memory string: Test URL for global passwords blocklistVMware20,11696497155
Source: ie_to_edge_stub.exe, 00000005.00000002.1357507552.0000022331013000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \??\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}
Source: Web Data.10.drBinary or memory string: interactivebrokers.comVMware20,11696497155
Source: Web Data.10.drBinary or memory string: AMC password management pageVMware20,11696497155
Source: Web Data.10.drBinary or memory string: Interactive Brokers - non-EU EuropeVMware20,11696497155
Source: Web Data.10.drBinary or memory string: Canara Transaction PasswordVMware20,11696497155}
Source: Web Data.10.drBinary or memory string: Canara Change Transaction PasswordVMware20,11696497155^
Source: Web Data.10.drBinary or memory string: account.microsoft.com/profileVMware20,11696497155u
Source: Web Data.10.drBinary or memory string: discord.comVMware20,11696497155f
Source: Web Data.10.drBinary or memory string: netportal.hdfcbank.comVMware20,11696497155
Source: Web Data.10.drBinary or memory string: Interactive Brokers - NDCDYNVMware20,11696497155z
Source: Web Data.10.drBinary or memory string: outlook.office365.comVMware20,11696497155t
Source: Web Data.10.drBinary or memory string: outlook.office.comVMware20,11696497155s
Source: Web Data.10.drBinary or memory string: www.interactivebrokers.comVMware20,11696497155}
Source: Web Data.10.drBinary or memory string: www.interactivebrokers.co.inVMware20,11696497155~
Source: Web Data.10.drBinary or memory string: microsoft.visualstudio.comVMware20,11696497155x
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLED.EXEProcess created: C:\Program Files\Internet Explorer\iexplore.exe "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\user\Desktop\T_AGM__1905.xmlJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --from-ie-to-edge=3 --ie-frame-hwnd=10458Jump to behavior

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid Accounts1
Exploitation for Client Execution		1
DLL Side-Loading		11
Process Injection		1
Masquerading		OS Credential Dumping1
Security Software Discovery		Remote ServicesData from Local System1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
DLL Side-Loading		11
Process Injection		LSASS Memory1
File and Directory Discovery		Remote Desktop ProtocolData from Removable Media3
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)1
DLL Side-Loading		Security Account Manager2
System Information Discovery		SMB/Windows Admin SharesData from Network Shared Drive4
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture1
Ingress Tool Transfer		Traffic DuplicationData Destruction

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 process2 2 Behavior Graph ID: 1430762 Sample: T_AGM__1905.xml Startdate: 24/04/2024 Architecture: WINDOWS Score: 2 9 msedge.exe 25 351 2->9         started        12 MSOXMLED.EXE 12 2->12         started        dnsIp3 33 239.255.255.250 unknown Reserved 9->33 14 msedge.exe 21 9->14         started        17 msedge.exe 9->17         started        19 msedge.exe 9->19         started        21 iexplore.exe 69 105 12->21         started        process4 dnsIp5 35 13.107.246.69, 443, 49740 MICROSOFT-CORP-MSN-AS-BLOCKUS United States 14->35 37 googlehosted.l.googleusercontent.com 142.251.2.132, 443, 49712 GOOGLEUS United States 14->37 39 5 other IPs or domains 14->39 23 iexplore.exe 2 22 21->23         started        process6 process7 25 ie_to_edge_stub.exe 1 23->25         started        27 ssvagent.exe 501 23->27         started        process8 29 msedge.exe 11 25->29         started        process9 31 msedge.exe 29->31         started       

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

No Antivirus matches

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

SourceDetectionScannerLabelLink
chrome.cloudflare-dns.com0%VirustotalBrowse
sni1gl.wpc.nucdn.net0%VirustotalBrowse

URLs

SourceDetectionScannerLabelLink
https://chrome.cloudflare-dns.com/dns-query0%URL Reputationsafe
http://www.wikipedia.com/0%URL Reputationsafe

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
chrome.cloudflare-dns.com
162.159.61.3
truefalseunknown
googlehosted.l.googleusercontent.com
142.251.2.132
truefalse
    		high
    sni1gl.wpc.nucdn.net
    		152.195.19.97
    		truefalseunknown
    clients2.googleusercontent.com
    		unknown
    		unknownfalse
      		high

      Contacted URLs

      NameMaliciousAntivirus DetectionReputation
      https://chrome.cloudflare-dns.com/dns-queryfalse
      • URL Reputation: safe
      		unknown
      https://clients2.googleusercontent.com/crx/blobs/AfQPRnlBHVf9QbAmjPnmJQnDwEcerxafOq8p01cAfJ5QoFk2s6gAMnMY_23BNiizXK2e-3smriJGTe2WOZO9s5X2xejbvoKpPILOKN2-0t9ZbrurACaLAMZSmuXX9slHldVQ07B5bvw6KCm_x6CONA/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_76_1_0.crxfalse
        		high

        URLs from Memory and Binaries

        NameSourceMaliciousAntivirus DetectionReputation
        http://www.nytimes.com/msapplication.xml4.3.drfalse
          		high
          https://drive-daily-2.corp.google.com/manifest.json0.10.drfalse
            		high
            https://drive-autopush.corp.google.com/manifest.json0.10.drfalse
              		high
              https://drive-daily-4.corp.google.com/manifest.json0.10.drfalse
                		high
                http://www.amazon.com/msapplication.xml.3.drfalse
                  		high
                  https://assets.msn.com94f19356-3775-4c71-ab56-92c65b80abf8.tmp.11.drfalse
                    		high
                    http://www.twitter.com/msapplication.xml6.3.drfalse
                      		high
                      https://drive-daily-1.corp.google.com/manifest.json0.10.drfalse
                        		high
                        https://drive-daily-5.corp.google.com/manifest.json0.10.drfalse
                          		high
                          https://docs.google.com/manifest.json0.10.drfalse
                            		high
                            https://drive-staging.corp.google.com/manifest.json0.10.drfalse
                              		high
                              https://www.google.com/chromecontent.js.10.dr, content_new.js.10.drfalse
                                		high
                                https://drive-daily-6.corp.google.com/manifest.json0.10.drfalse
                                  		high
                                  https://drive.google.com/manifest.json0.10.drfalse
                                    		high
                                    https://drive-daily-0.corp.google.com/manifest.json0.10.drfalse
                                      		high
                                      http://www.youtube.com/msapplication.xml8.3.drfalse
                                        		high
                                        https://chromewebstore.google.com/manifest.json.10.drfalse
                                          		high
                                          http://www.wikipedia.com/msapplication.xml7.3.drfalse
                                          • URL Reputation: safe
                                          		unknown
                                          https://drive-preprod.corp.google.com/manifest.json0.10.drfalse
                                            		high
                                            http://www.live.com/msapplication.xml3.3.drfalse
                                              		high
                                              https://chrome.google.com/webstore/manifest.json.10.drfalse
                                                		high
                                                http://www.reddit.com/msapplication.xml5.3.drfalse
                                                  		high
                                                  http://www.google.com/msapplication.xml2.3.drfalse
                                                    		high
                                                    https://drive-daily-3.corp.google.com/manifest.json0.10.drfalse
                                                      		high

                                                      World Map of Contacted IPs

                                                      • No. of IPs < 25%
                                                      • 25% < No. of IPs < 50%
                                                      • 50% < No. of IPs < 75%
                                                      • 75% < No. of IPs

                                                      Public IPs

                                                      IPDomainCountryFlagASNASN NameMalicious
                                                      162.159.61.3
                                                      		chrome.cloudflare-dns.comUnited States
                                                      		13335CLOUDFLARENETUSfalse
                                                      239.255.255.250
                                                      		unknownReserved
                                                      		unknownunknownfalse
                                                      13.107.246.69
                                                      		unknownUnited States
                                                      		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                      152.195.19.97
                                                      		sni1gl.wpc.nucdn.netUnited States
                                                      		15133EDGECASTUSfalse
                                                      142.251.2.132
                                                      		googlehosted.l.googleusercontent.comUnited States
                                                      		15169GOOGLEUSfalse
                                                      172.64.41.3
                                                      		unknownUnited States
                                                      		13335CLOUDFLARENETUSfalse

                                                      General Information

                                                      Joe Sandbox version:40.0.0 Tourmaline
                                                      Analysis ID:1430762
                                                      Start date and time:2024-04-24 06:56:19 +02:00
                                                      Joe Sandbox product:CloudBasic
                                                      Overall analysis duration:0h 7m 13s
                                                      Hypervisor based Inspection enabled:false
                                                      Report type:full
                                                      Cookbook file name:default.jbs
                                                      Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                      Number of analysed new started processes analysed:21
                                                      Number of new started drivers analysed:0
                                                      Number of existing processes analysed:0
                                                      Number of existing drivers analysed:0
                                                      Number of injected processes analysed:0
                                                      Technologies:
                                                      • HCA enabled
                                                      • EGA enabled
                                                      • AMSI enabled
                                                      Analysis Mode:default
                                                      Analysis stop reason:Timeout
                                                      Sample name:T_AGM__1905.xml
                                                      Detection:CLEAN
                                                      Classification:clean2.winXML@51/223@10/6
                                                      EGA Information:Failed
                                                      HCA Information:
                                                      • Successful, ratio: 100%
                                                      • Number of executed functions: 0
                                                      • Number of non-executed functions: 0
                                                      Cookbook Comments:
                                                      • Found application associated with file extension: .xml
                                                      • Override analysis time to 240000 for current running targets taking high CPU consumption

                                                      Warnings

                                                      • Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, RuntimeBroker.exe, WMIADAP.exe, SIHClient.exe, backgroundTaskHost.exe, conhost.exe, svchost.exe
                                                      • Excluded IPs from analysis (whitelisted): 23.202.58.34, 13.107.42.16, 13.107.21.239, 204.79.197.239, 142.251.2.102, 142.251.2.139, 142.251.2.101, 142.251.2.138, 142.251.2.113, 142.251.2.100, 13.107.21.200, 204.79.197.200, 142.250.101.94, 142.251.2.94
                                                      • Excluded domains from analysis (whitelisted): cdp-f-ssl-tlu-net.trafficmanager.net, config.edge.skype.com.trafficmanager.net, slscr.update.microsoft.com, e11290.dspg.akamaiedge.net, go.microsoft.com, clients2.google.com, ocsp.digicert.com, config-edge-skype.l-0007.l-msedge.net, msedge.b.tlu.dl.delivery.mp.microsoft.com, www-bing-com.dual-a-0001.a-msedge.net, www.gstatic.com, l-0007.l-msedge.net, ieonline.microsoft.com, config.edge.skype.com, www.bing.com, edge-microsoft-com.dual-a-0036.a-msedge.net, fs.microsoft.com, dual-a-0001.a-msedge.net, wildcardtlu-ssl.ec.azureedge.net, edge.microsoft.com, fe3cr.delivery.mp.microsoft.com, wildcardtlu-ssl.azureedge.net, any.edge.bing.com, l-0007.config.skype.com, go.microsoft.com.edgekey.net, wwwprod.www-bing-com.akadns.net, clients.l.google.com, msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com, dual-a-0036.a-msedge.net
                                                      • HTTPS proxy raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                      • Not all processes where analyzed, report is missing behavior information
                                                      • Report size getting too big, too many NtCreateKey calls found.
                                                      • Report size getting too big, too many NtOpenFile calls found.
                                                      • Report size getting too big, too many NtOpenKeyEx calls found.
                                                      • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                      • Report size getting too big, too many NtQueryValueKey calls found.
                                                      • Report size getting too big, too many NtSetValueKey calls found.
                                                      • Report size getting too big, too many NtWriteVirtualMemory calls found.

                                                      Simulations

                                                      Behavior and APIs

                                                      No simulations

                                                      Joe Sandbox View / Context

                                                      IPs

                                                      MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                      162.159.61.3zlONcFaXkc.exeGet hashmaliciousPureLog Stealer, Xmrig, zgRATBrowse
                                                        ShadowFury.exeGet hashmaliciousUnknownBrowse
                                                          ShadowFury.exeGet hashmaliciousUnknownBrowse
                                                            Sonic-Glyder.exeGet hashmaliciousStealitBrowse
                                                              SenPalia.exeGet hashmaliciousUnknownBrowse
                                                                Sonic-Glyder.exeGet hashmaliciousStealitBrowse
                                                                  SenPalia.exeGet hashmaliciousUnknownBrowse
                                                                    UnderWars.exeGet hashmaliciousUnknownBrowse
                                                                      SenPalia.exeGet hashmaliciousUnknownBrowse
                                                                        SenPalia.exeGet hashmaliciousUnknownBrowse
                                                                          239.255.255.250http://rum.browser-intake-foxbusiness.com:443Get hashmaliciousUnknownBrowse
                                                                            http://42.193.223.169/extensioncompabilitynode.exeGet hashmaliciousUnknownBrowse
                                                                              https://d-wz.info/mygovGet hashmaliciousHTMLPhisherBrowse
                                                                                https://www.longin-eki.co.jp.cduhzkc.cn/Get hashmaliciousUnknownBrowse
                                                                                  https://www.longin-eki.co.jp.nebxshr.cn/Get hashmaliciousUnknownBrowse
                                                                                    https://www.admin-longin.co.jp.mc3lva.cn/Get hashmaliciousUnknownBrowse
                                                                                      https://www.longin.co.jp.wiibhaq.cn/Get hashmaliciousUnknownBrowse
                                                                                        https://emv1.3rujia.cn/Get hashmaliciousUnknownBrowse
                                                                                          SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exeGet hashmaliciousPureLog Stealer, zgRATBrowse
                                                                                            https://wmicrosouab-4ba8.udydzj.workers.dev/Get hashmaliciousHTMLPhisherBrowse
                                                                                              13.107.246.693Shape Unite Installer.exeGet hashmaliciousUnknownBrowse
                                                                                                https://wmicrosouab-4ba8.udydzj.workers.dev/Get hashmaliciousHTMLPhisherBrowse
                                                                                                  https://uqgekpc20qn1.azureedge.net/6466/Get hashmaliciousTechSupportScamBrowse
                                                                                                    https://condoresorts.com/Get hashmaliciousUnknownBrowse
                                                                                                      https://mota-engil.caf0sa.com/tiyamike.chikabadwa56078874fessdGl5YW1pa2UuY2hpa2FiYWR3YUBtb3RhLWVuZ2lsLnB097140964?5101245168264822=2215800694735574#dGl5YW1pa2UuY2hpa2FiYWR3YUBtb3RhLWVuZ2lsLnB0Get hashmaliciousUnknownBrowse
                                                                                                        https://19apmic17.z13.web.core.windows.net/Get hashmaliciousTechSupportScamBrowse
                                                                                                          FFE Order details - Cincy v41720.xlsxGet hashmaliciousUnknownBrowse
                                                                                                            https://pub-32bf4e9c1a1344aa8c0925c562b60fd3.r2.dev/index2.htmlGet hashmaliciousHTMLPhisherBrowse
                                                                                                              https://ukrainerecordings.com/wp-includes/outfit/Office365/Office365/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                https://preview.webflow.com/preview/2024-project?utm_medium=preview_link&utm_source=designer&utm_content=2024-project&preview=2bf57169f6b59ecf9c01ab696f7c3560&workflow=previewGet hashmaliciousHTMLPhisherBrowse
                                                                                                                  152.195.19.97SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exeGet hashmaliciousPureLog Stealer, zgRATBrowse
                                                                                                                    https://www.jottacloud.com/s/359ee8b110b8ca8464998842a5d227ed979Get hashmaliciousHTMLPhisherBrowse
                                                                                                                      https://tracker.club-os.com/campaign/click?msgId=f8ea317d963149a518aa35e03e5541f797badf3c&target=remoinmobiliaria.com%2F%40%2FAmericanautoshield/ZwgXU85423ZwgXU85423ZwgXU/bWlrZS5ub3ZpY2tAYW1lcmljYW5hdXRvc2hpZWxkLmNvbQ==Get hashmaliciousHtmlDropper, HTMLPhisherBrowse
                                                                                                                        https://wisdomcircle.playbook.ai/cron/click-email/?eid=TmpVMVlXUTRORGM0TUdJMVl3PT0&ru=https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev/?qrc=caroline.picabea@naxicap.com%20https://wisdomcircle.playbook.ai/cron/click-email/?eid=TmpVMVlXUTRORGM0TUdJMVl3PT0&ru=https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev/?qrc=caroline.picabea@naxicap.comGet hashmaliciousHTMLPhisherBrowse
                                                                                                                          https://1drv.ms/o/s!BDwGtOL3Ob0ShA6L6a7ghGOEVOBw?e=-nVgacgL8k2GcXGT6ejjHg&at=9%22)%20and%20ContentType:(%221%22)Get hashmaliciousHtmlDropper, HTMLPhisherBrowse
                                                                                                                            https://download-myproposal.xyzGet hashmaliciousHtmlDropper, HTMLPhisherBrowse
                                                                                                                              https://cosantinexi.com/Get hashmaliciousHtmlDropper, HTMLPhisherBrowse
                                                                                                                                https://tracker.club-os.com/campaign/click?msgId=f8ea317d963149a518aa35e03e5541f797badf3c&target=splendidanimations.com%2F%40%2FBigge/aDRmd79087aDRmd79087aDRmd/ZHN3ZWF6YUBiaWdnZS5jb20=Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                  https://tracker.club-os.com/campaign/click?msgId=f8ea317d963149a518aa35e03e5541f797badf3c&target=splendidanimations.com%2F%40%2FC2educate/aEFQv26188aEFQv26188aEFQv/anVsaWUubG9uZ2lub0BjMmVkdWNhdGUuY29tGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                    http://t.cm.morganstanley.com/r/?id=h1b92d14%2C134cc33c%2C1356be32&p1=www.saiengroup.com%2Fteaz%2F648c482b60b3906833c9304bab170add%2FJBVNhz%2FYW15LmNoZW5AZG91YmxlbGluZS5jb20=Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                      172.64.41.3zlONcFaXkc.exeGet hashmaliciousPureLog Stealer, Xmrig, zgRATBrowse
                                                                                                                                        https://netorgft12232017-my.sharepoint.com:443/:f:/g/personal/lisa_imjts_com/EsnpAMoHQfhBluK8Y5tDE68BaHrT-12huxTJR_ZqVWR4tA?e=5%3aZZh3dZ&at=9Get hashmaliciousUnknownBrowse
                                                                                                                                          SenPalia.exeGet hashmaliciousUnknownBrowse
                                                                                                                                            UnderWars.exeGet hashmaliciousUnknownBrowse
                                                                                                                                              SenPalia.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                https://edbullardcompany-my.sharepoint.com/:f:/g/personal/eric_rosario_bullard_com/EoLKvcaqSE1Go3fA5to5CQABtxAftKTD0ktrakp7rbi4Xg?e=Mvbf0DGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                  SenPalia.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                    BetaUnfrated.exeGet hashmaliciousPafishBrowse
                                                                                                                                                      nsis-installer.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                        file.exeGet hashmaliciousUnknownBrowse

                                                                                                                                                          Domains

                                                                                                                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                          chrome.cloudflare-dns.comzlONcFaXkc.exeGet hashmaliciousPureLog Stealer, Xmrig, zgRATBrowse
                                                                                                                                                          • 172.64.41.3
                                                                                                                                                          TeaiGames.exeGet hashmaliciousNovaSentinelBrowse
                                                                                                                                                          • 162.159.61.3
                                                                                                                                                          https://netorgft12232017-my.sharepoint.com:443/:f:/g/personal/lisa_imjts_com/EsnpAMoHQfhBluK8Y5tDE68BaHrT-12huxTJR_ZqVWR4tA?e=5%3aZZh3dZ&at=9Get hashmaliciousUnknownBrowse
                                                                                                                                                          • 172.64.41.3
                                                                                                                                                          ShadowFury.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                          • 162.159.61.3
                                                                                                                                                          ShadowFury.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                          • 162.159.61.3
                                                                                                                                                          Sonic-Glyder.exeGet hashmaliciousStealitBrowse
                                                                                                                                                          • 162.159.61.3
                                                                                                                                                          SenPalia.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                          • 172.64.41.3
                                                                                                                                                          UnderWars.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                          • 172.64.41.3
                                                                                                                                                          Sonic-Glyder.exeGet hashmaliciousStealitBrowse
                                                                                                                                                          • 162.159.61.3
                                                                                                                                                          SenPalia.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                          • 162.159.61.3
                                                                                                                                                          sni1gl.wpc.nucdn.netfile.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                          • 152.195.19.97
                                                                                                                                                          file.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                          • 152.195.19.97
                                                                                                                                                          https://ecouterrepondeurvocal.pro/35-hnJZibGet hashmaliciousUnknownBrowse
                                                                                                                                                          • 152.195.19.97
                                                                                                                                                          file.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                          • 152.195.19.97
                                                                                                                                                          Payslip-9583.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                          • 152.195.19.97
                                                                                                                                                          http://woollamau.comGet hashmaliciousUnknownBrowse
                                                                                                                                                          • 152.195.19.97
                                                                                                                                                          http://woollamau.comGet hashmaliciousUnknownBrowse
                                                                                                                                                          • 152.195.19.97
                                                                                                                                                          O28gzBGj5H.svgGet hashmaliciousUnknownBrowse
                                                                                                                                                          • 152.195.19.97
                                                                                                                                                          JG822Ei50X.exeGet hashmaliciousNeshtaBrowse
                                                                                                                                                          • 152.195.19.97
                                                                                                                                                          hKi4HPB9nO.exeGet hashmaliciousGocoder, MimikatzBrowse
                                                                                                                                                          • 152.195.19.97

                                                                                                                                                          ASNs

                                                                                                                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                          CLOUDFLARENETUSNew Order .docGet hashmaliciousUnknownBrowse
                                                                                                                                                          • 172.67.134.136
                                                                                                                                                          orden de compra.vbsGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                          • 104.21.84.67
                                                                                                                                                          DHL Shipping doc.vbsGet hashmaliciousAgentTesla, GuLoaderBrowse
                                                                                                                                                          • 104.26.13.205
                                                                                                                                                          Reconfirm Details.vbsGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                          • 172.67.215.45
                                                                                                                                                          Remittance-Advice.docGet hashmaliciousUnknownBrowse
                                                                                                                                                          • 172.67.175.222
                                                                                                                                                          shipping docs.docGet hashmaliciousUnknownBrowse
                                                                                                                                                          • 104.21.74.191
                                                                                                                                                          Invoice.docGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                          • 172.67.134.136
                                                                                                                                                          Pedido02304024.vbsGet hashmaliciousFormBook, GuLoaderBrowse
                                                                                                                                                          • 172.67.152.117
                                                                                                                                                          purchase order pdf.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                          • 104.26.12.205
                                                                                                                                                          PO 23JC0704-Rollease-B.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                          • 104.26.13.205
                                                                                                                                                          MICROSOFT-CORP-MSN-AS-BLOCKUSRef_Order04.xlsGet hashmaliciousUnknownBrowse
                                                                                                                                                          • 13.107.213.69
                                                                                                                                                          FT. 40FE CNY .xlsx.lnkGet hashmaliciousAgentTesla, DBatLoader, PureLog Stealer, RedLineBrowse
                                                                                                                                                          • 13.107.139.11
                                                                                                                                                          3Shape Unite Installer.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                          • 40.67.232.186
                                                                                                                                                          OHkRFujs2m.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                          • 104.208.16.94
                                                                                                                                                          SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exeGet hashmaliciousPureLog Stealer, zgRATBrowse
                                                                                                                                                          • 13.107.213.69
                                                                                                                                                          https://wmicrosouab-4ba8.udydzj.workers.dev/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                          • 13.107.213.69
                                                                                                                                                          https://uqgekpc20qn1.azureedge.net/6466/Get hashmaliciousTechSupportScamBrowse
                                                                                                                                                          • 13.107.213.69
                                                                                                                                                          https://netorg442802-my.sharepoint.com/:b:/g/personal/darek_daronto_com/EeXtnEaZ3XJBqGk13it6odUB-K9vuYAC7zp7SfyciZ3BpQ?e=nkKu2wGet hashmaliciousHtmlDropper, HTMLPhisherBrowse
                                                                                                                                                          • 13.89.178.26
                                                                                                                                                          https://netorg442802-my.sharepoint.com/:b:/g/personal/darek_daronto_com/EeXtnEaZ3XJBqGk13it6odUB-K9vuYAC7zp7SfyciZ3BpQ?e=nkKu2wGet hashmaliciousUnknownBrowse
                                                                                                                                                          • 13.107.136.10
                                                                                                                                                          https://condoresorts.com/Get hashmaliciousUnknownBrowse
                                                                                                                                                          • 13.107.246.69
                                                                                                                                                          CLOUDFLARENETUSNew Order .docGet hashmaliciousUnknownBrowse
                                                                                                                                                          • 172.67.134.136
                                                                                                                                                          orden de compra.vbsGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                          • 104.21.84.67
                                                                                                                                                          DHL Shipping doc.vbsGet hashmaliciousAgentTesla, GuLoaderBrowse
                                                                                                                                                          • 104.26.13.205
                                                                                                                                                          Reconfirm Details.vbsGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                          • 172.67.215.45
                                                                                                                                                          Remittance-Advice.docGet hashmaliciousUnknownBrowse
                                                                                                                                                          • 172.67.175.222
                                                                                                                                                          shipping docs.docGet hashmaliciousUnknownBrowse
                                                                                                                                                          • 104.21.74.191
                                                                                                                                                          Invoice.docGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                          • 172.67.134.136
                                                                                                                                                          Pedido02304024.vbsGet hashmaliciousFormBook, GuLoaderBrowse
                                                                                                                                                          • 172.67.152.117
                                                                                                                                                          purchase order pdf.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                          • 104.26.12.205
                                                                                                                                                          PO 23JC0704-Rollease-B.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                          • 104.26.13.205
                                                                                                                                                          EDGECASTUSSecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exeGet hashmaliciousPureLog Stealer, zgRATBrowse
                                                                                                                                                          • 152.195.19.97
                                                                                                                                                          https://magnisteel.lk/4765445b-32c6-49b0-83e6-1d93765276ca.phpGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                          • 152.199.4.44
                                                                                                                                                          https://u44058082.ct.sendgrid.net/ls/click?upn=u001.wjMLvmoK1OC9dTKy5UL4VbqcIJmZWkGKJypB0ZF6j6rXk8HVnxe0g2af-2BenroUoONz6EEWthgE-2Bi2vVRUosKTZRVQ5v63hCdxrdKCztVooIv51imK8tr-2Bb3beAsH6u-2FNluJlUKmd7nST-2B9m-2Bl2Rgv4y6uHLimO0TjhZzZ-2F-2BDlllJQne3tT99z6x4W12pJpddTL-2BoJ2-2Bdo6961pFN3dV2Rg-3D-3DeWGT_h-2FW4DSvZGhKY-2FmU3Rq-2F3L-2FXo2OZSHdaVvlpgAgHQWDXPYB9CNYi-2FcvonFCbsEhjt9RP-2BQa7dTwbMJOOaP3JRnMW6mQAitl6qAb1EkaAR-2BmnZDE6Bi3ooqtCrrMW-2F3TPNMK3AVi1YKIdTOZivmUJGaXdrtbqCykfnTTkN9KMRy80rdRqf6LWUCYWGeeaXb-2BD6jokMbr-2FaJKvKMHDNWAfHyhaE6QO9pw7souFUseKb40g-3DGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                          • 152.199.4.44
                                                                                                                                                          EXTERNAL Bonnie St Dryden is inviting you to collaborate on One_docx(Apr 23) DOC3848493.msgGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                          • 152.199.4.44
                                                                                                                                                          file.exeGet hashmaliciousGlupteba, Mars Stealer, PureLog Stealer, Vidar, zgRATBrowse
                                                                                                                                                          • 192.229.211.108
                                                                                                                                                          https://www.jottacloud.com/s/359ee8b110b8ca8464998842a5d227ed979Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                          • 152.195.19.97
                                                                                                                                                          https://assets-usa.mkt.dynamics.com/6f8aa86c-81f8-ee11-a1fa-0022482e8338/digitalassets/standaloneforms/4b367e61-8601-ef11-a1fd-0022482f3701Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                          • 152.199.4.44
                                                                                                                                                          http://divbracket.comGet hashmaliciousUnknownBrowse
                                                                                                                                                          • 192.229.163.25
                                                                                                                                                          https://www.linkedin.com/redir/redirect?url=https%3A%2F%2Flookerstudio%2Egoogle%2Ecom%2Fs%2FscrHqwjeA3k&urlhash=dcQj&trk=public_profile-settings_topcard-websiteGet hashmaliciousUnknownBrowse
                                                                                                                                                          • 152.199.24.163
                                                                                                                                                          https://main-bvxea6i-qhygy63sspp2a.ca-1.platformsh.site/sample-page/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                          • 152.199.4.44

                                                                                                                                                          JA3 Fingerprints

                                                                                                                                                          No context

                                                                                                                                                          Dropped Files

                                                                                                                                                          No context

                                                                                                                                                          Created / dropped Files

                                                                                                                                                          C:\Users\user\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files\Internet Explorer\iexplore.exe
                                                                                                                                                          File Type:MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):4286
                                                                                                                                                          Entropy (8bit):3.8046022951415335
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:24:suZOWcCXPRS4QAUs/KBy3TYI42Apvl6wheXpktCH2Yn4KgISQggggFpz1k9PAYHu:HBRh+sCBykteatiBn4KWi1+Ne
                                                                                                                                                          MD5:DA597791BE3B6E732F0BC8B20E38EE62
                                                                                                                                                          SHA1:1125C45D285C360542027D7554A5C442288974DE
                                                                                                                                                          SHA-256:5B2C34B3C4E8DD898B664DBA6C3786E2FF9869EFF55D673AA48361F11325ED07
                                                                                                                                                          SHA-512:D8DC8358727590A1ED74DC70356AEDC0499552C2DC0CD4F7A01853DD85CEB3AEAD5FBDC7C75D7DA36DB6AF2448CE5ABDFF64CEBDCA3533ECAD953C061A9B338E
                                                                                                                                                          Malicious:false
                                                                                                                                                          Reputation:moderate, very likely benign file
                                                                                                                                                          Preview:...... .... .........(... ...@..... ...................................................................................................................................................................................................N...Sz..R...R...P...N..L..H..DG..........................................................................................R6..U...U...S...R...P...N..L..I..F..B...7...............................................................................S6..V...V...U...S...R...P...N..L..I..F..C...?..:z......................................................................O...W...V...V...U...S...R...P...N..L..I..E..C...?...;..{7..q2$..............................................................T..D..]...S)..p6..J...R...P...N..L..I..E..B..>..;..z7..p2..f,X.........................................................A..O#..N!..N!..N!..P$..q:...P...N..K..I..E..A..=..9..x5..n0..e,...5...................................................Ea.Z,..T$..T$..T

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\4b815722-efde-4013-b60b-671b111e46b7.tmp

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):58912
                                                                                                                                                          Entropy (8bit):6.1047101308734
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:1536:z/Ps+wsI7ynkHTa9CBS2qX7bJwgorQXdbiR3oM:z/0+zI7ynkTa9kS20vXdbe3
                                                                                                                                                          MD5:3FD378E70E96FB6B31EFDB43EE80D121
                                                                                                                                                          SHA1:EDDDBD6955BC0A181CB73AC1F7BE7975C01865E9
                                                                                                                                                          SHA-256:121999886BD9F259084386E742CB8029A588DE2108E4BEDE2A2C0A035037EC9A
                                                                                                                                                          SHA-512:11BEEA7FBACBE7716B61A91A4C5031ECBACD9BB565F5111C00937DE7BD9E919D98A29E33BA1223BC59BDDC35C337F0C352CE8851EAB6B6B6C71018CC70776E1F
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\638c0bbd-2eba-4135-ac85-fe672908091d.tmp

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):58444
                                                                                                                                                          Entropy (8bit):6.1016677693119705
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:1536:z/Ps+wsI7ynkCBS2qX7b5tPHgorQXdbiR3oM:z/0+zI7ynkkS20JtP0Xdbe3
                                                                                                                                                          MD5:80DC0DFCF7F81060140D74A1727F7336
                                                                                                                                                          SHA1:E5911E210C431457414034EEE824F5613803B58B
                                                                                                                                                          SHA-256:B4B7936945B437452611388C9A9276E077142C54D78E07297451E6A88972B5FF
                                                                                                                                                          SHA-512:F5B3C7240EA8510F5F7CA89859239565ECADC51AC204B2E1DC6B7387E09CFF7F01DF6DF6FA18715248256C390F757893C988E8056D97C3D87E9457F320DF6CA5
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\7e4961c7-fc78-4202-8885-653549aaf70b.tmp

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):48556
                                                                                                                                                          Entropy (8bit):6.092118075834378
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:768:SF5kruq4eV5xmx3QzOFLjZ5x8bbtGmvtGUJmg0gHMKDuu4ICioMSPZgoaiQXTdDD:SFmi3KD5tZKgbuuf3obgorQXdbic
                                                                                                                                                          MD5:C6AE9253A6D02509EBD515F9F0632803
                                                                                                                                                          SHA1:E4DF85AABB90B01DD58A3F86642597032581B423
                                                                                                                                                          SHA-256:437AC336BF29921CCA66E248B0A76EDA28FD122AE70C2B66236A29C6D5AF35F9
                                                                                                                                                          SHA-512:AD6560660B0CA5DD28891D491C7C7D02F4F9C9C2B75A520130DA6700185B9AB5031E4086FC7DD7DAF01560D30D1DDA664034C05C433E14999984A865B0A462F0
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"2D98E86C22A85D74DE9A317BE284280223E65F75C8F8F93CFC812C09FFD210F4\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a3PktrH2X1HpU5LyQNLe5M355HeziV3Jxi5nU656T6VUIIghIYIAF5eZ4bj83083ONJKOwRmmutzPngtUXxwY6Nv6G78evmdqa1z/N/f/biRzqlaXv7510s+DFoJHpQ1/vLP//2fby4HCw+UxN9+vTS8h9cu39eN/Pd3l99chnHA3wfuguL6ZzloLmQvTYC/bbiO+MfvoEn5i6z+rsLV65e37OWbiz/8/fuPH/7xzYVWnbz4mxSd/ePFu9bZXl7dXrNr9vL1y2/ZzfWLi3/xNXfqAYbdXt3AX25v37y8/O2bx/FM2KcjkvDqR9tJMz+mp+C/2H/a8LgGjy3Uzx4/eR9H8fbt/8rk376Fyb/69tUrdvvqeO7Tn29uXl+z16+Pp/9/Pqa5LwBE9U4r6O97ZYIvf4+jdw8D/PXSS7ES7SryFa/rRHiV4wZ+uvybtY2Wh7Fd/gb0+fldJ3u7Afx/X35Qwllv1yGRzCW8Fb10d7yBzu7sI7kDGWAL8LsHer/8881v31zyzc2dsLUUd2vJQ3TyTrSwHk9QR5vk8EDWd2mvjNDwj0P4MeKa17bnCpq+NDKstdoxYfu0budDfIi1sn5CZjbkI/iw3N9tbt7hJP46zeEdTuHwztGMRd1TZ2f0+H43WC9/0nz8WfJ6fDpur5VpChN9RP8CPW6UkU/BwUYWNkuQPd/Bz5IddisRzSuxeMgbhgi5FK/5LVNhCXK

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\88a59655-2f3a-40eb-a683-2f81a58920d3.tmp

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):58956
                                                                                                                                                          Entropy (8bit):6.104890145922023
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:1536:z/Ps+wsI7yOtHTaaCBS2qX7bGwgorQXdbiR3oM:z/0+zI7yOJTaakS20YXdbe3
                                                                                                                                                          MD5:E9A9D9BB27A8A70893C9E703383C1DDE
                                                                                                                                                          SHA1:D2EF3B595780FC09CB99A5846137DBD67BA5F33F
                                                                                                                                                          SHA-256:C412F146E91BE0EEF4ABD75350DB21E1016CD08A1B2227918D41DFAF7DD4D67A
                                                                                                                                                          SHA-512:66EADB94D6F3AB4D18D1AE49A0B48F02C503B3434EB74651C6054D02CACA05F13DE24F02933F4AE25F9234A28184DB13DC76DB1831E5DE38DA27D499E595E901
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\8cf680eb-d7d6-407f-933e-ac6ee0890438.tmp

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):62784
                                                                                                                                                          Entropy (8bit):6.100378160610959
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:1536:SFmi3KD+CBS2qX7b3tZ6gbuuf3obgorQXdbic:Vi3y+kS20ntZ6+L3Xdb/
                                                                                                                                                          MD5:4964E9D363CF83F2619A20285E11482E
                                                                                                                                                          SHA1:78FB1FB95B5107C69D6526AC3994CADBCD93D415
                                                                                                                                                          SHA-256:E3AF216E16664DEE50F27B476953E04277AF22A24ED08B91A04A37EDC861A771
                                                                                                                                                          SHA-512:C3DC97F4DA07FFE953E7C09F7091C0DD6D9BD96CBA3EA7DCF25D0F5309602786DB136099D4E214B944BB6A9EFD19837C4EFB8A14FF7EE46049DBCF463F314777
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"2D98E86C22A85D74DE9A317BE284280223E65F75C8F8F93CFC812C09FFD210F4\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a3PktrH2X1HpU5LyQNLe5M355HeziV3Jxi5nU656T6VUIIghIYIAF5eZ4bj83083ONJKOwRmmutzPngtUXxwY6Nv6G78evmdqa1z/N/f/biRzqlaXv7510s+DFoJHpQ1/vLP//2fby4HCw+UxN9+vTS8h9cu39eN/Pd3l99chnHA3wfuguL6ZzloLmQvTYC/bbiO+MfvoEn5i6z+rsLV65e37OWbiz/8/fuPH/7xzYVWnbz4mxSd/ePFu9bZXl7dXrNr9vL1y2/ZzfWLi3/xNXfqAYbdXt3AX25v37y8/O2bx/FM2KcjkvDqR9tJMz+mp+C/2H/a8LgGjy3Uzx4/eR9H8fbt/8rk376Fyb/69tUrdvvqeO7Tn29uXl+z16+Pp/9/Pqa5LwBE9U4r6O97ZYIvf4+jdw8D/PXSS7ES7SryFa/rRHiV4wZ+uvybtY2Wh7Fd/gb0+fldJ3u7Afx/X35Qwllv1yGRzCW8Fb10d7yBzu7sI7kDGWAL8LsHer/8881v31zyzc2dsLUUd2vJQ3TyTrSwHk9QR5vk8EDWd2mvjNDwj0P4MeKa17bnCpq+NDKstdoxYfu0budDfIi1sn5CZjbkI/iw3N9tbt7hJP46zeEdTuHwztGMRd1TZ2f0+H43WC9/0nz8WfJ6fDpur5VpChN9RP8CPW6UkU/BwUYWNkuQPd/Bz5IddisRzSuxeMgbhgi5FK/5LVNhCXK

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\93a1b75b-8bd6-46ca-9af4-38d0ace49367.tmp

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:modified
                                                                                                                                                          Size (bytes):58912
                                                                                                                                                          Entropy (8bit):6.1047101308734
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:1536:z/Ps+wsI7ynkHTa9CBS2qX7bJwgorQXdbiR3oM:z/0+zI7ynkTa9kS20vXdbe3
                                                                                                                                                          MD5:3FD378E70E96FB6B31EFDB43EE80D121
                                                                                                                                                          SHA1:EDDDBD6955BC0A181CB73AC1F7BE7975C01865E9
                                                                                                                                                          SHA-256:121999886BD9F259084386E742CB8029A588DE2108E4BEDE2A2C0A035037EC9A
                                                                                                                                                          SHA-512:11BEEA7FBACBE7716B61A91A4C5031ECBACD9BB565F5111C00937DE7BD9E919D98A29E33BA1223BC59BDDC35C337F0C352CE8851EAB6B6B6C71018CC70776E1F
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\5a153eb8-c213-4b57-a1da-904368c80bf6.tmp

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):104016
                                                                                                                                                          Entropy (8bit):4.636944597507655
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:1536:B/lv4Es5MNTQjs5Vdw34PsiaR+tDvYXridW+8uh5kE:fwsQ45VdwIiS+GdeK5kE
                                                                                                                                                          MD5:B19089DCF4B3885A5E15D563A75DDF03
                                                                                                                                                          SHA1:17C06D14FDE1602428C1B176E657275673393940
                                                                                                                                                          SHA-256:3DCFB0922D44F3FD6EB726D031A8E86BE2D03FF56EF781425D5550A5923D2F0E
                                                                                                                                                          SHA-512:3C0C8F05A8F03200D1B0FF71A0091C8F4C6472CA7760BB7A7EC54F2F01626241C2ACA8AA06613C4EEE82DCE4940995F2985179125F8535677E095AAAB4FB5A9C
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{"sites":[{"url":"24video.be"},{"url":"7dnifutbol.bg"},{"url":"6tv.dk"},{"url":"9kefa.com"},{"url":"aculpaedoslb.blogspot.pt"},{"url":"aek-live.gr"},{"url":"arcadepunk.co.uk"},{"url":"acidimg.cc"},{"url":"aazah.com"},{"url":"allehensbeverwijk.nl"},{"url":"amateurgonewild.org"},{"url":"aindasoudotempo.blogspot.com"},{"url":"anorthosis365.com"},{"url":"autoreview.bg"},{"url":"alivefoot.us"},{"url":"arbitro10.com"},{"url":"allhard.org"},{"url":"babesnude.info"},{"url":"aysel.today"},{"url":"animepornx.com"},{"url":"bahisideal20.com"},{"url":"analyseindustrie.nl"},{"url":"bahis10line.org"},{"url":"apoel365.net"},{"url":"bahissitelerisikayetleri.com"},{"url":"bambusratte.com"},{"url":"banzaj.pl"},{"url":"barlevegas.com"},{"url":"baston.info"},{"url":"atomcurve.com"},{"url":"atascadocherba.com"},{"url":"astrologer.gr"},{"url":"adultpicz.com"},{"url":"alleporno.com"},{"url":"beaver-tube.com"},{"url":"beachbabes.info"},{"url":"bearworldmagazine.com"},{"url":"bebegimdensonra.com"},{"url":"autoy

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\blocklist (copy)

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):104016
                                                                                                                                                          Entropy (8bit):4.636944597507655
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:1536:B/lv4Es5MNTQjs5Vdw34PsiaR+tDvYXridW+8uh5kE:fwsQ45VdwIiS+GdeK5kE
                                                                                                                                                          MD5:B19089DCF4B3885A5E15D563A75DDF03
                                                                                                                                                          SHA1:17C06D14FDE1602428C1B176E657275673393940
                                                                                                                                                          SHA-256:3DCFB0922D44F3FD6EB726D031A8E86BE2D03FF56EF781425D5550A5923D2F0E
                                                                                                                                                          SHA-512:3C0C8F05A8F03200D1B0FF71A0091C8F4C6472CA7760BB7A7EC54F2F01626241C2ACA8AA06613C4EEE82DCE4940995F2985179125F8535677E095AAAB4FB5A9C
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{"sites":[{"url":"24video.be"},{"url":"7dnifutbol.bg"},{"url":"6tv.dk"},{"url":"9kefa.com"},{"url":"aculpaedoslb.blogspot.pt"},{"url":"aek-live.gr"},{"url":"arcadepunk.co.uk"},{"url":"acidimg.cc"},{"url":"aazah.com"},{"url":"allehensbeverwijk.nl"},{"url":"amateurgonewild.org"},{"url":"aindasoudotempo.blogspot.com"},{"url":"anorthosis365.com"},{"url":"autoreview.bg"},{"url":"alivefoot.us"},{"url":"arbitro10.com"},{"url":"allhard.org"},{"url":"babesnude.info"},{"url":"aysel.today"},{"url":"animepornx.com"},{"url":"bahisideal20.com"},{"url":"analyseindustrie.nl"},{"url":"bahis10line.org"},{"url":"apoel365.net"},{"url":"bahissitelerisikayetleri.com"},{"url":"bambusratte.com"},{"url":"banzaj.pl"},{"url":"barlevegas.com"},{"url":"baston.info"},{"url":"atomcurve.com"},{"url":"atascadocherba.com"},{"url":"astrologer.gr"},{"url":"adultpicz.com"},{"url":"alleporno.com"},{"url":"beaver-tube.com"},{"url":"beachbabes.info"},{"url":"bearworldmagazine.com"},{"url":"bebegimdensonra.com"},{"url":"autoy

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics-spare.pma (copy)

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):4194304
                                                                                                                                                          Entropy (8bit):0.0
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:3::
                                                                                                                                                          MD5:B5CFA9D6C8FEBD618F91AC2843D50A1C
                                                                                                                                                          SHA1:2BCCBD2F38F15C13EB7D5A89FD9D85F595E23BC3
                                                                                                                                                          SHA-256:BB9F8DF61474D25E71FA00722318CD387396CA1736605E1248821CC0DE3D3AF8
                                                                                                                                                          SHA-512:BD273BF4E10ED6E305ECB7B781CB065545FCE9BE9F1E2968DF22C3A98F82D719855AAFE5FF303D14EA623A5C55E51E924E10033A92A7A6B07725D7E9692B74F5
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics-spare.pma.tmp

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):4194304
                                                                                                                                                          Entropy (8bit):0.0
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:3::
                                                                                                                                                          MD5:B5CFA9D6C8FEBD618F91AC2843D50A1C
                                                                                                                                                          SHA1:2BCCBD2F38F15C13EB7D5A89FD9D85F595E23BC3
                                                                                                                                                          SHA-256:BB9F8DF61474D25E71FA00722318CD387396CA1736605E1248821CC0DE3D3AF8
                                                                                                                                                          SHA-512:BD273BF4E10ED6E305ECB7B781CB065545FCE9BE9F1E2968DF22C3A98F82D719855AAFE5FF303D14EA623A5C55E51E924E10033A92A7A6B07725D7E9692B74F5
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-66289128-1F64.pma

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):4194304
                                                                                                                                                          Entropy (8bit):0.047718832220230045
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:192:qSDv0m5tm7nOAWpYDaJPi6VBK/7+G1gsX5WIR5EvjBAIhu5NYf+RQ9abvv2VjERs:Zb0Ut4m8qsOhuMmUj408T2RGOD
                                                                                                                                                          MD5:55F64D4091BC69224079093A9C959B0D
                                                                                                                                                          SHA1:8FA7D6123EC7E09AEB8AAB9FC0D66A30C86A5CA6
                                                                                                                                                          SHA-256:F123104B217B3E23C805044D2F94493FBB0AA78920E2F435D5BD759B7984FAD5
                                                                                                                                                          SHA-512:4C26CB1C6E68603721E60A6EE647C85AE976A335B120B273E8FA9D78BF0110201B9648C6C052D440B27A06CB9EFA7501BFFD54D607EACFB9C8B09883965E782D
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:...@..@...@.....C.].....@............... k...Z..............`... ...i.y.........BrowserMetrics......i.y..Yd. .......A...................v.0.....UV&K.k<................UV&K.k<................UMA.PersistentHistograms.InitResult.....8...i.y.[".................................................i.y.Pq.30..............117.0.2045.47-64..".en-GB*...Windows NT..10.0.190452l..x86_64..?.......".xhwhds20,1(.0..8..B.......2.:.M..BU..Be...?j...GenuineIntel... .. ..........x86_64...J....k..^o..J..l.zL.^o..J...I.r.^o..J....\.^o..J.....f.^o..J....?.^o..P.Z...b.INBXj....... .8.@..............%..................-...w..U...&..`v.>.........."....."...24.."."93dRcxCw0cDlBQeAYE33nFACeirrSGEv1FXdrR8ueYg="*.:............B)..1.3.177.11.. .*.RegKeyNotFound2.windowsR...Z....Mb.XiP@..$...SF@.......Y@.......4@.......Y@........?........?.........................Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......4@.......Y@................Y@.......Y@.......Y@........?........?2................. ..

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-66289129-1ADC.pma

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):4194304
                                                                                                                                                          Entropy (8bit):0.36758719461875566
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:3072:F0rn1xlctEtcLZVD6LQMP/WCWjIZI6Ud7eunuKXzq8TsQvzfeEH6QzR1V5SndrZY:Gbl0DCli6ULCoOndxaH7vuJhF
                                                                                                                                                          MD5:3FB979C24882BBE5B07BA97F6B4047B1
                                                                                                                                                          SHA1:E02B857E7F719DCB9B12009BE41E19AD60B9CF2C
                                                                                                                                                          SHA-256:7820F9AE99BB4E0A870F9C0BFA513BA88245FB7507115143606221E5E0DE23A8
                                                                                                                                                          SHA-512:16AE79A39559DF552E5ADCB3225C0E52B65FBDC6A0D59D1E8C780B87760771522B4D85CF0D961313A621C9069DAA31A8609CD89663A21FADE8B144DE057397CA
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:...@..@...@.....C.].....@...................................`... ...i.y.........BrowserMetrics......i.y..Yd. .......A...................v.0.....UV&K.k<................UV&K.k<................UMA.PersistentHistograms.InitResult.....8...i.y.[".................................................i.y.Pq.30..............117.0.2045.47-64..".en-GB*...Windows NT..10.0.190452....x86_64..?.......".xhwhds20,1(.0..8..B....(.....10.0.19041.5462.Google Inc. (Google):bANGLE (Google, Vulkan 1.3.0 (SwiftShader Device (Subzero) (0x0000C0DE)), SwiftShader driver-5.0.0)M..BU..Be...?j...GenuineIntel... .. ..............x86_64...J../T...^o..J...Y...^o..J..w....^o..J..A....^o..J..1H...^o..J....c..^o..J...c=..^o..J....J..^o..J..3.(..^o..J.......^o..J...b.J.^o..J...#...^o..J....k..^o..J..?....^o..J..S..O.^o..J..l.zL.^o..J..@."..^o..J..?U...^o..J..!..h.^o..J..z{...^o..J..n....^o..J..0....^o..J....%.^o..J...I.r.^o..J.......^o..J..ZK...^o..J.....^o..J.......^o..J...'x#.^o..J......^o..J....\.^o..J.......^o.

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):280
                                                                                                                                                          Entropy (8bit):4.1326399824826066
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:3:FiWWltlT0EiCjG2xo6kMWPGdV8B+BVP/Sh/JzvXEAAG34tTAUFVHTtOllt:o1AGGwwMWj+BVsJDkG3V80/
                                                                                                                                                          MD5:DB0B5F32DD6A247AE52AF2E9280D22D6
                                                                                                                                                          SHA1:DF845EBCFC1E637F3A8674D6F24D1206637C358A
                                                                                                                                                          SHA-256:20F50A96662CC19C9EA2D5C00F8FEECC0FFBD4B6290102C46CB7BB8B1B9CBFAE
                                                                                                                                                          SHA-512:87962BBB3C6F8B5AE66B669B2B24C772E7CBA73C9AF57F57BF05657B5FDADB53B6DDD84914D4C465241591B26F07C61E358AC77A5E35281AE0EBFA13FA2EF14D
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:sdPC.......................c.CsJ......5"93dRcxCw0cDlBQeAYE33nFACeirrSGEv1FXdrR8ueYg="..................................................................................47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=....................e9a6470b-82e9-4451-b995-4e1980b580b6............

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\02d1e43e-f414-429f-beee-81d15da555a0.tmp

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):8268
                                                                                                                                                          Entropy (8bit):5.20884572445758
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:192:stsps7zdsJZUFTMkfsY8bV+FiA9M7PLMJ:stsps7zd+ZUFTGbGi0MY
                                                                                                                                                          MD5:AF6BCF080DD64749B69E785EEA890D48
                                                                                                                                                          SHA1:9430B7960D7DE1CC20F6F5D8C8EED75B5C8F4882
                                                                                                                                                          SHA-256:BD8704A95596F94F3E431B32C033D6966BFC5E41AFD5BEB8A5BC03B0E00CC519
                                                                                                                                                          SHA-512:5E25AC1A7C8607CCB141AFAC36A1CED06A63FD311965B175DB958EFC15E2D1724BC451165FB96EC3C74C39F4A2331E5700DC6CE1B84E07DC10CBD91E1F323DFE
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13358408233969578","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340970644573687","arbitration_using_experiment_config":false,"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false},"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"list":[]},"default_apps_install_state":3,"domain_diversity":{"last_reporting_timestamp":"13358408233968885"},"dual_engine":{"consumer_mode":{"ie_user":false},"consumer_site_list_with_ie_entries":false,"consumer_sitelist_location":"","consumer_sitelist_version":"","external_consumer_shared_cookie_data":{},"shared_cookie_data":{},"sitelist_data_2":{},"sitelist_has_consumer_data":false,"sitelist_has_enterprise_data":false,"sitelist_location":"","sitelist_source":0,"sitelist_version":""},"edge":{

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\4d5b34ef-d00e-46e2-b37c-1e37070d8216.tmp

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):30244
                                                                                                                                                          Entropy (8bit):5.56551813800438
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:768:2Iwr+T7pLGLd1cWP/DfPf8F1+UoAYDCx9Tuqh0VfUC9xbog/OVDwvBqRcrwr+pgL:2Iwr+Fcd1cWP/DfPfu1jaKwvoRVhtR
                                                                                                                                                          MD5:946AE11FA1A8A708E5B681C6954B2250
                                                                                                                                                          SHA1:46169A3CCF5896F1EFC8D3BCB69362D9C9969CAF
                                                                                                                                                          SHA-256:B610229AB6074549CC6C2FA61B8DB9ED758C48E1DE8F1810C446C38F9FAB15E0
                                                                                                                                                          SHA-512:2BBA1FE7411F68A85FA8578E1FDB33D5370520C3A120D2CE8E4EDBC98B7D65C4C5BD89D0985041B643A1369854787E3CE6208AE6FE1DA68B73733ACCE3F85DCE
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13358408233448485","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13358408233448485","location":5,"ma

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\69268410-7a89-4a58-8319-fb8893c3d721.tmp

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:very short file (no magic)
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):1
                                                                                                                                                          Entropy (8bit):0.0
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:3:L:L
                                                                                                                                                          MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                                          SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                                          SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                                          SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:.

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\75670973-4241-450c-8833-b55e9511577d.tmp

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):30243
                                                                                                                                                          Entropy (8bit):5.56557725944973
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:768:2Iwr+T7pLGLd1cWP/DfUf8F1+UoAYDCx9Tuqh0VfUC9xbog/OVDwvBqRcrwrMpgp:2Iwr+Fcd1cWP/DfUfu1jaKwvoRVTtj
                                                                                                                                                          MD5:EECE8F1E30DD0DD21DC64DF8DEC224A1
                                                                                                                                                          SHA1:1BC7A6FF5DFC5656A4862B02CD0106A27CA9F639
                                                                                                                                                          SHA-256:C650109D258A20FECCCF541EEAD492DD509502C560D6283E3779F26EB47DF24B
                                                                                                                                                          SHA-512:A9A46CAF83701419D31027EFECB68CE9B4C57F1FDB223A51EABE32F13E71FD1B304BE56E9A36C80B0DBABDD05BD64ED98C04A27D03607A5D5C67B6B78ABAD475
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13358408233448485","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13358408233448485","location":5,"ma

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\83c7fc50-e58f-40ff-8c20-8c0c51dc268f.tmp

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):8102
                                                                                                                                                          Entropy (8bit):5.211676761768018
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:192:stsps7zdsJZUFTMkfsY8bV+FiA9+N0PLMJ:stsps7zd+ZUFTGbGizh
                                                                                                                                                          MD5:2AD56EB9EA7ED3AC27A5CAEFD1FE2A03
                                                                                                                                                          SHA1:84C810CA8C14E1F5F4E9EFC9CED74A3FB3720F33
                                                                                                                                                          SHA-256:40435E96AA921D86F33536623460E93F781D0B82D6FFDBFE09E10C2F42A76285
                                                                                                                                                          SHA-512:9186396271164DED24E854F6CC023BCA17CD9335AF2038BFE890F8456DEBB62A5683423F7C77FC356A02310C66E92367D37005B815325C570EDE9A2FF23E645D
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13358408233969578","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340970644573687","arbitration_using_experiment_config":false,"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false},"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"list":[]},"default_apps_install_state":3,"domain_diversity":{"last_reporting_timestamp":"13358408233968885"},"dual_engine":{"consumer_mode":{"ie_user":false},"consumer_site_list_with_ie_entries":false,"consumer_sitelist_location":"","consumer_sitelist_version":"","external_consumer_shared_cookie_data":{},"shared_cookie_data":{},"sitelist_data_2":{},"sitelist_has_consumer_data":false,"sitelist_has_enterprise_data":false,"sitelist_location":"","sitelist_source":0,"sitelist_version":""},"edge":{

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\89666eda-7e1e-4d99-9f37-0697adb4030e.tmp

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:very short file (no magic)
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):1
                                                                                                                                                          Entropy (8bit):0.0
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:3:L:L
                                                                                                                                                          MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                                          SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                                          SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                                          SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:.

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\89fae672-0322-49d4-bd08-d9de31146260.tmp

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):7509
                                                                                                                                                          Entropy (8bit):5.081147353372809
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:96:stsqKps19bDjbzdsXEmZ4uof8zfsY5eh6Cb7/x+6MhmuecmAeWnf+RDQ0A2ML/EJ:stsps7zdsJZekfsY8bV+FiA9+N0PLMJ
                                                                                                                                                          MD5:76FE77D92594AB76053D68702BE63260
                                                                                                                                                          SHA1:E336C487D3348F6CAC09831CB580919F33482E0F
                                                                                                                                                          SHA-256:EAE9BF29A0D09FD619EDADE502EF00C989BCD07E7EC988A49D265D3F632F3777
                                                                                                                                                          SHA-512:A501BDF7BD3603EF1DB2F57A16918BEC7B9DB5BDF052573B904455AB332E001554281460A76F396ED7E31A3A093DC67A1661536F41FAF76E2443D44E30C99975
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13358408233969578","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340970644573687","arbitration_using_experiment_config":false,"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false},"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"list":[]},"default_apps_install_state":3,"domain_diversity":{"last_reporting_timestamp":"13358408233968885"},"dual_engine":{"consumer_mode":{"ie_user":false},"consumer_site_list_with_ie_entries":false,"consumer_sitelist_location":"","consumer_sitelist_version":"","external_consumer_shared_cookie_data":{},"shared_cookie_data":{},"sitelist_data_2":{},"sitelist_has_consumer_data":false,"sitelist_has_enterprise_data":false,"sitelist_location":"","sitelist_source":0,"sitelist_version":""},"edge":{

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\000003.log

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:data
                                                                                                                                                          Category:modified
                                                                                                                                                          Size (bytes):416831
                                                                                                                                                          Entropy (8bit):5.112426776414246
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:1536:7Q60h81vrPI3lFKCYbROWIwLtxI2LpSNCIFu7bY38WJ59R8Mm6EW9uU8ywMsF9l8:7PfPLqNF9RrmVlrvKOlm/lXlWfEwYCw
                                                                                                                                                          MD5:6C0549233C4C44826BC0A36B0D562EFD
                                                                                                                                                          SHA1:F1B343ABC5AA382D4F38744CB38AA39CB531079C
                                                                                                                                                          SHA-256:2CF02EACE558AA6404578323032517B7CD05D1B480B41B1D4BDA5AC9AB0708A2
                                                                                                                                                          SHA-512:B37157B9E342CDD75E1BCA423868BA503C2D3FA6BDAE89316F4BDDDB96D2DAB6D4ADA8C67E876B74414325C1D9D4DBB9FB03F13CF9D14BFA2E721C1957FC2A2D
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:...m.................DB_VERSION.1acT..................QUERY_TIMESTAMP:arbitration_priority_list4.*.*.13340969984833782.$QUERY:arbitration_priority_list4.*.*..[{"name":"arbitration_priority_list","url":"https://edgeassetservice.azureedge.net/assets/arbitration_priority_list/4.0.5/asset?sv=2017-07-29&sr=c&sig=NtPyTqjbjPElpw2mWa%2FwOk1no4JFJEK8%2BwO4xQdDJO4%3D&st=2021-01-01T00%3A00%3A00Z&se=2023-12-30T00%3A00%3A00Z&sp=r&assetgroup=ArbitrationService","version":{"major":4,"minor":0,"patch":5},"hash":"N0MkrPHaUyfTgQSPaiVpHemLMcVgqoPh/xUYLZyXayg=","size":11749}]...................'ASSET_VERSION:arbitration_priority_list.4.0.5..ASSET:arbitration_priority_list.[{. "configVersion": 32,. "PrivilegedExperiences": [. "ShorelinePrivilegedExperienceID",. "SHOPPING_AUTO_SHOW_COUPONS_CHECKOUT",. "SHOPPING_AUTO_SHOW_LOWER_PRICE_FOUND",. "SHOPPING_AUTO_SHOW_BING_SEARCH",. "SHOPPING_AUTO_SHOW_REBATES",. "SHOPPING_AUTO_SHOW_REBATES_CONFIRMATION",. "SHOPPING_AUTO_SHOW_REBATES_DEACTI

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:ASCII text
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):332
                                                                                                                                                          Entropy (8bit):5.126954007733068
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:6:mN+q2PqLTwi23oH+Tcwt9Eh1tIFUt8M5Zmw+TNVkwOqLTwi23oH+Tcwt9Eh15LJ:mIv8wZYeb9Eh16FUt8M5/+Tz5TwZYebY
                                                                                                                                                          MD5:F9BF80DB0B969DEC4245685DFA552199
                                                                                                                                                          SHA1:3770B8539BEEDC325828DC73EF5BE6E1DDBDA10C
                                                                                                                                                          SHA-256:E137170F98EA1137F15092257DDAC32D036C981AD3B5FE0CCAE2BB421A6BA9AD
                                                                                                                                                          SHA-512:421C7F932CAB8B67E40040591B63755BB5C3FDE04E76ABED193E7F95DE19D42B50B6441C4E7275AA992FB1DF33AD623012B62ED78FB1F54990D5D57496220E56
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:2024/04/24-07:00:13.581 21b8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/MANIFEST-000001.2024/04/24-07:00:13.582 21b8 Recovering log #3.2024/04/24-07:00:13.585 21b8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/000003.log .

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG.old (copy)

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:ASCII text
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):332
                                                                                                                                                          Entropy (8bit):5.126954007733068
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:6:mN+q2PqLTwi23oH+Tcwt9Eh1tIFUt8M5Zmw+TNVkwOqLTwi23oH+Tcwt9Eh15LJ:mIv8wZYeb9Eh16FUt8M5/+Tz5TwZYebY
                                                                                                                                                          MD5:F9BF80DB0B969DEC4245685DFA552199
                                                                                                                                                          SHA1:3770B8539BEEDC325828DC73EF5BE6E1DDBDA10C
                                                                                                                                                          SHA-256:E137170F98EA1137F15092257DDAC32D036C981AD3B5FE0CCAE2BB421A6BA9AD
                                                                                                                                                          SHA-512:421C7F932CAB8B67E40040591B63755BB5C3FDE04E76ABED193E7F95DE19D42B50B6441C4E7275AA992FB1DF33AD623012B62ED78FB1F54990D5D57496220E56
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:2024/04/24-07:00:13.581 21b8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/MANIFEST-000001.2024/04/24-07:00:13.582 21b8 Recovering log #3.2024/04/24-07:00:13.585 21b8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/000003.log .

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG.old~RF4d619.TMP (copy)

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:ASCII text
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):332
                                                                                                                                                          Entropy (8bit):5.126954007733068
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:6:mN+q2PqLTwi23oH+Tcwt9Eh1tIFUt8M5Zmw+TNVkwOqLTwi23oH+Tcwt9Eh15LJ:mIv8wZYeb9Eh16FUt8M5/+Tz5TwZYebY
                                                                                                                                                          MD5:F9BF80DB0B969DEC4245685DFA552199
                                                                                                                                                          SHA1:3770B8539BEEDC325828DC73EF5BE6E1DDBDA10C
                                                                                                                                                          SHA-256:E137170F98EA1137F15092257DDAC32D036C981AD3B5FE0CCAE2BB421A6BA9AD
                                                                                                                                                          SHA-512:421C7F932CAB8B67E40040591B63755BB5C3FDE04E76ABED193E7F95DE19D42B50B6441C4E7275AA992FB1DF33AD623012B62ED78FB1F54990D5D57496220E56
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:2024/04/24-07:00:13.581 21b8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/MANIFEST-000001.2024/04/24-07:00:13.582 21b8 Recovering log #3.2024/04/24-07:00:13.585 21b8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/000003.log .

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:ASCII text
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):344
                                                                                                                                                          Entropy (8bit):5.229530696090887
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:6:234+q2PqLTwi23oH+TcwtnG2tMsIFUt8n3TZmw+n3DVkwOqLTwi23oH+TcwtnG2b:Sv8wZYebn9GFUt8D/+Z5TwZYebn95J
                                                                                                                                                          MD5:D7FE6AC31DD7CE9A678FE242A7EDC34B
                                                                                                                                                          SHA1:C9B400A2F6D764FAC01BE34ED283D7AB0663BE7C
                                                                                                                                                          SHA-256:D51A3403AC823E51D50BE0D9F51D190A2497CBF27C5A786EF88F2A5860888B04
                                                                                                                                                          SHA-512:631D26EED70715B2CE4DEB78B39FD604CA36E75AEFD095D47ED0E52B0F7FC3AC949EC181FA43D18DABA2C6C189DAEF90ACF35B7113D29CF21D68F45143B3A841
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:2024/04/24-06:57:13.520 1fa8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/MANIFEST-000001.2024/04/24-06:57:13.521 1fa8 Recovering log #3.2024/04/24-06:57:13.521 1fa8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/000003.log .

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG.old (copy)

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:ASCII text
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):344
                                                                                                                                                          Entropy (8bit):5.229530696090887
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:6:234+q2PqLTwi23oH+TcwtnG2tMsIFUt8n3TZmw+n3DVkwOqLTwi23oH+TcwtnG2b:Sv8wZYebn9GFUt8D/+Z5TwZYebn95J
                                                                                                                                                          MD5:D7FE6AC31DD7CE9A678FE242A7EDC34B
                                                                                                                                                          SHA1:C9B400A2F6D764FAC01BE34ED283D7AB0663BE7C
                                                                                                                                                          SHA-256:D51A3403AC823E51D50BE0D9F51D190A2497CBF27C5A786EF88F2A5860888B04
                                                                                                                                                          SHA-512:631D26EED70715B2CE4DEB78B39FD604CA36E75AEFD095D47ED0E52B0F7FC3AC949EC181FA43D18DABA2C6C189DAEF90ACF35B7113D29CF21D68F45143B3A841
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:2024/04/24-06:57:13.520 1fa8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/MANIFEST-000001.2024/04/24-06:57:13.521 1fa8 Recovering log #3.2024/04/24-06:57:13.521 1fa8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/000003.log .

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\000003.log

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):418
                                                                                                                                                          Entropy (8bit):1.8784775129881184
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:6:qTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCT:qWWWWWWWWWWWWWWWWWWWWW
                                                                                                                                                          MD5:BF097D724FDF1FCA9CF3532E86B54696
                                                                                                                                                          SHA1:4039A5DD607F9FB14018185F707944FE7BA25EF7
                                                                                                                                                          SHA-256:1B8B50A996172C16E93AC48BCB94A3592BEED51D3EF03F87585A1A5E6EC37F6B
                                                                                                                                                          SHA-512:31857C157E5B02BCA225B189843CE912A792A7098CEA580B387977B29E90A33C476DF99AD9F45AD5EB8DA1EFFD8AC3A78870988F60A32D05FA2DA8F47794FACE
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5...............

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:ASCII text
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):320
                                                                                                                                                          Entropy (8bit):5.198205276153186
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:6:234DA+q2PqLTwi23oH+Tcwt8aPrqIFUt8n3nY5Zmw+n3nYtVkwOqLTwi23oH+TcD:NFv8wZYebL3FUt83c/+3c5TwZYebQJ
                                                                                                                                                          MD5:82FF7FBCD33268AA774BD4F9E91DC38B
                                                                                                                                                          SHA1:F63CB2012032967982218A3AC8E176C79C8BD593
                                                                                                                                                          SHA-256:208D3E16179DA015F96C6C0D4EBC3BCB85D630F998B5841184EF95718BB9DE82
                                                                                                                                                          SHA-512:16E54E2940CB5B38BF820E747F6658DFE693ACCD749BB91536449AD47D9A1F8EDEB917239B05A56841D400CC98F3601A436B05D3A6723BE7B91FC76BA0788A5D
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:2024/04/24-06:57:13.523 1fa8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/MANIFEST-000001.2024/04/24-06:57:13.524 1fa8 Recovering log #3.2024/04/24-06:57:13.524 1fa8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/000003.log .

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG.old (copy)

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:ASCII text
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):320
                                                                                                                                                          Entropy (8bit):5.198205276153186
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:6:234DA+q2PqLTwi23oH+Tcwt8aPrqIFUt8n3nY5Zmw+n3nYtVkwOqLTwi23oH+TcD:NFv8wZYebL3FUt83c/+3c5TwZYebQJ
                                                                                                                                                          MD5:82FF7FBCD33268AA774BD4F9E91DC38B
                                                                                                                                                          SHA1:F63CB2012032967982218A3AC8E176C79C8BD593
                                                                                                                                                          SHA-256:208D3E16179DA015F96C6C0D4EBC3BCB85D630F998B5841184EF95718BB9DE82
                                                                                                                                                          SHA-512:16E54E2940CB5B38BF820E747F6658DFE693ACCD749BB91536449AD47D9A1F8EDEB917239B05A56841D400CC98F3601A436B05D3A6723BE7B91FC76BA0788A5D
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:2024/04/24-06:57:13.523 1fa8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/MANIFEST-000001.2024/04/24-06:57:13.524 1fa8 Recovering log #3.2024/04/24-06:57:13.524 1fa8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/000003.log .

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\000003.log

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):418
                                                                                                                                                          Entropy (8bit):1.8784775129881184
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:6:qTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCT:qWWWWWWWWWWWWWWWWWWWWW
                                                                                                                                                          MD5:BF097D724FDF1FCA9CF3532E86B54696
                                                                                                                                                          SHA1:4039A5DD607F9FB14018185F707944FE7BA25EF7
                                                                                                                                                          SHA-256:1B8B50A996172C16E93AC48BCB94A3592BEED51D3EF03F87585A1A5E6EC37F6B
                                                                                                                                                          SHA-512:31857C157E5B02BCA225B189843CE912A792A7098CEA580B387977B29E90A33C476DF99AD9F45AD5EB8DA1EFFD8AC3A78870988F60A32D05FA2DA8F47794FACE
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5...............

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:ASCII text
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):324
                                                                                                                                                          Entropy (8bit):5.215340111062953
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:6:23jt+q2PqLTwi23oH+Tcwt865IFUt8n3zZmw+n3jVkwOqLTwi23oH+Tcwt86+ULJ:qov8wZYeb/WFUt8j/+55TwZYeb/+SJ
                                                                                                                                                          MD5:171B6C9257835F1E7AA5EB1C775D4604
                                                                                                                                                          SHA1:9D926B8B6BD0BC067223283A07F1AFF3F444AC11
                                                                                                                                                          SHA-256:C8563BC1D1BA13EBEFBDDA6673E9172057F2CEE826B92CEFD4031A8064209FEA
                                                                                                                                                          SHA-512:D5A049CEA97DFBCF2A12765A0A6FD70E091D22749CA52A8D6135A46F8D95AC6B390B9BC898B37B1B9A902C89F53C71CA1CC2492F58F45002AB6B6ECA16BBB1B9
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:2024/04/24-06:57:13.549 1fa8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/MANIFEST-000001.2024/04/24-06:57:13.550 1fa8 Recovering log #3.2024/04/24-06:57:13.550 1fa8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/000003.log .

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG.old (copy)

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:ASCII text
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):324
                                                                                                                                                          Entropy (8bit):5.215340111062953
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:6:23jt+q2PqLTwi23oH+Tcwt865IFUt8n3zZmw+n3jVkwOqLTwi23oH+Tcwt86+ULJ:qov8wZYeb/WFUt8j/+55TwZYeb/+SJ
                                                                                                                                                          MD5:171B6C9257835F1E7AA5EB1C775D4604
                                                                                                                                                          SHA1:9D926B8B6BD0BC067223283A07F1AFF3F444AC11
                                                                                                                                                          SHA-256:C8563BC1D1BA13EBEFBDDA6673E9172057F2CEE826B92CEFD4031A8064209FEA
                                                                                                                                                          SHA-512:D5A049CEA97DFBCF2A12765A0A6FD70E091D22749CA52A8D6135A46F8D95AC6B390B9BC898B37B1B9A902C89F53C71CA1CC2492F58F45002AB6B6ECA16BBB1B9
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:2024/04/24-06:57:13.549 1fa8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/MANIFEST-000001.2024/04/24-06:57:13.550 1fa8 Recovering log #3.2024/04/24-06:57:13.550 1fa8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/000003.log .

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\000003.log

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):1254
                                                                                                                                                          Entropy (8bit):1.8784775129881184
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:12:qWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWA:
                                                                                                                                                          MD5:826B4C0003ABB7604485322423C5212A
                                                                                                                                                          SHA1:6B8EF07391CD0301C58BB06E8DEDCA502D59BCB4
                                                                                                                                                          SHA-256:C56783C3A6F28D9F7043D2FB31B8A956369F25E6CE6441EB7C03480334341A63
                                                                                                                                                          SHA-512:0474165157921EA84062102743EE5A6AFE500F1F87DE2E87DBFE36C32CFE2636A0AE43D8946342740A843D5C2502EA4932623C609B930FE8511FE7356D4BAA9C
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5........

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:ASCII text
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):320
                                                                                                                                                          Entropy (8bit):5.177806975245196
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:6:234q2PqLTwi23oH+Tcwt8NIFUt8n3+TZmw+n3+JkwOqLTwi23oH+Tcwt8+eLJ:Dv8wZYebpFUt82/+K5TwZYebqJ
                                                                                                                                                          MD5:761D52011514716B2EB0A907DD99BDA2
                                                                                                                                                          SHA1:614D6D0F226BCE722C3F005FF752A127045300A1
                                                                                                                                                          SHA-256:45D628C9D4F5012A9AF1BBE21BC13B564F7E8C2AD8019DA867B8BCE5A0DD59CB
                                                                                                                                                          SHA-512:D65CBD2DE0150CBD39ECB890E09BA5CCAC83475DF9223EF57C2D2AB5468EAB45A4964B780FBBF80B4317733EE8084BC6E2488091DA5C61B1E81A51041FDE99A8
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:2024/04/24-06:57:14.096 1f34 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/MANIFEST-000001.2024/04/24-06:57:14.097 1f34 Recovering log #3.2024/04/24-06:57:14.097 1f34 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/000003.log .

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG.old (copy)

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:ASCII text
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):320
                                                                                                                                                          Entropy (8bit):5.177806975245196
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:6:234q2PqLTwi23oH+Tcwt8NIFUt8n3+TZmw+n3+JkwOqLTwi23oH+Tcwt8+eLJ:Dv8wZYebpFUt82/+K5TwZYebqJ
                                                                                                                                                          MD5:761D52011514716B2EB0A907DD99BDA2
                                                                                                                                                          SHA1:614D6D0F226BCE722C3F005FF752A127045300A1
                                                                                                                                                          SHA-256:45D628C9D4F5012A9AF1BBE21BC13B564F7E8C2AD8019DA867B8BCE5A0DD59CB
                                                                                                                                                          SHA-512:D65CBD2DE0150CBD39ECB890E09BA5CCAC83475DF9223EF57C2D2AB5468EAB45A4964B780FBBF80B4317733EE8084BC6E2488091DA5C61B1E81A51041FDE99A8
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:2024/04/24-06:57:14.096 1f34 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/MANIFEST-000001.2024/04/24-06:57:14.097 1f34 Recovering log #3.2024/04/24-06:57:14.097 1f34 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/000003.log .

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha\1.2.1_0\_metadata\computed_hashes.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):429
                                                                                                                                                          Entropy (8bit):5.809210454117189
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:6:Y8U0vEjrAWT0VAUD9lpMXO4SrqiweVHUSENjrAWT0HQQ9/LZyVMQ3xqiweVHlrSQ:Y8U5j0pqCjJA7tNj0pHx/LZ4hcdQ
                                                                                                                                                          MD5:5D1D9020CCEFD76CA661902E0C229087
                                                                                                                                                          SHA1:DCF2AA4A1C626EC7FFD9ABD284D29B269D78FCB6
                                                                                                                                                          SHA-256:B829B0DF7E3F2391BFBA70090EB4CE2BA6A978CCD665EEBF1073849BDD4B8FB9
                                                                                                                                                          SHA-512:5F6E72720E64A7AC19F191F0179992745D5136D41DCDC13C5C3C2E35A71EB227570BD47C7B376658EF670B75929ABEEBD8EF470D1E24B595A11D320EC1479E3C
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{"file_hashes":[{"block_hashes":["OdZL4YFLwCTKbdslekC6/+U9KTtDUk+T+nnpVOeRzUc=","6RbL+qKART8FehO4s7U0u67iEI8/jaN+8Kg3kII+uy4=","CuN6+RcZAysZCfrzCZ8KdWDkQqyaIstSrcmsZ/c2MVs="],"block_size":4096,"path":"content.js"},{"block_hashes":["OdZL4YFLwCTKbdslekC6/+U9KTtDUk+T+nnpVOeRzUc=","UL53sQ5hOhAmII/Yx6muXikzahxM+k5gEmVOh7xJ3Rw=","u6MdmVNzBUfDzMwv2LEJ6pXR8k0nnvpYRwOL8aApwP8="],"block_size":4096,"path":"content_new.js"}],"version":2}

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History-journal

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):8720
                                                                                                                                                          Entropy (8bit):0.21848828281205318
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:3:Lt5lntFlljq7A/mhWJFuQ3yy7IOWUGctol/dweytllrE9SFcTp4AGbNCV9RUI3k:55G75fO1t4/d0Xi99pEYq
                                                                                                                                                          MD5:2BA39C4CD32CD050DF15C656F6D1F550
                                                                                                                                                          SHA1:A2C5C0B67E7A1CD85A340055065705345572F649
                                                                                                                                                          SHA-256:EC3CC6EE9F7B41AC50558517F2EAD27CC4C69351E510E0AD3689873734B900F7
                                                                                                                                                          SHA-512:1F129543585EC3EBEB7B591DFEB4CBDAFC01F83420435D66DDF191ACCD747AC69ACA6A64AE342767DE350BF55FBDCDA2E669B3D342892C0FB943747C9983785C
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:.............|T....&....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:ASCII text
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):404
                                                                                                                                                          Entropy (8bit):5.248651901583766
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:12:6UAv8wZYeb8rcHEZrELFUt8/r1/+/75TwZYeb8rcHEZrEZSJ:6h8wZYeb8nZrExg8/rctTwZYeb8nZrE8
                                                                                                                                                          MD5:836C07F00521F8F7084C71C1A2921F3E
                                                                                                                                                          SHA1:30CDB15F8A9D98EBF500E656D9214FCCC3290CC3
                                                                                                                                                          SHA-256:28E0DE220BAB7DF9195D290EEE3631D486D0656DF5B4683BD8C25A22F66C96AB
                                                                                                                                                          SHA-512:84B986F159B5B015473DDD02651AD4A10898E27B4351F29282A9A62BE2F280D5B4B1D078902B172CFB26B536DA9B5B73B57EA521EA05FA960669E456F752DC01
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:2024/04/24-06:57:15.554 1e10 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/MANIFEST-000001.2024/04/24-06:57:15.555 1e10 Recovering log #3.2024/04/24-06:57:15.555 1e10 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/000003.log .

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG.old (copy)

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:ASCII text
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):404
                                                                                                                                                          Entropy (8bit):5.248651901583766
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:12:6UAv8wZYeb8rcHEZrELFUt8/r1/+/75TwZYeb8rcHEZrEZSJ:6h8wZYeb8nZrExg8/rctTwZYeb8nZrE8
                                                                                                                                                          MD5:836C07F00521F8F7084C71C1A2921F3E
                                                                                                                                                          SHA1:30CDB15F8A9D98EBF500E656D9214FCCC3290CC3
                                                                                                                                                          SHA-256:28E0DE220BAB7DF9195D290EEE3631D486D0656DF5B4683BD8C25A22F66C96AB
                                                                                                                                                          SHA-512:84B986F159B5B015473DDD02651AD4A10898E27B4351F29282A9A62BE2F280D5B4B1D078902B172CFB26B536DA9B5B73B57EA521EA05FA960669E456F752DC01
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:2024/04/24-06:57:15.554 1e10 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/MANIFEST-000001.2024/04/24-06:57:15.555 1e10 Recovering log #3.2024/04/24-06:57:15.555 1e10 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/000003.log .

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:ASCII text
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):332
                                                                                                                                                          Entropy (8bit):5.180192411722357
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:6:23IAQyq2PqLTwi23oH+Tcwt8a2jMGIFUt8n3sRNAG1Zmw+n3tSAQRkwOqLTwi234:8Qyv8wZYeb8EFUt880g/+9zQR5TwZYek
                                                                                                                                                          MD5:791CB37622382F445A5CBE0CB04F9463
                                                                                                                                                          SHA1:10002D1D5DC6A8305742D0B92512AE2B26579B51
                                                                                                                                                          SHA-256:52F087F3C984F01D7303657469F96CF51BDB95E54B537742914E47DEB1FD8655
                                                                                                                                                          SHA-512:CF5AB66F45FA2DEAB166EE2065C60089650AE12A480A93F4C8D656E7BDDACBBBE5486BFFC9505A7E3BD8381C20FCF9432B98FCD70A4943E1EBC3C0BDDAF38B9F
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:2024/04/24-06:57:14.182 2094 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/MANIFEST-000001.2024/04/24-06:57:14.184 2094 Recovering log #3.2024/04/24-06:57:14.186 2094 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/000003.log .

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG.old (copy)

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:ASCII text
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):332
                                                                                                                                                          Entropy (8bit):5.180192411722357
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:6:23IAQyq2PqLTwi23oH+Tcwt8a2jMGIFUt8n3sRNAG1Zmw+n3tSAQRkwOqLTwi234:8Qyv8wZYeb8EFUt880g/+9zQR5TwZYek
                                                                                                                                                          MD5:791CB37622382F445A5CBE0CB04F9463
                                                                                                                                                          SHA1:10002D1D5DC6A8305742D0B92512AE2B26579B51
                                                                                                                                                          SHA-256:52F087F3C984F01D7303657469F96CF51BDB95E54B537742914E47DEB1FD8655
                                                                                                                                                          SHA-512:CF5AB66F45FA2DEAB166EE2065C60089650AE12A480A93F4C8D656E7BDDACBBBE5486BFFC9505A7E3BD8381C20FCF9432B98FCD70A4943E1EBC3C0BDDAF38B9F
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:2024/04/24-06:57:14.182 2094 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/MANIFEST-000001.2024/04/24-06:57:14.184 2094 Recovering log #3.2024/04/24-06:57:14.186 2094 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/000003.log .

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\113a2526-bbeb-451c-800a-3b646bfd499f.tmp

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):40
                                                                                                                                                          Entropy (8bit):4.1275671571169275
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                          MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                          SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                          SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                          SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\94f19356-3775-4c71-ab56-92c65b80abf8.tmp

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):1500
                                                                                                                                                          Entropy (8bit):5.302429860094202
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:24:YcCp/WwC5mWw6ma3yeesw6C1EFGJ/I3RdseZVMdmRds3jJZFRudFGRw6maPsQYh0:YcCpfC0leeBagCzsatsLfc7khYhbw
                                                                                                                                                          MD5:439A792C4281A7F034A6311EA45993A7
                                                                                                                                                          SHA1:E38E508762E202B3FE1F12A1B154A472D404DC9D
                                                                                                                                                          SHA-256:717387212F2ADE9C1B5CB7D05CE472C3C141A4DE780EBF9A1367BAD3C4D772F5
                                                                                                                                                          SHA-512:BC762D1D8A9E0C843AC3C050F47E0973BC1CFF4F4EBD41DA4B252BBF112DF6B3334363C1ED6FD0B11FF30DF82ED0AEF1AECC9CB99B02AC32EB05E990B9F5A099
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{"net":{"http_server_properties":{"servers":[{"anonymization":["FAAAAA4AAABodHRwOi8vbXNuLmNvbQAA",false],"server":"https://assets.msn.com","supports_spdy":true},{"anonymization":["FAAAAA8AAABodHRwczovL21zbi5jb20A",false],"server":"https://assets.msn.com","supports_spdy":true},{"anonymization":["HAAAABUAAABodHRwczovL21pY3Jvc29mdC5jb20AAAA=",false],"server":"https://msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com","supports_spdy":true},{"anonymization":["HAAAABUAAABodHRwczovL2F6dXJlZWRnZS5uZXQAAAA=",false],"server":"https://edgeassetservice.azureedge.net","supports_spdy":true},{"anonymization":["IAAAABoAAABodHRwczovL3d3dy5nb29nbGVhcGlzLmNvbQAA",false],"server":"https://www.googleapis.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13361000235955238","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"server":"https://clients2.google.com","supports_spdy":true},{"alternative_service":[{"adve

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\99271350-42c2-4bf2-a5a8-861a09d33f1f.tmp

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):2
                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:[]

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\9b65aea9-5eee-4311-939e-5851695c209f.tmp

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):2
                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:[]

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State (copy)

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):1500
                                                                                                                                                          Entropy (8bit):5.302429860094202
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:24:YcCp/WwC5mWw6ma3yeesw6C1EFGJ/I3RdseZVMdmRds3jJZFRudFGRw6maPsQYh0:YcCpfC0leeBagCzsatsLfc7khYhbw
                                                                                                                                                          MD5:439A792C4281A7F034A6311EA45993A7
                                                                                                                                                          SHA1:E38E508762E202B3FE1F12A1B154A472D404DC9D
                                                                                                                                                          SHA-256:717387212F2ADE9C1B5CB7D05CE472C3C141A4DE780EBF9A1367BAD3C4D772F5
                                                                                                                                                          SHA-512:BC762D1D8A9E0C843AC3C050F47E0973BC1CFF4F4EBD41DA4B252BBF112DF6B3334363C1ED6FD0B11FF30DF82ED0AEF1AECC9CB99B02AC32EB05E990B9F5A099
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{"net":{"http_server_properties":{"servers":[{"anonymization":["FAAAAA4AAABodHRwOi8vbXNuLmNvbQAA",false],"server":"https://assets.msn.com","supports_spdy":true},{"anonymization":["FAAAAA8AAABodHRwczovL21zbi5jb20A",false],"server":"https://assets.msn.com","supports_spdy":true},{"anonymization":["HAAAABUAAABodHRwczovL21pY3Jvc29mdC5jb20AAAA=",false],"server":"https://msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com","supports_spdy":true},{"anonymization":["HAAAABUAAABodHRwczovL2F6dXJlZWRnZS5uZXQAAAA=",false],"server":"https://edgeassetservice.azureedge.net","supports_spdy":true},{"anonymization":["IAAAABoAAABodHRwczovL3d3dy5nb29nbGVhcGlzLmNvbQAA",false],"server":"https://www.googleapis.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13361000235955238","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"server":"https://clients2.google.com","supports_spdy":true},{"alternative_service":[{"adve

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports (copy)

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):2
                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:[]

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF22fef.TMP (copy)

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):2
                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:[]

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF23a21.TMP (copy)

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):2
                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:[]

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF23c05.TMP (copy)

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):2
                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:[]

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries (copy)

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):40
                                                                                                                                                          Entropy (8bit):4.1275671571169275
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                          MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                          SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                          SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                          SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\a9aa0fa7-f999-4465-b7ae-dcb2aa3c6122.tmp

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):2
                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:[]

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\d311f485-fa3e-4d94-811e-730011d6c576.tmp

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):2
                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:[]

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences (copy)

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):7509
                                                                                                                                                          Entropy (8bit):5.081147353372809
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:96:stsqKps19bDjbzdsXEmZ4uof8zfsY5eh6Cb7/x+6MhmuecmAeWnf+RDQ0A2ML/EJ:stsps7zdsJZekfsY8bV+FiA9+N0PLMJ
                                                                                                                                                          MD5:76FE77D92594AB76053D68702BE63260
                                                                                                                                                          SHA1:E336C487D3348F6CAC09831CB580919F33482E0F
                                                                                                                                                          SHA-256:EAE9BF29A0D09FD619EDADE502EF00C989BCD07E7EC988A49D265D3F632F3777
                                                                                                                                                          SHA-512:A501BDF7BD3603EF1DB2F57A16918BEC7B9DB5BDF052573B904455AB332E001554281460A76F396ED7E31A3A093DC67A1661536F41FAF76E2443D44E30C99975
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13358408233969578","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340970644573687","arbitration_using_experiment_config":false,"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false},"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"list":[]},"default_apps_install_state":3,"domain_diversity":{"last_reporting_timestamp":"13358408233968885"},"dual_engine":{"consumer_mode":{"ie_user":false},"consumer_site_list_with_ie_entries":false,"consumer_sitelist_location":"","consumer_sitelist_version":"","external_consumer_shared_cookie_data":{},"shared_cookie_data":{},"sitelist_data_2":{},"sitelist_has_consumer_data":false,"sitelist_has_enterprise_data":false,"sitelist_location":"","sitelist_source":0,"sitelist_version":""},"edge":{

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF26576.TMP (copy)

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):7509
                                                                                                                                                          Entropy (8bit):5.081147353372809
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:96:stsqKps19bDjbzdsXEmZ4uof8zfsY5eh6Cb7/x+6MhmuecmAeWnf+RDQ0A2ML/EJ:stsps7zdsJZekfsY8bV+FiA9+N0PLMJ
                                                                                                                                                          MD5:76FE77D92594AB76053D68702BE63260
                                                                                                                                                          SHA1:E336C487D3348F6CAC09831CB580919F33482E0F
                                                                                                                                                          SHA-256:EAE9BF29A0D09FD619EDADE502EF00C989BCD07E7EC988A49D265D3F632F3777
                                                                                                                                                          SHA-512:A501BDF7BD3603EF1DB2F57A16918BEC7B9DB5BDF052573B904455AB332E001554281460A76F396ED7E31A3A093DC67A1661536F41FAF76E2443D44E30C99975
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13358408233969578","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340970644573687","arbitration_using_experiment_config":false,"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false},"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"list":[]},"default_apps_install_state":3,"domain_diversity":{"last_reporting_timestamp":"13358408233968885"},"dual_engine":{"consumer_mode":{"ie_user":false},"consumer_site_list_with_ie_entries":false,"consumer_sitelist_location":"","consumer_sitelist_version":"","external_consumer_shared_cookie_data":{},"shared_cookie_data":{},"sitelist_data_2":{},"sitelist_has_consumer_data":false,"sitelist_has_enterprise_data":false,"sitelist_location":"","sitelist_source":0,"sitelist_version":""},"edge":{

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF2b2ac.TMP (copy)

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):7509
                                                                                                                                                          Entropy (8bit):5.081147353372809
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:96:stsqKps19bDjbzdsXEmZ4uof8zfsY5eh6Cb7/x+6MhmuecmAeWnf+RDQ0A2ML/EJ:stsps7zdsJZekfsY8bV+FiA9+N0PLMJ
                                                                                                                                                          MD5:76FE77D92594AB76053D68702BE63260
                                                                                                                                                          SHA1:E336C487D3348F6CAC09831CB580919F33482E0F
                                                                                                                                                          SHA-256:EAE9BF29A0D09FD619EDADE502EF00C989BCD07E7EC988A49D265D3F632F3777
                                                                                                                                                          SHA-512:A501BDF7BD3603EF1DB2F57A16918BEC7B9DB5BDF052573B904455AB332E001554281460A76F396ED7E31A3A093DC67A1661536F41FAF76E2443D44E30C99975
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13358408233969578","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340970644573687","arbitration_using_experiment_config":false,"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false},"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"list":[]},"default_apps_install_state":3,"domain_diversity":{"last_reporting_timestamp":"13358408233968885"},"dual_engine":{"consumer_mode":{"ie_user":false},"consumer_site_list_with_ie_entries":false,"consumer_sitelist_location":"","consumer_sitelist_version":"","external_consumer_shared_cookie_data":{},"shared_cookie_data":{},"sitelist_data_2":{},"sitelist_has_consumer_data":false,"sitelist_has_enterprise_data":false,"sitelist_location":"","sitelist_source":0,"sitelist_version":""},"edge":{

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF327ec.TMP (copy)

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):7509
                                                                                                                                                          Entropy (8bit):5.081147353372809
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:96:stsqKps19bDjbzdsXEmZ4uof8zfsY5eh6Cb7/x+6MhmuecmAeWnf+RDQ0A2ML/EJ:stsps7zdsJZekfsY8bV+FiA9+N0PLMJ
                                                                                                                                                          MD5:76FE77D92594AB76053D68702BE63260
                                                                                                                                                          SHA1:E336C487D3348F6CAC09831CB580919F33482E0F
                                                                                                                                                          SHA-256:EAE9BF29A0D09FD619EDADE502EF00C989BCD07E7EC988A49D265D3F632F3777
                                                                                                                                                          SHA-512:A501BDF7BD3603EF1DB2F57A16918BEC7B9DB5BDF052573B904455AB332E001554281460A76F396ED7E31A3A093DC67A1661536F41FAF76E2443D44E30C99975
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13358408233969578","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340970644573687","arbitration_using_experiment_config":false,"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false},"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"list":[]},"default_apps_install_state":3,"domain_diversity":{"last_reporting_timestamp":"13358408233968885"},"dual_engine":{"consumer_mode":{"ie_user":false},"consumer_site_list_with_ie_entries":false,"consumer_sitelist_location":"","consumer_sitelist_version":"","external_consumer_shared_cookie_data":{},"shared_cookie_data":{},"sitelist_data_2":{},"sitelist_has_consumer_data":false,"sitelist_has_enterprise_data":false,"sitelist_location":"","sitelist_source":0,"sitelist_version":""},"edge":{

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences (copy)

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):30243
                                                                                                                                                          Entropy (8bit):5.56557725944973
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:768:2Iwr+T7pLGLd1cWP/DfUf8F1+UoAYDCx9Tuqh0VfUC9xbog/OVDwvBqRcrwrMpgp:2Iwr+Fcd1cWP/DfUfu1jaKwvoRVTtj
                                                                                                                                                          MD5:EECE8F1E30DD0DD21DC64DF8DEC224A1
                                                                                                                                                          SHA1:1BC7A6FF5DFC5656A4862B02CD0106A27CA9F639
                                                                                                                                                          SHA-256:C650109D258A20FECCCF541EEAD492DD509502C560D6283E3779F26EB47DF24B
                                                                                                                                                          SHA-512:A9A46CAF83701419D31027EFECB68CE9B4C57F1FDB223A51EABE32F13E71FD1B304BE56E9A36C80B0DBABDD05BD64ED98C04A27D03607A5D5C67B6B78ABAD475
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13358408233448485","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13358408233448485","location":5,"ma

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences~RF28294.TMP (copy)

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):30243
                                                                                                                                                          Entropy (8bit):5.56557725944973
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:768:2Iwr+T7pLGLd1cWP/DfUf8F1+UoAYDCx9Tuqh0VfUC9xbog/OVDwvBqRcrwrMpgp:2Iwr+Fcd1cWP/DfUfu1jaKwvoRVTtj
                                                                                                                                                          MD5:EECE8F1E30DD0DD21DC64DF8DEC224A1
                                                                                                                                                          SHA1:1BC7A6FF5DFC5656A4862B02CD0106A27CA9F639
                                                                                                                                                          SHA-256:C650109D258A20FECCCF541EEAD492DD509502C560D6283E3779F26EB47DF24B
                                                                                                                                                          SHA-512:A9A46CAF83701419D31027EFECB68CE9B4C57F1FDB223A51EABE32F13E71FD1B304BE56E9A36C80B0DBABDD05BD64ED98C04A27D03607A5D5C67B6B78ABAD475
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13358408233448485","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13358408233448485","location":5,"ma

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):194
                                                                                                                                                          Entropy (8bit):2.8096948641228403
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:3:S8ltHlS+QUl1ASEGhTFljljljljljljljl:S85aEFljljljljljljljl
                                                                                                                                                          MD5:D7D9437445AA960DCEA52FFE772822DC
                                                                                                                                                          SHA1:C2BBF4AC0732D905D998C4F645FD60F95A675D02
                                                                                                                                                          SHA-256:4FF49903BEC1197017A35995D5C5FC703CAF9D496467345D783F754B723D21C1
                                                                                                                                                          SHA-512:335EB1BA85670550ED1E1E4E14EA4B5D14F8306125BF147A42DE4DEF5E5F75F14C422B014414030CF30378C04F748AC875CF056ADDA196511A0B057B3598FE9A
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:*...#................version.1..namespace-..&f.................&f.................&f.................&f.................&f.................&f.................&f.................&f...............

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:ASCII text
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):320
                                                                                                                                                          Entropy (8bit):5.163909610476039
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:6:23aAQyq2PqLTwi23oH+TcwtrQMxIFUt8n35SAG1Zmw+n3LSAQRkwOqLTwi23oH+L:OQyv8wZYebCFUt8Jzg/+vQR5TwZYebtJ
                                                                                                                                                          MD5:B31B40AF707526FC30AB60C043FB910D
                                                                                                                                                          SHA1:CEF54BC5E40BEEF939611402F7A465ED9A6106AE
                                                                                                                                                          SHA-256:289D0EF5E24D14776152FE29B00AC8B896993A6ECF31F43D8595B61768A21FC2
                                                                                                                                                          SHA-512:A0C94F9121784ED7DA87EB85AB8D8583B76F1A77E22D4FAE783870C9DD5C636598B6BB2FF8B5664FF4491C46C9CEBEBEEC4447ED953C616B19BD67D8D25B4399
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:2024/04/24-06:57:31.147 2094 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/MANIFEST-000001.2024/04/24-06:57:31.152 2094 Recovering log #3.2024/04/24-06:57:31.158 2094 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/000003.log .

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG.old (copy)

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:ASCII text
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):320
                                                                                                                                                          Entropy (8bit):5.163909610476039
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:6:23aAQyq2PqLTwi23oH+TcwtrQMxIFUt8n35SAG1Zmw+n3LSAQRkwOqLTwi23oH+L:OQyv8wZYebCFUt8Jzg/+vQR5TwZYebtJ
                                                                                                                                                          MD5:B31B40AF707526FC30AB60C043FB910D
                                                                                                                                                          SHA1:CEF54BC5E40BEEF939611402F7A465ED9A6106AE
                                                                                                                                                          SHA-256:289D0EF5E24D14776152FE29B00AC8B896993A6ECF31F43D8595B61768A21FC2
                                                                                                                                                          SHA-512:A0C94F9121784ED7DA87EB85AB8D8583B76F1A77E22D4FAE783870C9DD5C636598B6BB2FF8B5664FF4491C46C9CEBEBEEC4447ED953C616B19BD67D8D25B4399
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:2024/04/24-06:57:31.147 2094 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/MANIFEST-000001.2024/04/24-06:57:31.152 2094 Recovering log #3.2024/04/24-06:57:31.158 2094 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/000003.log .

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:ASCII text
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):348
                                                                                                                                                          Entropy (8bit):5.127684308058852
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:6:23Wyq2PqLTwi23oH+Tcwt7Uh2ghZIFUt8n3A1Zmw+n3WRkwOqLTwi23oH+Tcwt7w:0v8wZYebIhHh2FUt8Q1/+y5TwZYebIh9
                                                                                                                                                          MD5:E78A6A34F187B32C1CEE1A5EB503C9DE
                                                                                                                                                          SHA1:C33EAFDE02CE839A217A083F59963751CF19E8C8
                                                                                                                                                          SHA-256:A32231A784B68B8BB74D7A62B8BAF92AA7D7519C9AC22D32F7085AE1BFADB31D
                                                                                                                                                          SHA-512:C08CBAF36A37F493144E4C6BC237E3474FCE6E51B1C8F6896CE6760C06ED6A71F68B3AF518F5B7025D470AD425FCCE130CDAED9C3AB1B5C83C90F4D66BDE9ACF
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:2024/04/24-06:57:13.574 1e10 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/MANIFEST-000001.2024/04/24-06:57:13.574 1e10 Recovering log #3.2024/04/24-06:57:13.574 1e10 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/000003.log .

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG.old (copy)

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:ASCII text
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):348
                                                                                                                                                          Entropy (8bit):5.127684308058852
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:6:23Wyq2PqLTwi23oH+Tcwt7Uh2ghZIFUt8n3A1Zmw+n3WRkwOqLTwi23oH+Tcwt7w:0v8wZYebIhHh2FUt8Q1/+y5TwZYebIh9
                                                                                                                                                          MD5:E78A6A34F187B32C1CEE1A5EB503C9DE
                                                                                                                                                          SHA1:C33EAFDE02CE839A217A083F59963751CF19E8C8
                                                                                                                                                          SHA-256:A32231A784B68B8BB74D7A62B8BAF92AA7D7519C9AC22D32F7085AE1BFADB31D
                                                                                                                                                          SHA-512:C08CBAF36A37F493144E4C6BC237E3474FCE6E51B1C8F6896CE6760C06ED6A71F68B3AF518F5B7025D470AD425FCCE130CDAED9C3AB1B5C83C90F4D66BDE9ACF
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:2024/04/24-06:57:13.574 1e10 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/MANIFEST-000001.2024/04/24-06:57:13.574 1e10 Recovering log #3.2024/04/24-06:57:13.574 1e10 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/000003.log .

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_1

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):270336
                                                                                                                                                          Entropy (8bit):0.0012471779557650352
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:3:MsEllllkEthXllkl2zE:/M/xT02z
                                                                                                                                                          MD5:F50F89A0A91564D0B8A211F8921AA7DE
                                                                                                                                                          SHA1:112403A17DD69D5B9018B8CEDE023CB3B54EAB7D
                                                                                                                                                          SHA-256:B1E963D702392FB7224786E7D56D43973E9B9EFD1B89C17814D7C558FFC0CDEC
                                                                                                                                                          SHA-512:BF8CDA48CF1EC4E73F0DD1D4FA5562AF1836120214EDB74957430CD3E4A2783E801FA3F4ED2AFB375257CAEED4ABE958265237D6E0AACF35A9EDE7A2E8898D58
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_1

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):270336
                                                                                                                                                          Entropy (8bit):0.0012471779557650352
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:3:MsEllllkEthXllkl2zE:/M/xT02z
                                                                                                                                                          MD5:F50F89A0A91564D0B8A211F8921AA7DE
                                                                                                                                                          SHA1:112403A17DD69D5B9018B8CEDE023CB3B54EAB7D
                                                                                                                                                          SHA-256:B1E963D702392FB7224786E7D56D43973E9B9EFD1B89C17814D7C558FFC0CDEC
                                                                                                                                                          SHA-512:BF8CDA48CF1EC4E73F0DD1D4FA5562AF1836120214EDB74957430CD3E4A2783E801FA3F4ED2AFB375257CAEED4ABE958265237D6E0AACF35A9EDE7A2E8898D58
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:ASCII text
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):430
                                                                                                                                                          Entropy (8bit):5.241024788371163
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:12:vzQyv8wZYebvqBQFUt89Zg/+NQR5TwZYebvqBvJ:vzQY8wZYebvZg89Z3QDTwZYebvk
                                                                                                                                                          MD5:4B4733140B1FD51DDD7486C58E017C9B
                                                                                                                                                          SHA1:6C2AD5FFA17B0C2813F13C2B4D5696D57C762A8A
                                                                                                                                                          SHA-256:3AEBAE85C316F5962B370A8FE4C1321388013884D3B1545184219E4AF7BC5E77
                                                                                                                                                          SHA-512:D8ABF27F4FB8C17D8E2984734E0A718236BEFE4BACC0F01CDD053C43DC3A57B7E2C9AD665C4AA11A862821C4F28F3BB31E4D3EBE1681868611B76B6F44E94E33
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:2024/04/24-06:57:14.196 2094 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/MANIFEST-000001.2024/04/24-06:57:14.197 2094 Recovering log #3.2024/04/24-06:57:14.201 2094 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/000003.log .

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG.old (copy)

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:ASCII text
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):430
                                                                                                                                                          Entropy (8bit):5.241024788371163
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:12:vzQyv8wZYebvqBQFUt89Zg/+NQR5TwZYebvqBvJ:vzQY8wZYebvZg89Z3QDTwZYebvk
                                                                                                                                                          MD5:4B4733140B1FD51DDD7486C58E017C9B
                                                                                                                                                          SHA1:6C2AD5FFA17B0C2813F13C2B4D5696D57C762A8A
                                                                                                                                                          SHA-256:3AEBAE85C316F5962B370A8FE4C1321388013884D3B1545184219E4AF7BC5E77
                                                                                                                                                          SHA-512:D8ABF27F4FB8C17D8E2984734E0A718236BEFE4BACC0F01CDD053C43DC3A57B7E2C9AD665C4AA11A862821C4F28F3BB31E4D3EBE1681868611B76B6F44E94E33
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:2024/04/24-06:57:14.196 2094 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/MANIFEST-000001.2024/04/24-06:57:14.197 2094 Recovering log #3.2024/04/24-06:57:14.201 2094 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/000003.log .

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\500dfd91-d818-43cf-829d-e4ada0eb6dc1.tmp

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):2
                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:[]

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\7d31fa6e-1314-41db-8a78-f5ab174cac4e.tmp

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):40
                                                                                                                                                          Entropy (8bit):4.1275671571169275
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                          MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                          SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                          SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                          SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\8fe570e1-b4f3-4546-8cad-6da8ac7dd785.tmp

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):2
                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:[]

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports (copy)

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):2
                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:[]

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports~RF23a30.TMP (copy)

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):2
                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:[]

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports~RF23c05.TMP (copy)

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):2
                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:[]

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Sdch Dictionaries (copy)

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):40
                                                                                                                                                          Entropy (8bit):4.1275671571169275
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                          MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                          SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                          SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                          SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Trust Tokens

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 9, cookie 0x7, schema 4, UTF-8, version-valid-for 4
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):36864
                                                                                                                                                          Entropy (8bit):0.3886039372934488
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:24:TLqEeWOT/kIAoDJ84l5lDlnDMlRlyKDtM6UwccWfp15fBIe:T2EeWOT/nDtX5nDOvyKDhU1cSB
                                                                                                                                                          MD5:DEA619BA33775B1BAEEC7B32110CB3BD
                                                                                                                                                          SHA1:949B8246021D004B2E772742D34B2FC8863E1AAA
                                                                                                                                                          SHA-256:3669D76771207A121594B439280A67E3A6B1CBAE8CE67A42C8312D33BA18854B
                                                                                                                                                          SHA-512:7B9741E0339B30D73FACD4670A9898147BE62B8F063A59736AFDDC83D3F03B61349828F2AE88F682D42C177AE37E18349FD41654AEBA50DDF10CD6DC70FA5879
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j..........g...}.....$.X..............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\eb7c0f1a-3f9d-49e5-9dd5-0cac18d4410b.tmp

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):2
                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:[]

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\000003.log

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):80
                                                                                                                                                          Entropy (8bit):3.4921535629071894
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:3:S8ltHlS+QUl1ASEGhTFljl:S85aEFljl
                                                                                                                                                          MD5:69449520FD9C139C534E2970342C6BD8
                                                                                                                                                          SHA1:230FE369A09DEF748F8CC23AD70FD19ED8D1B885
                                                                                                                                                          SHA-256:3F2E9648DFDB2DDB8E9D607E8802FEF05AFA447E17733DD3FD6D933E7CA49277
                                                                                                                                                          SHA-512:EA34C39AEA13B281A6067DE20AD0CDA84135E70C97DB3CDD59E25E6536B19F7781E5FC0CA4A11C3618D43FC3BD3FBC120DD5C1C47821A248B8AD351F9F4E6367
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:*...#................version.1..namespace-..&f.................&f...............

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:ASCII text
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):418
                                                                                                                                                          Entropy (8bit):5.233253449507868
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:12:+i+v8wZYebvqBZFUt8oG/+aV5TwZYebvqBaJ:+T8wZYebvyg85TwZYebvL
                                                                                                                                                          MD5:44205B5A014CF02287C0DBC005B49560
                                                                                                                                                          SHA1:A023291C6E7309BD8C48AA13DDBB9C8670F280C4
                                                                                                                                                          SHA-256:AEA903CC39077A6860F80EEE8301514B194743BC89E2004C9490DB6C2087A8B8
                                                                                                                                                          SHA-512:7FF8708FBBFFCD52106940ECDFDD9A6E66B38AF740CB66EB3983CE00669319A30D08E93EA4A48BDBA23933173C127B5B73766D482925ACF4390BC63E8464CB2F
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:2024/04/24-06:57:31.150 20bc Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/MANIFEST-000001.2024/04/24-06:57:31.153 20bc Recovering log #3.2024/04/24-06:57:31.161 20bc Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/000003.log .

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG.old (copy)

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:ASCII text
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):418
                                                                                                                                                          Entropy (8bit):5.233253449507868
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:12:+i+v8wZYebvqBZFUt8oG/+aV5TwZYebvqBaJ:+T8wZYebvyg85TwZYebvL
                                                                                                                                                          MD5:44205B5A014CF02287C0DBC005B49560
                                                                                                                                                          SHA1:A023291C6E7309BD8C48AA13DDBB9C8670F280C4
                                                                                                                                                          SHA-256:AEA903CC39077A6860F80EEE8301514B194743BC89E2004C9490DB6C2087A8B8
                                                                                                                                                          SHA-512:7FF8708FBBFFCD52106940ECDFDD9A6E66B38AF740CB66EB3983CE00669319A30D08E93EA4A48BDBA23933173C127B5B73766D482925ACF4390BC63E8464CB2F
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:2024/04/24-06:57:31.150 20bc Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/MANIFEST-000001.2024/04/24-06:57:31.153 20bc Recovering log #3.2024/04/24-06:57:31.161 20bc Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/000003.log .

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:ASCII text
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):324
                                                                                                                                                          Entropy (8bit):5.209701970907551
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:6:23bVQyq2PqLTwi23oH+TcwtpIFUt8n3xVuBG1Zmw+n3xVuBQRkwOqLTwi23oH+Tr:AVv8wZYebmFUt8DuBG1/+DuBI5TwZYev
                                                                                                                                                          MD5:ED130C260542A64CF7538EC4C4F1C983
                                                                                                                                                          SHA1:1E196FDCB872AB8EDB8C0EB2DAF508A046408695
                                                                                                                                                          SHA-256:354E592EDB09C43764F04DBF25A2C6D631B2920056A324B260A4F549B0D53B30
                                                                                                                                                          SHA-512:1EB519EDB0905168450753ED4917F86C16A5AB45FC1A105E9499EF16230384EF7D75613B4B8969E1A66D219E5BC2FDA2BFA9287D9FA054B57FA08D8C81B77138
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:2024/04/24-06:57:13.458 1f30 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/MANIFEST-000001.2024/04/24-06:57:13.460 1f30 Recovering log #3.2024/04/24-06:57:13.460 1f30 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/000003.log .

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG.old (copy)

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:ASCII text
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):324
                                                                                                                                                          Entropy (8bit):5.209701970907551
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:6:23bVQyq2PqLTwi23oH+TcwtpIFUt8n3xVuBG1Zmw+n3xVuBQRkwOqLTwi23oH+Tr:AVv8wZYebmFUt8DuBG1/+DuBI5TwZYev
                                                                                                                                                          MD5:ED130C260542A64CF7538EC4C4F1C983
                                                                                                                                                          SHA1:1E196FDCB872AB8EDB8C0EB2DAF508A046408695
                                                                                                                                                          SHA-256:354E592EDB09C43764F04DBF25A2C6D631B2920056A324B260A4F549B0D53B30
                                                                                                                                                          SHA-512:1EB519EDB0905168450753ED4917F86C16A5AB45FC1A105E9499EF16230384EF7D75613B4B8969E1A66D219E5BC2FDA2BFA9287D9FA054B57FA08D8C81B77138
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:2024/04/24-06:57:13.458 1f30 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/MANIFEST-000001.2024/04/24-06:57:13.460 1f30 Recovering log #3.2024/04/24-06:57:13.460 1f30 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/000003.log .

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Web Data

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie 0x36, schema 4, UTF-8, version-valid-for 8
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):196608
                                                                                                                                                          Entropy (8bit):1.1229606347537984
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:192:72qAdB9TbTbuDDsnxCkUSAE+WslKOMq+8ESRR9crV+J3mLxAXd:72qOB1nxCkUSAELyKOMq+8ETZKoxAX
                                                                                                                                                          MD5:28E7CAEF8C89273BA15207B14C5E60D8
                                                                                                                                                          SHA1:361D353B4BDD2C6756C3C3F2FE37316841E224A6
                                                                                                                                                          SHA-256:1776BEC07AB93E415B22626FD326B5995DDC33F808C7E6192CD2FE2A2F3D7DA0
                                                                                                                                                          SHA-512:BA083C02D01792E1DC7F1550874E9B4E03F774D3F1A0F60CB78F0C7CEC09A3DE530F87E8C36166DD442D3E7DE7EACB7EFA79B843902D289107C57017AEA6871B
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:SQLite format 3......@ .......Y...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\a3107c31-d344-4634-b604-a9ccc0ed043f.tmp

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):8268
                                                                                                                                                          Entropy (8bit):5.2092896904774975
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:192:stsps7zdsJZUFTMkfsY8bV+FiATM7PLMJ:stsps7zd+ZUFTGbGiuMY
                                                                                                                                                          MD5:D9FD9FEFBD75378C5CF76AED852752BE
                                                                                                                                                          SHA1:35B97F627E3DA7353F6CED6E726C5ACF9C9CC6A1
                                                                                                                                                          SHA-256:28A4CDDC2DC3EC50547EE966EC362CA5EE38074D6A1E23A45A379CBBD0293126
                                                                                                                                                          SHA-512:22F79491CF1FF63CAE9ECA0475F4F9EF7A4C87DE3C979E09D9C075A31EDAAD157447598C18E078C3A15D75D884E6A533CCA2439525DD7BD73D8F2B0D13B8AAFC
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13358408233969578","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340970644573687","arbitration_using_experiment_config":false,"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false},"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"list":[]},"default_apps_install_state":3,"domain_diversity":{"last_reporting_timestamp":"13358408233968885"},"dual_engine":{"consumer_mode":{"ie_user":false},"consumer_site_list_with_ie_entries":false,"consumer_sitelist_location":"","consumer_sitelist_version":"","external_consumer_shared_cookie_data":{},"shared_cookie_data":{},"sitelist_data_2":{},"sitelist_has_consumer_data":false,"sitelist_has_enterprise_data":false,"sitelist_location":"","sitelist_source":0,"sitelist_version":""},"edge":{

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\arbitration_service_config.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:ASCII text, with very long lines (3951), with CRLF line terminators
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):11755
                                                                                                                                                          Entropy (8bit):5.190465908239046
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:192:hH4vrmqRBB4W4PoiUDNaxvR5FCHFcoaSbqGEDI:hH4vrmUB6W4jR3GaSbqGEDI
                                                                                                                                                          MD5:07301A857C41B5854E6F84CA00B81EA0
                                                                                                                                                          SHA1:7441FC1018508FF4F3DBAA139A21634C08ED979C
                                                                                                                                                          SHA-256:2343C541E095E1D5F202E8D2A0807113E69E1969AF8E15E3644C51DB0BF33FBF
                                                                                                                                                          SHA-512:00ADE38E9D2F07C64648202F1D5F18A2DFB2781C0517EAEBCD567D8A77DBB7CB40A58B7C7D4EC03336A63A20D2E11DD64448F020C6FF72F06CA870AA2B4765E0
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "DefaultCohort": {.. "21f3388b-c2a5-4791-8f6e-a4cad6d17f4f.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.BingHomePage.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Covid.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Finance.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Jobs.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.KnowledgeCard.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Local.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.NTP3PCLICK.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.NotifySearchPage.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Recipe.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.SearchPage.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Sports.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Travel.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Weather.Bubble": 1,.. "2cb2db96-3bd0-403e-abe2-9269b3761041.Bubble": 1,.

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-shm

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):32768
                                                                                                                                                          Entropy (8bit):0.04961500812665619
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:6:Gd0oTlZGd0oTlZtqL9XCChslotGLNl0ml/XoQDeX:zoB9oBTypEjVl/XoQ
                                                                                                                                                          MD5:68B418984B1C312556D102B4002D8374
                                                                                                                                                          SHA1:16C36B2BA32E5C11D1FAD07A34906C92A65FA63A
                                                                                                                                                          SHA-256:3CB91999534FDD120E4002E55654EB779619879717C432E84D17B33CB5CF41CD
                                                                                                                                                          SHA-512:273D430453F22DEA336406522DEB9CF86ACF0F6FEB36CD57092A99FC9AD6A6088F136C69F3F16E429F3B0F75F7DE47FE5B5F2143905D58560106BF61CD59FA87
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:..-...........................}XF{.....h.1..|1....-...........................}XF{.....h.1..|1..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):1811
                                                                                                                                                          Entropy (8bit):5.477943184505288
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:48:z1u8mSBSAQYPDHRHmYxFIYjIYnznqkKMYjMYu6yEAlkfAlkc3:pd0AQEIYjIYnznbKMYjMYu8YcYN3
                                                                                                                                                          MD5:522287D27CDDA8AC0614A4A66C5B7E4C
                                                                                                                                                          SHA1:BE85316479924FDC844ADE6F006739F7D1221CA3
                                                                                                                                                          SHA-256:F0B0E7196B2DD23A0E45A033AA0E04DD4F58A2FC8F04A26D95578F69B48C38A7
                                                                                                                                                          SHA-512:F067B60386969179017E519F0430D2FF72DD0DE5AFF87D1C79AE6AA956FBC46DC4630694E993A7BCD84795713D37DC1FA49DD29B0C1B63A7BA6ED2E11E58A899
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:A..r.................20_1_1...1.,U.................20_1_1...1.9.0................39_config..........6.....n ....1u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............o..8.................4_IPH_CompanionSidePanel...IPH_CompanionSidePanel.....$4_IPH_CompanionSidePanelRegionSearch(."IPH_CompanionSidePanelRegionSearch......4_IPH_DownloadToolbarButton...IPH_DownloadToolbarButton.....&4_IPH_FocusHelpBubbleScreenReaderPromo*.$IPH_FocusHelpBubbleScreenReaderPromo......4_IPH_GMCCastStartStop...IPH_GMCCastStartStop......4_IPH_HighEfficiencyMode...IPH_HighEfficiencyMode......4_IPH_LiveCaption...IPH_LiveCaption......4_IPH_PasswordsAccountStorage!..IPH_PasswordsAccountStorage....."4_IPH_PasswordsWebAppProfileSwitch&. IPH_PasswordsWebAppProfileSwitch.....-4_IPH_PriceInsightsPageActionIconLabelFeature1.+IPH_PriceInsightsPageActionIconLabelFeature......4_IPH_Pric

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:ASCII text
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):320
                                                                                                                                                          Entropy (8bit):5.240685823025624
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:6:23L/+q2PqLTwi23oH+TcwtfrK+IFUt8n3ZDaXZmw+n3ZDa3VkwOqLTwi23oH+Tcq:5v8wZYeb23FUt8taX/+taF5TwZYeb3J
                                                                                                                                                          MD5:66BAB69405C4D9E6041B3F97257ACDDE
                                                                                                                                                          SHA1:A5C9B0533479E6C7A89276B43E566492E3062455
                                                                                                                                                          SHA-256:9358477E2EE9DE8CD2CEDAF81C3E3225DC58FD83557B4BC3B2647BDD80529424
                                                                                                                                                          SHA-512:E78F53549A20CB15C89F09D3647B77B3635865B0BC197C15D66DF201CC24DDCA9FD82B916F38672899E07044B71C9FC36C2ECDD9412AD15F0EA610FCC62EADD5
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:2024/04/24-06:57:14.102 1f38 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/MANIFEST-000001.2024/04/24-06:57:14.103 1f38 Recovering log #3.2024/04/24-06:57:14.103 1f38 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/000003.log .

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG.old (copy)

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:ASCII text
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):320
                                                                                                                                                          Entropy (8bit):5.240685823025624
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:6:23L/+q2PqLTwi23oH+TcwtfrK+IFUt8n3ZDaXZmw+n3ZDa3VkwOqLTwi23oH+Tcq:5v8wZYeb23FUt8taX/+taF5TwZYeb3J
                                                                                                                                                          MD5:66BAB69405C4D9E6041B3F97257ACDDE
                                                                                                                                                          SHA1:A5C9B0533479E6C7A89276B43E566492E3062455
                                                                                                                                                          SHA-256:9358477E2EE9DE8CD2CEDAF81C3E3225DC58FD83557B4BC3B2647BDD80529424
                                                                                                                                                          SHA-512:E78F53549A20CB15C89F09D3647B77B3635865B0BC197C15D66DF201CC24DDCA9FD82B916F38672899E07044B71C9FC36C2ECDD9412AD15F0EA610FCC62EADD5
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:2024/04/24-06:57:14.102 1f38 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/MANIFEST-000001.2024/04/24-06:57:14.103 1f38 Recovering log #3.2024/04/24-06:57:14.103 1f38 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/000003.log .

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):865
                                                                                                                                                          Entropy (8bit):4.046212061862141
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:12:G0nYUtTNop//z3p/Uz0RuWlJhC+lvBavRtin01zvZDEtlkyBrgxvBH2Vtgs2W:G0nYUtypD3RUovhC+lvBOL+t3IvBmtFn
                                                                                                                                                          MD5:CC7FC366FEE21379F07DD9BA0CACDB88
                                                                                                                                                          SHA1:05BE9EE7B4F6D4C8B80EFCB9D2BA5D62AC6845AC
                                                                                                                                                          SHA-256:2216EC3A08EA86589477A650BC1635373F651975CF50CE69FA72712B0B9CB0EC
                                                                                                                                                          SHA-512:367317234A2D0297F28ADD76504F5FBA5396EAE19F831406B3324FE01D04A714C19AB1FEC2D3503E2B4B80536647F188E7E5A511F41888407D32D1AD660F4E50
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:.h.6.................__global... .t...................__global... .9..b.................33_..........................33_........v.................21_.....vuNX.................21_.....<...................20_.....,.1..................19_.....QL.s.................18_.....<.J|.................37_...... .A.................38_..........................39_........].................20_.....Owa..................20_.....`..N.................19_.....D8.X.................18_......`...................37_..........................38_......\e..................39_.....dz.|.................9_.....'\c..................9_.......f-.................__global... .|.&R.................__global... ./....................__global... ..T...................__global... ..)9..................3_........r.................4_......r...................3_.....L.(t.................4_.....

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:ASCII text
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):338
                                                                                                                                                          Entropy (8bit):5.257106025984478
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:6:23R+q2PqLTwi23oH+TcwtfrzAdIFUt8n3NZmw+n3+/VkwOqLTwi23oH+TcwtfrzS:nv8wZYeb9FUt8d/+25TwZYeb2J
                                                                                                                                                          MD5:36ED355EE009368BF8B04E68FBFCE18D
                                                                                                                                                          SHA1:E2A8416D0D5CE693A08942E4C72D816F634F8B4F
                                                                                                                                                          SHA-256:BF5EDAF036E81169E0C44FCEC8117662D0CBA4BB29E6C593123C0FF4F673F1F6
                                                                                                                                                          SHA-512:DA7F0736FD6AE085544C915337BDFBE9980F3714AF0B34758F2000845734DF4AB5A6D48900C38C310F18E3C56899001DDAC3028CEFA38ADEE4E3769D85040C6A
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:2024/04/24-06:57:14.096 1f38 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/MANIFEST-000001.2024/04/24-06:57:14.096 1f38 Recovering log #3.2024/04/24-06:57:14.097 1f38 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/000003.log .

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG.old (copy)

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:ASCII text
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):338
                                                                                                                                                          Entropy (8bit):5.257106025984478
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:6:23R+q2PqLTwi23oH+TcwtfrzAdIFUt8n3NZmw+n3+/VkwOqLTwi23oH+TcwtfrzS:nv8wZYeb9FUt8d/+25TwZYeb2J
                                                                                                                                                          MD5:36ED355EE009368BF8B04E68FBFCE18D
                                                                                                                                                          SHA1:E2A8416D0D5CE693A08942E4C72D816F634F8B4F
                                                                                                                                                          SHA-256:BF5EDAF036E81169E0C44FCEC8117662D0CBA4BB29E6C593123C0FF4F673F1F6
                                                                                                                                                          SHA-512:DA7F0736FD6AE085544C915337BDFBE9980F3714AF0B34758F2000845734DF4AB5A6D48900C38C310F18E3C56899001DDAC3028CEFA38ADEE4E3769D85040C6A
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:2024/04/24-06:57:14.096 1f38 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/MANIFEST-000001.2024/04/24-06:57:14.096 1f38 Recovering log #3.2024/04/24-06:57:14.097 1f38 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/000003.log .

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\uu_host_config

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:modified
                                                                                                                                                          Size (bytes):403024
                                                                                                                                                          Entropy (8bit):4.987691454989427
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:1536:HYbzOWIwetxI2LpvNCIFu77T38WJ5BR8Mm6EW9uU8ywMsF9leE08d207nMGvykSB:EPenNgBRrmVlr0K2lP/lFlWfEwlCx
                                                                                                                                                          MD5:8F9BDA485854A823E20B47C4897937CF
                                                                                                                                                          SHA1:A86D1E2D3AE6E2F2CAF52DAF6D839EB02FE4B334
                                                                                                                                                          SHA-256:67487ABF17DE6084CF6D117F0551E92D3BA8DC70B08D17D3685603451799EF28
                                                                                                                                                          SHA-512:5C94F19AE23F4220C455DBAD0DB1640A47D981D45306939496744CC1DF2BD5980F25E417C764661CBD608D69E178CB4795763E04F21F5812AC0BA7BBCAA1008C
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "0123movies.com": "{\"Tier1\": [983, 6061], \"Tier2\": [4948, 1106, 9972]}",.. "1020398.app.netsuite.com": "{\"Tier1\": [6061, 8405, 5938], \"Tier2\": [228, 236]}",.. "1337x.to": "{\"Tier1\": [6061, 983], \"Tier2\": [6657, 475, 4068]}",.. "2cvresearch.decipherinc.com": "{\"Tier1\": [8405], \"Tier2\": [379, 6101]}",.. "3817341.extforms.netsuite.com": "{\"Tier1\": [6061, 8405, 5938], \"Tier2\": [7746]}",.. "3cx.integrafin.co.uk": "{\"Tier1\": [8405, 6061], \"Tier2\": [2863, 5391]}",.. "4540582.extforms.netsuite.com": "{\"Tier1\": [8405], \"Tier2\": [228, 236, 7746]}",.. "7589.directpaper.name": "{\"Tier1\": [8405], \"Tier2\": []}",.. "7a201srvitportl.cymru.nhs.uk": "{\"Tier1\": [], \"Tier2\": [9870]}",.. "7a3cjsvmifitla1.cymru.nhs.uk": "{\"Tier1\": [6061], \"Tier2\": [1092]}",.. "7a3cjsvmlivwebb.cymru.nhs.uk": "{\"Tier1\": [148, 6061], \"Tier2\": [9870, 9813]}",.. "8ballpool.com": "{\"Tier1\": [8741, 3907, 983], \"Tier2\": [9151, 5779, 6916]}",..

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Browser

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):120
                                                                                                                                                          Entropy (8bit):3.32524464792714
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:3:tbloIlrJFlXnpQoWcNylRjlgbYnPdJiG6R7lZAUAl:tbdlrYoWcV0n1IGi7kBl
                                                                                                                                                          MD5:A397E5983D4A1619E36143B4D804B870
                                                                                                                                                          SHA1:AA135A8CC2469CFD1EF2D7955F027D95BE5DFBD4
                                                                                                                                                          SHA-256:9C70F766D3B84FC2BB298EFA37CC9191F28BEC336329CC11468CFADBC3B137F4
                                                                                                                                                          SHA-512:4159EA654152D2810C95648694DD71957C84EA825FCCA87B36F7E3282A72B30EF741805C610C5FA847CA186E34BDE9C289AAA7B6931C5B257F1D11255CD2A816
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.M.i.c.r.o.s.o.f.t.\.E.d.g.e.\.A.p.p.l.i.c.a.t.i.o.n.\.m.s.e.d.g.e...e.x.e.

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Version

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):13
                                                                                                                                                          Entropy (8bit):2.7192945256669794
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:3:NYLFRQI:ap2I
                                                                                                                                                          MD5:BF16C04B916ACE92DB941EBB1AF3CB18
                                                                                                                                                          SHA1:FA8DAEAE881F91F61EE0EE21BE5156255429AA8A
                                                                                                                                                          SHA-256:7FC23C9028A316EC0AC25B09B5B0D61A1D21E58DFCF84C2A5F5B529129729098
                                                                                                                                                          SHA-512:F0B7DF5517596B38D57C57B5777E008D6229AB5B1841BBE74602C77EEA2252BF644B8650C7642BD466213F62E15CC7AB5A95B28E26D3907260ED1B96A74B65FB
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:117.0.2045.47

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State (copy)

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):58444
                                                                                                                                                          Entropy (8bit):6.1016677693119705
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:1536:z/Ps+wsI7ynkCBS2qX7b5tPHgorQXdbiR3oM:z/0+zI7ynkkS20JtP0Xdbe3
                                                                                                                                                          MD5:80DC0DFCF7F81060140D74A1727F7336
                                                                                                                                                          SHA1:E5911E210C431457414034EEE824F5613803B58B
                                                                                                                                                          SHA-256:B4B7936945B437452611388C9A9276E077142C54D78E07297451E6A88972B5FF
                                                                                                                                                          SHA-512:F5B3C7240EA8510F5F7CA89859239565ECADC51AC204B2E1DC6B7387E09CFF7F01DF6DF6FA18715248256C390F757893C988E8056D97C3D87E9457F320DF6CA5
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF21534.TMP (copy)

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):58444
                                                                                                                                                          Entropy (8bit):6.1016677693119705
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:1536:z/Ps+wsI7ynkCBS2qX7b5tPHgorQXdbiR3oM:z/0+zI7ynkkS20JtP0Xdbe3
                                                                                                                                                          MD5:80DC0DFCF7F81060140D74A1727F7336
                                                                                                                                                          SHA1:E5911E210C431457414034EEE824F5613803B58B
                                                                                                                                                          SHA-256:B4B7936945B437452611388C9A9276E077142C54D78E07297451E6A88972B5FF
                                                                                                                                                          SHA-512:F5B3C7240EA8510F5F7CA89859239565ECADC51AC204B2E1DC6B7387E09CFF7F01DF6DF6FA18715248256C390F757893C988E8056D97C3D87E9457F320DF6CA5
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF21543.TMP (copy)

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):58444
                                                                                                                                                          Entropy (8bit):6.1016677693119705
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:1536:z/Ps+wsI7ynkCBS2qX7b5tPHgorQXdbiR3oM:z/0+zI7ynkkS20JtP0Xdbe3
                                                                                                                                                          MD5:80DC0DFCF7F81060140D74A1727F7336
                                                                                                                                                          SHA1:E5911E210C431457414034EEE824F5613803B58B
                                                                                                                                                          SHA-256:B4B7936945B437452611388C9A9276E077142C54D78E07297451E6A88972B5FF
                                                                                                                                                          SHA-512:F5B3C7240EA8510F5F7CA89859239565ECADC51AC204B2E1DC6B7387E09CFF7F01DF6DF6FA18715248256C390F757893C988E8056D97C3D87E9457F320DF6CA5
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF21708.TMP (copy)

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):58444
                                                                                                                                                          Entropy (8bit):6.1016677693119705
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:1536:z/Ps+wsI7ynkCBS2qX7b5tPHgorQXdbiR3oM:z/0+zI7ynkkS20JtP0Xdbe3
                                                                                                                                                          MD5:80DC0DFCF7F81060140D74A1727F7336
                                                                                                                                                          SHA1:E5911E210C431457414034EEE824F5613803B58B
                                                                                                                                                          SHA-256:B4B7936945B437452611388C9A9276E077142C54D78E07297451E6A88972B5FF
                                                                                                                                                          SHA-512:F5B3C7240EA8510F5F7CA89859239565ECADC51AC204B2E1DC6B7387E09CFF7F01DF6DF6FA18715248256C390F757893C988E8056D97C3D87E9457F320DF6CA5
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF23dab.TMP (copy)

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):58444
                                                                                                                                                          Entropy (8bit):6.1016677693119705
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:1536:z/Ps+wsI7ynkCBS2qX7b5tPHgorQXdbiR3oM:z/0+zI7ynkkS20JtP0Xdbe3
                                                                                                                                                          MD5:80DC0DFCF7F81060140D74A1727F7336
                                                                                                                                                          SHA1:E5911E210C431457414034EEE824F5613803B58B
                                                                                                                                                          SHA-256:B4B7936945B437452611388C9A9276E077142C54D78E07297451E6A88972B5FF
                                                                                                                                                          SHA-512:F5B3C7240EA8510F5F7CA89859239565ECADC51AC204B2E1DC6B7387E09CFF7F01DF6DF6FA18715248256C390F757893C988E8056D97C3D87E9457F320DF6CA5
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF300bc.TMP (copy)

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):58444
                                                                                                                                                          Entropy (8bit):6.1016677693119705
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:1536:z/Ps+wsI7ynkCBS2qX7b5tPHgorQXdbiR3oM:z/0+zI7ynkkS20JtP0Xdbe3
                                                                                                                                                          MD5:80DC0DFCF7F81060140D74A1727F7336
                                                                                                                                                          SHA1:E5911E210C431457414034EEE824F5613803B58B
                                                                                                                                                          SHA-256:B4B7936945B437452611388C9A9276E077142C54D78E07297451E6A88972B5FF
                                                                                                                                                          SHA-512:F5B3C7240EA8510F5F7CA89859239565ECADC51AC204B2E1DC6B7387E09CFF7F01DF6DF6FA18715248256C390F757893C988E8056D97C3D87E9457F320DF6CA5
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF327cc.TMP (copy)

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):58444
                                                                                                                                                          Entropy (8bit):6.1016677693119705
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:1536:z/Ps+wsI7ynkCBS2qX7b5tPHgorQXdbiR3oM:z/0+zI7ynkkS20JtP0Xdbe3
                                                                                                                                                          MD5:80DC0DFCF7F81060140D74A1727F7336
                                                                                                                                                          SHA1:E5911E210C431457414034EEE824F5613803B58B
                                                                                                                                                          SHA-256:B4B7936945B437452611388C9A9276E077142C54D78E07297451E6A88972B5FF
                                                                                                                                                          SHA-512:F5B3C7240EA8510F5F7CA89859239565ECADC51AC204B2E1DC6B7387E09CFF7F01DF6DF6FA18715248256C390F757893C988E8056D97C3D87E9457F320DF6CA5
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF356cc.TMP (copy)

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):58444
                                                                                                                                                          Entropy (8bit):6.1016677693119705
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:1536:z/Ps+wsI7ynkCBS2qX7b5tPHgorQXdbiR3oM:z/0+zI7ynkkS20JtP0Xdbe3
                                                                                                                                                          MD5:80DC0DFCF7F81060140D74A1727F7336
                                                                                                                                                          SHA1:E5911E210C431457414034EEE824F5613803B58B
                                                                                                                                                          SHA-256:B4B7936945B437452611388C9A9276E077142C54D78E07297451E6A88972B5FF
                                                                                                                                                          SHA-512:F5B3C7240EA8510F5F7CA89859239565ECADC51AC204B2E1DC6B7387E09CFF7F01DF6DF6FA18715248256C390F757893C988E8056D97C3D87E9457F320DF6CA5
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF38686.TMP (copy)

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):58444
                                                                                                                                                          Entropy (8bit):6.1016677693119705
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:1536:z/Ps+wsI7ynkCBS2qX7b5tPHgorQXdbiR3oM:z/0+zI7ynkkS20JtP0Xdbe3
                                                                                                                                                          MD5:80DC0DFCF7F81060140D74A1727F7336
                                                                                                                                                          SHA1:E5911E210C431457414034EEE824F5613803B58B
                                                                                                                                                          SHA-256:B4B7936945B437452611388C9A9276E077142C54D78E07297451E6A88972B5FF
                                                                                                                                                          SHA-512:F5B3C7240EA8510F5F7CA89859239565ECADC51AC204B2E1DC6B7387E09CFF7F01DF6DF6FA18715248256C390F757893C988E8056D97C3D87E9457F320DF6CA5
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Variations

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):86
                                                                                                                                                          Entropy (8bit):4.3751917412896075
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:3:YQ3JYq9xSs0dMEJAELJ2rjozQp:YQ3Kq9X0dMgAEwjj
                                                                                                                                                          MD5:F732DBED9289177D15E236D0F8F2DDD3
                                                                                                                                                          SHA1:53F822AF51B014BC3D4B575865D9C3EF0E4DEBDE
                                                                                                                                                          SHA-256:2741DF9EE9E9D9883397078F94480E9BC1D9C76996EEC5CFE4E77929337CBE93
                                                                                                                                                          SHA-512:B64E5021F32E26C752FCBA15A139815894309B25644E74CECA46A9AA97070BCA3B77DED569A9BFD694193D035BA75B61A8D6262C8E6D5C4D76B452B38F5150A4
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{"user_experience_metrics.stability.exited_cleanly":false,"variations_crash_streak":1}

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\a092de16-9fc8-4367-a647-24d38eb36500.tmp

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):62784
                                                                                                                                                          Entropy (8bit):6.100381622670665
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:1536:SFmi3KDgCBS2qX7b8tZ6gbuuf3obgorQXdbic:Vi3ygkS20stZ6+L3Xdb/
                                                                                                                                                          MD5:9EFA3051D4FDEE97D828FCC572A51DE9
                                                                                                                                                          SHA1:9A504C82EA8AB4DFE59C3F530079A54F05BAFE8D
                                                                                                                                                          SHA-256:5DC0E0EBD9716231CE392079205CFAE8C9FDB233E7D5FA74C72527FC18BB355D
                                                                                                                                                          SHA-512:8EFD65F2BFBA9C991823839531566D9142917DA68C63AFEED8569C2BE670D5F9E63150CDEB42F09882BD0036793CD67A6D754BFB152906DBB6120C2BED2EA847
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"2D98E86C22A85D74DE9A317BE284280223E65F75C8F8F93CFC812C09FFD210F4\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a3PktrH2X1HpU5LyQNLe5M355HeziV3Jxi5nU656T6VUIIghIYIAF5eZ4bj83083ONJKOwRmmutzPngtUXxwY6Nv6G78evmdqa1z/N/f/biRzqlaXv7510s+DFoJHpQ1/vLP//2fby4HCw+UxN9+vTS8h9cu39eN/Pd3l99chnHA3wfuguL6ZzloLmQvTYC/bbiO+MfvoEn5i6z+rsLV65e37OWbiz/8/fuPH/7xzYVWnbz4mxSd/ePFu9bZXl7dXrNr9vL1y2/ZzfWLi3/xNXfqAYbdXt3AX25v37y8/O2bx/FM2KcjkvDqR9tJMz+mp+C/2H/a8LgGjy3Uzx4/eR9H8fbt/8rk376Fyb/69tUrdvvqeO7Tn29uXl+z16+Pp/9/Pqa5LwBE9U4r6O97ZYIvf4+jdw8D/PXSS7ES7SryFa/rRHiV4wZ+uvybtY2Wh7Fd/gb0+fldJ3u7Afx/X35Qwllv1yGRzCW8Fb10d7yBzu7sI7kDGWAL8LsHer/8881v31zyzc2dsLUUd2vJQ3TyTrSwHk9QR5vk8EDWd2mvjNDwj0P4MeKa17bnCpq+NDKstdoxYfu0budDfIi1sn5CZjbkI/iw3N9tbt7hJP46zeEdTuHwztGMRd1TZ2f0+H43WC9/0nz8WfJ6fDpur5VpChN9RP8CPW6UkU/BwUYWNkuQPd/Bz5IddisRzSuxeMgbhgi5FK/5LVNhCXK

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\c90e5ecb-9da7-41e8-8d7a-6e3ba0ac2cf7.tmp

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):48556
                                                                                                                                                          Entropy (8bit):6.092117415173786
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:768:SF5kruq4eV5xmx3QzvFLjZ5x8bbtGmvtGUJmg0gHMKDuu4ICioMSPZgoaiQXTdDD:SFmi3KD0tZKgbuuf3obgorQXdbic
                                                                                                                                                          MD5:E6E6E50A0267FADEA8C4360CADB5F17D
                                                                                                                                                          SHA1:3C58F21520D06F9D128BF7AE1A9BBC3151D296B4
                                                                                                                                                          SHA-256:318606CB6A5308F9C0E95517C2E8F08882804B19A75FD236E727BEB8EC87DA48
                                                                                                                                                          SHA-512:6A6FCF6B63805DBCE813D252A434CA0B5CFE94D652BB2517009EA57F523E0F30A22DDDB98ECF6B64A71D2FB0430DCB93FFBD3559E30C2DEDFB6268F29C7B1B95
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"2D98E86C22A85D74DE9A317BE284280223E65F75C8F8F93CFC812C09FFD210F4\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a3PktrH2X1HpU5LyQNLe5M355HeziV3Jxi5nU656T6VUIIghIYIAF5eZ4bj83083ONJKOwRmmutzPngtUXxwY6Nv6G78evmdqa1z/N/f/biRzqlaXv7510s+DFoJHpQ1/vLP//2fby4HCw+UxN9+vTS8h9cu39eN/Pd3l99chnHA3wfuguL6ZzloLmQvTYC/bbiO+MfvoEn5i6z+rsLV65e37OWbiz/8/fuPH/7xzYVWnbz4mxSd/ePFu9bZXl7dXrNr9vL1y2/ZzfWLi3/xNXfqAYbdXt3AX25v37y8/O2bx/FM2KcjkvDqR9tJMz+mp+C/2H/a8LgGjy3Uzx4/eR9H8fbt/8rk376Fyb/69tUrdvvqeO7Tn29uXl+z16+Pp/9/Pqa5LwBE9U4r6O97ZYIvf4+jdw8D/PXSS7ES7SryFa/rRHiV4wZ+uvybtY2Wh7Fd/gb0+fldJ3u7Afx/X35Qwllv1yGRzCW8Fb10d7yBzu7sI7kDGWAL8LsHer/8881v31zyzc2dsLUUd2vJQ3TyTrSwHk9QR5vk8EDWd2mvjNDwj0P4MeKa17bnCpq+NDKstdoxYfu0budDfIi1sn5CZjbkI/iw3N9tbt7hJP46zeEdTuHwztGMRd1TZ2f0+H43WC9/0nz8WfJ6fDpur5VpChN9RP8CPW6UkU/BwUYWNkuQPd/Bz5IddisRzSuxeMgbhgi5FK/5LVNhCXK

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\f45fb577-2100-4cdb-be3d-80bf63c6785a.tmp

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):62995
                                                                                                                                                          Entropy (8bit):6.102652990243862
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:1536:SFmi3KDFHTaaCBS2qX7bGzgbuuf3obgorQXdbic:Vi3yRTaakS20S+L3Xdb/
                                                                                                                                                          MD5:83A345DBE006B28F88AAD402ED0716E5
                                                                                                                                                          SHA1:A6C2ABD959F9DC22A6E8A533C5D099CE4F69BFF0
                                                                                                                                                          SHA-256:1ECD34303F72EB3AE134FB40B219C037FCF06135EDF82A951669886E2D48F7CD
                                                                                                                                                          SHA-512:9BFDE3ED5357CB2651813053CD11F0BA4C9AE47C79002C16F0029077E412617BB7C966549BD33C0123A4F0EAC520252334C1EB7A139D2CAB05179BFEB0B788D5
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"2D98E86C22A85D74DE9A317BE284280223E65F75C8F8F93CFC812C09FFD210F4\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a3PktrH2X1HpU5LyQNLe5M355HeziV3Jxi5nU656T6VUIIghIYIAF5eZ4bj83083ONJKOwRmmutzPngtUXxwY6Nv6G78evmdqa1z/N/f/biRzqlaXv7510s+DFoJHpQ1/vLP//2fby4HCw+UxN9+vTS8h9cu39eN/Pd3l99chnHA3wfuguL6ZzloLmQvTYC/bbiO+MfvoEn5i6z+rsLV65e37OWbiz/8/fuPH/7xzYVWnbz4mxSd/ePFu9bZXl7dXrNr9vL1y2/ZzfWLi3/xNXfqAYbdXt3AX25v37y8/O2bx/FM2KcjkvDqR9tJMz+mp+C/2H/a8LgGjy3Uzx4/eR9H8fbt/8rk376Fyb/69tUrdvvqeO7Tn29uXl+z16+Pp/9/Pqa5LwBE9U4r6O97ZYIvf4+jdw8D/PXSS7ES7SryFa/rRHiV4wZ+uvybtY2Wh7Fd/gb0+fldJ3u7Afx/X35Qwllv1yGRzCW8Fb10d7yBzu7sI7kDGWAL8LsHer/8881v31zyzc2dsLUUd2vJQ3TyTrSwHk9QR5vk8EDWd2mvjNDwj0P4MeKa17bnCpq+NDKstdoxYfu0budDfIi1sn5CZjbkI/iw3N9tbt7hJP46zeEdTuHwztGMRd1TZ2f0+H43WC9/0nz8WfJ6fDpur5VpChN9RP8CPW6UkU/BwUYWNkuQPd/Bz5IddisRzSuxeMgbhgi5FK/5LVNhCXK

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{1B7EFD9F-01F7-11EF-8C2C-ECF4BB45F69D}.dat

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files\Internet Explorer\iexplore.exe
                                                                                                                                                          File Type:Composite Document File V2 Document, Cannot read section info
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):5632
                                                                                                                                                          Entropy (8bit):2.043026328823154
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:24:rLGo/QXwTOKGW/DwTgwT8fwT69lW85KdzvA9lW8ezv:rLGo4g3GWMLYoP85gvt8uv
                                                                                                                                                          MD5:21B88FC4FB254C789630F5349F894226
                                                                                                                                                          SHA1:5406240DC7EDB91A0BC5EA609BC8E0826CAAB121
                                                                                                                                                          SHA-256:2A1C93A7A034F54E5267C9423D784979E4143223AC8EB28D92021AC584FCCF4E
                                                                                                                                                          SHA-512:EC147BDEC1D87B4FE5DEAD1C96A5ED522A6E07AF3108A8FBD389C2D990405F0867BF766FE78C0787F31C182FA176B3B65D22D4966C0B45E81F8BC4C2FC4780F9
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:......................>.......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.........................................................................................0.....................K.j.j.a.q.f.a.j.N.2.c.0.u.z.g.v.1.l.4.q.y.5.n.f.W.e...........8...............................................................F.r.a.m.e.L.i.s.t.......................................................................................................0.......O._.T.S.o.P.1.+.G.#.c.B.7.x.G.M.L.O.z.0.u.0.X.2.n.Q.=.=.........:.......................................

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{1B7EFDA1-01F7-11EF-8C2C-ECF4BB45F69D}.dat

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files\Internet Explorer\iexplore.exe
                                                                                                                                                          File Type:Composite Document File V2 Document, Cannot read section info
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):4096
                                                                                                                                                          Entropy (8bit):1.9445071265049088
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:12:rl0ZGFGBxrEgmfsB6KFOUOrEgmfsB6qw9lZcatQ0tJvNCzKtLyJIZMi9lZcatQ0X:rQxGTUOGT9lY8dNCm19lY8EvNCme
                                                                                                                                                          MD5:950551C2ED4C22B2405A477F5F3F115D
                                                                                                                                                          SHA1:A3D4C21907852ABAAF87FB1BD2E5FBB14FB8DE22
                                                                                                                                                          SHA-256:0498C4F4764D13149EADFB1C971DB22008490E35D5F03A8E45443A1E247C7E92
                                                                                                                                                          SHA-512:252E9EA4CCE16C68A7A53B924FF0C6BDAD842A251A12CBBCE55628ABE8D83F035D7BB9A0796D17C9E7F8B7D7C31AD3EE0B5454C2BEFD7A1D83D7FBF7A7EDCB03
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:......................>.......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y...............................................................................................................K.j.j.a.q.f.a.j.N.2.c.0.u.z.g.v.1.l.4.q.y.5.n.f.W.e...........8.......................................................0.......T.r.a.v.e.l.L.o.g.......................................................................................................................................................................................................................

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-17529550060\msapplication.xml

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files\Internet Explorer\iexplore.exe
                                                                                                                                                          File Type:XML 1.0 document, ASCII text, with very long lines (312), with CRLF line terminators
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):354
                                                                                                                                                          Entropy (8bit):5.126848486269791
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:6:TMVBdc9EMdLD5Ltqc41EKblACmkblAlTD90/QL3WIZK0QhPPqLBVDHkEtMjwu:TMHdNMNxOEEAC7AlnWimI00OmVbkEtMb
                                                                                                                                                          MD5:25E577DC4BEF3E898452F32DCFA12AA5
                                                                                                                                                          SHA1:98AB48FD44237B03A4961CF483FD18BB325EE51A
                                                                                                                                                          SHA-256:5F6C6A19F82C85EE785E8B29CF71A59A6FE35DE2D272B252667FF76F66BA76D2
                                                                                                                                                          SHA-512:ECD3ACE76D511CDA9B46A72F00C7721EC5A2330510FD0DA95E42608D97F8F701C721AD7DD1FEB853EC2BBEF243F55F7092647E2118194182B1DD5287FDF152AF
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.twitter.com/"/><date>0xf47e1298,0x01da9603</date><accdate>0xf47e1298,0x01da9603</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Twitter.url"/></tile></msapplication></browserconfig>..

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-18270793970\msapplication.xml

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files\Internet Explorer\iexplore.exe
                                                                                                                                                          File Type:XML 1.0 document, ASCII text, with very long lines (310), with CRLF line terminators
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):352
                                                                                                                                                          Entropy (8bit):5.135712697474985
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:6:TMVBdc9EMdLD5Ltqc4fLGTkKUCmkUlTD90/QL3WIZK0QhPPqLBkI5kU5EtMjwu:TMHdNMNxe2kjCalnWimI00Omkak6EtMb
                                                                                                                                                          MD5:170342530E9E77E61ACA7B492F4DC3EE
                                                                                                                                                          SHA1:0251453B2266DB82E5DEF054F85F9C0F91DA6F4E
                                                                                                                                                          SHA-256:7BFAAD132D60E944BA2F7909E87EEF224D3652BB27D91924C1350ACB5F5BA293
                                                                                                                                                          SHA-512:BFE90CC34B7A02DFFCCD463402B38D9FE26D12AF224D69B7FF28C92335C67363722C901E1319F08A6E93F21CC5DC0ADA678A73314991D56881C5B8B37FE62118
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.amazon.com/"/><date>0xf476ebc3,0x01da9603</date><accdate>0xf476ebc3,0x01da9603</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Amazon.url"/></tile></msapplication></browserconfig>..

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-21706820\msapplication.xml

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files\Internet Explorer\iexplore.exe
                                                                                                                                                          File Type:XML 1.0 document, ASCII text, with very long lines (316), with CRLF line terminators
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):358
                                                                                                                                                          Entropy (8bit):5.148229430458448
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:6:TMVBdc9EMdLD5Ltqc4GLKblACmk3UrlTD90/QL3WIZK0QhPPqLByhBcEEtMjwu:TMHdNMNxvLEAChAlnWimI00OmmZEtMb
                                                                                                                                                          MD5:782289EFC9E12AAA4C3FD6964EAA037D
                                                                                                                                                          SHA1:F58BDBC1B65DF3F856FA57BB4761175852D88EBF
                                                                                                                                                          SHA-256:2B609B6878F4DC75B80C41C923D89ADEA66678652E613B5CB36510C97290BEE9
                                                                                                                                                          SHA-512:A8C54182D5E5FE00DC6069E29EAF8301F9B4FEDE8A5F37B2351D7AA2E9AB9D0288FBC838711E047A13CE41377CEE86CF74347AB8898CFD0625FCD58510CBF956
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.wikipedia.com/"/><date>0xf47e1298,0x01da9603</date><accdate>0xf48074e2,0x01da9603</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Wikipedia.url"/></tile></msapplication></browserconfig>..

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-314712940\msapplication.xml

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files\Internet Explorer\iexplore.exe
                                                                                                                                                          File Type:XML 1.0 document, ASCII text, with very long lines (333), with CRLF line terminators
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):375
                                                                                                                                                          Entropy (8bit):5.203865640624609
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:6:TMVBdc9EMdLD5Ltq08eDPOOKaihMTJSCmkJSlTD90/QL3WIZK0QhPPqLBcE5EtMb:TMHdNMNxtDPOOKaECWlnWimI00OmcE5t
                                                                                                                                                          MD5:8525D27E372372D2F89EB947672198F4
                                                                                                                                                          SHA1:A9443986903CAF8775DF698C8F658F513C0C959F
                                                                                                                                                          SHA-256:0C49E13381E7BB10046B05EA0BDF46DB75A17761BED7CABC6C60D5FD8C257A29
                                                                                                                                                          SHA-512:7C755616742383E8098CF7289B48B38E48DF922495B3AA42EDB6A7DB68D44B534943A75510557971151A2F8CCFA58548B8BC617CE514E502495E5D5E87B7BB35
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://go.microsoft.com/fwlink/p/?LinkId=255142"/><date>0xf4794dfb,0x01da9603</date><accdate>0xf4794dfb,0x01da9603</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Bing.url"/></tile></msapplication></browserconfig>..

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-4759708130\msapplication.xml

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files\Internet Explorer\iexplore.exe
                                                                                                                                                          File Type:XML 1.0 document, ASCII text, with very long lines (306), with CRLF line terminators
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):348
                                                                                                                                                          Entropy (8bit):5.137794666530682
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:6:TMVBdc9EMdLD5Ltqc4JKrQ5+CmkrQ5+lTD90/QL3WIZK0QhPPqLBgE5EtMjwu:TMHdNMNxi0QcCFQclnWimI00Omd5EtMb
                                                                                                                                                          MD5:424FD0C16366657056780F3DC9FC8197
                                                                                                                                                          SHA1:91087BC9D577DD5C8091499B42367B4D23D71979
                                                                                                                                                          SHA-256:5FC874782A6ABE1B734E88DB95A79BE25D003BA64EB3C2B2EE75508F7AAADD4A
                                                                                                                                                          SHA-512:24856CF8BDB112F08A1201256F38F8C634943FB70B388082BEEC0172A18A3AF91B0FDD08E94689E61A44CF44A3901356DA7D90D1285D227A04D6640232E67EBB
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.live.com/"/><date>0xf47bb055,0x01da9603</date><accdate>0xf47bb055,0x01da9603</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Live.url"/></tile></msapplication></browserconfig>..

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-6757900\msapplication.xml

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files\Internet Explorer\iexplore.exe
                                                                                                                                                          File Type:XML 1.0 document, ASCII text, with very long lines (312), with CRLF line terminators
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):354
                                                                                                                                                          Entropy (8bit):5.159700474160056
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:6:TMVBdc9EMdLD5Ltqc4UxGwK3UrCmk3UrlTD90/QL3WIZK0QhPPqLB8K0QU5EtMjv:TMHdNMNxhGwmAChAlnWimI00Om8K075t
                                                                                                                                                          MD5:FBB5BD79280168E9E4E621CD27B45B02
                                                                                                                                                          SHA1:613AC98026156734A48AEADA153EDD116093A7E1
                                                                                                                                                          SHA-256:964341324A26EFB721C64A240FB68BA8F4FF96FF2047A99D92FCB2FD6ACEFC72
                                                                                                                                                          SHA-512:4E15A58031947550F8BB86B2AD0E44D0D6A7EF62978EC8B0D6ABE7E12000FC00148BEB9524EF049D86572EAA619C4CBABC524C4CD936C0767C82F1A9EF10E43F
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.youtube.com/"/><date>0xf48074e2,0x01da9603</date><accdate>0xf48074e2,0x01da9603</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Youtube.url"/></tile></msapplication></browserconfig>..

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-8760897390\msapplication.xml

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files\Internet Explorer\iexplore.exe
                                                                                                                                                          File Type:XML 1.0 document, ASCII text, with very long lines (310), with CRLF line terminators
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):352
                                                                                                                                                          Entropy (8bit):5.132996272100246
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:6:TMVBdc9EMdLD5Ltqc4QunKblACmkblAlTD90/QL3WIZK0QhPPqLBAkEtMjwu:TMHdNMNx0nEAC7AlnWimI00OmxEtMb
                                                                                                                                                          MD5:01CD96412659447E6343925CE9D1DA06
                                                                                                                                                          SHA1:552F61152C78E6100D454304314032B39EE72775
                                                                                                                                                          SHA-256:0FD1675EA8B9FCC39FE051C9280FFFA8F305C0462CB2C50523F1F5FF2B0B5B58
                                                                                                                                                          SHA-512:4B6684E06FEEA692B0C958FA6748BBA977EEF03E62A70FE7D853D1426F1634D9992988D39FF5B51490EB7AF0AE617010EC1709C145B985348BE65094E95FC07D
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.reddit.com/"/><date>0xf47e1298,0x01da9603</date><accdate>0xf47e1298,0x01da9603</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Reddit.url"/></tile></msapplication></browserconfig>..

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20259167780\msapplication.xml

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files\Internet Explorer\iexplore.exe
                                                                                                                                                          File Type:XML 1.0 document, ASCII text, with very long lines (312), with CRLF line terminators
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):354
                                                                                                                                                          Entropy (8bit):5.171318518390502
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:6:TMVBdc9EMdLD5Ltqc4oTKrQ5+CmkrQ5+lTD90/QL3WIZK0QhPPqLB6Kq5EtMjwu:TMHdNMNxx0QcCFQclnWimI00Om6Kq5Es
                                                                                                                                                          MD5:33FC4C68D6CE9AE3FEBE86219F7F86A0
                                                                                                                                                          SHA1:47F5BCE324256FDC736CD67E4025F3BD2561E611
                                                                                                                                                          SHA-256:EDA8D6EBC25124087E07FE5B9E41CE8C3CEFAD191A6B2BC6C58EE2E7A02A386E
                                                                                                                                                          SHA-512:52F92175243414324B7906BDCB2904C407B3330436C55BE0D3B6E65161A9277799DE62C2D6EDD37FF39AF28604F9EEAD3BDC19739AD3D71B23C5CA5235D746B3
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.nytimes.com/"/><date>0xf47bb055,0x01da9603</date><accdate>0xf47bb055,0x01da9603</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\NYTimes.url"/></tile></msapplication></browserconfig>..

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20332743330\msapplication.xml

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files\Internet Explorer\iexplore.exe
                                                                                                                                                          File Type:XML 1.0 document, ASCII text, with very long lines (314), with CRLF line terminators
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):356
                                                                                                                                                          Entropy (8bit):5.134566869359911
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:6:TMVBdc9EMdLD5Ltqc4YX2nKJSCmkJSlTD90/QL3WIZK0QhPPqLB02CqEtMjwu:TMHdNMNxcnCWlnWimI00OmVEtMb
                                                                                                                                                          MD5:CC1795569B3DAB2B4DBEE4F33A022688
                                                                                                                                                          SHA1:5F5BDB0EA5BE5F35F20EB1AEB79BF56E09C0B811
                                                                                                                                                          SHA-256:E9DC70DF9D32D656F24ABADEF366C540912224A7C6B615E5F8DC4C1FFFB3B8CC
                                                                                                                                                          SHA-512:DEF752227788DBF9A7F6B909620F82F28E5DC87F4BE2CF4CB55F4EC5A7AE3737C5DE87397528AA300D65555EF5AEDC0A756873D7600C2602E96755CF3F3BD0ED
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.facebook.com/"/><date>0xf4794dfb,0x01da9603</date><accdate>0xf4794dfb,0x01da9603</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Facebook.url"/></tile></msapplication></browserconfig>..

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin8215062560\msapplication.xml

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files\Internet Explorer\iexplore.exe
                                                                                                                                                          File Type:XML 1.0 document, ASCII text, with very long lines (310), with CRLF line terminators
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):352
                                                                                                                                                          Entropy (8bit):5.128012666085782
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:6:TMVBdc9EMdLD5Ltqc4InKJSCmkrQ5+lTD90/QL3WIZK0QhPPqLBiwE5EtMjwu:TMHdNMNxfnnCFQclnWimI00Ome5EtMb
                                                                                                                                                          MD5:0DA2A3E8CC36B12A27282B3065184E44
                                                                                                                                                          SHA1:A2FE0AF3DF1C3F85FEA8984030563A5A98CBA307
                                                                                                                                                          SHA-256:74233492D0CCB44410AF2B5718C1B54F032726FAEE89E5E09215CF1C7B7D95B9
                                                                                                                                                          SHA-512:45B613F39F9D1B2661197B97A1284116D1B7326F4BA7AE305C5955A1FDAC1AA4F2A51968BEE45F42906F339C5DA7A4D3874EC40F4689BA2C6DDD5043294A5830
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.google.com/"/><date>0xf4794dfb,0x01da9603</date><accdate>0xf47bb055,0x01da9603</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Google.url"/></tile></msapplication></browserconfig>..

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):2278
                                                                                                                                                          Entropy (8bit):3.841215146707828
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:48:uiTrlKxrgxLpxl9Il8uOjw+2zJ9YYj1HIv8a6Eid1rc:moYk/2zUR8a6A
                                                                                                                                                          MD5:E9B21AED2BED69214B7621390C1438A8
                                                                                                                                                          SHA1:995859F4209E6C84D28A5C61B34A7198A062FAB8
                                                                                                                                                          SHA-256:1B0538D357404D01F66C0A7AB31E28EF2466A5BF59433BA7E0F3285E65EF9D49
                                                                                                                                                          SHA-512:5D60F001BC2FFE4801BB5442C60772E8E64F3DAFF90E1A97FF749407E5F6E98C95BAEE6FD8E216A12A14896885EC3ADDC7FE335EB0EE2557172CEE2782307AD8
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.".T.B.D.a.t.a.S.t.o.r.e.O.b.j.e.c.t.".:.{.".H.e.a.d.e.r.".:.{.".O.b.j.e.c.t.T.y.p.e.".:.".T.o.k.e.n.R.e.s.p.o.n.s.e.".,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.a.j.o.r.".:.2.,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.i.n.o.r.".:.1.}.,.".O.b.j.e.c.t.D.a.t.a.".:.{.".S.y.s.t.e.m.D.e.f.i.n.e.d.P.r.o.p.e.r.t.i.e.s.".:.{.".R.e.q.u.e.s.t.I.n.d.e.x.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".W.i.p.w.W.M.+.N.H.l.b.C.D.m.s.Z.p.8.S.O.s.j.h.t.F.B.s.=.".}.,.".E.x.p.i.r.a.t.i.o.n.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.E.Z.7.Q.g.y.W.2.g.E.=.".}.,.".S.t.a.t.u.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.A.A.A.A.A.=.=.".}.,.".R.e.s.p.o.n.s.e.B.y.t.e.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.t.r.u.e.,.".V.a.l.u.e.".:.".A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.e.2.n.s.k./.

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\cf7513a936f7effbb38627e56f8d1fce10eb12cc.tbres

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):4622
                                                                                                                                                          Entropy (8bit):3.9986811014299315
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:96:7Yk96W0v639Iop7E5mAqR7aHfxpI3n3ySa1wIHV+0QZzBlglY:7Wi3Gopd17ZCF10vz8lY
                                                                                                                                                          MD5:2AEC1B829F11692A3058A2CA67D7A205
                                                                                                                                                          SHA1:415C30E5ED80B07B19ACD1A0F2071EE0A20E3A3E
                                                                                                                                                          SHA-256:1700B31D3199728371BA92257BCA812976E651A1794085164CFF479085FBF1D5
                                                                                                                                                          SHA-512:5E013E00654A42068478FA501DB04A8A9750ED8FF4921922B323CF091FF3A40E9D80519362FF27FFDD5DE02D910A25B80B8EBF296038A96C98516B3E4A1596EC
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.".T.B.D.a.t.a.S.t.o.r.e.O.b.j.e.c.t.".:.{.".H.e.a.d.e.r.".:.{.".O.b.j.e.c.t.T.y.p.e.".:.".T.o.k.e.n.R.e.s.p.o.n.s.e.".,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.a.j.o.r.".:.2.,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.i.n.o.r.".:.1.}.,.".O.b.j.e.c.t.D.a.t.a.".:.{.".S.y.s.t.e.m.D.e.f.i.n.e.d.P.r.o.p.e.r.t.i.e.s.".:.{.".R.e.q.u.e.s.t.I.n.d.e.x.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".z.3.U.T.q.T.b.3.7./.u.z.h.i.f.l.b.4.0.f.z.h.D.r.E.s.w.=.".}.,.".E.x.p.i.r.a.t.i.o.n.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".V.P.J.s.K.A.S.W.2.g.E.=.".}.,.".S.t.a.t.u.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.w.A.A.A.A.=.=.".}.,.".R.e.s.p.o.n.s.e.B.y.t.e.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.t.r.u.e.,.".V.a.l.u.e.".:.".A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.e.2.n.s.k./.

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\QI6Y9C7H\favicon[1].ico

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files\Internet Explorer\iexplore.exe
                                                                                                                                                          File Type:MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):4286
                                                                                                                                                          Entropy (8bit):3.8046022951415335
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:24:suZOWcCXPRS4QAUs/KBy3TYI42Apvl6wheXpktCH2Yn4KgISQggggFpz1k9PAYHu:HBRh+sCBykteatiBn4KWi1+Ne
                                                                                                                                                          MD5:DA597791BE3B6E732F0BC8B20E38EE62
                                                                                                                                                          SHA1:1125C45D285C360542027D7554A5C442288974DE
                                                                                                                                                          SHA-256:5B2C34B3C4E8DD898B664DBA6C3786E2FF9869EFF55D673AA48361F11325ED07
                                                                                                                                                          SHA-512:D8DC8358727590A1ED74DC70356AEDC0499552C2DC0CD4F7A01853DD85CEB3AEAD5FBDC7C75D7DA36DB6AF2448CE5ABDFF64CEBDCA3533ECAD953C061A9B338E
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:...... .... .........(... ...@..... ...................................................................................................................................................................................................N...Sz..R...R...P...N..L..H..DG..........................................................................................R6..U...U...S...R...P...N..L..I..F..B...7...............................................................................S6..V...V...U...S...R...P...N..L..I..F..C...?..:z......................................................................O...W...V...V...U...S...R...P...N..L..I..E..C...?...;..{7..q2$..............................................................T..D..]...S)..p6..J...R...P...N..L..I..E..B..>..;..z7..p2..f,X.........................................................A..O#..N!..N!..N!..P$..q:...P...N..K..I..E..A..=..9..x5..n0..e,...5...................................................Ea.Z,..T$..T$..T

                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WDKI0JR2\xmltreeview[1]

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                                                          File Type:ASCII text, with CRLF line terminators
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):17524
                                                                                                                                                          Entropy (8bit):4.340063035506032
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:192:wiuFhk5un5EpDdblzKaz+OJGbiIBJofNbr5/dn82/jqmo3qAi:rq25unWZd9dvJGiIBJoh387oAi
                                                                                                                                                          MD5:03710426AB25AD1280E197F61249F9DE
                                                                                                                                                          SHA1:F5E7A6FD42503AE4758BC36C8DD78D98EFB35047
                                                                                                                                                          SHA-256:21E63F7C77896ED2B5F115957F2448E0A9E2DD738D7D487E471217421F6A93E1
                                                                                                                                                          SHA-512:213CB55B8573335D1384AE704FF4267F224376056F71548660F9B2FDAA1203D8ABDDB787900AAF5D1E0AC6E5BE261F713BDBEFB67643D08E8D3672512A1AF588
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:(function()..{.. var XHTML = "http://www.w3.org/1999/xhtml";.. .. // Time slicing constants.. var LIMIT = 10; // Maximum number of nodes to process before checking time.. var DURATION = 200; // Maximum amount of time (ms) to process before unblocking UI.. var DELAY = 15; // Amount of time (ms) to unblock UI.... // Tree building state.. var iterator;.. var nextNode;.. var root;.. var rootFirstChild;.. var time;.. .. // Template References.. var attrTemplate, attrName, attrValue;.. var elmStartTemplate, elmStartName;.. var elmEndTemplate, elmEndName;.. var cdataTemplate, cdataValue;.. var commentTemplate, commentValue;.. var style; .. .. // Only invoke this script if it was injected by our parser. Test for a condition that is.. // impossible for a markup to create - two direct children of the document... var secondRootElement = document.documentElement.nextElementSibling;.. if (secondRootElement == null

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\2b7aa74a-f2ac-4d57-a922-5f29e8184ce6.tmp

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 118802
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):242356
                                                                                                                                                          Entropy (8bit):7.991210403664034
                                                                                                                                                          Encrypted:true
                                                                                                                                                          SSDEEP:6144:iRhzb6d0X7ayN8De2ei//LiBCNBs4vIVeJvx:iRFW0X2y0e2edcbveCp
                                                                                                                                                          MD5:D01AD4937EEB60A02BB525C82C8276BA
                                                                                                                                                          SHA1:1B3EB2D065E83849A22E751C40B2AA220C26C339
                                                                                                                                                          SHA-256:C59193D5128C21AED2F5311517F6C4DD0B4C1D14CB9B6E1F01F53DE57775F70C
                                                                                                                                                          SHA-512:DE981CDF56BC22D02DF548539EC3A411472B9D23DA960C466C6423A09F0559803088694B190DD0B4AE6432803A892F01ABFD438F68ED2E73AB5AC37314016574
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:...........}k{.F....W.<=)Y....[...&N.mn'N.M].?.4..P...|.........Pv.&..mwc..b0...`.e.[Y..........3~........>9.G.d>Ob......Y,..{xx....]......].r.{...3qsv.C.....o....A.J.......X.].v~|..t...0.].2..2.oO.O...a'.Y...ix..I.q..Ox.{+.c.JZ.'I..=..Ir..i..Xn......2:.N].._D.W.....Vw.jko.w.{w..}s[....F3P......&..9b.;....'.l.onz..d~...i...9O.......F..6N.ix...7..9..%w.....4..7..<.....O..J..O...N.../X.V.r........waH..... ...V.gy..y2m..........OS...(..$o..(j..q.dY+...T...r.Y.1.1..8.<...p$...E2.O.......~NC..c.@Nv.s....%...P..#p.....Cyl-........~......R.i....x....e..3.....@..x...:......nY....Z11>..S.~|7...K.....h..to..~Z..]Ly..Z......V#.L..E..I.x.K....Bho.z.x.E+....[....ZZ...*.>......0...w..o.?...=..../1.....p..w...2..E,H.$.0k..X.L9...X.....q.e......H....I......<.....=.. ..D<.................W.".........7S.!W.8...6|..0.....j....0.`....v...`<+.l*....._3.lh#.!..(t...}j.P.._...7'.......Q........F.u).@....~f.o...3x^y}.P..H......>mwEP....q....,Y.c..?....

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\33c2c9b3-5bd9-4499-a097-41d18030512a.tmp

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:Google Chrome extension, version 3
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):11185
                                                                                                                                                          Entropy (8bit):7.951995436832936
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:192:YEKh1jNlwQbamjq6Bcykrs3kAVg55GzVQM5F+XwsxNv7/lsoltBq0WG4ZeJTmrRb:fKT/BAzA05Gn5F+XV7NNltrWG4kJTm1b
                                                                                                                                                          MD5:78E47DDA17341BED7BE45DCCFD89AC87
                                                                                                                                                          SHA1:1AFDE30E46997452D11E4A2ADBBF35CCE7A1404F
                                                                                                                                                          SHA-256:67D161098BE68CD24FEBC0C7B48F515F199DDA72F20AE3BBB97FCF2542BB0550
                                                                                                                                                          SHA-512:9574A66D3756540479DC955C4057144283E09CAE11CE11EBCE801053BB48E536E67DC823B91895A9E3EE8D3CB27C065D5E9030C39A26CBF3F201348385B418A5
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:Cr24..............0.."0...*.H.............0.........N.......E#......9e.u.q...VYY..@.+.C..k.O..bK.`..6.G..%.....3Z...e _.6....F..1p..K.Z......./ .3...OT..`..0...Y...FT..43.th.y...}....p.L...2S.&i.`..o...f.oH.....N..:..ijT.3.F{.0.,.f?'f.CQt;b_"Pc.. ..~S.I.c.8Z.;.....{G.a......k...>.`.o..%.$>;.....g.............jg?.R..@.:..........&..{...x@.Py..;kT....%F".S..w...N....9...A..@X.t!i.@..1;......1E..X.....[.~$....J......;=T.;)k..Y...$......S......M.P..P..>..=..u.....2p...w.9..1qw.a\A..Vj .C.....A..Cf1.r6.A...L. _m...[..l.Wr_../.. .B..9!.!+..ZG.K.......0.."0...*.H.............0.........^SUd%Q.L].......Cl2o...\[.....'*...;R=....N.C5....d. .....J.C>u.kr..Y..syJC.XS.q..E.n?....(G.5..)2.G..!.M.SS.{..U....!.EE..M[.#qs.A.1...g)nQ.c..G....Bd..7... .O.BI..KXQ..4.d.K.0......g.....-p....Z.E{...M&.~n.TE7..{0....5.#.C+3.y)pd9.e.........@..3.9..B.....I....2nX........2.?.~..S....]G.N.....Lr.O.Ve....9..D1.G..W)...P.?=.#..7.R.lz..a.wX.e..h.h.~....v..RP.@X....d.G

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\a0f5432b-28cd-4fdc-9b6c-1ff8e060654e.tmp

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:very short file (no magic)
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):1
                                                                                                                                                          Entropy (8bit):0.0
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:3:L:L
                                                                                                                                                          MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                                          SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                                          SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                                          SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:.

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\aab853fd-f090-456c-8bba-37759e21224d.tmp

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:Google Chrome extension, version 3
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):139091
                                                                                                                                                          Entropy (8bit):7.817886952439696
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:3072:IXfiiW2IPMaNVdSjNs8uIXZuineN0WZFb:IvX3wRVq2JIX0UePFb
                                                                                                                                                          MD5:87996BA4DD83A8988D96E918DCB2BC62
                                                                                                                                                          SHA1:23910F09EA806D13D9A337A1E23D5FA49B383269
                                                                                                                                                          SHA-256:6409D21A03FAFF1503AA83A19BE0B7DCB701F5E4501C4FEFB81877147E869D57
                                                                                                                                                          SHA-512:A9A1B4BB6ED0410232DB0414AB238BAA594F6C936A801213E0E6FD7FF96F34AB57036CD0070C68D75A8CFDA89B7240B6FB8F661BC9C4D9A45666A798D7D12999
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:Cr24....."........0.."0...*.H.............0.........^...1"...w.g..t..2J.G1.)X4..=&.?[j,Lz..j.u.e[I.q*Ba/X...P.h..L.....2%3_o.......H.)'.=.e...?.......j..3UH.|.X.M..u..s[.*..?$....F%....I....)..,-./.e5).f..O.q.^........9..(.._.ph2..^.YBPXf_8....h[.v...S.*1`.#..5.SF.:f-.#.65.i..b.]9...y2.'....k[........:.W.!........5.y.i%e..S.....+.h/...e.p|/.l}t.9....W.......Ie<.o..uO....[:.....,.w.SKOp..0...@.gT..W.6.R.d.1.b.~..8..I......DMf9A>.O5....?.....4{..g..2m.Ckp......{...9..I.$.h#to..[.%..\.s..n^zr.P.9..r|.(.1..Q..Vld..h..<.P......+.y.wH..p..=.!..x......[0Y0...*.H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...G0E.!..h.G...A.t..;.zl..q..z{...... .;..oQ*f.....S..$./.....6.r..".@...........|[s.:.._..wW!0^..m...X".]@.vu.". 0.I....~....t.t...d.....CB.....s.q...i..~.?..-...L.....u....v>....s}..f......6.W}*.9...]e......m[.....p..bX..{~.m...~....>^.2....NGs|.:f..>...1.....kU.vL...uo.u......K......|ic!.."..5.g.9..0w2.C90.V.

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\cv_debug.log

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):1420
                                                                                                                                                          Entropy (8bit):5.396116812724502
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:24:YDG5LwRD0s/Up5fP1x5fn7Zu0QRWE5fR+nh0Qut5fxjK0WlVwc5Nh200WhYTM5M:YDG5LOD0s8p5nX5/o0KWE5JC0Nt5pO0V
                                                                                                                                                          MD5:9DA6F1A655D6321049DAAEBDA58D8E7C
                                                                                                                                                          SHA1:09D7742EF871C3199BD663EE12327718D598F494
                                                                                                                                                          SHA-256:1E498341464409D80BB7353552BC263CADB496FC6DF06D98A3D84D8EDAE586B7
                                                                                                                                                          SHA-512:531C9889D15CE53A2D68958481C50CE7B52C48C64BC2F6A0C13198C080C99AB3A85A95187836D4C179D92B0CEC853EE943F4FDCB5F3E2F8FB1E449335CE5EA0D
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{"logTime": "1005/085948", "correlationVector":"8sNXFnC9i2+S99lAzDH6Rq","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1005/085948", "correlationVector":"81A02D7FC86E45EDA6CBCA8671A98AFF","action":"FETCH_UX_CONFIG", "result":""}.{"logTime": "1005/085948", "correlationVector":"NiTqUUpDli2IJjzrRApLSF","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1005/091044", "correlationVector":"4hXMqVe30Bl32fn1+6AOy1","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1005/091053", "correlationVector":"D7BB119EE9F4429BBF8B8E46242DB5E9","action":"FETCH_UX_CONFIG", "result":""}.{"logTime": "1005/091235", "correlationVector":"Wk5x1on3JpNq4FXPG6U9B5","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1005/091235", "correlationVector":"EC448E7330FA4F5EA1E7898FDD3F2CB6","action":"FETCH_UX_CONFIG", "result":""}.{"logTime": "1005/091436", "correlationVector":"Ltc1GKjZ6R4P7ed5oiO6YB","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1005/091437", "correlationVector":"A569DB44

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\db4928d5-0ffa-4862-a197-1982a19d7584.tmp

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:very short file (no magic)
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):1
                                                                                                                                                          Entropy (8bit):0.0
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:3:L:L
                                                                                                                                                          MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                                          SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                                          SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                                          SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:.

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_1666549135\33c2c9b3-5bd9-4499-a097-41d18030512a.tmp

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:Google Chrome extension, version 3
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):11185
                                                                                                                                                          Entropy (8bit):7.951995436832936
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:192:YEKh1jNlwQbamjq6Bcykrs3kAVg55GzVQM5F+XwsxNv7/lsoltBq0WG4ZeJTmrRb:fKT/BAzA05Gn5F+XV7NNltrWG4kJTm1b
                                                                                                                                                          MD5:78E47DDA17341BED7BE45DCCFD89AC87
                                                                                                                                                          SHA1:1AFDE30E46997452D11E4A2ADBBF35CCE7A1404F
                                                                                                                                                          SHA-256:67D161098BE68CD24FEBC0C7B48F515F199DDA72F20AE3BBB97FCF2542BB0550
                                                                                                                                                          SHA-512:9574A66D3756540479DC955C4057144283E09CAE11CE11EBCE801053BB48E536E67DC823B91895A9E3EE8D3CB27C065D5E9030C39A26CBF3F201348385B418A5
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:Cr24..............0.."0...*.H.............0.........N.......E#......9e.u.q...VYY..@.+.C..k.O..bK.`..6.G..%.....3Z...e _.6....F..1p..K.Z......./ .3...OT..`..0...Y...FT..43.th.y...}....p.L...2S.&i.`..o...f.oH.....N..:..ijT.3.F{.0.,.f?'f.CQt;b_"Pc.. ..~S.I.c.8Z.;.....{G.a......k...>.`.o..%.$>;.....g.............jg?.R..@.:..........&..{...x@.Py..;kT....%F".S..w...N....9...A..@X.t!i.@..1;......1E..X.....[.~$....J......;=T.;)k..Y...$......S......M.P..P..>..=..u.....2p...w.9..1qw.a\A..Vj .C.....A..Cf1.r6.A...L. _m...[..l.Wr_../.. .B..9!.!+..ZG.K.......0.."0...*.H.............0.........^SUd%Q.L].......Cl2o...\[.....'*...;R=....N.C5....d. .....J.C>u.kr..Y..syJC.XS.q..E.n?....(G.5..)2.G..!.M.SS.{..U....!.EE..M[.#qs.A.1...g)nQ.c..G....Bd..7... .O.BI..KXQ..4.d.K.0......g.....-p....Z.E{...M&.~n.TE7..{0....5.#.C+3.y)pd9.e.........@..3.9..B.....I....2nX........2.?.~..S....]G.N.....Lr.O.Ve....9..D1.G..W)...P.?=.#..7.R.lz..a.wX.e..h.h.~....v..RP.@X....d.G

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_1666549135\CRX_INSTALL\_metadata\verified_contents.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):1753
                                                                                                                                                          Entropy (8bit):5.8889033066924155
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:48:Pxpr7Xka2NXDpfsBJODI19Kg1JqcJW9O//JE3ZBDcpu/x:L3XgNSz9/4kIO3u3Xgpq
                                                                                                                                                          MD5:738E757B92939B24CDBBD0EFC2601315
                                                                                                                                                          SHA1:77058CBAFA625AAFBEA867052136C11AD3332143
                                                                                                                                                          SHA-256:D23B2BA94BA22BBB681E6362AE5870ACD8A3280FA9E7241B86A9E12982968947
                                                                                                                                                          SHA-512:DCA3E12DD5A9F1802DB6D11B009FCE2B787E79B9F730094367C9F26D1D87AF1EA072FF5B10888648FB1231DD83475CF45594BB0C9915B655EE363A3127A5FFC2
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:[.. {.. "description": "treehash per file",.. "signed_content": {.. "payload": "eyJpdGVtX2lkIjoiam1qZmxnanBjcGVwZWFmbW1nZHBma29na2doY3BpaGEiLCJpdGVtX3ZlcnNpb24iOiIxLjIuMSIsInByb3RvY29sX3ZlcnNpb24iOjEsImNvbnRlbnRfaGFzaGVzIjpbeyJmb3JtYXQiOiJ0cmVlaGFzaCIsImRpZ2VzdCI6InNoYTI1NiIsImJsb2NrX3NpemUiOjQwOTYsImhhc2hfYmxvY2tfc2l6ZSI6NDA5NiwiZmlsZXMiOlt7InBhdGgiOiJjb250ZW50LmpzIiwicm9vdF9oYXNoIjoiQS13R1JtV0VpM1lybmxQNktneUdrVWJ5Q0FoTG9JZnRRZGtHUnBEcnp1QSJ9LHsicGF0aCI6ImNvbnRlbnRfbmV3LmpzIiwicm9vdF9oYXNoIjoiVU00WVRBMHc5NFlqSHVzVVJaVTFlU2FBSjFXVENKcHhHQUtXMGxhcDIzUSJ9LHsicGF0aCI6Im1hbmlmZXN0Lmpzb24iLCJyb290X2hhc2giOiJKNXYwVTkwRmN0ejBveWJMZmZuNm5TbHFLU0h2bHF2YkdWYW9FeWFOZU1zIn1dfV19",.. "signatures": [.. {.. "header": {.. "kid": "publisher".. },.. "protected": "eyJhbGciOiJSUzI1NiJ9",.. "signature": "UglEEilkOml5P1W0X6wc-_dB87PQB73uMir11923av57zPKujb4IUe_lbGpn7cRZsy6x-8i9eEKxAW7L2TSmYqrcp4XtiON6ppcf27FWACXOUJDax9wlMr-EOtyZhykCnB9vR

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_1666549135\CRX_INSTALL\content.js

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:Unicode text, UTF-8 text, with very long lines (8031), with no line terminators
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):9815
                                                                                                                                                          Entropy (8bit):6.1716321262973315
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:192:+ThBV4L3npstQp6VRtROQGZ0UyVg4jq4HWeGBnUi65Ep4HdlyKyjFN3zEScQZBMX:+ThBVq3npozftROQIyVfjRZGB365Ey97
                                                                                                                                                          MD5:3D20584F7F6C8EAC79E17CCA4207FB79
                                                                                                                                                          SHA1:3C16DCC27AE52431C8CDD92FBAAB0341524D3092
                                                                                                                                                          SHA-256:0D40A5153CB66B5BDE64906CA3AE750494098F68AD0B4D091256939EEA243643
                                                                                                                                                          SHA-512:315D1B4CC2E70C72D7EB7D51E0F304F6E64AC13AE301FD2E46D585243A6C936B2AD35A0964745D291AE9B317C316A29760B9B9782C88CC6A68599DB531F87D59
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:(()=>{"use strict";var e={1:(e,o)=>{Object.defineProperty(o,"__esModule",{value:!0}),o.newCwsPromotionalButtonCta=o.chromeToEdgeCwsButtonCtaMapping=void 0,o.chromeToEdgeCwsButtonCtaMapping={"...... ... Chrome":"...... ....","........ .. Chrome":".....",........:"..........",".......... .. Chrome":"..........","Chrome . .....":"...","Chrome .... ....":"....","Afegeix a Chrome":"Obt.n","Suprimeix de Chrome":"Suprimeix","P.idat do Chromu":"Z.skat","Odstranit z Chromu":"Odebrat","F.j til Chrome":"F.","Fjern fra Chrome":"Fjerne",Hinzuf.gen:"Abrufen","Aus Chrome entfernen":"Entfernen","Add to Chrome":"Get","Remove from Chrome":"Remove","A.adir a Chrome":"Obtener",Desinstalar:"Quitar","Agregar a Chrome":"Obtener","Eliminar de Chrome":"Quitar","Lisa Chrome'i":"Hangi","Chrome'ist eemaldamine":"Eemalda",.......H:"........","......... ... .. Chr

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_1666549135\CRX_INSTALL\content_new.js

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:Unicode text, UTF-8 text, with very long lines (8604), with no line terminators
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):10388
                                                                                                                                                          Entropy (8bit):6.174387413738973
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:192:+ThBV4L3npstQp6VRtROQGZ0UyVg4jq4HWeGBnUi65Ep4HdlyKyjFN3EbmE1F4fn:+ThBVq3npozftROQIyVfjRZGB365Ey9+
                                                                                                                                                          MD5:3DE1E7D989C232FC1B58F4E32DE15D64
                                                                                                                                                          SHA1:42B152EA7E7F31A964914F344543B8BF14B5F558
                                                                                                                                                          SHA-256:D4AA4602A1590A4B8A1BCE8B8D670264C9FB532ADC97A72BC10C43343650385A
                                                                                                                                                          SHA-512:177E5BDF3A1149B0229B6297BAF7B122602F7BD753F96AA41CCF2D15B2BCF6AF368A39BB20336CCCE121645EC097F6BEDB94666C74ACB6174EB728FBFC43BC2A
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:(()=>{"use strict";var e={1:(e,o)=>{Object.defineProperty(o,"__esModule",{value:!0}),o.newCwsPromotionalButtonCta=o.chromeToEdgeCwsButtonCtaMapping=void 0,o.chromeToEdgeCwsButtonCtaMapping={"...... ... Chrome":"...... ....","........ .. Chrome":".....",........:"..........",".......... .. Chrome":"..........","Chrome . .....":"...","Chrome .... ....":"....","Afegeix a Chrome":"Obt.n","Suprimeix de Chrome":"Suprimeix","P.idat do Chromu":"Z.skat","Odstranit z Chromu":"Odebrat","F.j til Chrome":"F.","Fjern fra Chrome":"Fjerne",Hinzuf.gen:"Abrufen","Aus Chrome entfernen":"Entfernen","Add to Chrome":"Get","Remove from Chrome":"Remove","A.adir a Chrome":"Obtener",Desinstalar:"Quitar","Agregar a Chrome":"Obtener","Eliminar de Chrome":"Quitar","Lisa Chrome'i":"Hangi","Chrome'ist eemaldamine":"Eemalda",.......H:"........","......... ... .. Chr

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_1666549135\CRX_INSTALL\manifest.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):962
                                                                                                                                                          Entropy (8bit):5.698567446030411
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:24:1Hg9+D3DRnbuF2+sUrzUu+Y9VwE+Fg41T1O:NBqY+6E+F7JO
                                                                                                                                                          MD5:E805E9E69FD6ECDCA65136957B1FB3BE
                                                                                                                                                          SHA1:2356F60884130C86A45D4B232A26062C7830E622
                                                                                                                                                          SHA-256:5694C91F7D165C6F25DAF0825C18B373B0A81EA122C89DA60438CD487455FD6A
                                                                                                                                                          SHA-512:049662EF470D2B9E030A06006894041AE6F787449E4AB1FBF4959ADCB88C6BB87A957490212697815BB3627763C01B7B243CF4E3C4620173A95795884D998A75
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "content_scripts": [ {.. "js": [ "content.js" ],.. "matches": [ "https://chrome.google.com/webstore/*" ].. }, {.. "js": [ "content_new.js" ],.. "matches": [ "https://chromewebstore.google.com/*" ].. } ],.. "description": "Edge relevant text changes on select websites to improve user experience and precisely surfaces the action they want to take.",.. "key": "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu06p2Mjoy6yJDUUjCe8Hnqvtmjll73XqcbylxFZZWe+MCEAEK+1D0Nxrp0+IuWJL02CU3jbuR5KrJYoezA36M1oSGY5lIF/9NhXWEx5GrosxcBjxqEsdWv/eDoOOEbIvIO0ziMv7T1SUnmAA07wwq8DXWYuwlkZU/PA0Mxx0aNZ5+QyMfYqRmMpwxkwPG8gyU7kmacxgCY1v7PmmZo1vSIEOBYrxl064w5Q6s/dpalSJM9qeRnvRMLsszGY/J2bjQ1F0O2JfIlBjCOUg/89+U8ZJ1mObOFrKO4um8QnenXtH0WGmsvb5qBNrvbWNPuFgr2+w5JYlpSQ+O8zUCb8QZwIDAQAB",.. "manifest_version": 3,.. "name": "Edge relevant text changes",.. "update_url": "https://edge.microsoft.com/extensionwebstorebase/v1/crx",.. "version": "1.2.1"..}..

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\128.png

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):4982
                                                                                                                                                          Entropy (8bit):7.929761711048726
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:96:L7Rf7U1ylWb3KfyEfOXE+PIcvBirQFiAql1ZwKREkXCSAk:pTvWqfD+gl0sAql1u7kySAk
                                                                                                                                                          MD5:913064ADAAA4C4FA2A9D011B66B33183
                                                                                                                                                          SHA1:99EA751AC2597A080706C690612AEEEE43161FC1
                                                                                                                                                          SHA-256:AFB4CE8882EF7AE80976EBA7D87F6E07FCDDC8E9E84747E8D747D1E996DEA8EB
                                                                                                                                                          SHA-512:162BF69B1AD5122C6154C111816E4B87A8222E6994A72743ED5382D571D293E1467A2ED2FC6CC27789B644943CF617A56DA530B6A6142680C5B2497579A632B5
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:.PNG........IHDR..............>a....=IDATx..]}...U..;...O.Q..QH.I(....v..E....GUb*..R[.4@%..hK..B..(.B..". ....&)U#.%...jZ...JC.8.....{.cfvgf.3;.....}ow.....{...P.B...*T.P.B...*Tx...=.Q..wv.w.....|.e.1.$.P.?..l_\.n.}...~.g.....Q...A.f....m.....{,...C2 %..X.......FE.1.N..f...Q..D.K87.....:g..Q.{............3@$.8.....{.....q....G.. .....5..y......)XK..F...D.......... ."8...J#.eM.i....H.E.....a.RIP.`......)..T.....! .[p`X.`..L.a....e. .T..2.....H..p$..02...j....\..........s{...Ymm~.a........f.$./.[.{..C.2:.0..6..]....`....NW.....0..o.T..$;k.2......_...k..{,.+........{..6...L..... .dw...l$..}...K...EV....0......P...e....k....+Go....qw.9.1...X2\..qfw0v.....N...{...l.."....f.A..I..+#.v....'..~E.N-k.........{...l.$..ga..1...$......x$X=}.N..S..B$p..`..`.ZG:c..RA.(.0......Gg.A.I..>...3u.u........_..KO.m.........C...,..c.......0...@_..m...-..7.......4LZ......j@.......\..'....u. QJ.:G..I`.w'B0..w.H..'b.0- ......|..}./.....e..,.K.1........W.u.v. ...\.o

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\af\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):908
                                                                                                                                                          Entropy (8bit):4.512512697156616
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:12:1HASvgMTCBxNB+kCIww3v+BBJ/wjsV8lCBxeBeRiGTCSU8biHULaBg/4srCBhUJJ:1HAkkJ+kCIwEg/wwbw0PXa22QLWmSDg
                                                                                                                                                          MD5:12403EBCCE3AE8287A9E823C0256D205
                                                                                                                                                          SHA1:C82D43C501FAE24BFE05DB8B8F95ED1C9AC54037
                                                                                                                                                          SHA-256:B40BDE5B612CFFF936370B32FB0C58CC205FC89937729504C6C0B527B60E2CBA
                                                                                                                                                          SHA-512:153401ECDB13086D2F65F9B9F20ACB3CEFE5E2AEFF1C31BA021BE35BF08AB0634812C33D1D34DA270E5693A8048FC5E2085E30974F6A703F75EA1622A0CA0FFD
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": "SKEP NUWE".. },.. "explanationofflinedisabled": {.. "message": "Jy is vanlyn. As jy Google Dokumente sonder 'n internetverbinding wil gebruik, moet jy die volgende keer as jy aan die internet gekoppel is na instellings op die Google Dokumente-tuisblad gaan en vanlynsinkronisering aanskakel.".. },.. "explanationofflineenabled": {.. "message": "Jy is vanlyn, maar jy kan nog steeds beskikbare l.ers redigeer of nuwes skep.".. },.. "extdesc": {.. "message": "Skep, wysig en bekyk jou dokumente, sigblaaie en aanbiedings . alles sonder toegang tot die internet.".. },.. "extname": {.. "message": "Google Vanlyn Dokumente".. },.. "learnmore": {.. "message": "Kom meer te wete".. },.. "popuphelptext": {.. "message": "Skryf, redigeer en werk saam, waar jy ook al is, met of sonder 'n internetverbinding.".. }..}..

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\am\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):1285
                                                                                                                                                          Entropy (8bit):4.702209356847184
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:24:1HAn6bfEpxtmqMI91ivWjm/6GcCIoToCZzlgkX/Mj:W6bMt3MITFjm/Pcd4oCZhg6k
                                                                                                                                                          MD5:9721EBCE89EC51EB2BAEB4159E2E4D8C
                                                                                                                                                          SHA1:58979859B28513608626B563138097DC19236F1F
                                                                                                                                                          SHA-256:3D0361A85ADFCD35D0DE74135723A75B646965E775188F7DCDD35E3E42DB788E
                                                                                                                                                          SHA-512:FA3689E8663565D3C1C923C81A620B006EA69C99FB1EB15D07F8F45192ED9175A6A92315FA424159C1163382A3707B25B5FC23E590300C62CBE2DACE79D84871
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": "... ...".. },.. "explanationofflinedisabled": {.. "message": "..... .. .... Google ..... ........ ..... ..... .Google .... ... .. .. .. ..... .... ....... .. ....... ... .. .. ..... .. ..... ....".. },.. "explanationofflineenabled": {.. "message": "..... .. .... ... .. .... .... ..... .... ... ..... .... .....".. },.. "extdesc": {.. "message": "...... ..... .... ... .. ..... ...... ..... .... .. ..... . .... .. ...... .....".. },.. "extname": {.. "message": "..... .. Goog

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\ar\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):1244
                                                                                                                                                          Entropy (8bit):4.5533961615623735
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:12:1HASvgPCBxNhieFTr9ogjIxurIyJCCBxeh6wAZKn7uCSUhStuysUm+WCBhSueW1Y:1HAgJzoaC6VEn7Css8yoXzzd
                                                                                                                                                          MD5:3EC93EA8F8422FDA079F8E5B3F386A73
                                                                                                                                                          SHA1:24640131CCFB21D9BC3373C0661DA02D50350C15
                                                                                                                                                          SHA-256:ABD0919121956AB535E6A235DE67764F46CFC944071FCF2302148F5FB0E8C65A
                                                                                                                                                          SHA-512:F40E879F85BC9B8120A9B7357ED44C22C075BF065F45BEA42BD5316AF929CBD035D5D6C35734E454AEF5B79D378E51A77A71FA23F9EBD0B3754159718FCEB95C
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": "..... ....".. },.. "explanationofflinedisabled": {.. "message": "... ... ...... ........ ....... Google ... ..... .......... ..... ... ......... .. ...... ........ ........ Google ..... ........ ... ..... .. ..... ....... .... .... .... ..........".. },.. "explanationofflineenabled": {.. "message": "... ... ...... .... .. .... ....... ..... ....... ....... .. ..... ..... ......".. },.. "extdesc": {.. "message": "..... ......... ...... ........ ....... ......... ........ ....... .. ... ... ..... .........".. },.. "extname": {.. "message": "....... Google ... ......".. },.. "learnmore": {.. "messa

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\az\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):977
                                                                                                                                                          Entropy (8bit):4.867640976960053
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:24:1HAWNjbwlmyuAoW32Md+80cVLdUSERHtRo3SjX:J3wlzs42m+8TV+S4H0CjX
                                                                                                                                                          MD5:9A798FD298008074E59ECC253E2F2933
                                                                                                                                                          SHA1:1E93DA985E880F3D3350FC94F5CCC498EFC8C813
                                                                                                                                                          SHA-256:628145F4281FA825D75F1E332998904466ABD050E8B0DC8BB9B6A20488D78A66
                                                                                                                                                          SHA-512:9094480379F5AB711B3C32C55FD162290CB0031644EA09A145E2EF315DA12F2E55369D824AF218C3A7C37DD9A276AEEC127D8B3627D3AB45A14B0191ED2BBE70
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": "YEN.S.N. YARADIN".. },.. "explanationofflinedisabled": {.. "message": "Oflayns.n.z. Google S.n.di internet ba.lant.s. olmadan istifad. etm.k ist.yirsinizs., Google S.n.din .sas s.hif.sind. ayarlara gedin v. n.vb.ti d.f. internet. qo.ulanda oflayn sinxronizasiyan. aktiv edin.".. },.. "explanationofflineenabled": {.. "message": "Oflayns.n.z, amma m.vcud fayllar. redakt. ed. v. yenil.rini yarada bil.rsiniz.".. },.. "extdesc": {.. "message": "S.n.d, c.dv.l v. t.qdimatlar.n ham.s.n. internet olmadan redakt. edin, yarad.n v. bax.n.".. },.. "extname": {.. "message": "Google S.n.d Oflayn".. },.. "learnmore": {.. "message": ".trafl. M.lumat".. },.. "popuphelptext": {.. "message": "Harda olma..n.zdan v. internet. qo.ulu olub-olmad...n.zdan as.l. olmayaraq, yaz.n, redakt. edin v. .m.kda.l.q edin.".. }..}..

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\be\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):3107
                                                                                                                                                          Entropy (8bit):3.535189746470889
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:48:YOWdTQ0QRk+QyJQAy6Qg4QWSe+QECTQLHQlQIfyQ0fnWQjQDrTQik+QvkZTQ+89b:GdTbyRvwgbCTEHQhyVues9oOT3rOCkV
                                                                                                                                                          MD5:68884DFDA320B85F9FC5244C2DD00568
                                                                                                                                                          SHA1:FD9C01E03320560CBBB91DC3D1917C96D792A549
                                                                                                                                                          SHA-256:DDF16859A15F3EB3334D6241975CA3988AC3EAFC3D96452AC3A4AFD3644C8550
                                                                                                                                                          SHA-512:7FF0FBD555B1F9A9A4E36B745CBFCAD47B33024664F0D99E8C080BE541420D1955D35D04B5E973C07725573E592CD0DD84FDBB867C63482BAFF6929ADA27CCDE
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{"createnew":{"message":"\u0421\u0422\u0412\u0410\u0420\u042b\u0426\u042c \u041d\u041e\u0412\u042b"},"explanationofflinedisabled":{"message":"\u0412\u044b \u045e \u043f\u0430\u0437\u0430\u0441\u0435\u0442\u043a\u0430\u0432\u044b\u043c \u0440\u044d\u0436\u044b\u043c\u0435. \u041a\u0430\u0431 \u043a\u0430\u0440\u044b\u0441\u0442\u0430\u0446\u0446\u0430 \u0414\u0430\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u043c\u0456 Google \u0431\u0435\u0437 \u043f\u0430\u0434\u043a\u043b\u044e\u0447\u044d\u043d\u043d\u044f \u0434\u0430 \u0456\u043d\u0442\u044d\u0440\u043d\u044d\u0442\u0443, \u043f\u0435\u0440\u0430\u0439\u0434\u0437\u0456\u0446\u0435 \u0434\u0430 \u043d\u0430\u043b\u0430\u0434 \u043d\u0430 \u0433\u0430\u043b\u043e\u045e\u043d\u0430\u0439 \u0441\u0442\u0430\u0440\u043e\u043d\u0446\u044b \u0414\u0430\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u045e Google \u0456 \u045e\u043a\u043b\u044e\u0447\u044b\u0446\u0435 \u0441\u0456\u043d\u0445\u0440\u0430\u043d\u0456\u0437\u0430\u0446\u044b\u044e

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\bg\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):1389
                                                                                                                                                          Entropy (8bit):4.561317517930672
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:24:1HAp1DQqUfZ+Yann08VOeadclUZbyMzZzsYvwUNn7nOyRK8/nn08V7:g1UTfZ+Ya08Uey3tflCRE08h
                                                                                                                                                          MD5:2E6423F38E148AC5A5A041B1D5989CC0
                                                                                                                                                          SHA1:88966FFE39510C06CD9F710DFAC8545672FFDCEB
                                                                                                                                                          SHA-256:AC4A8B5B7C0B0DD1C07910F30DCFBDF1BCB701CFCFD182B6153FD3911D566C0E
                                                                                                                                                          SHA-512:891FCDC6F07337970518322C69C6026896DD3588F41F1E6C8A1D91204412CAE01808F87F9F2DEA1754458D70F51C3CEF5F12A9E3FC011165A42B0844C75EC683
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": ".........".. },.. "explanationofflinedisabled": {.. "message": "...... .... .. .. .......... Google ......... ... ........ ......, ........ ........... . ......... ........ .. Google ......... . ........ ...... .............. ......... ..., ...... ..... ...... . .........".. },.. "explanationofflineenabled": {.. "message": "...... ..., .. ... ...... .. ........... ......... ....... ... .. ......... .....".. },.. "extdesc": {.. "message": "............, .......... . ............ ...... ........., .......... ....... . ........... . ...... .... ... ...... .. .........".. },..

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\bn\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):1763
                                                                                                                                                          Entropy (8bit):4.25392954144533
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:24:1HABGtNOtIyHmVd+q+3X2AFl2DhrR7FAWS9+SMzI8QVAEq8yB0XtfOyvU7D:oshmm/+H2Ml2DrFPS9+S99EzBd7D
                                                                                                                                                          MD5:651375C6AF22E2BCD228347A45E3C2C9
                                                                                                                                                          SHA1:109AC3A912326171D77869854D7300385F6E628C
                                                                                                                                                          SHA-256:1DBF38E425C5C7FC39E8077A837DF0443692463BA1FBE94E288AB5A93242C46E
                                                                                                                                                          SHA-512:958AA7CF645FAB991F2ECA0937BA734861B373FB1C8BCC001599BE57C65E0917F7833A971D93A7A6423C5F54A4839D3A4D5F100C26EFA0D2A068516953989F9D
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": ".... .... ....".. },.. "explanationofflinedisabled": {.. "message": ".... ....... ....... .... ......... ..... ..... Google ........ ....... ...., Google .......... ........ ....... ... ... .... ... .... ... ........... .... ....... .... ... ...... ..... .... .....".. },.. "explanationofflineenabled": {.. "message": ".... ....... ......, ...... .... .... ...... .......... ........ .... .. .... .... .... .... .......".. },.. "extdesc":

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\ca\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):930
                                                                                                                                                          Entropy (8bit):4.569672473374877
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:12:1HASvggoSCBxNFT0sXuqgEHQ2fTq9blUJYUJaw9CBxejZFPLOjCSUuE44pMiiDat:1HAtqs+BEHGpURxSp1iUPWCAXtRKe
                                                                                                                                                          MD5:D177261FFE5F8AB4B3796D26835F8331
                                                                                                                                                          SHA1:4BE708E2FFE0F018AC183003B74353AD646C1657
                                                                                                                                                          SHA-256:D6E65238187A430FF29D4C10CF1C46B3F0FA4B91A5900A17C5DFD16E67FFC9BD
                                                                                                                                                          SHA-512:E7D730304AED78C0F4A78DADBF835A22B3D8114FB41D67B2B26F4FE938B572763D3E127B7C1C81EBE7D538DA976A7A1E7ADC40F918F88AFADEA2201AE8AB47D0
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": "CREA'N UN DE NOU".. },.. "explanationofflinedisabled": {.. "message": "No tens connexi.. Per utilitzar Documents de Google sense connexi. a Internet, ves a la configuraci. de la p.gina d'inici d'aquest servei i activa l'opci. per sincronitzar-se sense connexi. la propera vegada que estiguis connectat a la xarxa.".. },.. "explanationofflineenabled": {.. "message": "Tot i que no tens connexi., pots editar o crear fitxers.".. },.. "extdesc": {.. "message": "Edita, crea i consulta documents, fulls de c.lcul i presentacions, tot sense acc.s a Internet.".. },.. "extname": {.. "message": "Documents de Google sense connexi.".. },.. "learnmore": {.. "message": "M.s informaci.".. },.. "popuphelptext": {.. "message": "Escriu text, edita fitxers i col.labora-hi siguis on siguis, amb o sense connexi. a Internet.".. }..}..

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\cs\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):913
                                                                                                                                                          Entropy (8bit):4.947221919047
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:12:1HASvgdsbCBxNBmobXP15Dxoo60n40h6qCBxeBeGG/9jZCSUKFPDLZ2B2hCBhPLm:1HApJmoZ5e50nzQhwAd7dvYB2kDSGGKs
                                                                                                                                                          MD5:CCB00C63E4814F7C46B06E4A142F2DE9
                                                                                                                                                          SHA1:860936B2A500CE09498B07A457E0CCA6B69C5C23
                                                                                                                                                          SHA-256:21AE66CE537095408D21670585AD12599B0F575FF2CB3EE34E3A48F8CC71CFAB
                                                                                                                                                          SHA-512:35839DAC6C985A6CA11C1BFF5B8B5E59DB501FCB91298E2C41CB0816B6101BF322445B249EAEA0CEF38F76D73A4E198F2B6E25EEA8D8A94EA6007D386D4F1055
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": "VYTVO.IT".. },.. "explanationofflinedisabled": {.. "message": "Jste offline. Pokud chcete Dokumenty Google pou..vat bez p.ipojen. k.internetu, a. budete p...t. online, p.ejd.te do nastaven. na domovsk. str.nce Dokument. Google a.zapn.te offline synchronizaci.".. },.. "explanationofflineenabled": {.. "message": "Jste offline, ale st.le m..ete upravovat dostupn. soubory nebo vytv..et nov..".. },.. "extdesc": {.. "message": "Upravujte, vytv..ejte a.zobrazujte sv. dokumenty, tabulky a.prezentace . v.e bez p..stupu k.internetu.".. },.. "extname": {.. "message": "Dokumenty Google offline".. },.. "learnmore": {.. "message": "Dal.. informace".. },.. "popuphelptext": {.. "message": "Pi.te, upravujte a.spolupracujte kdekoli, s.p.ipojen.m k.internetu i.bez n.j.".. }..}..

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\cy\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):806
                                                                                                                                                          Entropy (8bit):4.815663786215102
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:12:YGo35xMxy6gLr4Dn1eBVa1xzxyn1VFQB6FDVgdAJex9QH7uy+XJEjENK32J21j:Y735+yoeeRG54uDmdXx9Q7u3r83Xj
                                                                                                                                                          MD5:A86407C6F20818972B80B9384ACFBBED
                                                                                                                                                          SHA1:D1531CD0701371E95D2A6BB5EDCB79B949D65E7C
                                                                                                                                                          SHA-256:A482663292A913B02A9CDE4635C7C92270BF3C8726FD274475DC2C490019A7C9
                                                                                                                                                          SHA-512:D9FBF675514A890E9656F83572208830C6D977E34D5744C298A012515BC7EB5A17726ADD0D9078501393BABD65387C4F4D3AC0CC0F7C60C72E09F336DCA88DE7
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{"createnew":{"message":"CREU NEWYDD"},"explanationofflinedisabled":{"message":"Rydych chi all-lein. I ddefnyddio Dogfennau Google heb gysylltiad \u00e2'r rhyngrwyd, ewch i'r gosodiadau ar dudalen hafan Dogfennau Google a throi 'offine sync' ymlaen y tro nesaf y byddwch wedi'ch cysylltu \u00e2'r rhyngrwyd."},"explanationofflineenabled":{"message":"Rydych chi all-lein, ond gallwch barhau i olygu'r ffeiliau sydd ar gael neu greu rhai newydd."},"extdesc":{"message":"Gallwch olygu, creu a gweld eich dogfennau, taenlenni a chyflwyniadau \u2013 i gyd heb fynediad i'r rhyngrwyd."},"extname":{"message":"Dogfennau Google All-lein"},"learnmore":{"message":"DYSGU MWY"},"popuphelptext":{"message":"Ysgrifennwch, golygwch a chydweithiwch lle bynnag yr ydych, gyda chysylltiad \u00e2'r rhyngrwyd neu hebddo."}}.

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\da\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):883
                                                                                                                                                          Entropy (8bit):4.5096240460083905
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:24:1HA4EFkQdUULMnf1yo+9qgpukAXW9bGJTvDyqdr:zEFkegfw9qwAXWNs/yu
                                                                                                                                                          MD5:B922F7FD0E8CCAC31B411FC26542C5BA
                                                                                                                                                          SHA1:2D25E153983E311E44A3A348B7D97AF9AAD21A30
                                                                                                                                                          SHA-256:48847D57C75AF51A44CBF8F7EF1A4496C2007E58ED56D340724FDA1604FF9195
                                                                                                                                                          SHA-512:AD0954DEEB17AF04858DD5EC3D3B3DA12DFF7A666AF4061DEB6FD492992D95DB3BAF751AB6A59BEC7AB22117103A93496E07632C2FC724623BB3ACF2CA6093F3
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": "OPRET NYT".. },.. "explanationofflinedisabled": {.. "message": "Du er offline. Hvis du vil bruge Google Docs uden en internetforbindelse, kan du g. til indstillinger p. startsiden for Google Docs og aktivere offlinesynkronisering, n.ste gang du har internetforbindelse.".. },.. "explanationofflineenabled": {.. "message": "Du er offline, men du kan stadig redigere tilg.ngelige filer eller oprette nye.".. },.. "extdesc": {.. "message": "Rediger, opret og se dine dokumenter, regneark og pr.sentationer helt uden internetadgang.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "F. flere oplysninger".. },.. "popuphelptext": {.. "message": "Skriv, rediger og samarbejd, uanset hvor du er, og uanset om du har internetforbindelse.".. }..}..

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\de\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):1031
                                                                                                                                                          Entropy (8bit):4.621865814402898
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:24:1HA6sZnqWd77ykJzCkhRhoe1HMNaAJPwG/p98HKpy2kX/R:WZqWxykJzthRhoQma+tpyHX2O/R
                                                                                                                                                          MD5:D116453277CC860D196887CEC6432FFE
                                                                                                                                                          SHA1:0AE00288FDE696795CC62FD36EABC507AB6F4EA4
                                                                                                                                                          SHA-256:36AC525FA6E28F18572D71D75293970E0E1EAD68F358C20DA4FDC643EEA2C1C5
                                                                                                                                                          SHA-512:C788C3202A27EC220E3232AE25E3C855F3FDB8F124848F46A3D89510C564641A2DFEA86D5014CEA20D3D2D3C1405C96DBEB7CCAD910D65C55A32FDCA8A33FDD4
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": "NEU ERSTELLEN".. },.. "explanationofflinedisabled": {.. "message": "Sie sind offline. Um Google Docs ohne Internetverbindung zu verwenden, gehen Sie auf der Google Docs-Startseite auf \"Einstellungen\" und schalten die Offlinesynchronisierung ein, wenn Sie das n.chste Mal mit dem Internet verbunden sind.".. },.. "explanationofflineenabled": {.. "message": "Sie sind offline, aber k.nnen weiterhin verf.gbare Dateien bearbeiten oder neue Dateien erstellen.".. },.. "extdesc": {.. "message": "Mit der Erweiterung k.nnen Sie Dokumente, Tabellen und Pr.sentationen bearbeiten, erstellen und aufrufen.. ganz ohne Internetverbindung.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Weitere Informationen".. },.. "popuphelptext": {.. "message": "Mit oder ohne Internetverbindung: Sie k.nnen von .berall Dokumente erstellen, .ndern und zusammen mit anderen

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\el\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):1613
                                                                                                                                                          Entropy (8bit):4.618182455684241
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:24:1HAJKan4EITDZGoziRAc2Z8eEfkTJfLhGX7b0UBNoAcGpVyhxefSmuq:SKzTD0IK85JlwsGOUyaSk
                                                                                                                                                          MD5:9ABA4337C670C6349BA38FDDC27C2106
                                                                                                                                                          SHA1:1FC33BE9AB4AD99216629BC89FBB30E7AA42B812
                                                                                                                                                          SHA-256:37CA6AB271D6E7C9B00B846FDB969811C9CE7864A85B5714027050795EA24F00
                                                                                                                                                          SHA-512:8564F93AD8485C06034A89421CE74A4E719BBAC865E33A7ED0B87BAA80B7F7E54B240266F2EDB595DF4E6816144428DB8BE18A4252CBDCC1E37B9ECC9F9D7897
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": ".......... ....".. },.. "explanationofflinedisabled": {.. "message": "..... ..... ......... ... .. ............... .. ....... Google ..... ....... ... ........., ......... .... ......... .... ...... ...... ... ........ Google ... ............. ... ........... ..... ........ ... ....... .... ... .. ..... ............ ... ..........".. },.. "explanationofflineenabled": {.. "message": "..... ..... ........ .... ........ .. .............. .. ......... ...... . .. ............. ... .......".. },.. "extdesc": {.. "message": ".............., ............ ... ..... .. ......., .

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\en\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):851
                                                                                                                                                          Entropy (8bit):4.4858053753176526
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:12:1HASvgg4eCBxNdN3Pj1NzXW6iFryCBxesJGceKCSUuvNn3AwCBhUufz1tHaXRdAv:1HA3dj/BNzXviFrpj4sNQXJezAa6
                                                                                                                                                          MD5:07FFBE5F24CA348723FF8C6C488ABFB8
                                                                                                                                                          SHA1:6DC2851E39B2EE38F88CF5C35A90171DBEA5B690
                                                                                                                                                          SHA-256:6895648577286002F1DC9C3366F558484EB7020D52BBF64A296406E61D09599C
                                                                                                                                                          SHA-512:7ED2C8DB851A84F614D5DAF1D5FE633BD70301FD7FF8A6723430F05F642CEB3B1AD0A40DE65B224661C782FFCEC69D996EBE3E5BB6B2F478181E9A07D8CD41F6
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": "CREATE NEW".. },.. "explanationofflinedisabled": {.. "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet.".. },.. "explanationofflineenabled": {.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extdesc": {.. "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Learn More".. },.. "popuphelptext": {.. "message": "Write, edit, and collaborate wherever you are, with or without an internet connection.".. }..}..

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\en_CA\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):851
                                                                                                                                                          Entropy (8bit):4.4858053753176526
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:12:1HASvgg4eCBxNdN3Pj1NzXW6iFryCBxesJGceKCSUuvNn3AwCBhUufz1tHaXRdAv:1HA3dj/BNzXviFrpj4sNQXJezAa6
                                                                                                                                                          MD5:07FFBE5F24CA348723FF8C6C488ABFB8
                                                                                                                                                          SHA1:6DC2851E39B2EE38F88CF5C35A90171DBEA5B690
                                                                                                                                                          SHA-256:6895648577286002F1DC9C3366F558484EB7020D52BBF64A296406E61D09599C
                                                                                                                                                          SHA-512:7ED2C8DB851A84F614D5DAF1D5FE633BD70301FD7FF8A6723430F05F642CEB3B1AD0A40DE65B224661C782FFCEC69D996EBE3E5BB6B2F478181E9A07D8CD41F6
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": "CREATE NEW".. },.. "explanationofflinedisabled": {.. "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet.".. },.. "explanationofflineenabled": {.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extdesc": {.. "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Learn More".. },.. "popuphelptext": {.. "message": "Write, edit, and collaborate wherever you are, with or without an internet connection.".. }..}..

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\en_GB\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):848
                                                                                                                                                          Entropy (8bit):4.494568170878587
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:12:1HASvgg4eCBxNdN3vRyc1NzXW6iFrSCBxesJGceKCSUuvlvOgwCBhUufz1tnaXrQ:1HA3djfR3NzXviFrJj4sJXJ+bA6RM
                                                                                                                                                          MD5:3734D498FB377CF5E4E2508B8131C0FA
                                                                                                                                                          SHA1:AA23E39BFE526B5E3379DE04E00EACBA89C55ADE
                                                                                                                                                          SHA-256:AB5CDA04013DCE0195E80AF714FBF3A67675283768FFD062CF3CF16EDB49F5D4
                                                                                                                                                          SHA-512:56D9C792954214B0DE56558983F7EB7805AC330AF00E944E734340BE41C68E5DD03EDDB17A63BC2AB99BDD9BE1F2E2DA5BE8BA7C43D938A67151082A9041C7BA
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": "CREATE NEW".. },.. "explanationofflinedisabled": {.. "message": "You're offline. To use Google Docs without an Internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the Internet.".. },.. "explanationofflineenabled": {.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extdesc": {.. "message": "Edit, create and view your documents, spreadsheets and presentations . all without Internet access.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Learn more".. },.. "popuphelptext": {.. "message": "Write, edit and collaborate wherever you are, with or without an Internet connection.".. }..}..

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\en_US\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):1425
                                                                                                                                                          Entropy (8bit):4.461560329690825
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:24:1HA6Krbbds5Kna/BNzXviFrpsCxKU4irpNQ0+qWK5yOJAaCB7MAa6:BKrbBs5Kna/BNzXvi3sCxKZirA0jWK5m
                                                                                                                                                          MD5:578215FBB8C12CB7E6CD73FBD16EC994
                                                                                                                                                          SHA1:9471D71FA6D82CE1863B74E24237AD4FD9477187
                                                                                                                                                          SHA-256:102B586B197EA7D6EDFEB874B97F95B05D229EA6A92780EA8544C4FF1E6BC5B1
                                                                                                                                                          SHA-512:E698B1A6A6ED6963182F7D25AC12C6DE06C45D14499DDC91E81BDB35474E7EC9071CFEBD869B7D129CB2CD127BC1442C75E408E21EB8E5E6906A607A3982B212
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createNew": {.. "description": "Text shown in the extension pop up for creating a new document",.. "message": "CREATE NEW".. },.. "explanationOfflineDisabled": {.. "description": "Text shown in the extension popup when the user is offline and offline is disabled.",.. "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet.".. },.. "explanationOfflineEnabled": {.. "description": "Text shown in the extension popup when the user is offline and offline is enabled.",.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extDesc": {.. "description": "Extension description",.. "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access.".. },.. "extName": {.. "description": "Extension name",..

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\es\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):961
                                                                                                                                                          Entropy (8bit):4.537633413451255
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:12:1HASvggeCBxNFxcw2CVcfamedatqWCCBxeFxCF/m+rWAaFQbCSUuExqIQdO06stp:1HAqn0gcfa9dc/5mCpmIWck02USfWmk
                                                                                                                                                          MD5:F61916A206AC0E971CDCB63B29E580E3
                                                                                                                                                          SHA1:994B8C985DC1E161655D6E553146FB84D0030619
                                                                                                                                                          SHA-256:2008F4FAAB71AB8C76A5D8811AD40102C380B6B929CE0BCE9C378A7CADFC05EB
                                                                                                                                                          SHA-512:D9C63B2F99015355ACA04D74A27FD6B81170750C4B4BE7293390DC81EF4CD920EE9184B05C61DC8979B6C2783528949A4AE7180DBF460A2620DBB0D3FD7A05CF
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": "CREAR".. },.. "explanationofflinedisabled": {.. "message": "No tienes conexi.n. Para usar Documentos de Google sin conexi.n a Internet, ve a Configuraci.n en la p.gina principal de Documentos de Google y activa la sincronizaci.n sin conexi.n la pr.xima vez que te conectes a Internet.".. },.. "explanationofflineenabled": {.. "message": "No tienes conexi.n. Aun as., puedes crear archivos o editar los que est.n disponibles.".. },.. "extdesc": {.. "message": "Edita, crea y consulta tus documentos, hojas de c.lculo y presentaciones; todo ello, sin acceso a Internet.".. },.. "extname": {.. "message": "Documentos de Google sin conexi.n".. },.. "learnmore": {.. "message": "M.s informaci.n".. },.. "popuphelptext": {.. "message": "Escribe o edita contenido y colabora con otras personas desde cualquier lugar, con o sin conexi.n a Internet.".. }..}..

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\es_419\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):959
                                                                                                                                                          Entropy (8bit):4.570019855018913
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:24:1HARn05cfa9dcDmQOTtSprj0zaGUSjSGZ:+n0CfMcDmQOTQprj4qpC
                                                                                                                                                          MD5:535331F8FB98894877811B14994FEA9D
                                                                                                                                                          SHA1:42475E6AFB6A8AE41E2FC2B9949189EF9BBE09FB
                                                                                                                                                          SHA-256:90A560FF82605DB7EDA26C90331650FF9E42C0B596CEDB79B23598DEC1B4988F
                                                                                                                                                          SHA-512:2CE9C69E901AB5F766E6CFC1E592E1AF5A07AA78D154CCBB7898519A12E6B42A21C5052A86783ABE3E7A05043D4BD41B28960FEDDB30169FF7F7FE7208C8CFE9
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": "CREAR NUEVO".. },.. "explanationofflinedisabled": {.. "message": "No tienes conexi.n. Para usar Documentos de Google sin conexi.n a Internet, ve a la configuraci.n de la p.gina principal de Documentos de Google y activa la sincronizaci.n sin conexi.n la pr.xima vez que est.s conectado a Internet.".. },.. "explanationofflineenabled": {.. "message": "No tienes conexi.n, pero a.n puedes modificar los archivos disponibles o crear otros nuevos.".. },.. "extdesc": {.. "message": "Edita, crea y consulta tus documentos, hojas de c.lculo y presentaciones aunque no tengas acceso a Internet".. },.. "extname": {.. "message": "Documentos de Google sin conexi.n".. },.. "learnmore": {.. "message": "M.s informaci.n".. },.. "popuphelptext": {.. "message": "Escribe, modifica y colabora dondequiera que est.s, con conexi.n a Internet o sin ella.".. }..}..

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\et\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):968
                                                                                                                                                          Entropy (8bit):4.633956349931516
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:24:1HA5WG6t306+9sihHvMfdJLjUk4NJPNczGr:mWGY0cOUdJODPmzs
                                                                                                                                                          MD5:64204786E7A7C1ED9C241F1C59B81007
                                                                                                                                                          SHA1:586528E87CD670249A44FB9C54B1796E40CDB794
                                                                                                                                                          SHA-256:CC31B877238DA6C1D51D9A6155FDE565727A1956572F466C387B7E41C4923A29
                                                                                                                                                          SHA-512:44FCF93F3FB10A3DB68D74F9453995995AB2D16863EC89779DB451A4D90F19743B8F51095EEC3ECEF5BD0C5C60D1BF3DFB0D64DF288DCCFBE70C129AE350B2C6
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": "LOO UUS".. },.. "explanationofflinedisabled": {.. "message": "Teil ei ole v.rgu.hendust. Teenuse Google.i dokumendid kasutamiseks ilma Interneti-.henduseta avage j.rgmine kord, kui olete Internetiga .hendatud, teenuse Google.i dokumendid avalehel seaded ja l.litage sisse v.rgu.henduseta s.nkroonimine.".. },.. "explanationofflineenabled": {.. "message": "Teil ei ole v.rgu.hendust, kuid saate endiselt saadaolevaid faile muuta v.i uusi luua.".. },.. "extdesc": {.. "message": "Saate luua, muuta ja vaadata oma dokumente, arvustustabeleid ning esitlusi ilma Interneti-.henduseta.".. },.. "extname": {.. "message": "V.rgu.henduseta Google.i dokumendid".. },.. "learnmore": {.. "message": "Lisateave".. },.. "popuphelptext": {.. "message": "Kirjutage, muutke ja tehke koost..d .ksk.ik kus olenemata sellest, kas teil on Interneti-.hendus.".. }..}..

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\eu\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):838
                                                                                                                                                          Entropy (8bit):4.4975520913636595
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:24:YnmjggqTWngosqYQqE1kjO39m7OddC0vjWQMmWgqwgQ8KLcxOb:Ynmsgqyngosq9qxTOs0vjWQMbgqchb
                                                                                                                                                          MD5:29A1DA4ACB4C9D04F080BB101E204E93
                                                                                                                                                          SHA1:2D0E4587DDD4BAC1C90E79A88AF3BD2C140B53B1
                                                                                                                                                          SHA-256:A41670D52423BA69C7A65E7E153E7B9994E8DD0370C584BDA0714BD61C49C578
                                                                                                                                                          SHA-512:B7B7A5A0AA8F6724B0FA15D65F25286D9C66873F03080CBABA037BDEEA6AADC678AC4F083BC52C2DB01BEB1B41A755ED67BBDDB9C0FE4E35A004537A3F7FC458
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{"createnew":{"message":"SORTU"},"explanationofflinedisabled":{"message":"Ez zaude konektatuta Internetera. Google Dokumentuak konexiorik gabe erabiltzeko, joan Google Dokumentuak zerbitzuaren orri nagusiko ezarpenetara eta aktibatu konexiorik gabeko sinkronizazioa Internetera konektatzen zaren hurrengoan."},"explanationofflineenabled":{"message":"Ez zaude konektatuta Internetera, baina erabilgarri dauden fitxategiak edita ditzakezu, baita beste batzuk sortu ere."},"extdesc":{"message":"Editatu, sortu eta ikusi dokumentuak, kalkulu-orriak eta aurkezpenak Interneteko konexiorik gabe."},"extname":{"message":"Google Dokumentuak konexiorik gabe"},"learnmore":{"message":"Lortu informazio gehiago"},"popuphelptext":{"message":"Edonon zaudela ere, ez duzu zertan konektatuta egon idatzi, editatu eta lankidetzan jardun ahal izateko."}}.

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\fa\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):1305
                                                                                                                                                          Entropy (8bit):4.673517697192589
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:24:1HAX9yM7oiI99Rwx4xyQakJbfAEJhmq/RlBu92P7FbNcgYVJ0:JM7ovex4xyQaKjAEyq/p7taX0
                                                                                                                                                          MD5:097F3BA8DE41A0AAF436C783DCFE7EF3
                                                                                                                                                          SHA1:986B8CABD794E08C7AD41F0F35C93E4824AC84DF
                                                                                                                                                          SHA-256:7C4C09D19AC4DA30CC0F7F521825F44C4DFBC19482A127FBFB2B74B3468F48F1
                                                                                                                                                          SHA-512:8114EA7422E3B20AE3F08A3A64A6FFE1517A7579A3243919B8F789EB52C68D6F5A591F7B4D16CEE4BD337FF4DAF4057D81695732E5F7D9E761D04F859359FADB
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": "..... ... ....".. },.. "explanationofflinedisabled": {.. "message": "...... ...... .... ....... .. ....... Google .... ..... ........ .... ... .. .. ....... ... ..... .. ....... .. .... .... ....... Google ..... . .......... ...... .. .... .....".. },.. "explanationofflineenabled": {.. "message": "...... ..... ... ...... ......... ......... .. .. .. ..... ..... ...... .... .. ........ ..... ..... .....".. },.. "extdesc": {.. "message": "...... ............ . ........ .. ....... ..... . ...... .... . ... ... ..... .... ...... .. ........".. },.. "extname": {.. "message": "....... Google .

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\fi\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):911
                                                                                                                                                          Entropy (8bit):4.6294343834070935
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:12:1HASvguCBxNMME2BESA7gPQk36xCBxeMMcXYBt+CSU1pfazCBhUunV1tLaX5GI2N:1HAVioESAsPf36O3Xst/p3J8JeEY
                                                                                                                                                          MD5:B38CBD6C2C5BFAA6EE252D573A0B12A1
                                                                                                                                                          SHA1:2E490D5A4942D2455C3E751F96BD9960F93C4B60
                                                                                                                                                          SHA-256:2D752A5DBE80E34EA9A18C958B4C754F3BC10D63279484E4DF5880B8FD1894D2
                                                                                                                                                          SHA-512:6E65207F4D8212736059CC802C6A7104E71A9CC0935E07BD13D17EC46EA26D10BC87AD923CD84D78781E4F93231A11CB9ED8D3558877B6B0D52C07CB005F1C0C
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": "LUO UUSI".. },.. "explanationofflinedisabled": {.. "message": "Olet offline-tilassa. Jos haluat k.ytt.. Google Docsia ilman internetyhteytt., siirry Google Docsin etusivulle ja ota asetuksissa k.ytt..n offline-synkronointi, kun seuraavan kerran olet yhteydess. internetiin.".. },.. "explanationofflineenabled": {.. "message": "Olet offline-tilassa. Voit kuitenkin muokata k.ytett.viss. olevia tiedostoja tai luoda uusia.".. },.. "extdesc": {.. "message": "Muokkaa, luo ja katso dokumentteja, laskentataulukoita ja esityksi. ilman internetyhteytt..".. },.. "extname": {.. "message": "Google Docsin offline-tila".. },.. "learnmore": {.. "message": "Lis.tietoja".. },.. "popuphelptext": {.. "message": "Kirjoita, muokkaa ja tee yhteisty.t. paikasta riippumatta, my.s ilman internetyhteytt..".. }..}..

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\fil\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):939
                                                                                                                                                          Entropy (8bit):4.451724169062555
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:24:1HAXbH2eZXn6sjLITdRSJpGL/gWFJ3sqixO:ubHfZqsHIT/FLL3qO
                                                                                                                                                          MD5:FCEA43D62605860FFF41BE26BAD80169
                                                                                                                                                          SHA1:F25C2CE893D65666CC46EA267E3D1AA080A25F5B
                                                                                                                                                          SHA-256:F51EEB7AAF5F2103C1043D520E5A4DE0FA75E4DC375E23A2C2C4AFD4D9293A72
                                                                                                                                                          SHA-512:F66F113A26E5BCF54B9AAFA69DAE3C02C9C59BD5B9A05F829C92AF208C06DC8CCC7A1875CBB7B7CE425899E4BA27BFE8CE2CDAF43A00A1B9F95149E855989EE0
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": "GUMAWA NG BAGO".. },.. "explanationofflinedisabled": {.. "message": "Naka-offline ka. Upang magamit ang Google Docs nang walang koneksyon sa internet, pumunta sa mga setting sa homepage ng Google Docs at i-on ang offline na pag-sync sa susunod na nakakonekta ka sa internet.".. },.. "explanationofflineenabled": {.. "message": "Naka-offline ka, ngunit maaari mo pa ring i-edit ang mga available na file o gumawa ng mga bago.".. },.. "extdesc": {.. "message": "I-edit, gawin, at tingnan ang iyong mga dokumento, spreadsheet, at presentation . lahat ng ito nang walang access sa internet.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Matuto Pa".. },.. "popuphelptext": {.. "message": "Magsulat, mag-edit at makipag-collaborate nasaan ka man, nang mayroon o walang koneksyon sa internet.".. }..}..

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\fr\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):977
                                                                                                                                                          Entropy (8bit):4.622066056638277
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:24:1HAdy42ArMdsH50Jd6Z1PCBolXAJ+GgNHp0X16M1J1:EyfArMS2Jd6Z1PCBolX2+vNmX16Y1
                                                                                                                                                          MD5:A58C0EEBD5DC6BB5D91DAF923BD3A2AA
                                                                                                                                                          SHA1:F169870EEED333363950D0BCD5A46D712231E2AE
                                                                                                                                                          SHA-256:0518287950A8B010FFC8D52554EB82E5D93B6C3571823B7CECA898906C11ABCC
                                                                                                                                                          SHA-512:B04AFD61DE490BC838354E8DC6C22BE5C7AC6E55386FFF78489031ACBE2DBF1EAA2652366F7A1E62CE87CFCCB75576DA3B2645FEA1645B0ECEB38B1FA3A409E8
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": "CR.ER".. },.. "explanationofflinedisabled": {.. "message": "Vous .tes hors connexion. Pour pouvoir utiliser Google.Docs sans connexion Internet, acc.dez aux param.tres de la page d'accueil de Google.Docs et activez la synchronisation hors connexion lors de votre prochaine connexion . Internet.".. },.. "explanationofflineenabled": {.. "message": "Vous .tes hors connexion, mais vous pouvez quand m.me modifier les fichiers disponibles ou cr.er des fichiers.".. },.. "extdesc": {.. "message": "Modifiez, cr.ez et consultez des documents, feuilles de calcul et pr.sentations, sans acc.s . Internet.".. },.. "extname": {.. "message": "Google.Docs hors connexion".. },.. "learnmore": {.. "message": "En savoir plus".. },.. "popuphelptext": {.. "message": "R.digez des documents, modifiez-les et collaborez o. que vous soyez, avec ou sans connexion Internet.".. }..}..

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\fr_CA\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):972
                                                                                                                                                          Entropy (8bit):4.621319511196614
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:24:1HAdyg2pwbv1V8Cd61PC/vT2fg3YHDyM1J1:EyHpwbpd61C/72Y3YOY1
                                                                                                                                                          MD5:6CAC04BDCC09034981B4AB567B00C296
                                                                                                                                                          SHA1:84F4D0E89E30ED7B7ACD7644E4867FFDB346D2A5
                                                                                                                                                          SHA-256:4CAA46656ECC46A420AA98D3307731E84F5AC1A89111D2E808A228C436D83834
                                                                                                                                                          SHA-512:160590B6EC3DCF48F3EA7A5BAA11A8F6FA4131059469623E00AD273606B468B3A6E56D199E97DAA0ECB6C526260EBAE008570223F2822811F441D1C900DC33D6
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": "CR.ER".. },.. "explanationofflinedisabled": {.. "message": "Vous .tes hors connexion. Pour utiliser Google.Documents sans connexion Internet, acc.dez aux param.tres sur la page d'accueil Google.Documents et activez la synchronisation hors ligne la prochaine fois que vous .tes connect. . Internet.".. },.. "explanationofflineenabled": {.. "message": "Vous .tes hors connexion, mais vous pouvez toujours modifier les fichiers disponibles ou en cr.er.".. },.. "extdesc": {.. "message": "Modifiez, cr.ez et consultez vos documents, vos feuilles de calcul et vos pr.sentations, le tout sans acc.s . Internet.".. },.. "extname": {.. "message": "Google.Documents hors connexion".. },.. "learnmore": {.. "message": "En savoir plus".. },.. "popuphelptext": {.. "message": ".crivez, modifiez et collaborez o. que vous soyez, avec ou sans connexion Internet.".. }..}..

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\gl\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):990
                                                                                                                                                          Entropy (8bit):4.497202347098541
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:12:1HASvggECBxNbWVqMjlMgaPLqXPhTth0CBxebWbMRCSUCjAKFCSIj0tR7tCBhP1l:1HACzWsMlajIhJhHKWbFKFC0tR8oNK5
                                                                                                                                                          MD5:6BAAFEE2F718BEFBC7CD58A04CCC6C92
                                                                                                                                                          SHA1:CE0BDDDA2FA1F0AD222B604C13FF116CBB6D02CF
                                                                                                                                                          SHA-256:0CF098DFE5BBB46FC0132B3CF0C54B06B4D2C8390D847EE2A65D20F9B7480F4C
                                                                                                                                                          SHA-512:3DA23E74CD6CF9C0E2A0C4DBA60301281D362FB0A2A908F39A55ABDCA4CC69AD55638C63CC3BEFD44DC032F9CBB9E2FDC1B4C4ABE292917DF8272BA25B82AF20
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": "CREAR NOVO".. },.. "explanationofflinedisabled": {.. "message": "Est.s sen conexi.n. Para utilizar Documentos de Google sen conexi.n a Internet, accede .s opci.ns de configuraci.n na p.xina de inicio de Documentos de Google e activa a sincronizaci.n sen conexi.n a pr.xima vez que esteas conectado a Internet.".. },.. "explanationofflineenabled": {.. "message": "Est.s sen conexi.n. A.nda podes editar os ficheiros dispo.ibles ou crear outros novos.".. },.. "extdesc": {.. "message": "Modifica, crea e consulta os teus documentos, follas de c.lculo e presentaci.ns sen necesidade de acceder a Internet.".. },.. "extname": {.. "message": "Documentos de Google sen conexi.n".. },.. "learnmore": {.. "message": "M.is informaci.n".. },.. "popuphelptext": {.. "message": "Escribe, edita e colabora esteas onde esteas, tanto se tes conexi.n a Internet como se non a tes.".. }..}..

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\gu\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):1658
                                                                                                                                                          Entropy (8bit):4.294833932445159
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:24:1HA3k3FzEVeXWuvLujNzAK11RiqRC2sA0O3cEiZ7dPRFFOPtZdK0A41yG3BczKT3:Q4pE4rCjNjw6/0y+5j8ZHA4PBSKr
                                                                                                                                                          MD5:BC7E1D09028B085B74CB4E04D8A90814
                                                                                                                                                          SHA1:E28B2919F000B41B41209E56B7BF3A4448456CFE
                                                                                                                                                          SHA-256:FE8218DF25DB54E633927C4A1640B1A41B8E6CB3360FA386B5382F833B0B237C
                                                                                                                                                          SHA-512:040A8267D67DB05BBAA52F1FAC3460F58D35C5B73AA76BBF17FA78ACC6D3BFB796A870DD44638F9AC3967E35217578A20D6F0B975CEEEEDBADFC9F65BE7E72C9
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": ".... .....".. },.. "explanationofflinedisabled": {.. "message": "... ...... ... ........ ....... ... Google .......... ..... .... ...., ... .... .... ...... ........ .... ...... ... ...... Google ........ ...... .. ........ .. ... ... ...... ....... .... ....".. },.. "explanationofflineenabled": {.. "message": "... ...... .., ..... ... ... .. ...... ..... ....... ... ... .. .... ... ..... ... ...".. },.. "extdesc": {.. "message": "..... ........., ..

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\hi\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):1672
                                                                                                                                                          Entropy (8bit):4.314484457325167
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:48:46G2+ymELbLNzGVx/hXdDtxSRhqv7Qm6/7Lm:4GbxzGVzXdDtx+qzU/7C
                                                                                                                                                          MD5:98A7FC3E2E05AFFFC1CFE4A029F47476
                                                                                                                                                          SHA1:A17E077D6E6BA1D8A90C1F3FAF25D37B0FF5A6AD
                                                                                                                                                          SHA-256:D2D1AFA224CDA388FF1DC8FAC24CDA228D7CE09DE5D375947D7207FA4A6C4F8D
                                                                                                                                                          SHA-512:457E295C760ABFD29FC6BBBB7FC7D4959287BCA7FB0E3E99EB834087D17EED331DEF18138838D35C48C6DDC8A0134AFFFF1A5A24033F9B5607B355D3D48FDF88
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": "... .....".. },.. "explanationofflinedisabled": {.. "message": ".. ...... .... ....... ....... .. .... Google ........ .. ..... .... .. ..., .... ... ....... .. ...... .... .. Google ........ .. ........ .. ...... ... .... .. ...... ....... .... .....".. },.. "explanationofflineenabled": {.. "message": ".. ...... ..., ..... .. .. .. ...... ...... ..... .. .... ... .. .. ...... ... .... ....".. },.. "extdesc": {.. "message": ".... .... ....... ...... ..

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\hr\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):935
                                                                                                                                                          Entropy (8bit):4.6369398601609735
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:24:1HA7sR5k/I+UX/hrcySxG1fIZ3tp/S/d6Gpb+D:YsE/I+UX/hVSxQ03f/Sj+D
                                                                                                                                                          MD5:25CDFF9D60C5FC4740A48EF9804BF5C7
                                                                                                                                                          SHA1:4FADECC52FB43AEC084DF9FF86D2D465FBEBCDC0
                                                                                                                                                          SHA-256:73E6E246CEEAB9875625CD4889FBF931F93B7B9DEAA11288AE1A0F8A6E311E76
                                                                                                                                                          SHA-512:EF00B08496427FEB5A6B9FB3FE2E5404525BE7C329D9DD2A417480637FD91885837D134A26980DCF9F61E463E6CB68F09A24402805807E656AF16B116A75E02C
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": "IZRADI NOVI".. },.. "explanationofflinedisabled": {.. "message": "Vi ste izvan mre.e. Da biste koristili Google dokumente bez internetske veze, idite na postavke na po.etnoj stranici Google dokumenata i uklju.ite izvanmre.nu sinkronizaciju sljede.i put kada se pove.ete s internetom.".. },.. "explanationofflineenabled": {.. "message": "Vi ste izvan mre.e, no i dalje mo.ete ure.ivati dostupne datoteke i izra.ivati nove.".. },.. "extdesc": {.. "message": "Uredite, izradite i pregledajte dokumente, prora.unske tablice i prezentacije . sve bez pristupa internetu.".. },.. "extname": {.. "message": "Google dokumenti izvanmre.no".. },.. "learnmore": {.. "message": "Saznajte vi.e".. },.. "popuphelptext": {.. "message": "Pi.ite, ure.ujte i sura.ujte gdje god se nalazili, povezani s internetom ili izvanmre.no.".. }..}..

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\hu\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):1065
                                                                                                                                                          Entropy (8bit):4.816501737523951
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:24:1HA6J54gEYwFFMxv4gvyB9FzmxlsN147g/zJcYwJgrus4QY2jom:NJ54gEYwUmgKHFzmsG7izJcYOgKgYjm
                                                                                                                                                          MD5:8930A51E3ACE3DD897C9E61A2AEA1D02
                                                                                                                                                          SHA1:4108506500C68C054BA03310C49FA5B8EE246EA4
                                                                                                                                                          SHA-256:958C0F664FCA20855FA84293566B2DDB7F297185619143457D6479E6AC81D240
                                                                                                                                                          SHA-512:126B80CD3428C0BC459EEAAFCBE4B9FDE2541A57F19F3EC7346BAF449F36DC073A9CF015594A57203255941551B25F6FAA6D2C73C57C44725F563883FF902606
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": ".J L.TREHOZ.SA".. },.. "explanationofflinedisabled": {.. "message": "Jelenleg offline .llapotban van. Ha a Google Dokumentumokat internetkapcsolat n.lk.l szeretn. haszn.lni, a legk.zelebbi internethaszn.lata sor.n nyissa meg a Google Dokumentumok kezd.oldal.n tal.lhat. be.ll.t.sokat, .s tiltsa le az offline szinkroniz.l.s be.ll.t.st.".. },.. "explanationofflineenabled": {.. "message": "Offline .llapotban van, de az el.rhet. f.jlokat .gy is szerkesztheti, valamint l.trehozhat .jakat.".. },.. "extdesc": {.. "message": "Szerkesszen, hozzon l.tre .s tekintsen meg dokumentumokat, t.bl.zatokat .s prezent.ci.kat . ak.r internetkapcsolat n.lk.l is.".. },.. "extname": {.. "message": "Google Dokumentumok Offline".. },.. "learnmore": {.. "message": "Tov.bbi inform.ci.".. },.. "popuphelptext": {.. "message": ".rjon, szerkesszen .s dolgozzon egy.tt m.sokkal

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\hy\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):2771
                                                                                                                                                          Entropy (8bit):3.7629875118570055
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:48:Y0Fx+eiYZBZ7K1ZZ/5QQxTuDLoFZaIZSK7lq0iC0mlMO6M3ih1oAgC:lF2BTz6N/
                                                                                                                                                          MD5:55DE859AD778E0AA9D950EF505B29DA9
                                                                                                                                                          SHA1:4479BE637A50C9EE8A2F7690AD362A6A8FFC59B2
                                                                                                                                                          SHA-256:0B16E3F8BD904A767284345AE86A0A9927C47AFE89E05EA2B13AD80009BDF9E4
                                                                                                                                                          SHA-512:EDAB2FCC14CABB6D116E9C2907B42CFBC34F1D9035F43E454F1F4D1F3774C100CBADF6B4C81B025810ED90FA91C22F1AEFE83056E4543D92527E4FE81C7889A8
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{"createnew":{"message":"\u054d\u054f\u0535\u0542\u053e\u0535\u053c \u0546\u0548\u0550"},"explanationofflinedisabled":{"message":"Google \u0553\u0561\u057d\u057f\u0561\u0569\u0572\u0569\u0565\u0580\u0568 \u0576\u0561\u0587 \u0561\u0576\u0581\u0561\u0576\u0581 \u057c\u0565\u056a\u056b\u0574\u0578\u0582\u0574 \u0585\u0563\u057f\u0561\u0563\u0578\u0580\u056e\u0565\u056c\u0578\u0582 \u0570\u0561\u0574\u0561\u0580 \u0574\u056b\u0561\u0581\u0565\u0584 \u0570\u0561\u0574\u0561\u0581\u0561\u0576\u0581\u056b\u0576, \u0562\u0561\u0581\u0565\u0584 \u056e\u0561\u057c\u0561\u0575\u0578\u0582\u0569\u0575\u0561\u0576 \u0563\u056c\u056d\u0561\u057e\u0578\u0580 \u0567\u057b\u0568, \u0561\u0576\u0581\u0565\u0584 \u056f\u0561\u0580\u0563\u0561\u057e\u0578\u0580\u0578\u0582\u0574\u0576\u0565\u0580 \u0587 \u0574\u056b\u0561\u0581\u0580\u0565\u0584 \u0561\u0576\u0581\u0561\u0576\u0581 \u0570\u0561\u0574\u0561\u056a\u0561\u0574\u0561\u0581\u0578\u0582\u0574\u0568:"},"explanationofflineenabled":{"message":"\u

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\id\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):858
                                                                                                                                                          Entropy (8bit):4.474411340525479
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:12:1HASvgJX4CBxNpXemNOAJRFqjRpCBxedIdjTi92OvbCSUuoi01uRwCBhUuvz1thK:1HARXzhXemNOQWGcEoeH1eXJNvT2
                                                                                                                                                          MD5:34D6EE258AF9429465AE6A078C2FB1F5
                                                                                                                                                          SHA1:612CAE151984449A4346A66C0A0DF4235D64D932
                                                                                                                                                          SHA-256:E3C86DDD2EFEBE88EED8484765A9868202546149753E03A61EB7C28FD62CFCA1
                                                                                                                                                          SHA-512:20427807B64A0F79A6349F8A923152D9647DA95C05DE19AD3A4BF7DB817E25227F3B99307C8745DD323A6591B515221BD2F1E92B6F1A1783BDFA7142E84601B1
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": "BUAT BARU".. },.. "explanationofflinedisabled": {.. "message": "Anda sedang offline. Untuk menggunakan Google Dokumen tanpa koneksi internet, buka setelan di beranda Google Dokumen dan aktifkan sinkronisasi offline saat terhubung ke internet.".. },.. "explanationofflineenabled": {.. "message": "Anda sedang offline, namun Anda masih dapat mengedit file yang tersedia atau membuat file baru.".. },.. "extdesc": {.. "message": "Edit, buat, dan lihat dokumen, spreadsheet, dan presentasi . tanpa perlu akses internet.".. },.. "extname": {.. "message": "Google Dokumen Offline".. },.. "learnmore": {.. "message": "Pelajari Lebih Lanjut".. },.. "popuphelptext": {.. "message": "Tulis, edit, dan gabungkan di mana saja, dengan atau tanpa koneksi internet.".. }..}..

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\is\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):954
                                                                                                                                                          Entropy (8bit):4.631887382471946
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:12:YGXU2rOcxGe+J97f9TP2DBX9tMfxqbTMvOfWWgdraqlifVpm0Ekf95MwP9KkJ+je:YwBrD2J2DBLMfFuWvdpY94vioO+uh
                                                                                                                                                          MD5:1F565FB1C549B18AF8BBFED8DECD5D94
                                                                                                                                                          SHA1:B57F4BDAE06FF3DFC1EB3E56B6F2F204D6F63638
                                                                                                                                                          SHA-256:E16325D1A641EF7421F2BAFCD6433D53543C89D498DD96419B03CBA60B9C7D60
                                                                                                                                                          SHA-512:A60B8E042A9BCDCC136B87948E9924A0B24D67C6CA9803904B876F162A0AD82B9619F1316BE9FF107DD143B44F7E6F5DF604ABFE00818DEB40A7D62917CDA69F
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{"createnew":{"message":"B\u00daA TIL N\u00ddTT"},"explanationofflinedisabled":{"message":"\u00de\u00fa ert \u00e1n nettengingar. Til a\u00f0 nota Google skj\u00f6l \u00e1n nettengingar skaltu opna stillingarnar \u00e1 heimas\u00ed\u00f0u Google skjala og virkja samstillingu \u00e1n nettengingar n\u00e6st \u00feegar \u00fe\u00fa tengist netinu."},"explanationofflineenabled":{"message":"Engin nettenging. \u00de\u00fa getur samt sem \u00e1\u00f0ur breytt tilt\u00e6kum skr\u00e1m e\u00f0a b\u00fai\u00f0 til n\u00fdjar."},"extdesc":{"message":"Breyttu, b\u00fa\u00f0u til og sko\u00f0a\u00f0u skj\u00f6lin \u00fe\u00edn, t\u00f6flureikna og kynningar \u2014 allt \u00e1n nettengingar."},"extname":{"message":"Google skj\u00f6l \u00e1n nettengingar"},"learnmore":{"message":"Frekari uppl\u00fdsingar"},"popuphelptext":{"message":"Skrifa\u00f0u, breyttu og starfa\u00f0u me\u00f0 \u00f6\u00f0rum hvort sem nettenging er til sta\u00f0ar e\u00f0a ekki."}}.

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\it\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):899
                                                                                                                                                          Entropy (8bit):4.474743599345443
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:12:1HASvggrCBxNp8WJOJJrJ3WytVCBxep3bjP5CSUCjV8AgJJm2CBhr+z1tWgjqEOW:1HANXJOTBFtKa8Agju4NB3j
                                                                                                                                                          MD5:0D82B734EF045D5FE7AA680B6A12E711
                                                                                                                                                          SHA1:BD04F181E4EE09F02CD53161DCABCEF902423092
                                                                                                                                                          SHA-256:F41862665B13C0B4C4F562EF1743684CCE29D4BCF7FE3EA494208DF253E33885
                                                                                                                                                          SHA-512:01F305A280112482884485085494E871C66D40C0B03DE710B4E5F49C6A478D541C2C1FDA2CEAF4307900485946DEE9D905851E98A2EB237642C80D464D1B3ADA
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": "CREA NUOVO".. },.. "explanationofflinedisabled": {.. "message": "Sei offline. Per utilizzare Documenti Google senza una connessione Internet, apri le impostazioni nella home page di Documenti Google e attiva la sincronizzazione offline la prossima volta che ti colleghi a Internet.".. },.. "explanationofflineenabled": {.. "message": "Sei offline, ma puoi comunque modificare i file disponibili o crearne di nuovi.".. },.. "extdesc": {.. "message": "Modifica, crea e visualizza documenti, fogli di lavoro e presentazioni, senza accesso a Internet.".. },.. "extname": {.. "message": "Documenti Google offline".. },.. "learnmore": {.. "message": "Ulteriori informazioni".. },.. "popuphelptext": {.. "message": "Scrivi, modifica e collabora ovunque ti trovi, con o senza una connessione Internet.".. }..}..

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\iw\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):2230
                                                                                                                                                          Entropy (8bit):3.8239097369647634
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:24:YIiTVLrLD1MEzMEH82LBLjO5YaQEqLytLLBm3dnA5LcqLWAU75yxFLcx+UxWRJLI:YfTFf589rZNgNA12Qzt4/zRz2vc
                                                                                                                                                          MD5:26B1533C0852EE4661EC1A27BD87D6BF
                                                                                                                                                          SHA1:18234E3ABAF702DF9330552780C2F33B83A1188A
                                                                                                                                                          SHA-256:BBB81C32F482BA3216C9B1189C70CEF39CA8C2181AF3538FFA07B4C6AD52F06A
                                                                                                                                                          SHA-512:450BFAF0E8159A4FAE309737EA69CA8DD91CAAFD27EF662087C4E7716B2DCAD3172555898E75814D6F11487F4F254DE8625EF0CFEA8DF0133FC49E18EC7FD5D2
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{"createnew":{"message":"\u05d9\u05e6\u05d9\u05e8\u05ea \u05d7\u05d3\u05e9"},"explanationofflinedisabled":{"message":"\u05d0\u05d9\u05df \u05dc\u05da \u05d7\u05d9\u05d1\u05d5\u05e8 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e8\u05e0\u05d8. \u05db\u05d3\u05d9 \u05dc\u05d4\u05e9\u05ea\u05de\u05e9 \u05d1-Google Docs \u05dc\u05dc\u05d0 \u05d7\u05d9\u05d1\u05d5\u05e8 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e8\u05e0\u05d8, \u05d1\u05d4\u05ea\u05d7\u05d1\u05e8\u05d5\u05ea \u05d4\u05d1\u05d0\u05d4 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e8\u05e0\u05d8, \u05d9\u05e9 \u05dc\u05e2\u05d1\u05d5\u05e8 \u05dc\u05e7\u05d8\u05e2 \u05d4\u05d4\u05d2\u05d3\u05e8\u05d5\u05ea \u05d1\u05d3\u05e3 \u05d4\u05d1\u05d9\u05ea \u05e9\u05dc Google Docs \u05d5\u05dc\u05d4\u05e4\u05e2\u05d9\u05dc \u05e1\u05e0\u05db\u05e8\u05d5\u05df \u05d1\u05de\u05e6\u05d1 \u05d0\u05d5\u05e4\u05dc\u05d9\u05d9\u05df."},"explanationofflineenabled":{"message":"\u05d0\u05d9\u05df \u05dc\u05da \u05d7\u05d9\u05d1\u05d5\u05e8 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\ja\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):1160
                                                                                                                                                          Entropy (8bit):5.292894989863142
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:24:1HAoc3IiRF1viQ1RF3CMP3rnicCCAFrr1Oo0Y5ReXCCQkb:Dc3zF7F3CMTnOCAFVLHXCFb
                                                                                                                                                          MD5:15EC1963FC113D4AD6E7E59AE5DE7C0A
                                                                                                                                                          SHA1:4017FC6D8B302335469091B91D063B07C9E12109
                                                                                                                                                          SHA-256:34AC08F3C4F2D42962A3395508818B48CA323D22F498738CC9F09E78CB197D73
                                                                                                                                                          SHA-512:427251F471FA3B759CA1555E9600C10F755BC023701D058FF661BEC605B6AB94CFB3456C1FEA68D12B4D815FFBAFABCEB6C12311DD1199FC783ED6863AF97C0F
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": "....".. },.. "explanationofflinedisabled": {.. "message": "....................... Google ............................... Google .............. [..] .......[.......] ...........".. },.. "explanationofflineenabled": {.. "message": ".............................................".. },.. "extdesc": {.. "message": ".........................................................".. },.. "extname": {.. "message": "Google ..... ......".. },.. "learnmore": {.. "message": "..".. },.. "popuphelp

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\ka\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):3264
                                                                                                                                                          Entropy (8bit):3.586016059431306
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:48:YGFbhVhVn0nM/XGbQTvxnItVJW/476CFdqaxWNlR:HFbhV/n0MfGbw875FkaANlR
                                                                                                                                                          MD5:83F81D30913DC4344573D7A58BD20D85
                                                                                                                                                          SHA1:5AD0E91EA18045232A8F9DF1627007FE506A70E0
                                                                                                                                                          SHA-256:30898BBF51BDD58DB397FF780F061E33431A38EF5CFC288B5177ECF76B399F26
                                                                                                                                                          SHA-512:85F97F12AD4482B5D9A6166BB2AE3C4458A582CF575190C71C1D8E0FB87C58482F8C0EFEAD56E3A70EDD42BED945816DB5E07732AD27B8FFC93F4093710DD58F
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{"createnew":{"message":"\u10d0\u10ee\u10da\u10d8\u10e1 \u10e8\u10d4\u10e5\u10db\u10dc\u10d0"},"explanationofflinedisabled":{"message":"\u10d7\u10e5\u10d5\u10d4\u10dc \u10ee\u10d0\u10d6\u10d2\u10d0\u10e0\u10d4\u10e8\u10d4 \u10ee\u10d0\u10e0\u10d7. Google Docs-\u10d8\u10e1 \u10d8\u10dc\u10e2\u10d4\u10e0\u10dc\u10d4\u10e2\u10d7\u10d0\u10dc \u10d9\u10d0\u10d5\u10e8\u10d8\u10e0\u10d8\u10e1 \u10d2\u10d0\u10e0\u10d4\u10e8\u10d4 \u10d2\u10d0\u10db\u10dd\u10e1\u10d0\u10e7\u10d4\u10dc\u10d4\u10d1\u10da\u10d0\u10d3 \u10d2\u10d0\u10d3\u10d0\u10d3\u10d8\u10d7 \u10de\u10d0\u10e0\u10d0\u10db\u10d4\u10e2\u10e0\u10d4\u10d1\u10d6\u10d4 Google Docs-\u10d8\u10e1 \u10db\u10d7\u10d0\u10d5\u10d0\u10e0 \u10d2\u10d5\u10d4\u10e0\u10d3\u10d6\u10d4 \u10d3\u10d0 \u10e9\u10d0\u10e0\u10d7\u10d4\u10d7 \u10ee\u10d0\u10d6\u10d2\u10d0\u10e0\u10d4\u10e8\u10d4 \u10e1\u10d8\u10dc\u10e5\u10e0\u10dd\u10dc\u10d8\u10d6\u10d0\u10ea\u10d8\u10d0, \u10e0\u10dd\u10d3\u10d4\u10e1\u10d0\u10ea \u10e8\u10d4\u10db\u10d3\u10d2\u10dd\u10

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\kk\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):3235
                                                                                                                                                          Entropy (8bit):3.6081439490236464
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:96:H3E+6rOEAbeHTln2EQ77Uayg45RjhCSj+OyRdM7AE9qdV:HXcR/nQXUayYV
                                                                                                                                                          MD5:2D94A58795F7B1E6E43C9656A147AD3C
                                                                                                                                                          SHA1:E377DB505C6924B6BFC9D73DC7C02610062F674E
                                                                                                                                                          SHA-256:548DC6C96E31A16CE355DC55C64833B08EF3FBA8BF33149031B4A685959E3AF4
                                                                                                                                                          SHA-512:F51CC857E4CF2D4545C76A2DCE7D837381CE59016E250319BF8D39718BE79F9F6EE74EA5A56DE0E8759E4E586D93430D51651FC902376D8A5698628E54A0F2D8
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{"createnew":{"message":"\u0416\u0410\u04a2\u0410\u0421\u042b\u041d \u0416\u0410\u0421\u0410\u0423"},"explanationofflinedisabled":{"message":"\u0421\u0456\u0437 \u043e\u0444\u043b\u0430\u0439\u043d \u0440\u0435\u0436\u0438\u043c\u0456\u043d\u0434\u0435\u0441\u0456\u0437. Google Docs \u049b\u043e\u043b\u0434\u0430\u043d\u0431\u0430\u0441\u044b\u043d \u0436\u0435\u043b\u0456 \u0431\u0430\u0439\u043b\u0430\u043d\u044b\u0441\u044b\u043d\u0441\u044b\u0437 \u049b\u043e\u043b\u0434\u0430\u043d\u0443 \u04af\u0448\u0456\u043d, \u043a\u0435\u043b\u0435\u0441\u0456 \u0436\u043e\u043b\u044b \u0436\u0435\u043b\u0456\u0433\u0435 \u049b\u043e\u0441\u044b\u043b\u0493\u0430\u043d\u0434\u0430, Google Docs \u043d\u0435\u0433\u0456\u0437\u0433\u0456 \u0431\u0435\u0442\u0456\u043d\u0435\u043d \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043b\u0435\u0440 \u0431\u04e9\u043b\u0456\u043c\u0456\u043d \u043a\u0456\u0440\u0456\u043f, \u043e\u0444\u043b\u0430\u0439\u043d \u0440\u0435\u0436\u0438\u043c\u0456\u

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\km\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):3122
                                                                                                                                                          Entropy (8bit):3.891443295908904
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:96:/OOrssRU6Bg7VSdL+zsCfoZiWssriWqo2gx7RRCos2sEeBkS7Zesg:H5GRZlXsGdo
                                                                                                                                                          MD5:B3699C20A94776A5C2F90AEF6EB0DAD9
                                                                                                                                                          SHA1:1F9B968B0679A20FA097624C9ABFA2B96C8C0BEA
                                                                                                                                                          SHA-256:A6118F0A0DE329E07C01F53CD6FB4FED43E54C5F53DB4CD1C7F5B2B4D9FB10E6
                                                                                                                                                          SHA-512:1E8D15B8BFF1D289434A244172F9ED42B4BB6BCB6372C1F300B01ACEA5A88167E97FEDABA0A7AE3BEB5E24763D1B09046AE8E30745B80E2E2FE785C94DF362F6
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{"createnew":{"message":"\u1794\u1784\u17d2\u1780\u17be\u178f\u200b\u1790\u17d2\u1798\u17b8"},"explanationofflinedisabled":{"message":"\u17a2\u17d2\u1793\u1780\u200b\u1782\u17d2\u1798\u17b6\u1793\u200b\u17a2\u17ca\u17b8\u1793\u1792\u17ba\u178e\u17b7\u178f\u17d4 \u178a\u17be\u1798\u17d2\u1794\u17b8\u200b\u1794\u17d2\u179a\u17be Google \u17af\u1780\u179f\u17b6\u179a\u200b\u1794\u17b6\u1793\u200b\u200b\u178a\u17c4\u1799\u200b\u200b\u1798\u17b7\u1793\u1798\u17b6\u1793\u200b\u200b\u200b\u17a2\u17ca\u17b8\u1793\u1792\u17ba\u178e\u17b7\u178f \u179f\u17bc\u1798\u200b\u200b\u1791\u17c5\u200b\u1780\u17b6\u1793\u17cb\u200b\u1780\u17b6\u179a\u200b\u1780\u17c6\u178e\u178f\u17cb\u200b\u1793\u17c5\u200b\u179b\u17be\u200b\u1782\u17c1\u17a0\u1791\u17c6\u1796\u17d0\u179a Google \u17af\u1780\u179f\u17b6\u179a \u1793\u17b7\u1784\u200b\u1794\u17be\u1780\u200b\u1780\u17b6\u179a\u1792\u17d2\u179c\u17be\u200b\u179f\u1798\u1780\u17b6\u179b\u1780\u1798\u17d2\u1798\u200b\u200b\u200b\u1782\u17d2\u1798\u17b6\u1793

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\kn\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):1880
                                                                                                                                                          Entropy (8bit):4.295185867329351
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:48:SHYGuEETiuF6OX5tCYFZt5GurMRRevsY4tVZIGnZRxlKT6/UGG:yYG8iuF6yTCYFH5GjLPtVZVZRxOZZ
                                                                                                                                                          MD5:8E16966E815C3C274EEB8492B1EA6648
                                                                                                                                                          SHA1:7482ED9F1C9FD9F6F9BA91AB15921B19F64C9687
                                                                                                                                                          SHA-256:418FF53FCA505D54268413C796E4DF80E947A09F399AB222A90B81E93113D5B5
                                                                                                                                                          SHA-512:85B28202E874B1CF45B37BA05B87B3D8D6FE38E89C6011C4240CF6B563EA6DA60181D712CCE20D07C364F4A266A4EC90C4934CC8B7BB2013CB3B22D755796E38
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": "........ .....".. },.. "explanationofflinedisabled": {.. "message": ".... ..................... ......... ............. Google ...... ....., Google ...... ............ ............... .... ..... ...... .... .... ............ ............. ........ ..... ... .....".. },.. "explanationofflineenabled": {.. "message": ".... ...................., .... .... .... ......... ........... ............ .... ........ .........."..

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\ko\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):1042
                                                                                                                                                          Entropy (8bit):5.3945675025513955
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:24:1HAWYsF4dqNfBQH49Hk8YfIhYzTJ+6WJBtl/u4s+6:ZF4wNfvm87mX4LF6
                                                                                                                                                          MD5:F3E59EEEB007144EA26306C20E04C292
                                                                                                                                                          SHA1:83E7BDFA1F18F4C7534208493C3FF6B1F2F57D90
                                                                                                                                                          SHA-256:C52D9B955D229373725A6E713334BBB31EA72EFA9B5CF4FBD76A566417B12CAC
                                                                                                                                                          SHA-512:7808CB5FF041B002CBD78171EC5A0B4DBA3E017E21F7E8039084C2790F395B839BEE04AD6C942EED47CCB53E90F6DE818A725D1450BF81BA2990154AFD3763AF
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": ".. ...".. },.. "explanationofflinedisabled": {.. "message": ".... ...... ... .. .. Google Docs. ..... Google Docs .... .... .... .... .... ..... . .... .... ..... ......".. },.. "explanationofflineenabled": {.. "message": ".... ...... ... .. ... ... ..... ... ... .. . .....".. },.. "extdesc": {.. "message": ".... .... ... .., ...... . ....... .., .., ......".. },.. "extname": {.. "message": "Google Docs ....".. },.. "learnmore": {.. "message": "... ....".. },.. "popuphelptext": {.. "message": "... .. ... .... ..... .... .... .....

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\lo\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):2535
                                                                                                                                                          Entropy (8bit):3.8479764584971368
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:48:YRcHe/4raK1EIlZt1wg62FIOg+xGaF8guI5EP9I2yC:+cs4raK1xlZtOgviOfGaF8RI5EP95b
                                                                                                                                                          MD5:E20D6C27840B406555E2F5091B118FC5
                                                                                                                                                          SHA1:0DCECC1A58CEB4936E255A64A2830956BFA6EC14
                                                                                                                                                          SHA-256:89082FB05229826BC222F5D22C158235F025F0E6DF67FF135A18BD899E13BB8F
                                                                                                                                                          SHA-512:AD53FC0B153005F47F9F4344DF6C4804049FAC94932D895FD02EEBE75222CFE77EEDD9CD3FDC4C88376D18C5972055B00190507AA896488499D64E884F84F093
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{"createnew":{"message":"\u0eaa\u0ec9\u0eb2\u0e87\u0ec3\u0edd\u0ec8"},"explanationofflinedisabled":{"message":"\u0e97\u0ec8\u0eb2\u0e99\u0ead\u0ead\u0e9a\u0ea5\u0eb2\u0e8d\u0ea2\u0eb9\u0ec8. \u0ec0\u0e9e\u0eb7\u0ec8\u0ead\u0ec3\u0e8a\u0ec9 Google Docs \u0ec2\u0e94\u0e8d\u0e9a\u0ecd\u0ec8\u0ec0\u0e8a\u0eb7\u0ec8\u0ead\u0ea1\u0e95\u0ecd\u0ec8\u0ead\u0eb4\u0e99\u0ec0\u0e95\u0eb5\u0ec0\u0e99\u0eb1\u0e94, \u0ec3\u0eab\u0ec9\u0ec4\u0e9b\u0e97\u0eb5\u0ec8\u0e81\u0eb2\u0e99\u0e95\u0eb1\u0ec9\u0e87\u0e84\u0ec8\u0eb2\u0ec3\u0e99\u0edc\u0ec9\u0eb2 Google Docs \u0ec1\u0ea5\u0ec9\u0ea7\u0ec0\u0e9b\u0eb5\u0e94\u0ec3\u0e8a\u0ec9\u0e81\u0eb2\u0e99\u0e8a\u0eb4\u0ec9\u0e87\u0ec1\u0e9a\u0e9a\u0ead\u0ead\u0e9a\u0ea5\u0eb2\u0e8d\u0ec3\u0e99\u0ec0\u0e97\u0eb7\u0ec8\u0ead\u0e95\u0ecd\u0ec8\u0ec4\u0e9b\u0e97\u0eb5\u0ec8\u0e97\u0ec8\u0eb2\u0e99\u0ec0\u0e8a\u0eb7\u0ec8\u0ead\u0ea1\u0e95\u0ecd\u0ec8\u0ead\u0eb4\u0e99\u0ec0\u0e95\u0eb5\u0ec0\u0e99\u0eb1\u0e94."},"explanationofflineenabled":{"message":"\u0e97\u0ec

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\lt\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):1028
                                                                                                                                                          Entropy (8bit):4.797571191712988
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:24:1HAivZZaJ3Rje394+k7IKgpAJjUpSkiQjuRBMd:fZZahBeu7IKgqeMg
                                                                                                                                                          MD5:970544AB4622701FFDF66DC556847652
                                                                                                                                                          SHA1:14BEE2B77EE74C5E38EBD1DB09E8D8104CF75317
                                                                                                                                                          SHA-256:5DFCBD4DFEAEC3ABE973A78277D3BD02CD77AE635D5C8CD1F816446C61808F59
                                                                                                                                                          SHA-512:CC12D00C10B970189E90D47390EEB142359A8D6F3A9174C2EF3AE0118F09C88AB9B689D9773028834839A7DFAF3AAC6747BC1DCB23794A9F067281E20B8DC6EA
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": "SUKURTI NAUJ.".. },.. "explanationofflinedisabled": {.. "message": "Esate neprisijung.. Jei norite naudoti .Google. dokumentus be interneto ry.io, pagrindiniame .Google. dokument. puslapyje eikite . nustatym. skilt. ir .junkite sinchronizavim. neprisijungus, kai kit. kart. b.site prisijung. prie interneto.".. },.. "explanationofflineenabled": {.. "message": "Esate neprisijung., bet vis tiek galite redaguoti pasiekiamus failus arba sukurti nauj..".. },.. "extdesc": {.. "message": "Redaguokite, kurkite ir per.i.r.kite savo dokumentus, skai.iuokles ir pristatymus . visk. darykite be prieigos prie interneto.".. },.. "extname": {.. "message": ".Google. dokumentai neprisijungus".. },.. "learnmore": {.. "message": "Su.inoti daugiau".. },.. "popuphelptext": {.. "message": "Ra.ykite, redaguokite ir bendradarbiaukite bet kurioje vietoje naudodami interneto ry.. arba

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\lv\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):994
                                                                                                                                                          Entropy (8bit):4.700308832360794
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:24:1HAaJ7a/uNpoB/Y4vPnswSPkDzLKFQHpp//BpPDB:7J7a/uzQ/Y4vvswhDzDr/LDB
                                                                                                                                                          MD5:A568A58817375590007D1B8ABCAEBF82
                                                                                                                                                          SHA1:B0F51FE6927BB4975FC6EDA7D8A631BF0C1AB597
                                                                                                                                                          SHA-256:0621DE9161748F45D53052ED8A430962139D7F19074C7FFE7223ECB06B0B87DB
                                                                                                                                                          SHA-512:FCFBADEC9F73975301AB404DB6B09D31457FAC7CCAD2FA5BE348E1CAD6800F87CB5B56DE50880C55BBADB3C40423351A6B5C2D03F6A327D898E35F517B1C628C
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": "IZVEIDOT JAUNU".. },.. "explanationofflinedisabled": {.. "message": "J.s esat bezsaist.. Lai lietotu pakalpojumu Google dokumenti bez interneta savienojuma, n.kamaj. reiz., kad ir izveidots savienojums ar internetu, atveriet Google dokumentu s.kumlapas iestat.jumu izv.lni un iesl.dziet sinhroniz.ciju bezsaist..".. },.. "explanationofflineenabled": {.. "message": "J.s esat bezsaist., ta.u varat redi..t pieejamos failus un izveidot jaunus.".. },.. "extdesc": {.. "message": "Redi..jiet, veidojiet un skatiet savus dokumentus, izkl.jlapas un prezent.cijas, neizmantojot savienojumu ar internetu.".. },.. "extname": {.. "message": "Google dokumenti bezsaist.".. },.. "learnmore": {.. "message": "Uzziniet vair.k".. },.. "popuphelptext": {.. "message": "Rakstiet, redi..jiet un sadarbojieties ar interneta savienojumu vai bez t. neatkar.gi no t., kur atrodaties.".. }..}..

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\ml\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):2091
                                                                                                                                                          Entropy (8bit):4.358252286391144
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:24:1HAnHdGc4LtGxVY6IuVzJkeNL5kP13a67wNcYP8j5PIaSTIjPU4ELFPCWJjMupV/:idGcyYPVtkAUl7wqziBsg9DbpN6XoN/
                                                                                                                                                          MD5:4717EFE4651F94EFF6ACB6653E868D1A
                                                                                                                                                          SHA1:B8A7703152767FBE1819808876D09D9CC1C44450
                                                                                                                                                          SHA-256:22CA9415E294D9C3EC3384B9D08CDAF5164AF73B4E4C251559E09E529C843EA6
                                                                                                                                                          SHA-512:487EAB4938F6BC47B1D77DD47A5E2A389B94E01D29849E38E96C95CABC7BD98679451F0E22D3FEA25C045558CD69FDDB6C4FEF7C581141F1C53C4AA17578D7F7
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": "....... ............".. },.. "explanationofflinedisabled": {.. "message": "...... ........... ........... ............. ..... Google ....... ..........., Google ....... .......... ............. .... ...... ...... ... ............... .................... '.......... ................' .........".. },.. "explanationofflineenabled": {.. "message": "................., .......... ......... ....... ...... ..............

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\mn\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):2778
                                                                                                                                                          Entropy (8bit):3.595196082412897
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:48:Y943BFU1LQ4HwQLQ4LQhlmVQL3QUm6H6ZgFIcwn6Rs2ShpQ3IwjGLQSJ/PYoEQj8:I43BCymz8XNcfuQDXYN2sum
                                                                                                                                                          MD5:83E7A14B7FC60D4C66BF313C8A2BEF0B
                                                                                                                                                          SHA1:1CCF1D79CDED5D65439266DB58480089CC110B18
                                                                                                                                                          SHA-256:613D8751F6CC9D3FA319F4B7EA8B2BD3BED37FD077482CA825929DD7C12A69A8
                                                                                                                                                          SHA-512:3742E24FFC4B5283E6EE496813C1BDC6835630D006E8647D427C3DE8B8E7BF814201ADF9A27BFAB3ABD130B6FEC64EBB102AC0EB8DEDFE7B63D82D3E1233305D
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{"createnew":{"message":"\u0428\u0418\u041d\u0418\u0419\u0413 \u04ae\u04ae\u0421\u0413\u042d\u0425"},"explanationofflinedisabled":{"message":"\u0422\u0430 \u043e\u0444\u043b\u0430\u0439\u043d \u0431\u0430\u0439\u043d\u0430. Google \u0414\u043e\u043a\u044b\u0433 \u0438\u043d\u0442\u0435\u0440\u043d\u044d\u0442\u0433\u04af\u0439\u0433\u044d\u044d\u0440 \u0430\u0448\u0438\u0433\u043b\u0430\u0445\u044b\u043d \u0442\u0443\u043b\u0434 \u0434\u0430\u0440\u0430\u0430\u0433\u0438\u0439\u043d \u0443\u0434\u0430\u0430 \u0438\u043d\u0442\u0435\u0440\u043d\u044d\u0442\u044d\u0434 \u0445\u043e\u043b\u0431\u043e\u0433\u0434\u043e\u0445\u0434\u043e\u043e Google \u0414\u043e\u043a\u044b\u043d \u043d\u04af\u04af\u0440 \u0445\u0443\u0443\u0434\u0430\u0441\u043d\u0430\u0430\u0441 \u0442\u043e\u0445\u0438\u0440\u0433\u043e\u043e \u0434\u043e\u0442\u043e\u0440\u0445 \u043e\u0444\u043b\u0430\u0439\u043d \u0441\u0438\u043d\u043a\u0438\u0439\u0433 \u0438\u0434\u044d\u0432\u0445\u0436\u04af\u04af\u043b\u043d\u0

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\mr\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):1719
                                                                                                                                                          Entropy (8bit):4.287702203591075
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:48:65/5EKaDMw6pEf4I5+jSksOTJqQyrFO8C:65/5EKaAw6pEf4I5+vsOVqQyFO8C
                                                                                                                                                          MD5:3B98C4ED8874A160C3789FEAD5553CFA
                                                                                                                                                          SHA1:5550D0EC548335293D962AAA96B6443DD8ABB9F6
                                                                                                                                                          SHA-256:ADEB082A9C754DFD5A9D47340A3DDCC19BF9C7EFA6E629A2F1796305F1C9A66F
                                                                                                                                                          SHA-512:5139B6C6DF9459C7B5CDC08A98348891499408CD75B46519BA3AC29E99AAAFCC5911A1DEE6C3A57E3413DBD0FAE72D7CBC676027248DCE6364377982B5CE4151
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": ".... .... ...".. },.. "explanationofflinedisabled": {.. "message": "...... ...... ..... ......... ....... ....... ..... Google ....... ............, Google ....... .............. .......... .. ... ..... .... ...... ......... ...... ...... ...... .... .... ....".. },.. "explanationofflineenabled": {.. "message": "...... ...... ...., ..... ...... ...... ...... .... ....... ... ..... .... .... ... .....".. },.. "extdesc": {.. "message": "..... ..

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\ms\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):936
                                                                                                                                                          Entropy (8bit):4.457879437756106
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:24:1HARXIqhmemNKsE27rhdfNLChtyo2JJ/YgTgin:iIqFC7lrDfNLCIBRzn
                                                                                                                                                          MD5:7D273824B1E22426C033FF5D8D7162B7
                                                                                                                                                          SHA1:EADBE9DBE5519BD60458B3551BDFC36A10049DD1
                                                                                                                                                          SHA-256:2824CF97513DC3ECC261F378BFD595AE95A5997E9D1C63F5731A58B1F8CD54F9
                                                                                                                                                          SHA-512:E5B611BBFAB24C9924D1D5E1774925433C65C322769E1F3B116254B1E9C69B6DF1BE7828141EEBBF7524DD179875D40C1D8F29C4FB86D663B8A365C6C60421A7
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": "BUAT BAHARU".. },.. "explanationofflinedisabled": {.. "message": "Anda berada di luar talian. Untuk menggunakan Google Docs tanpa sambungan Internet, pergi ke tetapan di halaman utama Google Docs dan hidupkan penyegerakan luar talian apabila anda disambungkan ke Internet selepas ini.".. },.. "explanationofflineenabled": {.. "message": "Anda berada di luar talian, tetapi anda masih boleh mengedit fail yang tersedia atau buat fail baharu.".. },.. "extdesc": {.. "message": "Edit, buat dan lihat dokumen, hamparan dan pembentangan anda . kesemuanya tanpa akses Internet.".. },.. "extname": {.. "message": "Google Docs Luar Talian".. },.. "learnmore": {.. "message": "Ketahui Lebih Lanjut".. },.. "popuphelptext": {.. "message": "Tulis, edit dan bekerjasama di mana-mana sahaja anda berada, dengan atau tanpa sambungan Internet.".. }..}..

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\my\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):3830
                                                                                                                                                          Entropy (8bit):3.5483353063347587
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:48:Ya+Ivxy6ur1+j3P7Xgr5ELkpeCgygyOxONHO3pj6H57ODyOXOVp6:8Uspsj3P3ty2a66xl09
                                                                                                                                                          MD5:342335A22F1886B8BC92008597326B24
                                                                                                                                                          SHA1:2CB04F892E430DCD7705C02BF0A8619354515513
                                                                                                                                                          SHA-256:243BEFBD6B67A21433DCC97DC1A728896D3A070DC20055EB04D644E1BB955FE7
                                                                                                                                                          SHA-512:CD344D060E30242E5A4705547E807CE3CE2231EE983BB9A8AD22B3E7598A7EC87399094B04A80245AD51D039370F09D74FE54C0B0738583884A73F0C7E888AD8
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{"createnew":{"message":"\u1021\u101e\u1005\u103a \u1015\u103c\u102f\u101c\u102f\u1015\u103a\u101b\u1014\u103a"},"explanationofflinedisabled":{"message":"\u101e\u1004\u103a \u1021\u1031\u102c\u1037\u1016\u103a\u101c\u102d\u102f\u1004\u103a\u1038\u1016\u103c\u1005\u103a\u1014\u1031\u1015\u102b\u101e\u100a\u103a\u104b \u1021\u1004\u103a\u1010\u102c\u1014\u1000\u103a\u1001\u103b\u102d\u1010\u103a\u1006\u1000\u103a\u1019\u103e\u102f \u1019\u101b\u103e\u102d\u1018\u1032 Google Docs \u1000\u102d\u102f \u1021\u101e\u102f\u1036\u1038\u1015\u103c\u102f\u101b\u1014\u103a \u1014\u1031\u102c\u1000\u103a\u1010\u1005\u103a\u1000\u103c\u102d\u1019\u103a \u101e\u1004\u103a\u1021\u1004\u103a\u1010\u102c\u1014\u1000\u103a\u1001\u103b\u102d\u1010\u103a\u1006\u1000\u103a\u101e\u100a\u1037\u103a\u1021\u1001\u102b Google Docs \u1015\u1004\u103a\u1019\u1005\u102c\u1019\u103b\u1000\u103a\u1014\u103e\u102c\u101b\u103e\u102d \u1006\u1000\u103a\u1010\u1004\u103a\u1019\u103b\u102c\u1038\u101e\u102d\u102f\u1037\u1

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\ne\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):1898
                                                                                                                                                          Entropy (8bit):4.187050294267571
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:24:1HAmQ6ZSWfAx6fLMr48tE/cAbJtUZJScSIQoAfboFMiQ9pdvz48YgqG:TQ6W6MbkcAltUJxQdfbqQ9pp0gqG
                                                                                                                                                          MD5:B1083DA5EC718D1F2F093BD3D1FB4F37
                                                                                                                                                          SHA1:74B6F050D918448396642765DEF1AD5390AB5282
                                                                                                                                                          SHA-256:E6ED0A023EF31705CCCBAF1E07F2B4B2279059296B5CA973D2070417BA16F790
                                                                                                                                                          SHA-512:7102B90ABBE2C811E8EE2F1886A73B1298D4F3D5D05F0FFDB57CF78B9A49A25023A290B255BAA4895BB150B388BAFD9F8432650B8C70A1A9A75083FFFCD74F1A
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": ".... ....... .........".. },.. "explanationofflinedisabled": {.. "message": "..... ...... .......... .... ........ .... .... Google ........ ...... .... ..... ..... ... .......... ....... .... Google ........ .......... ..... .......... .. ...... ..... .... ..... ......... .. ..........".. },.. "explanationofflineenabled": {.. "message": "..... ...... ........., .. ..... ... ... ...... ....... ....... .. .... ....... ....

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\nl\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):914
                                                                                                                                                          Entropy (8bit):4.513485418448461
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:12:1HASvgFARCBxNBv52/fXjOXl6W6ICBxeBvMzU1CSUJAO6SFAIVIbCBhZHdb1tvz+:1HABJx4X6QDwEzlm2uGvYzKU
                                                                                                                                                          MD5:32DF72F14BE59A9BC9777113A8B21DE6
                                                                                                                                                          SHA1:2A8D9B9A998453144307DD0B700A76E783062AD0
                                                                                                                                                          SHA-256:F3FE1FFCB182183B76E1B46C4463168C746A38E461FD25CA91FF2A40846F1D61
                                                                                                                                                          SHA-512:E0966F5CCA5A8A6D91C58D716E662E892D1C3441DAA5D632E5E843839BB989F620D8AC33ED3EDBAFE18D7306B40CD0C4639E5A4E04DA2C598331DACEC2112AAD
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": "NIEUW MAKEN".. },.. "explanationofflinedisabled": {.. "message": "Je bent offline. Wil je Google Documenten zonder internetverbinding gebruiken, ga dan de volgende keer dat je verbinding met internet hebt naar 'Instellingen' op de homepage van Google Documenten en zet 'Offline synchronisatie' aan.".. },.. "explanationofflineenabled": {.. "message": "Je bent offline, maar je kunt nog wel beschikbare bestanden bewerken of nieuwe bestanden maken.".. },.. "extdesc": {.. "message": "Bewerk, maak en bekijk je documenten, spreadsheets en presentaties. Allemaal zonder internettoegang.".. },.. "extname": {.. "message": "Offline Documenten".. },.. "learnmore": {.. "message": "Meer informatie".. },.. "popuphelptext": {.. "message": "Overal schrijven, bewerken en samenwerken, met of zonder internetverbinding.".. }..}..

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\no\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):878
                                                                                                                                                          Entropy (8bit):4.4541485835627475
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:24:1HAqwwrJ6wky68uk+NILxRGJwBvDyrj9V:nwwQwky6W+NwswVyT
                                                                                                                                                          MD5:A1744B0F53CCF889955B95108367F9C8
                                                                                                                                                          SHA1:6A5A6771DFF13DCB4FD425ED839BA100B7123DE0
                                                                                                                                                          SHA-256:21CEFF02B45A4BFD60D144879DFA9F427949A027DD49A3EB0E9E345BD0B7C9A8
                                                                                                                                                          SHA-512:F55E43F14514EECB89F6727A0D3C234149609020A516B193542B5964D2536D192F40CC12D377E70C683C269A1BDCDE1C6A0E634AA84A164775CFFE776536A961
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": "OPPRETT NYTT".. },.. "explanationofflinedisabled": {.. "message": "Du er uten nett. For . bruke Google Dokumenter uten internettilkobling, g. til innstillingene p. Google Dokumenter-nettsiden og sl. p. synkronisering uten nett neste gang du er koblet til Internett.".. },.. "explanationofflineenabled": {.. "message": "Du er uten nett, men du kan likevel endre tilgjengelige filer eller opprette nye.".. },.. "extdesc": {.. "message": "Rediger, opprett og se dokumentene, regnearkene og presentasjonene dine . uten nettilgang.".. },.. "extname": {.. "message": "Google Dokumenter uten nett".. },.. "learnmore": {.. "message": "Finn ut mer".. },.. "popuphelptext": {.. "message": "Skriv, rediger eller samarbeid uansett hvor du er, med eller uten internettilkobling.".. }..}..

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\pa\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):2766
                                                                                                                                                          Entropy (8bit):3.839730779948262
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:48:YEH6/o0iZbNCbDMUcipdkNtQjsGKIhO9aBjj/nxt9o5nDAj3:p6wbZbEbvJ8jQkIhO9aBjb/90Ab
                                                                                                                                                          MD5:97F769F51B83D35C260D1F8CFD7990AF
                                                                                                                                                          SHA1:0D59A76564B0AEE31D0A074305905472F740CECA
                                                                                                                                                          SHA-256:BBD37D41B7DE6F93948FA2437A7699D4C30A3C39E736179702F212CB36A3133C
                                                                                                                                                          SHA-512:D91F5E2D22FC2D7F73C1F1C4AF79DB98FCFD1C7804069AE9B2348CBC729A6D2DFF7FB6F44D152B0BDABA6E0D05DFF54987E8472C081C4D39315CEC2CBC593816
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{"createnew":{"message":"\u0a28\u0a35\u0a3e\u0a02 \u0a2c\u0a23\u0a3e\u0a13"},"explanationofflinedisabled":{"message":"\u0a24\u0a41\u0a38\u0a40\u0a02 \u0a06\u0a2b\u0a3c\u0a32\u0a3e\u0a08\u0a28 \u0a39\u0a4b\u0964 \u0a07\u0a70\u0a1f\u0a30\u0a28\u0a48\u0a71\u0a1f \u0a15\u0a28\u0a48\u0a15\u0a36\u0a28 \u0a26\u0a47 \u0a2c\u0a3f\u0a28\u0a3e\u0a02 Google Docs \u0a28\u0a42\u0a70 \u0a35\u0a30\u0a24\u0a23 \u0a32\u0a08, \u0a05\u0a17\u0a32\u0a40 \u0a35\u0a3e\u0a30 \u0a1c\u0a26\u0a4b\u0a02 \u0a24\u0a41\u0a38\u0a40\u0a02 \u0a07\u0a70\u0a1f\u0a30\u0a28\u0a48\u0a71\u0a1f \u0a26\u0a47 \u0a28\u0a3e\u0a32 \u0a15\u0a28\u0a48\u0a15\u0a1f \u0a39\u0a4b\u0a35\u0a4b \u0a24\u0a3e\u0a02 Google Docs \u0a2e\u0a41\u0a71\u0a16 \u0a2a\u0a70\u0a28\u0a47 '\u0a24\u0a47 \u0a38\u0a48\u0a1f\u0a3f\u0a70\u0a17\u0a3e\u0a02 \u0a35\u0a3f\u0a71\u0a1a \u0a1c\u0a3e\u0a13 \u0a05\u0a24\u0a47 \u0a06\u0a2b\u0a3c\u0a32\u0a3e\u0a08\u0a28 \u0a38\u0a3f\u0a70\u0a15 \u0a28\u0a42\u0a70 \u0a1a\u0a3e\u0a32\u0a42 \u0a15\u0a30\u0a4b\u0964"},"expla

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\pl\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):978
                                                                                                                                                          Entropy (8bit):4.879137540019932
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:24:1HApiJiRelvm3wi8QAYcbm24sK+tFJaSDD:FJMx3whxYcbNp
                                                                                                                                                          MD5:B8D55E4E3B9619784AECA61BA15C9C0F
                                                                                                                                                          SHA1:B4A9C9885FBEB78635957296FDDD12579FEFA033
                                                                                                                                                          SHA-256:E00FF20437599A5C184CA0C79546CB6500171A95E5F24B9B5535E89A89D3EC3D
                                                                                                                                                          SHA-512:266589116EEE223056391C65808255EDAE10EB6DC5C26655D96F8178A41E283B06360AB8E08AC3857D172023C4F616EF073D0BEA770A3B3DD3EE74F5FFB2296B
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": "UTW.RZ NOWY".. },.. "explanationofflinedisabled": {.. "message": "Jeste. offline. Aby korzysta. z Dokument.w Google bez po..czenia internetowego, otw.rz ustawienia na stronie g..wnej Dokument.w Google i w..cz synchronizacj. offline nast.pnym razem, gdy b.dziesz mie. dost.p do internetu.".. },.. "explanationofflineenabled": {.. "message": "Jeste. offline, ale nadal mo.esz edytowa. dost.pne pliki i tworzy. nowe.".. },.. "extdesc": {.. "message": "Edytuj, tw.rz i wy.wietlaj swoje dokumenty, arkusze kalkulacyjne oraz prezentacje bez konieczno.ci ..czenia si. z internetem.".. },.. "extname": {.. "message": "Dokumenty Google offline".. },.. "learnmore": {.. "message": "Wi.cej informacji".. },.. "popuphelptext": {.. "message": "Pisz, edytuj i wsp..pracuj, gdziekolwiek jeste. . niezale.nie od tego, czy masz po..czenie z internetem.".. }..}..

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\pt_BR\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):907
                                                                                                                                                          Entropy (8bit):4.599411354657937
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:12:1HASvgU30CBxNd6GwXOK1styCJ02OK9+4KbCBxed6X4LBAt4rXgUCSUuYDHIIQka:1HAcXlyCJ5+Tsz4LY4rXSw/Q+ftkC
                                                                                                                                                          MD5:608551F7026E6BA8C0CF85D9AC11F8E3
                                                                                                                                                          SHA1:87B017B2D4DA17E322AF6384F82B57B807628617
                                                                                                                                                          SHA-256:A73EEA087164620FA2260D3910D3FBE302ED85F454EDB1493A4F287D42FC882F
                                                                                                                                                          SHA-512:82F52F8591DB3C0469CC16D7CBFDBF9116F6D5B5D2AD02A3D8FA39CE1378C64C0EA80AB8509519027F71A89EB8BBF38A8702D9AD26C8E6E0F499BF7DA18BF747
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": "CRIAR NOVO".. },.. "explanationofflinedisabled": {.. "message": "Voc. est. off-line. Para usar o Documentos Google sem conex.o com a Internet, na pr.xima vez que se conectar, acesse as configura..es na p.gina inicial do Documentos Google e ative a sincroniza..o off-line.".. },.. "explanationofflineenabled": {.. "message": "Voc. est. off-line, mas mesmo assim pode editar os arquivos dispon.veis ou criar novos arquivos.".. },.. "extdesc": {.. "message": "Edite, crie e veja seus documentos, planilhas e apresenta..es sem precisar de acesso . Internet.".. },.. "extname": {.. "message": "Documentos Google off-line".. },.. "learnmore": {.. "message": "Saiba mais".. },.. "popuphelptext": {.. "message": "Escreva, edite e colabore onde voc. estiver, com ou sem conex.o com a Internet.".. }..}..

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\pt_PT\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):914
                                                                                                                                                          Entropy (8bit):4.604761241355716
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:24:1HAcXzw8M+N0STDIjxX+qxCjKw5BKriEQFMJXkETs:zXzw0pKXbxqKw5BKri3aNY
                                                                                                                                                          MD5:0963F2F3641A62A78B02825F6FA3941C
                                                                                                                                                          SHA1:7E6972BEAB3D18E49857079A24FB9336BC4D2D48
                                                                                                                                                          SHA-256:E93B8E7FB86D2F7DFAE57416BB1FB6EE0EEA25629B972A5922940F0023C85F90
                                                                                                                                                          SHA-512:22DD42D967124DA5A2209DD05FB6AD3F5D0D2687EA956A22BA1E31C56EC09DEB53F0711CD5B24D672405358502E9D1C502659BB36CED66CAF83923B021CA0286
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": "CRIAR NOVO".. },.. "explanationofflinedisabled": {.. "message": "Est. offline. Para utilizar o Google Docs sem uma liga..o . Internet, aceda .s defini..es na p.gina inicial do Google Docs e ative a sincroniza..o offline da pr.xima vez que estiver ligado . Internet.".. },.. "explanationofflineenabled": {.. "message": "Est. offline, mas continua a poder editar os ficheiros dispon.veis ou criar novos ficheiros.".. },.. "extdesc": {.. "message": "Edite, crie e veja os documentos, as folhas de c.lculo e as apresenta..es, tudo sem precisar de aceder . Internet.".. },.. "extname": {.. "message": "Google Docs offline".. },.. "learnmore": {.. "message": "Saber mais".. },.. "popuphelptext": {.. "message": "Escreva edite e colabore onde quer que esteja, com ou sem uma liga..o . Internet.".. }..}..

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\ro\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):937
                                                                                                                                                          Entropy (8bit):4.686555713975264
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:24:1HA8dC6e6w+uFPHf2TFMMlecFpweWV4RE:pC6KvHf4plVweCx
                                                                                                                                                          MD5:BED8332AB788098D276B448EC2B33351
                                                                                                                                                          SHA1:6084124A2B32F386967DA980CBE79DD86742859E
                                                                                                                                                          SHA-256:085787999D78FADFF9600C9DC5E3FF4FB4EB9BE06D6BB19DF2EEF8C284BE7B20
                                                                                                                                                          SHA-512:22596584D10707CC1C8179ED3ABE46EF2C314CF9C3D0685921475944B8855AAB660590F8FA1CFDCE7976B4BB3BD9ABBBF053F61F1249A325FD0094E1C95692ED
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": "CREEAZ. UN DOCUMENT".. },.. "explanationofflinedisabled": {.. "message": "E.ti offline. Pentru a utiliza Documente Google f.r. conexiune la internet, intr. .n set.rile din pagina principal. Documente Google .i activeaz. sincronizarea offline data viitoare c.nd e.ti conectat(.) la internet.".. },.. "explanationofflineenabled": {.. "message": "E.ti offline, dar po.i .nc. s. editezi fi.ierele disponibile sau s. creezi altele.".. },.. "extdesc": {.. "message": "Editeaz., creeaz. .i acceseaz. documente, foi de calcul .i prezent.ri - totul f.r. acces la internet.".. },.. "extname": {.. "message": "Documente Google Offline".. },.. "learnmore": {.. "message": "Afl. mai multe".. },.. "popuphelptext": {.. "message": "Scrie, editeaz. .i colaboreaz. oriunde ai fi, cu sau f.r. conexiune la internet.".. }..}..

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\ru\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):1337
                                                                                                                                                          Entropy (8bit):4.69531415794894
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:24:1HABEapHTEmxUomjsfDVs8THjqBK8/hHUg41v+Lph5eFTHQ:I/VdxUomjsre8Kh4Riph5eFU
                                                                                                                                                          MD5:51D34FE303D0C90EE409A2397FCA437D
                                                                                                                                                          SHA1:B4B9A7B19C62D0AA95D1F10640A5FBA628CCCA12
                                                                                                                                                          SHA-256:BE733625ACD03158103D62BC0EEF272CA3F265AC30C87A6A03467481A177DAE3
                                                                                                                                                          SHA-512:E8670DED44DC6EE30E5F41C8B2040CF8A463CD9A60FC31FA70EB1D4C9AC1A3558369792B5B86FA761A21F5266D5A35E5C2C39297F367DAA84159585C19EC492A
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": ".......".. },.. "explanationofflinedisabled": {.. "message": "..... ............ Google ......... ... ........., ............ . .... . ......... ............. . ......-...... . .......... .. ......... .........".. },.. "explanationofflineenabled": {.. "message": "... ........... . .......... .. ...... ......... ..... ..... . ............. .., . ....... ........ ......-.......".. },.. "extdesc": {.. "message": ".........., .............. . ............ ........., ....... . ........... ... ....... . ..........".. },.. "extname": {.. "message": "Google.......... ......".. },.. "learnmore": {.

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\si\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):2846
                                                                                                                                                          Entropy (8bit):3.7416822879702547
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:48:YWi+htQTKEQb3aXQYJLSWy7sTQThQTnQtQTrEmQ6kiLsegQSJFwsQGaiPn779I+S:zhiTK5b3tUGVjTGTnQiTryOLpyaxYf/S
                                                                                                                                                          MD5:B8A4FD612534A171A9A03C1984BB4BDD
                                                                                                                                                          SHA1:F513F7300827FE352E8ECB5BD4BB1729F3A0E22A
                                                                                                                                                          SHA-256:54241EBE651A8344235CC47AFD274C080ABAEBC8C3A25AFB95D8373B6A5670A2
                                                                                                                                                          SHA-512:C03E35BFDE546AEB3245024EF721E7E606327581EFE9EAF8C5B11989D9033BDB58437041A5CB6D567BAA05466B6AAF054C47F976FD940EEEDF69FDF80D79095B
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{"createnew":{"message":"\u0db1\u0dc0 \u0dbd\u0dda\u0d9b\u0db1\u0dba\u0d9a\u0dca \u0dc3\u0dcf\u0daf\u0db1\u0dca\u0db1"},"explanationofflinedisabled":{"message":"\u0d94\u0db6 \u0db1\u0ddc\u0db6\u0dd0\u0db3\u0dd2\u0dba. \u0d85\u0db1\u0dca\u0dad\u0dbb\u0dca\u0da2\u0dcf\u0dbd \u0dc3\u0db8\u0dca\u0db6\u0db1\u0dca\u0db0\u0dad\u0dcf\u0dc0\u0d9a\u0dca \u0db1\u0ddc\u0db8\u0dd0\u0dad\u0dd2\u0dc0 Google Docs \u0db7\u0dcf\u0dc0\u0dd2\u0dad \u0d9a\u0dd2\u0dbb\u0dd3\u0db8\u0da7, Google Docs \u0db8\u0dd4\u0dbd\u0dca \u0db4\u0dd2\u0da7\u0dd4\u0dc0 \u0db8\u0dad \u0dc3\u0dd0\u0d9a\u0dc3\u0dd3\u0db8\u0dca \u0dc0\u0dd9\u0dad \u0d9c\u0ddc\u0dc3\u0dca \u0d94\u0db6 \u0d8a\u0dc5\u0d9f \u0d85\u0dc0\u0dc3\u0dca\u0dae\u0dcf\u0dc0\u0dda \u0d85\u0db1\u0dca\u0dad\u0dbb\u0dca\u0da2\u0dcf\u0dbd\u0dba\u0da7 \u0dc3\u0db6\u0dd0\u0db3\u0dd2 \u0dc0\u0dd2\u0da7 \u0db1\u0ddc\u0db6\u0dd0\u0db3\u0dd2 \u0dc3\u0db8\u0db8\u0dd4\u0dc4\u0dd4\u0dbb\u0dca\u0dad \u0d9a\u0dd2\u0dbb\u0dd3\u0db8 \u0d9a\u0dca\u200d\u0dbb\u0dd2\u0dba\u0dc

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\sk\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):934
                                                                                                                                                          Entropy (8bit):4.882122893545996
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:24:1HAF8pMv1RS4LXL22IUjdh8uJwpPqLDEtxKLhSS:hyv1RS4LXx38u36QsS
                                                                                                                                                          MD5:8E55817BF7A87052F11FE554A61C52D5
                                                                                                                                                          SHA1:9ABDC0725FE27967F6F6BE0DF5D6C46E2957F455
                                                                                                                                                          SHA-256:903060EC9E76040B46DEB47BBB041D0B28A6816CB9B892D7342FC7DC6782F87C
                                                                                                                                                          SHA-512:EFF9EC7E72B272DDE5F29123653BC056A4BC2C3C662AE3C448F8CB6A4D1865A0679B7E74C1B3189F3E262109ED6BC8F8D2BDE14AEFC8E87E0F785AE4837D01C7
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": "VYTVORI. NOV.".. },.. "explanationofflinedisabled": {.. "message": "Ste offline. Ak chcete pou.i. Dokumenty Google bez pripojenia na internet, po najbli..om pripojen. na internet prejdite do nastaven. na domovskej str.nke Dokumentov Google a.zapnite offline synchroniz.ciu.".. },.. "explanationofflineenabled": {.. "message": "Ste offline, no st.le m..ete upravova. dostupn. s.bory a.vytv.ra. nov..".. },.. "extdesc": {.. "message": ".prava, tvorba a.zobrazenie dokumentov, tabuliek a.prezent.ci.. To v.etko bez pr.stupu na internet.".. },.. "extname": {.. "message": "Dokumenty Google v re.ime offline".. },.. "learnmore": {.. "message": ".al.ie inform.cie".. },.. "popuphelptext": {.. "message": "P..te, upravujte a.spolupracuje, kdeko.vek ste, a.to s.pripojen.m na internet aj bez neho.".. }..}..

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\sl\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):963
                                                                                                                                                          Entropy (8bit):4.6041913416245
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:12:1HASvgfECBxNFCEuKXowwJrpvPwNgEcPJJJEfWOCBxeFCJuGuU4KYXCSUXKDxX4A:1HAXMKYw8VYNLcaeDmKYLdX2zJBG5
                                                                                                                                                          MD5:BFAEFEFF32813DF91C56B71B79EC2AF4
                                                                                                                                                          SHA1:F8EDA2B632610972B581724D6B2F9782AC37377B
                                                                                                                                                          SHA-256:AAB9CF9098294A46DC0F2FA468AFFF7CA7C323A1A0EFA70C9DB1E3A4DA05D1D4
                                                                                                                                                          SHA-512:971F2BBF5E9C84DE3D31E5F2A4D1A00D891A2504F8AF6D3F75FC19056BFD059A270C4C9836AF35258ABA586A1888133FB22B484F260C1CBC2D1D17BC3B4451AA
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": "USTVARI NOVO".. },.. "explanationofflinedisabled": {.. "message": "Nimate vzpostavljene povezave. .e .elite uporabljati Google Dokumente brez internetne povezave, odprite nastavitve na doma.i strani Google Dokumentov in vklopite sinhronizacijo brez povezave, ko naslednji. vzpostavite internetno povezavo.".. },.. "explanationofflineenabled": {.. "message": "Nimate vzpostavljene povezave, vendar lahko .e vedno urejate razpolo.ljive datoteke ali ustvarjate nove.".. },.. "extdesc": {.. "message": "Urejajte, ustvarjajte in si ogledujte dokumente, preglednice in predstavitve . vse to brez internetnega dostopa.".. },.. "extname": {.. "message": "Google Dokumenti brez povezave".. },.. "learnmore": {.. "message": "Ve. o tem".. },.. "popuphelptext": {.. "message": "Pi.ite, urejajte in sodelujte, kjer koli ste, z internetno povezavo ali brez nje.".. }..}..

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\sr\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):1320
                                                                                                                                                          Entropy (8bit):4.569671329405572
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:24:1HArg/fjQg2JwrfZtUWTrw1P4epMnRGi5TBmuPDRxZQ/XtiCw/Rwh/Q9EVz:ogUg2JwDZe6rwKI8VTP9xK1CwhI94
                                                                                                                                                          MD5:7F5F8933D2D078618496C67526A2B066
                                                                                                                                                          SHA1:B7050E3EFA4D39548577CF47CB119FA0E246B7A4
                                                                                                                                                          SHA-256:4E8B69E864F57CDDD4DC4E4FAF2C28D496874D06016BC22E8D39E0CB69552769
                                                                                                                                                          SHA-512:0FBAB56629368EEF87DEEF2977CA51831BEB7DEAE98E02504E564218425C751853C4FDEAA40F51ECFE75C633128B56AE105A6EB308FD5B4A2E983013197F5DBA
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": "....... ....".. },.. "explanationofflinedisabled": {.. "message": "...... .... .. ..... ......... Google ......... ... ........ ...., ..... . .......... .. ........ ........ Google .......... . ........ ...... .............. ... ....... ... ...... ........ .. ...........".. },.. "explanationofflineenabled": {.. "message": "...... ..., ... . .... ...... .. ....... ...... . ........ ........ ... .. ....... .....".. },.. "extdesc": {.. "message": "....... . ........... ........., ...... . ............ . ....... ...... . ... . ... .. ... ........ .........".. },.. "extname": {.. "message

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\sv\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):884
                                                                                                                                                          Entropy (8bit):4.627108704340797
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:24:1HA0NOYT/6McbnX/yzklyOIPRQrJlvDymvBd:vNOcyHnX/yg0P4Bymn
                                                                                                                                                          MD5:90D8FB448CE9C0B9BA3D07FB8DE6D7EE
                                                                                                                                                          SHA1:D8688CAC0245FD7B886D0DEB51394F5DF8AE7E84
                                                                                                                                                          SHA-256:64B1E422B346AB77C5D1C77142685B3FF7661D498767D104B0C24CB36D0EB859
                                                                                                                                                          SHA-512:6D58F49EE3EF0D3186EA036B868B2203FE936CE30DC8E246C32E90B58D9B18C624825419346B62AF8F7D61767DBE9721957280AA3C524D3A5DFB1A3A76C00742
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": "SKAPA NYTT".. },.. "explanationofflinedisabled": {.. "message": "Du .r offline. Om du vill anv.nda Google Dokument utan internetuppkoppling, .ppna inst.llningarna p. Google Dokuments startsida och aktivera offlinesynkronisering n.sta g.ng du .r ansluten till internet.".. },.. "explanationofflineenabled": {.. "message": "Du .r offline, men det g.r fortfarande att redigera tillg.ngliga filer eller skapa nya.".. },.. "extdesc": {.. "message": "Redigera, skapa och visa dina dokument, kalkylark och presentationer . helt utan internet.tkomst.".. },.. "extname": {.. "message": "Google Dokument Offline".. },.. "learnmore": {.. "message": "L.s mer".. },.. "popuphelptext": {.. "message": "Skriv, redigera och samarbeta .verallt, med eller utan internetanslutning.".. }..}..

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\sw\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):980
                                                                                                                                                          Entropy (8bit):4.50673686618174
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:12:1HASvgNHCBxNx1HMHyMhybK7QGU78oCuafIvfCBxex6EYPE5E1pOCSUJqONtCBh8:1HAGDQ3y0Q/Kjp/zhDoKMkeAT6dBaX
                                                                                                                                                          MD5:D0579209686889E079D87C23817EDDD5
                                                                                                                                                          SHA1:C4F99E66A5891973315D7F2BC9C1DAA524CB30DC
                                                                                                                                                          SHA-256:0D20680B74AF10EF8C754FCDE259124A438DCE3848305B0CAF994D98E787D263
                                                                                                                                                          SHA-512:D59911F91ED6C8FF78FD158389B4D326DAF4C031B940C399569FE210F6985E23897E7F404B7014FC7B0ACEC086C01CC5F76354F7E5D3A1E0DEDEF788C23C2978
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": "FUNGUA MPYA".. },.. "explanationofflinedisabled": {.. "message": "Haupo mtandaoni. Ili uweze kutumia Hati za Google bila muunganisho wa intaneti, wakati utakuwa umeunganishwa kwenye intaneti, nenda kwenye sehemu ya mipangilio kwenye ukurasa wa kwanza wa Hati za Google kisha uwashe kipengele cha usawazishaji nje ya mtandao.".. },.. "explanationofflineenabled": {.. "message": "Haupo mtandaoni, lakini bado unaweza kubadilisha faili zilizopo au uunde mpya.".. },.. "extdesc": {.. "message": "Badilisha, unda na uangalie hati, malahajedwali na mawasilisho yako . yote bila kutumia muunganisho wa intaneti.".. },.. "extname": {.. "message": "Hati za Google Nje ya Mtandao".. },.. "learnmore": {.. "message": "Pata Maelezo Zaidi".. },.. "popuphelptext": {.. "message": "Andika hati, zibadilishe na ushirikiane na wengine popote ulipo, iwe una muunganisho wa intaneti au huna.".. }..}..

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\ta\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):1941
                                                                                                                                                          Entropy (8bit):4.132139619026436
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:24:1HAoTZwEj3YfVLiANpx96zjlXTwB4uNJDZwq3CP1B2xIZiIH1CYFIZ03SoFyxrph:JCEjWiAD0ZXkyYFyPND1L/I
                                                                                                                                                          MD5:DCC0D1725AEAEAAF1690EF8053529601
                                                                                                                                                          SHA1:BB9D31859469760AC93E84B70B57909DCC02EA65
                                                                                                                                                          SHA-256:6282BF9DF12AD453858B0B531C8999D5FD6251EB855234546A1B30858462231A
                                                                                                                                                          SHA-512:6243982D764026D342B3C47C706D822BB2B0CAFFA51F0591D8C878F981EEF2A7FC68B76D012630B1C1EB394AF90EB782E2B49329EB6538DD5608A7F0791FDCF5
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": "..... ....... .........".. },.. "explanationofflinedisabled": {.. "message": ".......... ........... .... ....... ..... Google ......... .........., ...... .... ........... ......... ...., Google ... ................... ................ ......, ........ ......... ..........".. },.. "explanationofflineenabled": {.. "message": ".......... ..........., .......... .......... .......... ......... ........... ...... .....

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\te\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):1969
                                                                                                                                                          Entropy (8bit):4.327258153043599
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:48:R7jQrEONienBcFNBNieCyOBw0/kCcj+sEf24l+Q+u1LU4ljCj55ONipR41ssrNix:RjQJN1nBcFNBNlCyGcj+RXl+Q+u1LU4s
                                                                                                                                                          MD5:385E65EF723F1C4018EEE6E4E56BC03F
                                                                                                                                                          SHA1:0CEA195638A403FD99BAEF88A360BD746C21DF42
                                                                                                                                                          SHA-256:026C164BAE27DBB36A564888A796AA3F188AAD9E0C37176D48910395CF772CEA
                                                                                                                                                          SHA-512:E55167CB5638E04DF3543D57C8027B86B9483BFCAFA8E7C148EDED66454AEBF554B4C1CF3C33E93EC63D73E43800D6A6E7B9B1A1B0798B6BDB2F699D3989B052
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": "..... ...... ........ ......".. },.. "explanationofflinedisabled": {.. "message": ".... ........... ........ ......... ........ ....... Google Docs... .............., .... ............ ....... ..... ...... .... Google Docs .... ...... ............. ......, ........ ........ ... .......".. },.. "explanationofflineenabled": {.. "message": ".... ........... ......., .... .... ........ .......... .... ....... ..... ....... .... ..

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\th\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):1674
                                                                                                                                                          Entropy (8bit):4.343724179386811
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:48:fcGjnU3UnGKD1GeU3pktOggV1tL2ggG7Q:f3jnDG1eUk0g6RLE
                                                                                                                                                          MD5:64077E3D186E585A8BEA86FF415AA19D
                                                                                                                                                          SHA1:73A861AC810DABB4CE63AD052E6E1834F8CA0E65
                                                                                                                                                          SHA-256:D147631B2334A25B8AA4519E4A30FB3A1A85B6A0396BC688C68DC124EC387D58
                                                                                                                                                          SHA-512:56DD389EB9DD335A6214E206B3BF5D63562584394D1DE1928B67D369E548477004146E6CB2AD19D291CB06564676E2B2AC078162356F6BC9278B04D29825EF0C
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": ".........".. },.. "explanationofflinedisabled": {.. "message": ".............. ............. Google .................................... ............................... Google ...... .................................................................".. },.. "explanationofflineenabled": {.. "message": "................................................................".. },.. "extdesc": {.. "message": "..... ..... ........

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\tr\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):1063
                                                                                                                                                          Entropy (8bit):4.853399816115876
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:24:1HAowYuBPgoMC4AGehrgGm7tJ3ckwFrXnRs5m:GYsPgrCtGehkGc3cvXr
                                                                                                                                                          MD5:76B59AAACC7B469792694CF3855D3F4C
                                                                                                                                                          SHA1:7C04A2C1C808FA57057A4CCEEE66855251A3C231
                                                                                                                                                          SHA-256:B9066A162BEE00FD50DC48C71B32B69DFFA362A01F84B45698B017A624F46824
                                                                                                                                                          SHA-512:2E507CA6874DE8028DC769F3D9DFD9E5494C268432BA41B51568D56F7426F8A5F2E5B111DDD04259EB8D9A036BB4E3333863A8FC65AAB793BCEF39EDFE41403B
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": "YEN. OLU.TUR".. },.. "explanationofflinedisabled": {.. "message": ".nternet'e ba.l. de.ilsiniz. Google Dok.manlar'. .nternet ba.lant.s. olmadan kullanmak i.in, .nternet'e ba.lanabildi.inizde Google Dok.manlar ana sayfas.nda Ayarlar'a gidin ve .evrimd... senkronizasyonu etkinle.tirin.".. },.. "explanationofflineenabled": {.. "message": ".nternet'e ba.l. de.ilsiniz. Ancak, yine de mevcut dosyalar. d.zenleyebilir veya yeni dosyalar olu.turabilirsiniz.".. },.. "extdesc": {.. "message": "Dok.man, e-tablo ve sunu olu.turun, bunlar. d.zenleyin ve g.r.nt.leyin. T.m bu i.lemleri internet eri.imi olmadan yapabilirsiniz.".. },.. "extname": {.. "message": "Google Dok.manlar .evrimd...".. },.. "learnmore": {.. "message": "Daha Fazla Bilgi".. },.. "popuphelptext": {.. "message": ".nternet ba.lant.n.z olsun veya olmas.n, nerede olursan.z olun yaz.n, d.zenl

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\uk\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):1333
                                                                                                                                                          Entropy (8bit):4.686760246306605
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:24:1HAk9oxkm6H4KyGGB9GeGoxPEYMQhpARezTtHUN97zlwpEH7:VKU1GB9GeBc/OARETt+9/WCb
                                                                                                                                                          MD5:970963C25C2CEF16BB6F60952E103105
                                                                                                                                                          SHA1:BBDDACFEEE60E22FB1C130E1EE8EFDA75EA600AA
                                                                                                                                                          SHA-256:9FA26FF09F6ACDE2457ED366C0C4124B6CAC1435D0C4FD8A870A0C090417DA19
                                                                                                                                                          SHA-512:1BED9FE4D4ADEED3D0BC8258D9F2FD72C6A177C713C3B03FC6F5452B6D6C2CB2236C54EA972ECE7DBFD756733805EB2352CAE44BAB93AA8EA73BB80460349504
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": "........".. },.. "explanationofflinedisabled": {.. "message": ".. . ...... ....... ... ............. Google ........... ... ......... . .........., ......... . ............ .. ........ ........ Google .......... . ......... ......-............., .... ...... . .......".. },.. "explanationofflineenabled": {.. "message": ".. . ...... ......, ..... ... .... ...... .......... ........ ..... ... .......... .....".. },.. "extdesc": {.. "message": "........., ......... . ............ ........., .......... ....... .. ........... ... ....... .. ..........".. },.. "extname": {.. "message": "Goo

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\ur\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):1263
                                                                                                                                                          Entropy (8bit):4.861856182762435
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:24:1HAl3zNEUhN3mNjkSIkmdNpInuUVsqNtOJDhY8Dvp/IkLzx:e3uUhQKvkmd+s11Lp1F
                                                                                                                                                          MD5:8B4DF6A9281333341C939C244DDB7648
                                                                                                                                                          SHA1:382C80CAD29BCF8AAF52D9A24CA5A6ECF1941C6B
                                                                                                                                                          SHA-256:5DA836224D0F3A96F1C5EB5063061AAD837CA9FC6FED15D19C66DA25CF56F8AC
                                                                                                                                                          SHA-512:FA1C015D4EA349F73468C78FDB798D462EEF0F73C1A762298798E19F825E968383B0A133E0A2CE3B3DF95F24C71992235BFC872C69DC98166B44D3183BF8A9E5
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": "... ......".. },.. "explanationofflinedisabled": {.. "message": ".. .. .... .... Google Docs .. .... ....... ..... ....... .... ..... .... ... .. .. ....... .. ..... ... .. Google Docs ... ... .. ....... .. ..... ... .. .... ...... ..... .. .. .....".. },.. "explanationofflineenabled": {.. "message": ".. .. .... ... .... .. ... ... ...... ..... ... ..... .. .... ... .. ... ..... ... .... ....".. },.. "extdesc": {.. "message": ".......... .......... ... ....... . .... ... ....... .. ..... .. .... ...... ..... .... ... ..... .......".. },.. "extname": {.. "message": "Google Docs .. ....".. },.. "learnmore": {..

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\vi\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):1074
                                                                                                                                                          Entropy (8bit):5.062722522759407
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:24:1HAhBBLEBOVUSUfE+eDFmj4BLErQ7e2CIer32KIxqJ/HtNiE5nIGeU+KCVT:qHCDheDFmjDQgX32/S/hI9jh
                                                                                                                                                          MD5:773A3B9E708D052D6CBAA6D55C8A5438
                                                                                                                                                          SHA1:5617235844595D5C73961A2C0A4AC66D8EA5F90F
                                                                                                                                                          SHA-256:597C5F32BC999746BC5C2ED1E5115C523B7EB1D33F81B042203E1C1DF4BBCAFE
                                                                                                                                                          SHA-512:E5F906729E38B23F64D7F146FA48F3ABF6BAED9AAFC0E5F6FA59F369DC47829DBB4BFA94448580BD61A34E844241F590B8D7AEC7091861105D8EBB2590A3BEE9
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": "T.O M.I".. },.. "explanationofflinedisabled": {.. "message": "B.n .ang ngo.i tuy.n. .. s. d.ng Google T.i li.u m. kh.ng c.n k.t n.i Internet, .i ..n c.i ..t tr.n trang ch. c.a Google T.i li.u v. b.t ..ng b. h.a ngo.i tuy.n v.o l.n ti.p theo b.n ...c k.t n.i v.i m.ng Internet.".. },.. "explanationofflineenabled": {.. "message": "B.n .ang ngo.i tuy.n, tuy nhi.n b.n v.n c. th. ch.nh s.a c.c t.p c. s.n ho.c t.o c.c t.p m.i.".. },.. "extdesc": {.. "message": "Ch.nh s.a, t.o v. xem t.i li.u, b.ng t.nh v. b.n tr.nh b.y . t.t c. m. kh.ng c.n truy c.p Internet.".. },.. "extname": {.. "message": "Google T.i li.u ngo.i tuy.n".. },.. "learnmore": {.. "message": "Ti.m hi..u th.m".. },.. "popuphelptext": {.. "message": "Vi.t, ch.nh s.a v. c.ng t.c

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\zh_CN\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):879
                                                                                                                                                          Entropy (8bit):5.7905809868505544
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:12:1HASvgteHCBxNtSBXuetOrgIkA2OrWjMOCBxetSBXK01fg/SOiCSUEQ27e1CBhUj:1HAFsHtrIkA2jqldI/727eggcLk9pf
                                                                                                                                                          MD5:3E76788E17E62FB49FB5ED5F4E7A3DCE
                                                                                                                                                          SHA1:6904FFA0D13D45496F126E58C886C35366EFCC11
                                                                                                                                                          SHA-256:E72D0BB08CC3005556E95A498BD737E7783BB0E56DCC202E7D27A536616F5EE0
                                                                                                                                                          SHA-512:F431E570AB5973C54275C9EEF05E49E6FE2D6C17000F98D672DD31F9A1FAD98E0D50B5B0B9CF85D5BBD3B655B93FD69768C194C8C1688CB962AA75FF1AF9BDB6
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": "..".. },.. "explanationofflinedisabled": {.. "message": "....................... Google ................ Google ....................".. },.. "explanationofflineenabled": {.. "message": ".............................".. },.. "extdesc": {.. "message": "...................... - ........".. },.. "extname": {.. "message": "Google .......".. },.. "learnmore": {.. "message": "....".. },.. "popuphelptext": {.. "message": "...............................".. }..}..

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\zh_HK\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):1205
                                                                                                                                                          Entropy (8bit):4.50367724745418
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:24:YWvqB0f7Cr591AhI9Ah8U1F4rw4wtB9G976d6BY9scKUrPoAhNehIrI/uIXS1:YWvl7Cr5JHrw7k7u6BY9trW+rHR
                                                                                                                                                          MD5:524E1B2A370D0E71342D05DDE3D3E774
                                                                                                                                                          SHA1:60D1F59714F9E8F90EF34138D33FBFF6DD39E85A
                                                                                                                                                          SHA-256:30F44CFAD052D73D86D12FA20CFC111563A3B2E4523B43F7D66D934BA8DACE91
                                                                                                                                                          SHA-512:D2225CF2FA94B01A7B0F70A933E1FDCF69CDF92F76C424CE4F9FCC86510C481C9A87A7B71F907C836CBB1CA41A8BEBBD08F68DBC90710984CA738D293F905272
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{"createnew":{"message":"\u5efa\u7acb\u65b0\u9805\u76ee"},"explanationofflinedisabled":{"message":"\u60a8\u8655\u65bc\u96e2\u7dda\u72c0\u614b\u3002\u5982\u8981\u5728\u6c92\u6709\u4e92\u806f\u7db2\u9023\u7dda\u7684\u60c5\u6cc1\u4e0b\u4f7f\u7528\u300cGoogle \u6587\u4ef6\u300d\uff0c\u8acb\u524d\u5f80\u300cGoogle \u6587\u4ef6\u300d\u9996\u9801\u7684\u8a2d\u5b9a\uff0c\u4e26\u5728\u4e0b\u6b21\u9023\u63a5\u4e92\u806f\u7db2\u6642\u958b\u555f\u96e2\u7dda\u540c\u6b65\u529f\u80fd\u3002"},"explanationofflineenabled":{"message":"\u60a8\u8655\u65bc\u96e2\u7dda\u72c0\u614b\uff0c\u4f46\u60a8\u4ecd\u53ef\u4ee5\u7de8\u8f2f\u53ef\u7528\u6a94\u6848\u6216\u5efa\u7acb\u65b0\u6a94\u6848\u3002"},"extdesc":{"message":"\u7de8\u8f2f\u3001\u5efa\u7acb\u53ca\u67e5\u770b\u60a8\u7684\u6587\u4ef6\u3001\u8a66\u7b97\u8868\u548c\u7c21\u5831\uff0c\u5b8c\u5168\u4e0d\u9700\u4f7f\u7528\u4e92\u806f\u7db2\u3002"},"extname":{"message":"\u300cGoogle \u6587\u4ef6\u300d\u96e2\u7dda\u7248"},"learnmore":{"message":"\u77ad\u89e3\u8a

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\zh_TW\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):843
                                                                                                                                                          Entropy (8bit):5.76581227215314
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:12:1HASvgmaCBxNtBtA24ZOuAeOEHGOCBxetBtMHQIJECSUnLRNocPNy6CBhU5OGg1O:1HAEfQkekYyLvRmcPGgzcL2kx5U
                                                                                                                                                          MD5:0E60627ACFD18F44D4DF469D8DCE6D30
                                                                                                                                                          SHA1:2BFCB0C3CA6B50D69AD5745FA692BAF0708DB4B5
                                                                                                                                                          SHA-256:F94C6DDEDF067642A1AF18D629778EC65E02B6097A8532B7E794502747AEB008
                                                                                                                                                          SHA-512:6FF517EED4381A61075AC7C8E80C73FAFAE7C0583BA4FA7F4951DD7DBE183C253702DEE44B3276EFC566F295DAC1592271BE5E0AC0C7D2C9F6062054418C7C27
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "createnew": {.. "message": ".....".. },.. "explanationofflinedisabled": {.. "message": ".................. Google ................ Google .................".. },.. "explanationofflineenabled": {.. "message": ".........................".. },.. "extdesc": {.. "message": ".............................".. },.. "extname": {.. "message": "Google .....".. },.. "learnmore": {.. "message": "....".. },.. "popuphelptext": {.. "message": "................................".. }..}..

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_locales\zu\messages.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):912
                                                                                                                                                          Entropy (8bit):4.65963951143349
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:24:YlMBKqLnI7EgBLWFQbTQIF+j4h3OadMJzLWnCieqgwLeOvKrCRPE:YlMBKqjI7EQOQb0Pj4heOWqeyaBrMPE
                                                                                                                                                          MD5:71F916A64F98B6D1B5D1F62D297FDEC1
                                                                                                                                                          SHA1:9386E8F723C3F42DA5B3F7E0B9970D2664EA0BAA
                                                                                                                                                          SHA-256:EC78DDD4CCF32B5D76EC701A20167C3FBD146D79A505E4FB0421FC1E5CF4AA63
                                                                                                                                                          SHA-512:30FA4E02120AF1BE6E7CC7DBB15FAE5D50825BD6B3CF28EF21D2F2E217B14AF5B76CFCC165685C3EDC1D09536BFCB10CA07E1E2CC0DA891CEC05E19394AD7144
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{"createnew":{"message":"DALA ENTSHA"},"explanationofflinedisabled":{"message":"Awuxhunyiwe ku-inthanethi. Ukuze usebenzise i-Google Amadokhumenti ngaphandle koxhumano lwe-inthanethi, iya kokuthi izilungiselelo ekhasini lasekhaya le-Google Amadokhumenti bese uvula ukuvumelanisa okungaxhunyiwe ku-inthanethi ngesikhathi esilandelayo lapho uxhunywe ku-inthanethi."},"explanationofflineenabled":{"message":"Awuxhunyiwe ku-inthanethi, kodwa usangakwazi ukuhlela amafayela atholakalayo noma udale amasha."},"extdesc":{"message":"Hlela, dala, futhi ubuke amadokhumenti akho, amaspredishithi, namaphrezentheshini \u2014 konke ngaphandle kokufinyelela kwe-inthanethi."},"extname":{"message":"I-Google Amadokhumenti engaxhumekile ku-intanethi"},"learnmore":{"message":"Funda kabanzi"},"popuphelptext":{"message":"Bhala, hlela, futhi hlanganyela noma yikuphi lapho okhona, unalo noma ungenalo uxhumano lwe-inthanethi."}}.

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\_metadata\verified_contents.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):18774
                                                                                                                                                          Entropy (8bit):5.70612956141149
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:384:cLjrY6QDAwrlbs3jiD1DisLSFqwAqmq9om2V7o:2jrSHbMjidLSFxA+om2W
                                                                                                                                                          MD5:92F7CC1C498F314277DAFB300FC3372A
                                                                                                                                                          SHA1:4672F96C3F64C08FD6841FFCF79DC690FCEC822B
                                                                                                                                                          SHA-256:CD825CBCB19783F8D616DE33A8352B81B4482FDD87DBA6B537D0907260762D35
                                                                                                                                                          SHA-512:8F2AEFA63FFD8EA1A678EF586BE0348AB5385594C00514170D92049C39C5FC717A0B9B5F3EA4F4DF17EF94F01249BBF2848135A989A2FA1C1E2CB145E30DA935
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:[{"description":"treehash per file","signed_content":{"payload":"eyJjb250ZW50X2hhc2hlcyI6W3siYmxvY2tfc2l6ZSI6NDA5NiwiZGlnZXN0Ijoic2hhMjU2IiwiZmlsZXMiOlt7InBhdGgiOiIxMjgucG5nIiwicm9vdF9oYXNoIjoiZ2NWZy0xWWgySktRNVFtUmtjZGNmamU1dzVIc1JNN1ZCTmJyaHJ4eGZ5ZyJ9LHsiY2Fub25pY2FsX2pzb25fcm9vdF9oYXNoIjoiOE1xa2JXMkFQWkVpbzlQTHlYNVItT3o1bGs5a29sbnlWTWtvYlVabk15YyIsInBhdGgiOiJfbG9jYWxlcy9hZi9tZXNzYWdlcy5qc29uIiwicm9vdF9oYXNoIjoicWhJZ1d4Q0hVTS1mb0plRVlhYllpQjVPZ05vZ3FFYllKTnBBYWRuSkdFYyJ9LHsiY2Fub25pY2FsX2pzb25fcm9vdF9oYXNoIjoiV0E0cW96b3R5ZzJrcUpKU0FEYWNVMGNDbEdJYjlmMmp1ejhYalh0YUhybyIsInBhdGgiOiJfbG9jYWxlcy9hbS9tZXNzYWdlcy5qc29uIiwicm9vdF9oYXNoIjoiWk9BYndwSzZMcUZwbFhiOHhFVTJjRWRTRHVpVjRwRE03aURDVEpNMjJPOCJ9LHsiY2Fub25pY2FsX2pzb25fcm9vdF9oYXNoIjoiQlk4QVRlUUktWHNqLWFSbVZfTi03dHVzUlJyQUNkU25yU3NhT2d3R3pTWSIsInBhdGgiOiJfbG9jYWxlcy9hci9tZXNzYWdlcy5qc29uIiwicm9vdF9oYXNoIjoiUjJVaEZjdTVFcEJfUUZtU19QeGstWWRrSVZqd3l6WEoxdURVZEMyRE9BSSJ9LHsiY2Fub25pY2FsX2pzb25fcm9vdF9oYXNoIjoiX0pLU3pRcGk4TVczZE5WZldwN281STVjX09

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\dasherSettingSchema.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):854
                                                                                                                                                          Entropy (8bit):4.284628987131403
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:12:ont+QByTwnnGNcMbyWM+Q9TZldnnnGGxlF/S0WOtUL0M0r:vOrGe4dDCVGOjWJ0nr
                                                                                                                                                          MD5:4EC1DF2DA46182103D2FFC3B92D20CA5
                                                                                                                                                          SHA1:FB9D1BA3710CF31A87165317C6EDC110E98994CE
                                                                                                                                                          SHA-256:6C69CE0FE6FAB14F1990A320D704FEE362C175C00EB6C9224AA6F41108918CA6
                                                                                                                                                          SHA-512:939D81E6A82B10FF73A35C931052D8D53D42D915E526665079EEB4820DF4D70F1C6AEBAB70B59519A0014A48514833FEFD687D5A3ED1B06482223A168292105D
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{. "type": "object",. "properties": {. "allowedDocsOfflineDomains": {. "type": "array",. "items": {. "type": "string". },. "title": "Allow users to enable Docs offline for the specified managed domains.",. "description": "Users on managed devices will be able to enable docs offline if they are part of the specified managed domains.". },. "autoEnabledDocsOfflineDomains": {. "type": "array",. "items": {. "type": "string". },. "title": "Auto enable Docs offline for the specified managed domains in certain eligible situations.",. "description": "Users on managed devices, in certain eligible situations, will be able to automatically access and edit recent files offline for the managed domains set in this property. They can still disable it from Drive settings.". }. }.}.

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\manifest.json

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:JSON data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):2525
                                                                                                                                                          Entropy (8bit):5.418631085958246
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:24:1HEZ4WPoolELb/KxktGw3VwELb/4iL2QDkUpvdz1xxy/Atj1wW9yiVvQe:WdP5aLTKQGwlTLT4oRvvxs/APwWgiVb
                                                                                                                                                          MD5:702D50119D4110E453DAA57DE3ADE79A
                                                                                                                                                          SHA1:9754676F727803F8BF4DDD973F7050E67FC62B7C
                                                                                                                                                          SHA-256:177CA18A28C498CB573A0DF3142C591B40FEB17F42353055B563084E515F9A88
                                                                                                                                                          SHA-512:ACC18730934BFCDE53710567506AE9C3ED821D108B5747B2E0B54CA0BDAE3D97DDA947049856174067628DB373CFEDF0CC255638F2060AE14E078C8451EC089A
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:{.. "author": {.. "email": "docs-hosted-app-own@google.com".. },.. "background": {.. "service_worker": "service_worker_bin_prod.js".. },.. "content_capabilities": {.. "matches": [ "https://docs.google.com/*", "https://drive.google.com/*", "https://drive-autopush.corp.google.com/*", "https://drive-daily-0.corp.google.com/*", "https://drive-daily-1.corp.google.com/*", "https://drive-daily-2.corp.google.com/*", "https://drive-daily-3.corp.google.com/*", "https://drive-daily-4.corp.google.com/*", "https://drive-daily-5.corp.google.com/*", "https://drive-daily-6.corp.google.com/*", "https://drive-preprod.corp.google.com/*", "https://drive-staging.corp.google.com/*" ],.. "permissions": [ "clipboardRead", "clipboardWrite", "unlimitedStorage" ].. },.. "content_security_policy": {.. "extension_pages": "script-src 'self'; object-src 'self'".. },.. "default_locale": "en_US",.. "description": "__MSG_extDesc__",.. "externally_connectable": {.. "ma

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\offscreendocument.html

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:HTML document, ASCII text
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):97
                                                                                                                                                          Entropy (8bit):4.862433271815736
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:3:PouV7uJL5XL/oGLvLAAJR90bZNGXIL0Hac4NGb:hxuJL5XsOv0EmNV4HX4Qb
                                                                                                                                                          MD5:B747B5922A0BC74BBF0A9BC59DF7685F
                                                                                                                                                          SHA1:7BF124B0BE8EE2CFCD2506C1C6FFC74D1650108C
                                                                                                                                                          SHA-256:B9FA2D52A4FFABB438B56184131B893B04655B01F336066415D4FE839EFE64E7
                                                                                                                                                          SHA-512:7567761BE4054FCB31885E16D119CD4E419A423FFB83C3B3ED80BFBF64E78A73C2E97AAE4E24AB25486CD1E43877842DB0836DB58FBFBCEF495BC53F9B2A20EC
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:<!DOCTYPE html>.<html>.<body>. <script src="offscreendocument_main.js"></script>.</body>.</html>

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\offscreendocument_main.js

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:ASCII text, with very long lines (4369)
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):95567
                                                                                                                                                          Entropy (8bit):5.4016395763198135
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:1536:Ftd/mjDC/Hass/jCKLwPOPO2MCeYHxU2/NjAGHChg3JOzZ8:YfjCKdHm2/NbHCIJo8
                                                                                                                                                          MD5:09AF2D8CFA8BF1078101DA78D09C4174
                                                                                                                                                          SHA1:F2369551E2CDD86258062BEB0729EE4D93FCA050
                                                                                                                                                          SHA-256:39D113C44D45AE3609B9509ED099680CC5FCEF182FD9745B303A76E164D8BCEC
                                                                                                                                                          SHA-512:F791434B053FA2A5B731C60F22A4579F19FE741134EF0146E8BAC7DECAC78DE65915B3188093DBBE00F389A7F15B80172053FABB64E636DD4A945DBE3C2CF2E6
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:'use strict';function aa(){return function(){}}function l(a){return function(){return this[a]}}var n;function ba(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}var ca="function"==typeof Object.defineProperties?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a};.function da(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");}var q=da(this);function r(a,b){if(b)a:{var c=q;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&null!=b&&ca(c,a,{configurable:!0,writable:!0,value:b})}}.r("Symbol",function(a){function b(f){if(this instanceof b)throw new TypeError("Symbol is not a constructor");return new c(d+(f||"")+"_"+e++,f)}function c(f,

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\page_embed_script.js

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:ASCII text
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):291
                                                                                                                                                          Entropy (8bit):4.65176400421739
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:6:2LGX86tj66rU8j6D3bWq2un/XBtzHrH9Mnj63LK603:2Q8KVqb2u/Rt3Onj1
                                                                                                                                                          MD5:3AB0CD0F493B1B185B42AD38AE2DD572
                                                                                                                                                          SHA1:079B79C2ED6F67B5A5BD9BC8C85801F96B1B0F4B
                                                                                                                                                          SHA-256:73E3888CCBC8E0425C3D2F8D1E6A7211F7910800EEDE7B1E23AD43D3B21173F7
                                                                                                                                                          SHA-512:32F9DB54654F29F39D49F7A24A1FC800DBC0D4A8A1BAB2369C6F9799BC6ADE54962EFF6010EF6D6419AE51D5B53EC4B26B6E2CDD98DEF7CC0D2ADC3A865F37D3
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:(function(){window._docs_chrome_extension_exists=!0;window._docs_chrome_extension_features_version=2;window._docs_chrome_extension_permissions="alarms clipboardRead clipboardWrite storage unlimitedStorage offscreen".split(" ");window._docs_chrome_extension_manifest_version=3;}).call(this);.

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\CRX_INSTALL\service_worker_bin_prod.js

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:ASCII text, with very long lines (4369)
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):103988
                                                                                                                                                          Entropy (8bit):5.389407461078688
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:1536:oXWJmOMsz9UqqRtjWLqj74SJf2VsxJ5BGOzr61SfwKmWGMJOaAFlObQ/x0BGm:yRqr6v3JnVzr6wwfMtkFSYm
                                                                                                                                                          MD5:EA946F110850F17E637B15CF22B82837
                                                                                                                                                          SHA1:8D27C963E76E3D2F5B8634EE66706F95F000FCAF
                                                                                                                                                          SHA-256:029DFE87536E8907A612900B26EEAA72C63EDF28458A7227B295AE6D4E2BD94C
                                                                                                                                                          SHA-512:5E8E61E648740FEF2E89A035A4349B2E4E5E4E88150EE1BDA9D4AD8D75827DC67C1C95A2CA41DF5B89DE8F575714E1A4D23BDE2DC3CF21D55DB3A39907B8F820
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:'use strict';function k(){return function(){}}function n(a){return function(){return this[a]}}var q;function aa(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}var ba="function"==typeof Object.defineProperties?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a};.function da(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");}var r=da(this);function t(a,b){if(b)a:{var c=r;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&null!=b&&ba(c,a,{configurable:!0,writable:!0,value:b})}}.t("Symbol",function(a){function b(f){if(this instanceof b)throw new TypeError("Symbol is not a constructor");return new c(d+(f||"")+"_"+e++,f)}function c(f,g

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir6876_254510109\aab853fd-f090-456c-8bba-37759e21224d.tmp

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          File Type:Google Chrome extension, version 3
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):139091
                                                                                                                                                          Entropy (8bit):7.817886952439696
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:3072:IXfiiW2IPMaNVdSjNs8uIXZuineN0WZFb:IvX3wRVq2JIX0UePFb
                                                                                                                                                          MD5:87996BA4DD83A8988D96E918DCB2BC62
                                                                                                                                                          SHA1:23910F09EA806D13D9A337A1E23D5FA49B383269
                                                                                                                                                          SHA-256:6409D21A03FAFF1503AA83A19BE0B7DCB701F5E4501C4FEFB81877147E869D57
                                                                                                                                                          SHA-512:A9A1B4BB6ED0410232DB0414AB238BAA594F6C936A801213E0E6FD7FF96F34AB57036CD0070C68D75A8CFDA89B7240B6FB8F661BC9C4D9A45666A798D7D12999
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:Cr24....."........0.."0...*.H.............0.........^...1"...w.g..t..2J.G1.)X4..=&.?[j,Lz..j.u.e[I.q*Ba/X...P.h..L.....2%3_o.......H.)'.=.e...?.......j..3UH.|.X.M..u..s[.*..?$....F%....I....)..,-./.e5).f..O.q.^........9..(.._.ph2..^.YBPXf_8....h[.v...S.*1`.#..5.SF.:f-.#.65.i..b.]9...y2.'....k[........:.W.!........5.y.i%e..S.....+.h/...e.p|/.l}t.9....W.......Ie<.o..uO....[:.....,.w.SKOp..0...@.gT..W.6.R.d.1.b.~..8..I......DMf9A>.O5....?.....4{..g..2m.Ckp......{...9..I.$.h#to..[.%..\.s..n^zr.P.9..r|.(.1..Q..Vld..h..<.P......+.y.wH..p..=.!..x......[0Y0...*.H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...G0E.!..h.G...A.t..;.zl..q..z{...... .;..oQ*f.....S..$./.....6.r..".@...........|[s.:.._..wW!0^..m...X".]@.vu.". 0.I....~....t.t...d.....CB.....s.q...i..~.?..-...L.....u....v>....s}..f......6.W}*.9...]e......m[.....p..bX..{~.m...~....>^.2....NGs|.:f..>...1.....kU.vL...uo.u......K......|ic!.."..5.g.9..0w2.C90.V.

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\~DF480F28896979F911.TMP

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files\Internet Explorer\iexplore.exe
                                                                                                                                                          File Type:data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):16384
                                                                                                                                                          Entropy (8bit):0.11963438136535398
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:12:i9lZcatQ0tJvNCzKtLyJIZMnlDSf//1j:i9lY8dNCm3fX1
                                                                                                                                                          MD5:D3FE837E13B1843B4F426214EC71BF8C
                                                                                                                                                          SHA1:C0ED382CEA476B7A4B190B4258E6ADA362AEC17D
                                                                                                                                                          SHA-256:9F12CF68F813C29E993F8C7FAB4992E4F605980B604A84B846C6AB0DE886D74E
                                                                                                                                                          SHA-512:EC853D831161FA210688B1280605EBEBE78014FE6C9B79E61410C5199F5B579EDC00B61EFE0572F4F0471BCAAF6EE3E7173CBC0F19CE98AE9234B36D1894105D
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                          C:\Users\user\AppData\Local\Temp\~DF7B94DF61E77CC8CC.TMP

                                                                                                                                                          Download File
                                                                                                                                                          Process:C:\Program Files\Internet Explorer\iexplore.exe
                                                                                                                                                          File Type:data
                                                                                                                                                          Category:dropped
                                                                                                                                                          Size (bytes):16384
                                                                                                                                                          Entropy (8bit):0.0816084363470716
                                                                                                                                                          Encrypted:false
                                                                                                                                                          SSDEEP:3:+DcHzVd+fHziT5lclllv/nt+lybltll1lRsltFll2/lsllVyHcUcH0:+adEAUFAl3+ts
                                                                                                                                                          MD5:CE5C572D9019571598E9801D9259FEDB
                                                                                                                                                          SHA1:EE5F8DBF1E20ED552BF8A12F8A667F07402973E8
                                                                                                                                                          SHA-256:AEAB9F4B01F54977A5B4F7BB9E5F5B426E2DDE5642D7F99DCDD18A81E9A24C08
                                                                                                                                                          SHA-512:C2E66BA326873F06D9AD51BE58658E1AF3FCE6FD3368289325A3ADBCB6944FC1BC7DE41ABBDF7F0CFFD82BE17B3FDDD0F891CE1099B92390CB6E1E71E7C6B6C2
                                                                                                                                                          Malicious:false
                                                                                                                                                          Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                          Static File Info

                                                                                                                                                          General

                                                                                                                                                          File type:XML 1.0 document, ASCII text, with very long lines (35519)
                                                                                                                                                          Entropy (8bit):5.767679335980501
                                                                                                                                                          TrID:
                                                                                                                                                          • Generic XML (ASCII) (5005/1) 100.00%
                                                                                                                                                          File name:T_AGM__1905.xml
                                                                                                                                                          File size:2'858'660 bytes
                                                                                                                                                          MD5:46ceb761adb7c723d89d267eb722e6e7
                                                                                                                                                          SHA1:5d790d0e4dee292701e50ddce19b9750bb8c8cfc
                                                                                                                                                          SHA256:7589b7da04afe02e535953f9ecbfeeb81422eda8fcff6a31d83beb21cd2e46af
                                                                                                                                                          SHA512:a54c6f2fc817030e6efb3969015de613ab07328e5c4a360b7688771012055dcf07d0f67cde18dbcd314cdd15847c9f193cdfe013c3ee71789e4ecb2dda51be6a
                                                                                                                                                          SSDEEP:12288:YxMCMDJ+ypUl5TZbSnBN3HVk/GbDxXhVhP9HcLVQwiC2Co6bdAVSoG54mQOGEGjR:YxMCs+Vb+B5S/gzc7o60y4mpXYo0/L
                                                                                                                                                          TLSH:1AD5B50EBAF96CB6C374681C435DF8E6429E752F26E50C427445ABADCDE54FA2E0063C
                                                                                                                                                          File Content Preview:<?xml version="1.0"?>.<NS5-DATA>.<INFO D="2024-04-23 02:14:42" F="55555" T="28" FD="256" TD="694" FN="1905" LLFN="1784" NS="6.5.32" DB="6.5.32" DBTYPE="Production" TZ="180"></INFO>.<GR C="187" D="240422191005" ID="2560000094055912"><T163 C="187" S="2" T="

                                                                                                                                                          File Icon

                                                                                                                                                          Icon Hash:74f0e4e4e4e4e0e4

                                                                                                                                                          Static OLE Info

                                                                                                                                                          General

                                                                                                                                                          Document Type:Text
                                                                                                                                                          Number of OLE Files:1

                                                                                                                                                          OLE File "T_AGM__1905.xml"

                                                                                                                                                          Indicators
                                                                                                                                                          Has Summary Info:
                                                                                                                                                          Application Name:
                                                                                                                                                          Encrypted Document:False
                                                                                                                                                          Contains Word Document Stream:False
                                                                                                                                                          Contains Workbook/Book Stream:False
                                                                                                                                                          Contains PowerPoint Document Stream:False
                                                                                                                                                          Contains Visio Document Stream:False
                                                                                                                                                          Contains ObjectPool Stream:False
                                                                                                                                                          Flash Objects Count:0
                                                                                                                                                          Contains VBA Macros:True

                                                                                                                                                          Network Behavior

                                                                                                                                                          Network Port Distribution

                                                                                                                                                          TCP Packets

                                                                                                                                                          TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                          Apr 24, 2024 06:57:16.795017004 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:16.795068026 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:16.795125961 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:16.795413017 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:16.795425892 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.154680967 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.155846119 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:17.155867100 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.156330109 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.156402111 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:17.157042027 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.157114983 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:17.157124043 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.158602953 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:17.158687115 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.158777952 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:17.158788919 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.274837017 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:17.505109072 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.512794971 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.512876987 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:17.512897015 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.518928051 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.519354105 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:17.519370079 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.531440020 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.532736063 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:17.532752037 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.543562889 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.546894073 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:17.546911955 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.555882931 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.559124947 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:17.559154034 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.567912102 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.567958117 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:17.567975044 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.580185890 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.580259085 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:17.580277920 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.592490911 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.592538118 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:17.592566967 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.680340052 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.680394888 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.680403948 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:17.680428982 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.680674076 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:17.686691046 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.698577881 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.698627949 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.698656082 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:17.698688984 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.698733091 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:17.710778952 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.723577976 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.723628044 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.723644972 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:17.723666906 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.723720074 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:17.735708952 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.747581959 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.747632027 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.747714043 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:17.747754097 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.750955105 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:17.759850025 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.772173882 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.772207022 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.772226095 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:17.772254944 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.772571087 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:17.784468889 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.796879053 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.796912909 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.796961069 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:17.796988964 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.797101974 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:17.808202028 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.819026947 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.819076061 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:17.819102049 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.829657078 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.829699039 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.829715014 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:17.829735041 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.830028057 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:17.840341091 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.851125002 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.851166010 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.851211071 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:17.851234913 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.851277113 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:17.861689091 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.872503042 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.872555971 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.872585058 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:17.872600079 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.872750044 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:17.883101940 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.889872074 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.889920950 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.889965057 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:17.889986992 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.890173912 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:17.896203041 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.899463892 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.899507999 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:17.899527073 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.905704021 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.905776978 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:17.905792952 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.911849976 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.911901951 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:17.911916971 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.918035030 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.918104887 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:17.918121099 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.923998117 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.924069881 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:17.924097061 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.929934978 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.930098057 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:17.930110931 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.935863972 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.935951948 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:17.935976028 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.941983938 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.942038059 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:17.942059994 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.947858095 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.947926998 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:17.947947025 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.953816891 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.953993082 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:17.954016924 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.959652901 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.959829092 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:17.959851980 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.965751886 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.965841055 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:17.965856075 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.974457979 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.974504948 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.974520922 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:17.974546909 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.974615097 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:17.980557919 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.986473083 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.986505985 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.986522913 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:17.986538887 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.986655951 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:17.992477894 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.998456001 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:17.998512983 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:17.998528957 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:18.004417896 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:18.004441977 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:18.004489899 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:18.004508018 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:18.004913092 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:18.010284901 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:18.016201019 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:18.016233921 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:18.016243935 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:18.016262054 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:18.016303062 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:18.021871090 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:18.027475119 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:18.027549028 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:18.027611017 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:18.027642965 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:18.028255939 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:18.032967091 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:18.038383007 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:18.038429976 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:18.038440943 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:18.038460970 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:18.038563967 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:18.043759108 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:18.046468973 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:18.046547890 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:18.046571970 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:18.051954031 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:18.052041054 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:18.052135944 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:18.089956045 CEST49712443192.168.2.9142.251.2.132
                                                                                                                                                          Apr 24, 2024 06:57:18.089989901 CEST44349712142.251.2.132192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:20.227900982 CEST49720443192.168.2.9172.64.41.3
                                                                                                                                                          Apr 24, 2024 06:57:20.227960110 CEST44349720172.64.41.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:20.228085041 CEST49720443192.168.2.9172.64.41.3
                                                                                                                                                          Apr 24, 2024 06:57:20.228558064 CEST49721443192.168.2.9172.64.41.3
                                                                                                                                                          Apr 24, 2024 06:57:20.228627920 CEST44349721172.64.41.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:20.228677988 CEST49721443192.168.2.9172.64.41.3
                                                                                                                                                          Apr 24, 2024 06:57:20.319206953 CEST49722443192.168.2.9172.64.41.3
                                                                                                                                                          Apr 24, 2024 06:57:20.319253922 CEST44349722172.64.41.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:20.319360971 CEST49723443192.168.2.9172.64.41.3
                                                                                                                                                          Apr 24, 2024 06:57:20.319394112 CEST49722443192.168.2.9172.64.41.3
                                                                                                                                                          Apr 24, 2024 06:57:20.319399118 CEST44349723172.64.41.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:20.319521904 CEST49723443192.168.2.9172.64.41.3
                                                                                                                                                          Apr 24, 2024 06:57:20.333893061 CEST49725443192.168.2.9162.159.61.3
                                                                                                                                                          Apr 24, 2024 06:57:20.333915949 CEST44349725162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:20.334032059 CEST49725443192.168.2.9162.159.61.3
                                                                                                                                                          Apr 24, 2024 06:57:20.334280014 CEST49725443192.168.2.9162.159.61.3
                                                                                                                                                          Apr 24, 2024 06:57:20.334287882 CEST44349725162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:20.335530996 CEST49723443192.168.2.9172.64.41.3
                                                                                                                                                          Apr 24, 2024 06:57:20.335565090 CEST44349723172.64.41.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:20.335902929 CEST49722443192.168.2.9172.64.41.3
                                                                                                                                                          Apr 24, 2024 06:57:20.335937023 CEST44349722172.64.41.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:20.336124897 CEST49721443192.168.2.9172.64.41.3
                                                                                                                                                          Apr 24, 2024 06:57:20.336144924 CEST44349721172.64.41.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:20.336520910 CEST49720443192.168.2.9172.64.41.3
                                                                                                                                                          Apr 24, 2024 06:57:20.336548090 CEST44349720172.64.41.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:20.657855988 CEST44349725162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:20.658006907 CEST44349722172.64.41.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:20.661015987 CEST44349723172.64.41.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:20.661784887 CEST44349721172.64.41.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:20.663542032 CEST44349720172.64.41.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:20.683386087 CEST49725443192.168.2.9162.159.61.3
                                                                                                                                                          Apr 24, 2024 06:57:20.683403015 CEST44349725162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:20.683559895 CEST49722443192.168.2.9172.64.41.3
                                                                                                                                                          Apr 24, 2024 06:57:20.683589935 CEST44349722172.64.41.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:20.683685064 CEST49721443192.168.2.9172.64.41.3
                                                                                                                                                          Apr 24, 2024 06:57:20.683717012 CEST44349721172.64.41.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:20.683794975 CEST49723443192.168.2.9172.64.41.3
                                                                                                                                                          Apr 24, 2024 06:57:20.683809996 CEST44349723172.64.41.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:20.683907032 CEST49720443192.168.2.9172.64.41.3
                                                                                                                                                          Apr 24, 2024 06:57:20.683932066 CEST44349720172.64.41.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:20.685866117 CEST44349725162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:20.685949087 CEST49725443192.168.2.9162.159.61.3
                                                                                                                                                          Apr 24, 2024 06:57:20.686208963 CEST44349723172.64.41.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:20.686275959 CEST49723443192.168.2.9172.64.41.3
                                                                                                                                                          Apr 24, 2024 06:57:20.686496973 CEST44349720172.64.41.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:20.686557055 CEST49720443192.168.2.9172.64.41.3
                                                                                                                                                          Apr 24, 2024 06:57:20.687623024 CEST44349721172.64.41.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:20.687717915 CEST49721443192.168.2.9172.64.41.3
                                                                                                                                                          Apr 24, 2024 06:57:20.687900066 CEST44349722172.64.41.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:20.687966108 CEST49722443192.168.2.9172.64.41.3
                                                                                                                                                          Apr 24, 2024 06:57:20.692548990 CEST49723443192.168.2.9172.64.41.3
                                                                                                                                                          Apr 24, 2024 06:57:20.692624092 CEST44349723172.64.41.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:20.692739010 CEST49721443192.168.2.9172.64.41.3
                                                                                                                                                          Apr 24, 2024 06:57:20.692826986 CEST49720443192.168.2.9172.64.41.3
                                                                                                                                                          Apr 24, 2024 06:57:20.692889929 CEST49722443192.168.2.9172.64.41.3
                                                                                                                                                          Apr 24, 2024 06:57:20.692979097 CEST44349720172.64.41.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:20.692984104 CEST44349721172.64.41.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:20.693005085 CEST49723443192.168.2.9172.64.41.3
                                                                                                                                                          Apr 24, 2024 06:57:20.693013906 CEST44349723172.64.41.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:20.693094969 CEST49721443192.168.2.9172.64.41.3
                                                                                                                                                          Apr 24, 2024 06:57:20.693111897 CEST44349721172.64.41.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:20.693257093 CEST44349722172.64.41.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:20.695014954 CEST49725443192.168.2.9162.159.61.3
                                                                                                                                                          Apr 24, 2024 06:57:20.695142031 CEST44349725162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:20.695154905 CEST49725443192.168.2.9162.159.61.3
                                                                                                                                                          Apr 24, 2024 06:57:20.736148119 CEST44349725162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:20.775029898 CEST49720443192.168.2.9172.64.41.3
                                                                                                                                                          Apr 24, 2024 06:57:20.775048018 CEST49723443192.168.2.9172.64.41.3
                                                                                                                                                          Apr 24, 2024 06:57:20.775052071 CEST49721443192.168.2.9172.64.41.3
                                                                                                                                                          Apr 24, 2024 06:57:20.775054932 CEST49722443192.168.2.9172.64.41.3
                                                                                                                                                          Apr 24, 2024 06:57:20.775059938 CEST44349720172.64.41.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:20.775090933 CEST44349722172.64.41.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:20.775095940 CEST49725443192.168.2.9162.159.61.3
                                                                                                                                                          Apr 24, 2024 06:57:20.775106907 CEST44349725162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:20.864708900 CEST49720443192.168.2.9172.64.41.3
                                                                                                                                                          Apr 24, 2024 06:57:20.907164097 CEST49722443192.168.2.9172.64.41.3
                                                                                                                                                          Apr 24, 2024 06:57:20.907231092 CEST49725443192.168.2.9162.159.61.3
                                                                                                                                                          Apr 24, 2024 06:57:20.912118912 CEST44349720172.64.41.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:20.930068016 CEST49726443192.168.2.9162.159.61.3
                                                                                                                                                          Apr 24, 2024 06:57:20.930129051 CEST44349726162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:20.930334091 CEST49726443192.168.2.9162.159.61.3
                                                                                                                                                          Apr 24, 2024 06:57:20.930629015 CEST49726443192.168.2.9162.159.61.3
                                                                                                                                                          Apr 24, 2024 06:57:20.930644035 CEST44349726162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:20.930717945 CEST49722443192.168.2.9172.64.41.3
                                                                                                                                                          Apr 24, 2024 06:57:20.976119041 CEST44349722172.64.41.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:20.999903917 CEST44349725162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:21.000013113 CEST44349725162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:21.000242949 CEST44349723172.64.41.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:21.000324965 CEST44349723172.64.41.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:21.000323057 CEST49725443192.168.2.9162.159.61.3
                                                                                                                                                          Apr 24, 2024 06:57:21.000377893 CEST49723443192.168.2.9172.64.41.3
                                                                                                                                                          Apr 24, 2024 06:57:21.003252029 CEST44349721172.64.41.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:21.003340006 CEST44349721172.64.41.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:21.003597021 CEST49721443192.168.2.9172.64.41.3
                                                                                                                                                          Apr 24, 2024 06:57:21.005842924 CEST49725443192.168.2.9162.159.61.3
                                                                                                                                                          Apr 24, 2024 06:57:21.005865097 CEST44349725162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:21.006156921 CEST49723443192.168.2.9172.64.41.3
                                                                                                                                                          Apr 24, 2024 06:57:21.006182909 CEST44349723172.64.41.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:21.007394075 CEST49721443192.168.2.9172.64.41.3
                                                                                                                                                          Apr 24, 2024 06:57:21.007411957 CEST44349721172.64.41.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:21.173017979 CEST44349720172.64.41.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:21.173114061 CEST44349720172.64.41.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:21.173185110 CEST49720443192.168.2.9172.64.41.3
                                                                                                                                                          Apr 24, 2024 06:57:21.177375078 CEST49720443192.168.2.9172.64.41.3
                                                                                                                                                          Apr 24, 2024 06:57:21.177397013 CEST44349720172.64.41.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:21.239089966 CEST44349722172.64.41.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:21.239310026 CEST44349722172.64.41.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:21.239381075 CEST49722443192.168.2.9172.64.41.3
                                                                                                                                                          Apr 24, 2024 06:57:21.239593983 CEST49722443192.168.2.9172.64.41.3
                                                                                                                                                          Apr 24, 2024 06:57:21.239613056 CEST44349722172.64.41.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:21.242887974 CEST44349726162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:21.243269920 CEST49726443192.168.2.9162.159.61.3
                                                                                                                                                          Apr 24, 2024 06:57:21.243282080 CEST44349726162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:21.243745089 CEST44349726162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:21.244227886 CEST49726443192.168.2.9162.159.61.3
                                                                                                                                                          Apr 24, 2024 06:57:21.244321108 CEST44349726162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:21.244555950 CEST49726443192.168.2.9162.159.61.3
                                                                                                                                                          Apr 24, 2024 06:57:21.288120985 CEST44349726162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:21.592406988 CEST44349726162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:21.592494011 CEST44349726162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:21.592598915 CEST49726443192.168.2.9162.159.61.3
                                                                                                                                                          Apr 24, 2024 06:57:21.597352028 CEST49726443192.168.2.9162.159.61.3
                                                                                                                                                          Apr 24, 2024 06:57:21.597369909 CEST44349726162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:21.919992924 CEST49728443192.168.2.9152.195.19.97
                                                                                                                                                          Apr 24, 2024 06:57:21.920031071 CEST44349728152.195.19.97192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:21.920387030 CEST49728443192.168.2.9152.195.19.97
                                                                                                                                                          Apr 24, 2024 06:57:21.920387030 CEST49728443192.168.2.9152.195.19.97
                                                                                                                                                          Apr 24, 2024 06:57:21.920423031 CEST44349728152.195.19.97192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:22.411304951 CEST44349728152.195.19.97192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:22.491158009 CEST49728443192.168.2.9152.195.19.97
                                                                                                                                                          Apr 24, 2024 06:57:22.491173029 CEST44349728152.195.19.97192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:22.495100975 CEST44349728152.195.19.97192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:22.495142937 CEST44349728152.195.19.97192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:22.495476961 CEST49728443192.168.2.9152.195.19.97
                                                                                                                                                          Apr 24, 2024 06:57:22.498838902 CEST49728443192.168.2.9152.195.19.97
                                                                                                                                                          Apr 24, 2024 06:57:22.499018908 CEST49728443192.168.2.9152.195.19.97
                                                                                                                                                          Apr 24, 2024 06:57:22.499027014 CEST44349728152.195.19.97192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:22.499089003 CEST44349728152.195.19.97192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:22.563035011 CEST49728443192.168.2.9152.195.19.97
                                                                                                                                                          Apr 24, 2024 06:57:22.563060999 CEST44349728152.195.19.97192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:22.672820091 CEST49728443192.168.2.9152.195.19.97
                                                                                                                                                          Apr 24, 2024 06:57:22.728374958 CEST44349728152.195.19.97192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:22.728470087 CEST44349728152.195.19.97192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:22.728492975 CEST44349728152.195.19.97192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:22.728549004 CEST49728443192.168.2.9152.195.19.97
                                                                                                                                                          Apr 24, 2024 06:57:22.728560925 CEST44349728152.195.19.97192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:22.728579044 CEST44349728152.195.19.97192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:22.728594065 CEST44349728152.195.19.97192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:22.728598118 CEST49728443192.168.2.9152.195.19.97
                                                                                                                                                          Apr 24, 2024 06:57:22.728637934 CEST49728443192.168.2.9152.195.19.97
                                                                                                                                                          Apr 24, 2024 06:57:22.728662968 CEST49728443192.168.2.9152.195.19.97
                                                                                                                                                          Apr 24, 2024 06:57:22.748128891 CEST49728443192.168.2.9152.195.19.97
                                                                                                                                                          Apr 24, 2024 06:57:22.748167038 CEST44349728152.195.19.97192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:23.169863939 CEST49730443192.168.2.9162.159.61.3
                                                                                                                                                          Apr 24, 2024 06:57:23.169893980 CEST44349730162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:23.170156956 CEST49731443192.168.2.9162.159.61.3
                                                                                                                                                          Apr 24, 2024 06:57:23.170161009 CEST49730443192.168.2.9162.159.61.3
                                                                                                                                                          Apr 24, 2024 06:57:23.170175076 CEST44349731162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:23.170249939 CEST49731443192.168.2.9162.159.61.3
                                                                                                                                                          Apr 24, 2024 06:57:23.171659946 CEST49730443192.168.2.9162.159.61.3
                                                                                                                                                          Apr 24, 2024 06:57:23.171669960 CEST44349730162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:23.171941996 CEST49731443192.168.2.9162.159.61.3
                                                                                                                                                          Apr 24, 2024 06:57:23.171957970 CEST44349731162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:23.484725952 CEST44349731162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:23.485017061 CEST49731443192.168.2.9162.159.61.3
                                                                                                                                                          Apr 24, 2024 06:57:23.485023975 CEST44349731162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:23.485477924 CEST44349731162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:23.486589909 CEST49731443192.168.2.9162.159.61.3
                                                                                                                                                          Apr 24, 2024 06:57:23.486680984 CEST44349731162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:23.489197969 CEST44349730162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:23.489496946 CEST49730443192.168.2.9162.159.61.3
                                                                                                                                                          Apr 24, 2024 06:57:23.489510059 CEST44349730162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:23.490746975 CEST44349730162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:23.491161108 CEST49730443192.168.2.9162.159.61.3
                                                                                                                                                          Apr 24, 2024 06:57:23.491364002 CEST44349730162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:23.571768045 CEST49731443192.168.2.9162.159.61.3
                                                                                                                                                          Apr 24, 2024 06:57:23.571780920 CEST49730443192.168.2.9162.159.61.3
                                                                                                                                                          Apr 24, 2024 06:57:38.480710030 CEST44349730162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:38.480787039 CEST44349730162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:38.480854034 CEST49730443192.168.2.9162.159.61.3
                                                                                                                                                          Apr 24, 2024 06:57:38.481645107 CEST44349731162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:38.481722116 CEST44349731162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:38.481771946 CEST49731443192.168.2.9162.159.61.3
                                                                                                                                                          Apr 24, 2024 06:58:14.592206001 CEST49731443192.168.2.9162.159.61.3
                                                                                                                                                          Apr 24, 2024 06:58:14.592236996 CEST44349731162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:58:14.592238903 CEST49730443192.168.2.9162.159.61.3
                                                                                                                                                          Apr 24, 2024 06:58:14.592277050 CEST44349730162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:15.338622093 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:15.338690996 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:15.338768959 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:15.339015961 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:15.339030981 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:15.831022978 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:15.831321001 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:15.831351042 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:15.832416058 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:15.832475901 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:15.834059000 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:15.834136963 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:15.834249020 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:15.834254980 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:15.884197950 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:16.717782021 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:16.717814922 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:16.717823982 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:16.717850924 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:16.717878103 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:16.717927933 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:16.717956066 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:16.717988014 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:16.718022108 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:16.718813896 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:16.718831062 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:16.718905926 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:16.718911886 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:16.718950033 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:16.878252029 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:16.878315926 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:16.878401995 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:16.878429890 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:16.878470898 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:16.879188061 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:16.879229069 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:16.879259109 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:16.879266977 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:16.879286051 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:16.879307032 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:16.880076885 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:16.880140066 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:16.880283117 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:16.880290031 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:16.880330086 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:17.038470984 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.038541079 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.038568974 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:17.038599968 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.038614035 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:17.038646936 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:17.039295912 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.039338112 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.039352894 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:17.039359093 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.039387941 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:17.039402008 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:17.040138006 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.040179014 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.040200949 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:17.040205956 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.040293932 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:17.040967941 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.041008949 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.041035891 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:17.041040897 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.041065931 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:17.041085958 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:17.041867971 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.041908979 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.041945934 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:17.041949987 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.041977882 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:17.041992903 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:17.042776108 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.042819023 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.042836905 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:17.042877913 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.042926073 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:17.044779062 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:17.197789907 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.197870970 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.197993040 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:17.198016882 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.198043108 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.198092937 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.198137045 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:17.198143005 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.198255062 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:17.198271036 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.198312998 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.198378086 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:17.198383093 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.198458910 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:17.198780060 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.198822021 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.198874950 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:17.198879004 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.198941946 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:17.199289083 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.199328899 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.199377060 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:17.199381113 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.199445009 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:17.199790955 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.199835062 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.199918032 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:17.199923992 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.200014114 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:17.200258017 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.200299025 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.200360060 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:17.200366020 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.200408936 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:17.200460911 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:17.200514078 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.200573921 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.200608969 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:17.200613976 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.200704098 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:17.201071024 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.201109886 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.201163054 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:17.201168060 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.201225042 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:17.201505899 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.201548100 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.201597929 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:17.201601982 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.201683044 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:17.202522039 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.202563047 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.202616930 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:17.202630997 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.202678919 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:17.202728987 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:17.202892065 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.202930927 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.203036070 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:17.203042030 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.203123093 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:17.203372002 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.203412056 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.203490019 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:17.203495979 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.203574896 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:17.358952999 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.359016895 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.359085083 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:17.359112978 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.359155893 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:17.359199047 CEST4434974013.107.246.69192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:17.359249115 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:17.359486103 CEST49740443192.168.2.913.107.246.69
                                                                                                                                                          Apr 24, 2024 07:00:17.359503984 CEST4434974013.107.246.69192.168.2.9

                                                                                                                                                          UDP Packets

                                                                                                                                                          TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                          Apr 24, 2024 06:57:16.640254974 CEST4954853192.168.2.91.1.1.1
                                                                                                                                                          Apr 24, 2024 06:57:16.640558958 CEST4932153192.168.2.91.1.1.1
                                                                                                                                                          Apr 24, 2024 06:57:16.793806076 CEST53493211.1.1.1192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:16.793829918 CEST53495481.1.1.1192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:20.018158913 CEST6152953192.168.2.91.1.1.1
                                                                                                                                                          Apr 24, 2024 06:57:20.018419981 CEST6220153192.168.2.91.1.1.1
                                                                                                                                                          Apr 24, 2024 06:57:20.018846035 CEST6505753192.168.2.91.1.1.1
                                                                                                                                                          Apr 24, 2024 06:57:20.018955946 CEST6521153192.168.2.91.1.1.1
                                                                                                                                                          Apr 24, 2024 06:57:20.047477007 CEST5314053192.168.2.91.1.1.1
                                                                                                                                                          Apr 24, 2024 06:57:20.047640085 CEST5305553192.168.2.91.1.1.1
                                                                                                                                                          Apr 24, 2024 06:57:20.171842098 CEST53622011.1.1.1192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:20.172091007 CEST53615291.1.1.1192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:20.172301054 CEST53650571.1.1.1192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:20.173451900 CEST53652111.1.1.1192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:20.201098919 CEST53531401.1.1.1192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:20.201337099 CEST53530551.1.1.1192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:21.600349903 CEST58750443192.168.2.9172.64.41.3
                                                                                                                                                          Apr 24, 2024 06:57:21.755009890 CEST44358750172.64.41.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:21.755182981 CEST44358750172.64.41.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:21.755198002 CEST44358750172.64.41.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:21.756751060 CEST58750443192.168.2.9172.64.41.3
                                                                                                                                                          Apr 24, 2024 06:57:21.757199049 CEST58750443192.168.2.9172.64.41.3
                                                                                                                                                          Apr 24, 2024 06:57:21.757368088 CEST58750443192.168.2.9172.64.41.3
                                                                                                                                                          Apr 24, 2024 06:57:21.757863045 CEST58750443192.168.2.9172.64.41.3
                                                                                                                                                          Apr 24, 2024 06:57:21.757965088 CEST58750443192.168.2.9172.64.41.3
                                                                                                                                                          Apr 24, 2024 06:57:21.910672903 CEST44358750172.64.41.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:21.910692930 CEST44358750172.64.41.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:21.910746098 CEST44358750172.64.41.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:21.910765886 CEST44358750172.64.41.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:21.910820007 CEST44358750172.64.41.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:21.911876917 CEST58750443192.168.2.9172.64.41.3
                                                                                                                                                          Apr 24, 2024 06:57:21.912081957 CEST58750443192.168.2.9172.64.41.3
                                                                                                                                                          Apr 24, 2024 06:57:21.912185907 CEST44358750172.64.41.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:21.913203001 CEST44358750172.64.41.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:21.913825989 CEST44358750172.64.41.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:21.919523954 CEST58750443192.168.2.9172.64.41.3
                                                                                                                                                          Apr 24, 2024 06:57:22.065197945 CEST44358750172.64.41.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:22.107391119 CEST58750443192.168.2.9172.64.41.3
                                                                                                                                                          Apr 24, 2024 06:57:23.162977934 CEST58750443192.168.2.9172.64.41.3
                                                                                                                                                          Apr 24, 2024 06:57:23.163532019 CEST58750443192.168.2.9172.64.41.3
                                                                                                                                                          Apr 24, 2024 06:57:23.168967962 CEST55162443192.168.2.9162.159.61.3
                                                                                                                                                          Apr 24, 2024 06:57:23.317014933 CEST44358750172.64.41.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:23.317727089 CEST44358750172.64.41.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:23.317826033 CEST44358750172.64.41.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:23.318070889 CEST58750443192.168.2.9172.64.41.3
                                                                                                                                                          Apr 24, 2024 06:57:23.322904110 CEST44355162162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:23.323843956 CEST44355162162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:23.324115038 CEST44355162162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:23.324129105 CEST44355162162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:23.324706078 CEST55162443192.168.2.9162.159.61.3
                                                                                                                                                          Apr 24, 2024 06:57:23.325757980 CEST55162443192.168.2.9162.159.61.3
                                                                                                                                                          Apr 24, 2024 06:57:23.325865984 CEST55162443192.168.2.9162.159.61.3
                                                                                                                                                          Apr 24, 2024 06:57:23.326184988 CEST55162443192.168.2.9162.159.61.3
                                                                                                                                                          Apr 24, 2024 06:57:23.326298952 CEST55162443192.168.2.9162.159.61.3
                                                                                                                                                          Apr 24, 2024 06:57:23.479226112 CEST44355162162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:23.479249001 CEST44355162162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:23.479260921 CEST44355162162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:23.479271889 CEST44355162162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:23.479799032 CEST55162443192.168.2.9162.159.61.3
                                                                                                                                                          Apr 24, 2024 06:57:23.479861975 CEST55162443192.168.2.9162.159.61.3
                                                                                                                                                          Apr 24, 2024 06:57:23.481270075 CEST44355162162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:23.482793093 CEST44355162162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:23.482837915 CEST44355162162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:23.483194113 CEST55162443192.168.2.9162.159.61.3
                                                                                                                                                          Apr 24, 2024 06:57:23.633232117 CEST44355162162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 06:57:23.696938038 CEST55162443192.168.2.9162.159.61.3
                                                                                                                                                          Apr 24, 2024 07:00:14.181540966 CEST4926653192.168.2.91.1.1.1
                                                                                                                                                          Apr 24, 2024 07:00:14.181689024 CEST5864953192.168.2.91.1.1.1
                                                                                                                                                          Apr 24, 2024 07:00:14.335669041 CEST53492661.1.1.1192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:14.335695028 CEST53586491.1.1.1192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:14.337553978 CEST52692443192.168.2.9162.159.61.3
                                                                                                                                                          Apr 24, 2024 07:00:14.337750912 CEST52692443192.168.2.9162.159.61.3
                                                                                                                                                          Apr 24, 2024 07:00:14.338011980 CEST52692443192.168.2.9162.159.61.3
                                                                                                                                                          Apr 24, 2024 07:00:14.338114977 CEST52692443192.168.2.9162.159.61.3
                                                                                                                                                          Apr 24, 2024 07:00:14.492592096 CEST44352692162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:14.493634939 CEST44352692162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:14.493693113 CEST44352692162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:14.493827105 CEST44352692162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:14.493866920 CEST44352692162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:14.494187117 CEST52692443192.168.2.9162.159.61.3
                                                                                                                                                          Apr 24, 2024 07:00:14.494488955 CEST52692443192.168.2.9162.159.61.3
                                                                                                                                                          Apr 24, 2024 07:00:14.494709969 CEST52692443192.168.2.9162.159.61.3
                                                                                                                                                          Apr 24, 2024 07:00:14.494854927 CEST52692443192.168.2.9162.159.61.3
                                                                                                                                                          Apr 24, 2024 07:00:14.495007992 CEST44352692162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:14.495080948 CEST44352692162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:14.508337975 CEST52692443192.168.2.9162.159.61.3
                                                                                                                                                          Apr 24, 2024 07:00:14.647435904 CEST44352692162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:14.647777081 CEST44352692162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:14.647999048 CEST52692443192.168.2.9162.159.61.3
                                                                                                                                                          Apr 24, 2024 07:00:15.180790901 CEST52692443192.168.2.9162.159.61.3
                                                                                                                                                          Apr 24, 2024 07:00:15.180891991 CEST52692443192.168.2.9162.159.61.3
                                                                                                                                                          Apr 24, 2024 07:00:15.335201979 CEST44352692162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:15.336695910 CEST44352692162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:15.337291956 CEST44352692162.159.61.3192.168.2.9
                                                                                                                                                          Apr 24, 2024 07:00:15.337682009 CEST52692443192.168.2.9162.159.61.3

                                                                                                                                                          DNS Queries

                                                                                                                                                          TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                                                          Apr 24, 2024 06:57:16.640254974 CEST192.168.2.91.1.1.10x59f8Standard query (0)clients2.googleusercontent.comA (IP address)IN (0x0001)false
                                                                                                                                                          Apr 24, 2024 06:57:16.640558958 CEST192.168.2.91.1.1.10xf941Standard query (0)clients2.googleusercontent.com65IN (0x0001)false
                                                                                                                                                          Apr 24, 2024 06:57:20.018158913 CEST192.168.2.91.1.1.10xbd4eStandard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                                                                                          Apr 24, 2024 06:57:20.018419981 CEST192.168.2.91.1.1.10xaeb4Standard query (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                          Apr 24, 2024 06:57:20.018846035 CEST192.168.2.91.1.1.10x94daStandard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                                                                                          Apr 24, 2024 06:57:20.018955946 CEST192.168.2.91.1.1.10x4dcfStandard query (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                          Apr 24, 2024 06:57:20.047477007 CEST192.168.2.91.1.1.10x87c0Standard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                                                                                          Apr 24, 2024 06:57:20.047640085 CEST192.168.2.91.1.1.10x813Standard query (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                          Apr 24, 2024 07:00:14.181540966 CEST192.168.2.91.1.1.10x9f05Standard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                                                                                          Apr 24, 2024 07:00:14.181689024 CEST192.168.2.91.1.1.10xb2bcStandard query (0)chrome.cloudflare-dns.com65IN (0x0001)false

                                                                                                                                                          DNS Answers

                                                                                                                                                          TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                                                          Apr 24, 2024 06:57:16.793806076 CEST1.1.1.1192.168.2.90xf941No error (0)clients2.googleusercontent.comgooglehosted.l.googleusercontent.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                          Apr 24, 2024 06:57:16.793829918 CEST1.1.1.1192.168.2.90x59f8No error (0)clients2.googleusercontent.comgooglehosted.l.googleusercontent.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                          Apr 24, 2024 06:57:16.793829918 CEST1.1.1.1192.168.2.90x59f8No error (0)googlehosted.l.googleusercontent.com142.251.2.132A (IP address)IN (0x0001)false
                                                                                                                                                          Apr 24, 2024 06:57:18.262684107 CEST1.1.1.1192.168.2.90xd704No error (0)scdn1f005.wpc.ad629.nucdn.netsni1gl.wpc.nucdn.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                          Apr 24, 2024 06:57:18.262684107 CEST1.1.1.1192.168.2.90xd704No error (0)sni1gl.wpc.nucdn.net152.195.19.97A (IP address)IN (0x0001)false
                                                                                                                                                          Apr 24, 2024 06:57:18.262712955 CEST1.1.1.1192.168.2.90x3c53No error (0)scdn1f005.wpc.ad629.nucdn.netsni1gl.wpc.nucdn.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                          Apr 24, 2024 06:57:19.292537928 CEST1.1.1.1192.168.2.90x845No error (0)scdn1f005.wpc.ad629.nucdn.netsni1gl.wpc.nucdn.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                          Apr 24, 2024 06:57:19.292537928 CEST1.1.1.1192.168.2.90x845No error (0)sni1gl.wpc.nucdn.net152.195.19.97A (IP address)IN (0x0001)false
                                                                                                                                                          Apr 24, 2024 06:57:19.292563915 CEST1.1.1.1192.168.2.90xcd3fNo error (0)scdn1f005.wpc.ad629.nucdn.netsni1gl.wpc.nucdn.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                          Apr 24, 2024 06:57:20.171842098 CEST1.1.1.1192.168.2.90xaeb4No error (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                          Apr 24, 2024 06:57:20.172091007 CEST1.1.1.1192.168.2.90xbd4eNo error (0)chrome.cloudflare-dns.com162.159.61.3A (IP address)IN (0x0001)false
                                                                                                                                                          Apr 24, 2024 06:57:20.172091007 CEST1.1.1.1192.168.2.90xbd4eNo error (0)chrome.cloudflare-dns.com172.64.41.3A (IP address)IN (0x0001)false
                                                                                                                                                          Apr 24, 2024 06:57:20.172301054 CEST1.1.1.1192.168.2.90x94daNo error (0)chrome.cloudflare-dns.com172.64.41.3A (IP address)IN (0x0001)false
                                                                                                                                                          Apr 24, 2024 06:57:20.172301054 CEST1.1.1.1192.168.2.90x94daNo error (0)chrome.cloudflare-dns.com162.159.61.3A (IP address)IN (0x0001)false
                                                                                                                                                          Apr 24, 2024 06:57:20.173451900 CEST1.1.1.1192.168.2.90x4dcfNo error (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                          Apr 24, 2024 06:57:20.201098919 CEST1.1.1.1192.168.2.90x87c0No error (0)chrome.cloudflare-dns.com172.64.41.3A (IP address)IN (0x0001)false
                                                                                                                                                          Apr 24, 2024 06:57:20.201098919 CEST1.1.1.1192.168.2.90x87c0No error (0)chrome.cloudflare-dns.com162.159.61.3A (IP address)IN (0x0001)false
                                                                                                                                                          Apr 24, 2024 06:57:20.201337099 CEST1.1.1.1192.168.2.90x813No error (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                          Apr 24, 2024 06:57:21.332869053 CEST1.1.1.1192.168.2.90x7245No error (0)scdn1f005.wpc.ad629.nucdn.netsni1gl.wpc.nucdn.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                          Apr 24, 2024 06:57:21.332869053 CEST1.1.1.1192.168.2.90x7245No error (0)sni1gl.wpc.nucdn.net152.195.19.97A (IP address)IN (0x0001)false
                                                                                                                                                          Apr 24, 2024 06:57:22.349956036 CEST1.1.1.1192.168.2.90x7245No error (0)scdn1f005.wpc.ad629.nucdn.netsni1gl.wpc.nucdn.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                          Apr 24, 2024 06:57:22.349956036 CEST1.1.1.1192.168.2.90x7245No error (0)sni1gl.wpc.nucdn.net152.195.19.97A (IP address)IN (0x0001)false
                                                                                                                                                          Apr 24, 2024 06:57:23.378626108 CEST1.1.1.1192.168.2.90x7245No error (0)scdn1f005.wpc.ad629.nucdn.netsni1gl.wpc.nucdn.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                          Apr 24, 2024 06:57:23.378626108 CEST1.1.1.1192.168.2.90x7245No error (0)sni1gl.wpc.nucdn.net152.195.19.97A (IP address)IN (0x0001)false
                                                                                                                                                          Apr 24, 2024 06:57:25.381985903 CEST1.1.1.1192.168.2.90x7245No error (0)scdn1f005.wpc.ad629.nucdn.netsni1gl.wpc.nucdn.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                          Apr 24, 2024 06:57:25.381985903 CEST1.1.1.1192.168.2.90x7245No error (0)sni1gl.wpc.nucdn.net152.195.19.97A (IP address)IN (0x0001)false
                                                                                                                                                          Apr 24, 2024 06:57:29.392194033 CEST1.1.1.1192.168.2.90x7245No error (0)scdn1f005.wpc.ad629.nucdn.netsni1gl.wpc.nucdn.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                          Apr 24, 2024 06:57:29.392194033 CEST1.1.1.1192.168.2.90x7245No error (0)sni1gl.wpc.nucdn.net152.195.19.97A (IP address)IN (0x0001)false
                                                                                                                                                          Apr 24, 2024 07:00:14.335669041 CEST1.1.1.1192.168.2.90x9f05No error (0)chrome.cloudflare-dns.com162.159.61.3A (IP address)IN (0x0001)false
                                                                                                                                                          Apr 24, 2024 07:00:14.335669041 CEST1.1.1.1192.168.2.90x9f05No error (0)chrome.cloudflare-dns.com172.64.41.3A (IP address)IN (0x0001)false
                                                                                                                                                          Apr 24, 2024 07:00:14.335695028 CEST1.1.1.1192.168.2.90xb2bcNo error (0)chrome.cloudflare-dns.com65IN (0x0001)false

                                                                                                                                                          HTTP Request Dependency Graph

                                                                                                                                                          • clients2.googleusercontent.com
                                                                                                                                                          • chrome.cloudflare-dns.com
                                                                                                                                                          • msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com
                                                                                                                                                          • edgeassetservice.azureedge.net

                                                                                                                                                          HTTPS Proxied Packets

                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                          0192.168.2.949712142.251.2.1324437472C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                          2024-04-24 04:57:17 UTC580OUTGET /crx/blobs/AfQPRnlBHVf9QbAmjPnmJQnDwEcerxafOq8p01cAfJ5QoFk2s6gAMnMY_23BNiizXK2e-3smriJGTe2WOZO9s5X2xejbvoKpPILOKN2-0t9ZbrurACaLAMZSmuXX9slHldVQ07B5bvw6KCm_x6CONA/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_76_1_0.crx HTTP/1.1
                                                                                                                                                          Host: clients2.googleusercontent.com
                                                                                                                                                          Connection: keep-alive
                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                          Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                          2024-04-24 04:57:17 UTC565INHTTP/1.1 200 OK
                                                                                                                                                          X-GUploader-UploadID: ABPtcPo2-V4lhx-W63GzLJn6NxO_0IMSY1--mxf6UfpAIrrBS81DJnIlwmra5z4e7r-VbgWREQ
                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                          Content-Length: 139091
                                                                                                                                                          X-Goog-Hash: crc32c=H9/qeQ==
                                                                                                                                                          Server: UploadServer
                                                                                                                                                          Date: Tue, 23 Apr 2024 18:32:03 GMT
                                                                                                                                                          Expires: Wed, 23 Apr 2025 18:32:03 GMT
                                                                                                                                                          Cache-Control: public, max-age=31536000
                                                                                                                                                          Age: 37514
                                                                                                                                                          Last-Modified: Thu, 18 Apr 2024 18:31:51 GMT
                                                                                                                                                          ETag: 82b50a01_49fb4719_dae394b7_fbc972d4_42d9e512
                                                                                                                                                          Content-Type: application/x-chrome-extension
                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                          Connection: close
                                                                                                                                                          2024-04-24 04:57:17 UTC690INData Raw: 43 72 32 34 03 00 00 00 f3 22 00 00 12 ac 04 0a a6 02 30 82 01 22 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 82 01 0f 00 30 82 01 0a 02 82 01 01 00 9c 5e d1 18 b0 31 22 89 f4 fd 77 8d 67 83 0b 74 fd c3 32 4a 0e 47 31 00 29 58 34 b1 bf 3d 26 90 3f 5b 6a 2c 4c 7a fd d5 6a b0 75 cf 65 5b 49 85 71 2a 42 61 2f 58 dd ee dc 50 c1 68 fc cd 84 4c 04 88 b9 99 dc 32 25 33 5f 6f f4 ae b5 ad 19 0d d4 b8 48 f7 29 27 b9 3d d6 95 65 f8 ac c8 9c 3f 15 e6 ef 1f 08 ab 11 6a e1 a9 c8 33 55 48 fd 7c bf 58 8c 4d 06 e3 97 75 cc c2 9c 73 5b a6 2a f2 ea 3f 24 f3 9c db 8a 05 9f 46 25 11 1d 18 b4 49 08 19 94 80 29 08 f2 2c 2d c0 2f 90 65 35 29 a6 66 83 e7 4f e4 b2 71 14 5e ff 90 92 01 8d d3 bf ca a0 d0 39 a0 08 28 e3 d2 5f d5 70 68 32 fe 10 5e d5 59 42 50 58 66 5f 38 cc 0b 08
                                                                                                                                                          Data Ascii: Cr24"0"0*H0^1"wgt2JG1)X4=&?[j,Lzjue[Iq*Ba/XPhL2%3_oH)'=e?j3UH|XMus[*?$F%I),-/e5)fOq^9(_ph2^YBPXf_8
                                                                                                                                                          2024-04-24 04:57:17 UTC1255INData Raw: d2 9f 7a 6c 80 d0 71 98 9f 7a 7b 13 b7 05 9c d7 02 20 17 3b cc 01 6f 51 2a 66 e2 83 e7 11 83 e2 b3 53 9d d5 24 e1 bb 2f bc cc d3 09 89 36 87 72 b7 81 22 82 40 1f 8b 08 00 00 00 00 00 00 ff bd 7c 5b 73 ab 3a ba ed 5f d9 b5 9e 77 57 21 30 5e d3 fb 6d 12 10 98 58 22 08 5d 40 bb 76 75 01 22 c1 20 30 89 49 8c e9 ea ff 7e 94 d5 bd bb eb 74 f5 74 d9 0f e7 bc 64 c6 99 dc 86 be cb 18 43 42 fe ef bf fc a6 9a 73 fd 71 9c e6 e3 69 fc ed bf 7e 9b 3f 9a a6 2d cf ed 7f 4c cd c7 7f bc 1e 75 f3 db 7f fe 76 3e be 8d 8d fa 73 7d 1a e7 66 9c 7f fb af bf fc 36 95 57 7d 2a 95 39 be b9 c6 5d 65 bb 96 14 ae 95 db 6d 5b db ad ae af fb ad 70 ce c7 62 58 be 0a 7b 7e ad 6d bd 95 d9 7e 8b fd 9f 2e 3e 5e 8e 32 d4 a3 cc b1 b5 ef 4e 47 73 7c 8b 3a 66 ef bf ff 3e e8 b3 cc d1 31 d1 f3 ef
                                                                                                                                                          Data Ascii: zlqz{ ;oQ*fS$/6r"@|[s:_wW!0^mX"]@vu" 0I~ttdCBsqi~?-Luv>s}f6W}*9]em[pbX{~m~.>^2NGs|:f>1
                                                                                                                                                          2024-04-24 04:57:17 UTC1255INData Raw: 05 ba ab f8 8e ca 80 f7 32 52 2b 03 d0 13 e3 cf 4d f9 00 3e 34 b8 61 1d 10 8b 73 6c ba 88 f7 42 2d b0 52 b8 2b a5 b5 40 c3 39 ef a9 e5 3e 15 54 43 c1 76 09 f5 25 64 0c 5d 69 80 5f 93 a7 5f e2 eb ef cd cf 2a b0 56 93 eb 52 39 38 af 35 44 86 eb 7b ca dc b2 0e 6b a0 68 61 d7 a2 5f 98 03 73 66 e3 58 69 b2 f0 20 06 a2 77 ed 47 f8 4f 59 f3 35 63 3a e1 63 60 25 7c fa 6c a8 9a 2b 4e 26 9e c7 7b 11 c6 8e 61 f3 98 84 81 9b 09 09 38 9b 7c c4 0c ff d9 e0 49 fe ba bf f4 f7 f2 43 96 f3 43 6a eb 57 d4 a9 4f 02 e1 8b 64 b0 cd 34 06 69 cf 0f 89 88 e3 72 fd 39 13 a3 33 aa 70 3e f0 4e b5 88 f2 57 66 13 fa 48 7f 91 9d 89 d9 1f 39 02 bb 0c ea d0 e8 bc c8 5c 7f 83 6d f8 82 87 d3 86 6b 7e a6 91 d7 97 ce 4f 5b f8 e4 54 db e9 a2 56 cd 6e c4 4f 57 4f f7 e1 2b ec 1f 57 9a cb 82 08
                                                                                                                                                          Data Ascii: 2R+M>4aslB-R+@9>TCv%d]i__*VR985D{kha_sfXi wGOY5c:c`%|l+N&{a8|ICCjWOd4ir93p>NWfH9\mk~O[TVnOWO+W
                                                                                                                                                          2024-04-24 04:57:17 UTC1255INData Raw: eb 1f bd 89 14 2b 5f 64 de 8e 48 13 1b 5b 96 c3 38 2c 55 80 c3 ca 87 69 19 61 82 74 e0 a8 a1 7d 22 01 e4 88 c5 a4 36 e3 4f 2c f5 b5 1f ad f3 f7 7c 6e 21 dc af 6a d0 df fd ed f5 8f 71 d4 bb 7f bd c7 45 f8 4a fe d1 23 3b 49 ea d1 3b 55 d6 4e b3 2e 0e a5 e3 71 93 fb 56 aa a5 2d ad f8 a5 c9 c0 0b e6 ed 67 b9 7a 1f c4 9a e3 3f fa 7e 08 ad 3f c6 49 ef ce 95 6d c6 31 34 78 6c 79 bd 13 5f d9 04 3f ae 15 8d 5d 29 14 4a 33 e0 d7 3e 3c 48 1d e7 e9 70 71 48 f0 e6 64 39 0c 59 a0 58 9a c7 8e c9 87 27 33 1e 1c 51 cf 79 00 5f 60 7c c9 95 33 f5 22 81 d7 a9 3e 0e 8a 4e 85 5c b7 af 55 e4 1d 13 fa d3 35 bc bf 6d b8 7e 42 81 e9 a3 0c cd ca 99 82 1a 78 e3 2d 7c b9 85 bd 3b 31 5e 71 a8 bb 2c e4 96 1a e6 8f 92 ab bd a9 11 64 3c dc 13 1e d4 58 e8 36 2c b5 ce eb 30 ee 89 6e 33 a3
                                                                                                                                                          Data Ascii: +_dH[8,Uiat}"6O,|n!jqEJ#;I;UN.qV-gz?~?Im14xly_?])J3><HpqHd9YX'3Qy_`|3">N\U5m~Bx-|;1^q,d<X6,0n3
                                                                                                                                                          2024-04-24 04:57:17 UTC1255INData Raw: 24 0f c4 6f bf c9 84 12 25 e3 a7 2c 57 5b c4 c0 20 2d 45 58 0f a3 ca e8 6d 31 92 8c 53 e2 24 21 08 70 de 5e 1a bd df 30 3b e6 bc 87 eb af f1 cd f7 e2 c3 99 00 48 75 30 4a 28 94 68 9c ce b9 e1 5b 12 29 29 99 75 a1 02 be 18 8d d6 19 3d 3b 19 7f 56 c8 11 b9 68 44 a0 1a b5 7c 20 7e 16 77 8c f7 08 71 8e c3 e9 9d 0c 1c 16 b6 de 53 d0 9e d4 88 9c 32 df cf 3c e4 a0 ee 02 53 ff 72 e6 86 0b f1 8a 1c 25 da af 1b f8 3e ee c4 27 32 8a a3 86 d7 56 13 ee f2 66 98 84 a9 7b 61 ea 64 6c 46 1c 63 e7 34 e3 41 bf d2 bc a5 8c 81 23 b3 c1 49 68 a5 a9 23 1f e1 87 4d a3 09 16 14 53 b2 b6 2b 8a da 77 2c 60 57 db 1b 97 32 ee a1 60 72 08 d3 59 1d 71 8b 83 bd 23 fd c0 f8 cf 5d 81 47 7e c3 23 cd f3 9d f8 2e 65 a0 d2 d4 ae 57 d3 c3 75 da b5 9e d4 6c 83 72 69 31 5f 71 16 2e 8c 74 9a a1
                                                                                                                                                          Data Ascii: $o%,W[ -EXm1S$!p^0;Hu0J(h[))u=;VhD| ~wqS2<Sr%>'2Vf{adlFc4A#Ih#MS+w,`W2`rYq#]G~#.eWulri1_q.t
                                                                                                                                                          2024-04-24 04:57:17 UTC1255INData Raw: 55 a7 4f 68 b0 1e e0 bf 78 9b 0d a0 6b 60 60 d5 3c 6e 79 88 fb 82 42 88 46 78 ce 18 36 de d3 b8 7a a7 be d4 c3 8f b9 19 63 a0 42 b8 25 3e 27 d8 de dd 98 df 75 ef ec 9f 7b 5b e4 6d 97 db da 38 32 cb dc 9f bc 57 fd c9 28 24 93 35 c1 65 31 7d e6 50 41 cf 78 b6 b8 c8 2d fe 52 0a fd 8a 38 3e 28 30 3d d0 5f f6 cb 81 15 97 34 df bb df ef b8 96 3e d6 d2 6f b3 8a b9 2d ea 27 50 c1 f8 50 31 b8 a7 91 1c b8 43 a0 f1 fa 22 e3 de 36 1d e0 2d 7c f7 ea 97 f5 90 4f 93 e4 13 c1 d6 8c 4b ad 85 cc 75 64 72 71 5b 05 3f dc 03 8d 2f ca 78 11 02 15 47 0c ef 8d 37 34 7d 88 0c 12 c6 8f e0 9b 0b 47 2d 19 35 fc 6a 69 ca 73 7c 96 83 bb 64 fd e4 d4 9d e1 27 aa 58 22 f0 47 ed 90 01 33 bd 94 39 b4 aa b0 b6 89 86 bf 9e df 75 bc 7b fd 1f 48 d8 c6 65 22 1e a4 d8 03 0a f8 3b ee a7 c0 68 c5
                                                                                                                                                          Data Ascii: UOhxk``<nyBFx6zcB%>'u{[m82W($5e1}PAx-R8>(0=_4>o-'PP1C"6-|OKudrq[?/xG74}G-5jis|d'X"G39u{He";h
                                                                                                                                                          2024-04-24 04:57:17 UTC1255INData Raw: 01 47 06 6e 54 b1 78 cb 05 79 49 c2 02 c8 f0 87 25 60 7c 92 06 5b da ab 77 e4 fc 7c c4 47 8c 46 bf ba 05 6d c3 26 dc 09 14 f1 d7 74 84 a6 6f bb 76 c1 77 9f 32 a8 2f 28 24 56 06 a6 89 da b8 54 bc 7d 26 ab c4 e6 99 7e 3d 8f ed 90 7b 75 68 6a 9e 7f 29 ba fd a2 20 e7 b5 19 d3 0c f2 e7 7a 65 6e 39 a8 b4 f1 c9 d1 f4 1d 5c 07 cb 4c 06 d7 4d 7b 6e 1c f9 0e 48 2e 1f e2 07 62 3c ca 81 ed 4a 1e c1 59 86 6a ce a0 7c 3a f0 dd ca 23 d2 f1 91 6c 69 38 9f 8a 15 1f 8a b5 cd 89 75 71 0a dd 2e e5 9a de e8 2f e4 5e 1f f8 61 6a ea 50 8a f9 42 c7 e2 62 3c 4c 90 6a 7c 12 42 5e 6b 0e 23 bc f2 0b e9 7f ac c2 f7 5c e4 78 4c d9 46 0f 84 f0 ab 84 d3 03 f3 d8 f1 98 50 e4 10 c7 cb 14 53 ba 61 f3 73 39 40 50 45 53 51 e6 38 26 be 1e 90 c6 25 86 8a e0 3c b8 a0 d5 db 70 7b 9a ab 48 ff 7a
                                                                                                                                                          Data Ascii: GnTxyI%`|[w|GFm&tovw2/($VT}&~={uhj) zen9\LM{nH.b<JYj|:#li8uq./^ajPBb<Lj|B^k#\xLFPSas9@PESQ8&%<p{Hz
                                                                                                                                                          2024-04-24 04:57:17 UTC1255INData Raw: 31 96 3d 7f 02 23 a6 86 1b fb 5d f7 af 71 34 7a 60 a8 6d 7c 35 5e fd 53 86 bb 4e 09 a0 ab 91 bc 56 86 48 ab a3 c1 7e fd 77 fb 17 e2 05 85 aa e0 d0 68 44 c8 e7 cc 68 8c 03 d3 8c 85 64 4b 06 f9 29 f3 e9 bd b2 e4 33 13 e4 15 1b 5d c2 8d ce 32 79 f7 55 8b bf ef 3f f9 e7 38 5f be f7 63 e5 b6 c9 9b 81 f7 b9 f3 3d 06 fa f2 c7 98 ff bb fb 0e 68 a6 96 7e a7 86 87 71 c0 9f 0b e0 d1 03 73 f7 55 ee b9 c6 3b 69 d6 63 8f 44 6c ad 46 6c 08 b4 58 88 ff d3 c9 78 dc e5 ff bb 6f e9 9f f7 5d 65 1e db a5 c0 3a 77 d4 57 3d cc ba d6 bb 63 29 4c 3e 45 f1 97 fc e5 fd 77 83 39 27 ca 81 f1 92 5d 6b fc 56 0c a9 38 bb a5 15 6f 32 d6 26 28 2f ec 84 b5 a7 2c 04 25 07 4a 23 a3 fd ca b5 b6 ab ee ed f8 ca ad f3 7e 90 e6 5e 46 0b fe 6d ff c9 f7 98 ff 2d 97 4c 6e fd 71 0f b8 3b 7e ef e9 2a
                                                                                                                                                          Data Ascii: 1=#]q4z`m|5^SNVH~whDhdK)3]2yU?8_c=h~qsU;icDlFlXxo]e:wW=c)L>Ew9']kV8o2&(/,%J#~^Fm-Lnq;~*
                                                                                                                                                          2024-04-24 04:57:17 UTC1255INData Raw: 76 d5 ab f1 d4 d9 78 ea 7c 3c f5 72 3c f5 f5 78 ea 9b f1 d4 ab 31 d4 10 a1 9c ea 08 6a ca a2 d5 ae 7d 86 ba 42 6e 80 68 75 4a da bb e1 e8 a5 d1 a1 f1 22 aa af 20 14 89 3d 01 df a3 ce 40 48 ef 8c b6 b8 56 cb ec a3 68 81 ad 8e 8d 95 40 f6 c8 dc f1 e0 8d 96 bb e2 2d b8 c7 12 f5 e0 01 f9 a9 d8 54 46 1d 72 95 a2 9c 5c 24 30 eb 8b b7 13 df dc 82 3c 86 8a 61 15 ac 45 6f 32 37 5e 0a 03 b4 15 1c ff b6 64 a5 34 a8 a0 30 e1 9c 7f 5e 7e e2 d8 eb 23 e2 9c 13 83 1a 47 27 8c d9 71 9c cf a1 bc 68 8a c8 7f bf ff 8b 7e 27 3f 75 3e 65 7e ee fa bf 35 00 25 48 cb 41 65 cf 66 f3 05 f9 10 7f ea e0 da e2 5e 2b 9c 5e 03 76 dc 40 4c 83 4f 2f 09 d6 4e db de 72 d9 45 6f e1 a8 c8 16 0b 6a e9 84 85 13 4b 7f 41 60 b0 f4 f9 e8 c2 88 68 13 55 d2 43 1c 9f 8b 28 62 7e bd c6 b8 00 b8 32 f5
                                                                                                                                                          Data Ascii: vx|<r<x1j}BnhuJ" =@HVh@-TFr\$0<aEo27^d40^~#G'qh~'?u>e~5%HAef^+^v@LO/NrEojKA`hUC(b~2
                                                                                                                                                          2024-04-24 04:57:17 UTC1255INData Raw: b3 a5 0a 7f b3 78 7a 9c 1c a7 27 27 91 4d cc d4 d6 05 cc 34 af 37 f4 5b b3 00 80 c8 84 b3 d6 ab 9b 61 ef 2a 01 e6 40 a6 e4 36 05 c4 0e 96 9a 94 59 bb 96 4b 52 f6 6b c4 2f e6 5d a0 72 ec b8 02 f6 93 b8 9e 33 2c 0d 69 34 94 31 67 16 47 61 80 1b 3f 62 66 50 b8 cf 04 8d 10 1f 12 d3 80 2e 71 66 38 8b 77 36 12 b4 3d 33 70 12 43 db dc ac 0c 71 73 73 75 d4 11 11 22 85 86 ad 94 95 25 b4 8d 6f bd d1 d9 30 e1 53 43 4e 15 29 91 a5 25 28 70 26 cb c8 a6 8b 62 63 c0 eb a6 a7 f7 f3 a8 41 3d c2 4a 34 c6 d3 06 61 c9 e1 e0 1b 47 42 a9 27 35 60 12 cb 37 7c 66 53 0c 2a 1d 20 f4 71 da 06 b9 01 b5 8e 4f a2 0d 3f 01 d2 89 63 f1 83 a0 85 9c 32 0a 60 a3 9e cd fa 7e 22 78 53 00 7b 25 35 ab 8a 75 4f af 62 a1 29 50 d1 39 ef 39 bf ba 6b 68 1c 88 09 89 c1 c0 98 d9 94 2a 59 86 df 58 74
                                                                                                                                                          Data Ascii: xz''M47[a*@6YKRk/]r3,i41gGa?bfP.qf8w6=3pCqssu"%o0SCN)%(p&bcA=J4aGB'5`7|fS* qO?c2`~"xS{%5uOb)P99kh*YXt


                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                          1192.168.2.949723172.64.41.34437472C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                          2024-04-24 04:57:20 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                          Host: chrome.cloudflare-dns.com
                                                                                                                                                          Connection: keep-alive
                                                                                                                                                          Content-Length: 128
                                                                                                                                                          Accept: application/dns-message
                                                                                                                                                          Accept-Language: *
                                                                                                                                                          User-Agent: Chrome
                                                                                                                                                          Accept-Encoding: identity
                                                                                                                                                          Content-Type: application/dns-message
                                                                                                                                                          2024-04-24 04:57:20 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                          Data Ascii: wwwgstaticcom)TP
                                                                                                                                                          2024-04-24 04:57:20 UTC247INHTTP/1.1 200 OK
                                                                                                                                                          Server: cloudflare
                                                                                                                                                          Date: Wed, 24 Apr 2024 04:57:20 GMT
                                                                                                                                                          Content-Type: application/dns-message
                                                                                                                                                          Connection: close
                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                          Content-Length: 468
                                                                                                                                                          CF-RAY: 87938311ccc80ad9-LAS
                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                          2024-04-24 04:57:20 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 01 23 00 04 8e fb 02 5e 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                          Data Ascii: wwwgstaticcom#^)


                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                          2192.168.2.949721172.64.41.34437472C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                          2024-04-24 04:57:20 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                          Host: chrome.cloudflare-dns.com
                                                                                                                                                          Connection: keep-alive
                                                                                                                                                          Content-Length: 128
                                                                                                                                                          Accept: application/dns-message
                                                                                                                                                          Accept-Language: *
                                                                                                                                                          User-Agent: Chrome
                                                                                                                                                          Accept-Encoding: identity
                                                                                                                                                          Content-Type: application/dns-message
                                                                                                                                                          2024-04-24 04:57:20 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                          Data Ascii: wwwgstaticcom)TP
                                                                                                                                                          2024-04-24 04:57:20 UTC247INHTTP/1.1 200 OK
                                                                                                                                                          Server: cloudflare
                                                                                                                                                          Date: Wed, 24 Apr 2024 04:57:20 GMT
                                                                                                                                                          Content-Type: application/dns-message
                                                                                                                                                          Connection: close
                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                          Content-Length: 468
                                                                                                                                                          CF-RAY: 87938311cf410add-LAS
                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                          2024-04-24 04:57:20 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 01 24 00 04 8e fb 02 5e 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                          Data Ascii: wwwgstaticcom$^)


                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                          3192.168.2.949725162.159.61.34437472C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                          2024-04-24 04:57:20 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                          Host: chrome.cloudflare-dns.com
                                                                                                                                                          Connection: keep-alive
                                                                                                                                                          Content-Length: 128
                                                                                                                                                          Accept: application/dns-message
                                                                                                                                                          Accept-Language: *
                                                                                                                                                          User-Agent: Chrome
                                                                                                                                                          Accept-Encoding: identity
                                                                                                                                                          Content-Type: application/dns-message
                                                                                                                                                          2024-04-24 04:57:20 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                          Data Ascii: wwwgstaticcom)TP
                                                                                                                                                          2024-04-24 04:57:20 UTC247INHTTP/1.1 200 OK
                                                                                                                                                          Server: cloudflare
                                                                                                                                                          Date: Wed, 24 Apr 2024 04:57:20 GMT
                                                                                                                                                          Content-Type: application/dns-message
                                                                                                                                                          Connection: close
                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                          Content-Length: 468
                                                                                                                                                          CF-RAY: 87938311cfbf0acf-LAS
                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                          2024-04-24 04:57:20 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 01 29 00 04 8e fa 65 5e 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                          Data Ascii: wwwgstaticcom)e^)


                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                          4192.168.2.949720172.64.41.34437472C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                          2024-04-24 04:57:20 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                          Host: chrome.cloudflare-dns.com
                                                                                                                                                          Connection: keep-alive
                                                                                                                                                          Content-Length: 128
                                                                                                                                                          Accept: application/dns-message
                                                                                                                                                          Accept-Language: *
                                                                                                                                                          User-Agent: Chrome
                                                                                                                                                          Accept-Encoding: identity
                                                                                                                                                          Content-Type: application/dns-message
                                                                                                                                                          2024-04-24 04:57:20 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                          Data Ascii: wwwgstaticcom)TP
                                                                                                                                                          2024-04-24 04:57:21 UTC247INHTTP/1.1 200 OK
                                                                                                                                                          Server: cloudflare
                                                                                                                                                          Date: Wed, 24 Apr 2024 04:57:21 GMT
                                                                                                                                                          Content-Type: application/dns-message
                                                                                                                                                          Connection: close
                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                          Content-Length: 468
                                                                                                                                                          CF-RAY: 87938311ea6809ef-LAS
                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                          2024-04-24 04:57:21 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 01 27 00 04 8e fa 65 5e 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                          Data Ascii: wwwgstaticcom'e^)


                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                          5192.168.2.949722172.64.41.34437472C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                          2024-04-24 04:57:20 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                          Host: chrome.cloudflare-dns.com
                                                                                                                                                          Connection: keep-alive
                                                                                                                                                          Content-Length: 128
                                                                                                                                                          Accept: application/dns-message
                                                                                                                                                          Accept-Language: *
                                                                                                                                                          User-Agent: Chrome
                                                                                                                                                          Accept-Encoding: identity
                                                                                                                                                          Content-Type: application/dns-message
                                                                                                                                                          2024-04-24 04:57:20 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                          Data Ascii: wwwgstaticcom)TP
                                                                                                                                                          2024-04-24 04:57:21 UTC247INHTTP/1.1 200 OK
                                                                                                                                                          Server: cloudflare
                                                                                                                                                          Date: Wed, 24 Apr 2024 04:57:21 GMT
                                                                                                                                                          Content-Type: application/dns-message
                                                                                                                                                          Connection: close
                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                          Content-Length: 468
                                                                                                                                                          CF-RAY: 879383125fa70add-LAS
                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                          2024-04-24 04:57:21 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 01 24 00 04 8e fb 02 5e 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                          Data Ascii: wwwgstaticcom$^)


                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                          6192.168.2.949726162.159.61.34437472C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                          2024-04-24 04:57:21 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                          Host: chrome.cloudflare-dns.com
                                                                                                                                                          Connection: keep-alive
                                                                                                                                                          Content-Length: 128
                                                                                                                                                          Accept: application/dns-message
                                                                                                                                                          Accept-Language: *
                                                                                                                                                          User-Agent: Chrome
                                                                                                                                                          Accept-Encoding: identity
                                                                                                                                                          Content-Type: application/dns-message
                                                                                                                                                          2024-04-24 04:57:21 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                          Data Ascii: wwwgstaticcom)TP
                                                                                                                                                          2024-04-24 04:57:21 UTC247INHTTP/1.1 200 OK
                                                                                                                                                          Server: cloudflare
                                                                                                                                                          Date: Wed, 24 Apr 2024 04:57:21 GMT
                                                                                                                                                          Content-Type: application/dns-message
                                                                                                                                                          Connection: close
                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                          Content-Length: 468
                                                                                                                                                          CF-RAY: 8793831578cb09f9-LAS
                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                          2024-04-24 04:57:21 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 01 1f 00 04 8e fb 02 5e 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                          Data Ascii: wwwgstaticcom^)


                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                          7192.168.2.949728152.195.19.974437472C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                          2024-04-24 04:57:22 UTC614OUTGET /filestreamingservice/files/bdc392b9-6b81-4aaa-b3ee-2fffd9562edb?P1=1714539437&P2=404&P3=2&P4=kVBY5XucgZSzbqI8oXPMOPFaYPQymIx3W%2bJzFDw74FbOzI8m4ZabeD483vK0wpOdnLAoocy2bPo4TO6vxQIO9w%3d%3d HTTP/1.1
                                                                                                                                                          Host: msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com
                                                                                                                                                          Connection: keep-alive
                                                                                                                                                          MS-CV: yQRbHNvRyR1IPiowYUnZYv
                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                          Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                          2024-04-24 04:57:22 UTC632INHTTP/1.1 200 OK
                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                          Age: 2651395
                                                                                                                                                          Cache-Control: public, max-age=17280000
                                                                                                                                                          Content-Type: application/x-chrome-extension
                                                                                                                                                          Date: Wed, 24 Apr 2024 04:57:22 GMT
                                                                                                                                                          Etag: "Gv3jDkaZdFLRHkoq2781zOehQE8="
                                                                                                                                                          Last-Modified: Wed, 24 Jan 2024 00:25:37 GMT
                                                                                                                                                          MS-CorrelationId: 85b1e032-fe38-4340-aae6-56a69bbd869b
                                                                                                                                                          MS-CV: r2zNKFAig7Iv/pcatn3sa1.0
                                                                                                                                                          MS-RequestId: 3e56e8fe-67e8-4bc3-894a-1119d936dd99
                                                                                                                                                          Server: ECAcc (lac/558D)
                                                                                                                                                          X-AspNet-Version: 4.0.30319
                                                                                                                                                          X-AspNetMvc-Version: 5.3
                                                                                                                                                          X-Cache: HIT
                                                                                                                                                          X-CCC: US
                                                                                                                                                          X-CID: 11
                                                                                                                                                          X-Powered-By: ASP.NET
                                                                                                                                                          X-Powered-By: ARR/3.0
                                                                                                                                                          X-Powered-By: ASP.NET
                                                                                                                                                          Content-Length: 11185
                                                                                                                                                          Connection: close
                                                                                                                                                          2024-04-24 04:57:22 UTC11185INData Raw: 43 72 32 34 03 00 00 00 1d 05 00 00 12 ac 04 0a a6 02 30 82 01 22 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 82 01 0f 00 30 82 01 0a 02 82 01 01 00 bb 4e a9 d8 c8 e8 cb ac 89 0d 45 23 09 ef 07 9e ab ed 9a 39 65 ef 75 ea 71 bc a5 c4 56 59 59 ef 8c 08 40 04 2b ed 43 d0 dc 6b a7 4f 88 b9 62 4b d3 60 94 de 36 ee 47 92 ab 25 8a 1e cc 0d fa 33 5a 12 19 8e 65 20 5f fd 36 15 d6 13 1e 46 ae 8b 31 70 18 f1 a8 4b 1d 5a ff de 0e 83 8e 11 b2 2f 20 ed 33 88 cb fb 4f 54 94 9e 60 00 d3 bc 30 ab c0 d7 59 8b b0 96 46 54 fc f0 34 33 1c 74 68 d6 79 f9 0c 8c 7d 8a 91 98 ca 70 c6 4c 0f 1b c8 32 53 b9 26 69 cc 60 09 8d 6f ec f9 a6 66 8d 6f 48 81 0e 05 8a f1 97 4e b8 c3 94 3a b3 f7 69 6a 54 89 33 da 9e 46 7b d1 30 bb 2c cc 66 3f 27 66 e3 43 51 74 3b 62 5f 22 50 63 08 e5 20
                                                                                                                                                          Data Ascii: Cr240"0*H0NE#9euqVYY@+CkObK`6G%3Ze _6F1pKZ/ 3OT`0YFT43thy}pL2S&i`ofoHN:ijT3F{0,f?'fCQt;b_"Pc


                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                          8192.168.2.94974013.107.246.694437472C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                          2024-04-24 05:00:15 UTC601OUTGET /assets/addressbar_uu_files.en-gb/1.0.2/asset?sv=2017-07-29&sr=c&sig=R83mlHRCqeHRG9T0loza5cz3U8zjuZzQy2wVvoSHGHw%3D&st=2021-01-01T00%3A00%3A00Z&se=2024-06-30T00%3A00%3A00Z&sp=r&assetgroup=AddressBar HTTP/1.1
                                                                                                                                                          Host: edgeassetservice.azureedge.net
                                                                                                                                                          Connection: keep-alive
                                                                                                                                                          Edge-Asset-Group: AddressBar
                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                          Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                          2024-04-24 05:00:16 UTC632INHTTP/1.1 200 OK
                                                                                                                                                          Date: Wed, 24 Apr 2024 05:00:16 GMT
                                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                                          Content-Length: 403024
                                                                                                                                                          Connection: close
                                                                                                                                                          Content-MD5: j5vaSFhUqCPiC0fEiXk3zw==
                                                                                                                                                          Last-Modified: Thu, 19 Oct 2023 17:36:16 GMT
                                                                                                                                                          ETag: "0x8DBD0C9E5CD1B3B"
                                                                                                                                                          x-ms-request-id: e6ba21d0-801e-0076-5b04-96ecbb000000
                                                                                                                                                          x-ms-version: 2017-07-29
                                                                                                                                                          x-ms-lease-status: unlocked
                                                                                                                                                          x-ms-lease-state: available
                                                                                                                                                          x-ms-blob-type: BlockBlob
                                                                                                                                                          x-ms-server-encrypted: true
                                                                                                                                                          x-azure-ref: 20240424T050016Z-168bb8d798b8mfsfabysh5aa5n000000036g00000000ssrd
                                                                                                                                                          Cache-Control: public, max-age=604800
                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                          X-Cache: TCP_MISS
                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                          2024-04-24 05:00:16 UTC15752INData Raw: 7b 0d 0a 20 20 20 20 22 30 31 32 33 6d 6f 76 69 65 73 2e 63 6f 6d 22 3a 20 22 7b 5c 22 54 69 65 72 31 5c 22 3a 20 5b 39 38 33 2c 20 36 30 36 31 5d 2c 20 5c 22 54 69 65 72 32 5c 22 3a 20 5b 34 39 34 38 2c 20 31 31 30 36 2c 20 39 39 37 32 5d 7d 22 2c 0d 0a 20 20 20 20 22 31 30 32 30 33 39 38 2e 61 70 70 2e 6e 65 74 73 75 69 74 65 2e 63 6f 6d 22 3a 20 22 7b 5c 22 54 69 65 72 31 5c 22 3a 20 5b 36 30 36 31 2c 20 38 34 30 35 2c 20 35 39 33 38 5d 2c 20 5c 22 54 69 65 72 32 5c 22 3a 20 5b 32 32 38 2c 20 32 33 36 5d 7d 22 2c 0d 0a 20 20 20 20 22 31 33 33 37 78 2e 74 6f 22 3a 20 22 7b 5c 22 54 69 65 72 31 5c 22 3a 20 5b 36 30 36 31 2c 20 39 38 33 5d 2c 20 5c 22 54 69 65 72 32 5c 22 3a 20 5b 36 36 35 37 2c 20 34 37 35 2c 20 34 30 36 38 5d 7d 22 2c 0d 0a 20 20 20 20
                                                                                                                                                          Data Ascii: { "0123movies.com": "{\"Tier1\": [983, 6061], \"Tier2\": [4948, 1106, 9972]}", "1020398.app.netsuite.com": "{\"Tier1\": [6061, 8405, 5938], \"Tier2\": [228, 236]}", "1337x.to": "{\"Tier1\": [6061, 983], \"Tier2\": [6657, 475, 4068]}",
                                                                                                                                                          2024-04-24 05:00:16 UTC16384INData Raw: 3a 20 5b 37 36 37 30 2c 20 36 30 36 31 5d 2c 20 5c 22 54 69 65 72 32 5c 22 3a 20 5b 33 35 30 33 2c 20 31 32 34 30 2c 20 35 38 34 30 5d 7d 22 2c 0d 0a 20 20 20 20 22 61 70 70 2e 63 65 6e 74 75 72 79 2e 74 65 63 68 22 3a 20 22 7b 5c 22 54 69 65 72 31 5c 22 3a 20 5b 36 30 36 31 5d 2c 20 5c 22 54 69 65 72 32 5c 22 3a 20 5b 35 31 30 36 2c 20 35 32 30 33 2c 20 38 34 36 39 5d 7d 22 2c 0d 0a 20 20 20 20 22 61 70 70 2e 63 68 65 63 6b 65 64 73 61 66 65 2e 63 6f 6d 22 3a 20 22 7b 5c 22 54 69 65 72 31 5c 22 3a 20 5b 36 30 36 31 2c 20 38 34 30 35 2c 20 33 39 37 39 5d 2c 20 5c 22 54 69 65 72 32 5c 22 3a 20 5b 35 31 30 36 2c 20 32 31 38 39 2c 20 38 34 36 39 5d 7d 22 2c 0d 0a 20 20 20 20 22 61 70 70 2e 63 6c 65 61 72 73 63 6f 72 65 2e 63 6f 6d 22 3a 20 22 7b 5c 22 54 69
                                                                                                                                                          Data Ascii: : [7670, 6061], \"Tier2\": [3503, 1240, 5840]}", "app.century.tech": "{\"Tier1\": [6061], \"Tier2\": [5106, 5203, 8469]}", "app.checkedsafe.com": "{\"Tier1\": [6061, 8405, 3979], \"Tier2\": [5106, 2189, 8469]}", "app.clearscore.com": "{\"Ti
                                                                                                                                                          2024-04-24 05:00:16 UTC16384INData Raw: 5c 22 54 69 65 72 31 5c 22 3a 20 5b 36 31 32 39 5d 2c 20 5c 22 54 69 65 72 32 5c 22 3a 20 5b 31 36 36 5d 7d 22 2c 0d 0a 20 20 20 20 22 61 77 6f 72 6b 61 2e 61 70 70 22 3a 20 22 7b 5c 22 54 69 65 72 31 5c 22 3a 20 5b 32 31 34 2c 20 36 30 36 31 5d 2c 20 5c 22 54 69 65 72 32 5c 22 3a 20 5b 38 37 39 37 2c 20 38 34 36 39 2c 20 38 31 32 39 5d 7d 22 2c 0d 0a 20 20 20 20 22 61 77 73 2e 68 61 74 63 68 6c 69 6e 67 73 2e 63 6f 6d 22 3a 20 22 7b 5c 22 54 69 65 72 31 5c 22 3a 20 5b 39 31 33 32 2c 20 36 30 36 31 5d 2c 20 5c 22 54 69 65 72 32 5c 22 3a 20 5b 35 34 34 34 2c 20 39 32 34 34 5d 7d 22 2c 0d 0a 20 20 20 20 22 61 77 73 30 35 39 2e 68 6f 73 74 63 6f 6d 6d 73 65 72 76 65 72 73 2e 63 6f 2e 75 6b 22 3a 20 22 7b 5c 22 54 69 65 72 31 5c 22 3a 20 5b 36 30 36 31 5d 2c
                                                                                                                                                          Data Ascii: \"Tier1\": [6129], \"Tier2\": [166]}", "aworka.app": "{\"Tier1\": [214, 6061], \"Tier2\": [8797, 8469, 8129]}", "aws.hatchlings.com": "{\"Tier1\": [9132, 6061], \"Tier2\": [5444, 9244]}", "aws059.hostcommservers.co.uk": "{\"Tier1\": [6061],
                                                                                                                                                          2024-04-24 05:00:16 UTC16384INData Raw: 39 32 38 5d 7d 22 2c 0d 0a 20 20 20 20 22 63 61 72 70 6f 72 74 32 2e 63 61 72 6c 79 6c 65 66 69 6e 61 6e 63 65 2e 63 6f 6d 22 3a 20 22 7b 5c 22 54 69 65 72 31 5c 22 3a 20 5b 37 32 33 34 2c 20 38 34 30 35 5d 2c 20 5c 22 54 69 65 72 32 5c 22 3a 20 5b 36 32 31 39 2c 20 32 37 35 31 5d 7d 22 2c 0d 0a 20 20 20 20 22 63 61 72 74 2e 65 62 61 79 2e 63 6f 2e 75 6b 22 3a 20 22 7b 5c 22 54 69 65 72 31 5c 22 3a 20 5b 37 38 31 38 2c 20 38 34 30 35 5d 2c 20 5c 22 54 69 65 72 32 5c 22 3a 20 5b 37 33 39 39 2c 20 39 34 39 37 5d 7d 22 2c 0d 0a 20 20 20 20 22 63 61 72 74 2e 70 61 79 6d 65 6e 74 73 2e 65 62 61 79 2e 63 6f 2e 75 6b 22 3a 20 22 7b 5c 22 54 69 65 72 31 5c 22 3a 20 5b 37 38 31 38 2c 20 38 34 30 35 5d 2c 20 5c 22 54 69 65 72 32 5c 22 3a 20 5b 37 33 39 39 2c 20 39
                                                                                                                                                          Data Ascii: 928]}", "carport2.carlylefinance.com": "{\"Tier1\": [7234, 8405], \"Tier2\": [6219, 2751]}", "cart.ebay.co.uk": "{\"Tier1\": [7818, 8405], \"Tier2\": [7399, 9497]}", "cart.payments.ebay.co.uk": "{\"Tier1\": [7818, 8405], \"Tier2\": [7399, 9
                                                                                                                                                          2024-04-24 05:00:16 UTC16384INData Raw: 20 38 37 38 33 5d 7d 22 2c 0d 0a 20 20 20 20 22 63 72 65 64 69 74 67 61 74 65 77 61 79 2e 62 61 72 63 6c 61 79 73 77 65 61 6c 74 68 2e 6e 65 74 22 3a 20 22 7b 5c 22 54 69 65 72 31 5c 22 3a 20 5b 38 34 30 35 5d 2c 20 5c 22 54 69 65 72 32 5c 22 3a 20 5b 36 32 31 39 2c 20 32 33 36 37 2c 20 36 33 31 38 5d 7d 22 2c 0d 0a 20 20 20 20 22 63 72 65 65 64 61 69 6c 65 65 6e 62 6f 69 6c 65 72 2e 63 6f 6d 22 3a 20 22 7b 5c 22 54 69 65 72 31 5c 22 3a 20 5b 36 30 36 31 5d 2c 20 5c 22 54 69 65 72 32 5c 22 3a 20 5b 31 31 33 34 2c 20 31 39 31 32 5d 7d 22 2c 0d 0a 20 20 20 20 22 63 72 6a 70 67 61 74 65 2e 63 6f 6d 22 3a 20 22 7b 5c 22 54 69 65 72 31 5c 22 3a 20 5b 36 30 36 31 5d 2c 20 5c 22 54 69 65 72 32 5c 22 3a 20 5b 39 39 33 34 5d 7d 22 2c 0d 0a 20 20 20 20 22 63 72 6d
                                                                                                                                                          Data Ascii: 8783]}", "creditgateway.barclayswealth.net": "{\"Tier1\": [8405], \"Tier2\": [6219, 2367, 6318]}", "creedaileenboiler.com": "{\"Tier1\": [6061], \"Tier2\": [1134, 1912]}", "crjpgate.com": "{\"Tier1\": [6061], \"Tier2\": [9934]}", "crm
                                                                                                                                                          2024-04-24 05:00:17 UTC16384INData Raw: 69 65 72 32 5c 22 3a 20 5b 36 37 36 2c 20 31 31 30 36 2c 20 36 33 38 30 5d 7d 22 2c 0d 0a 20 20 20 20 22 65 6c 63 67 2e 66 61 2e 65 6d 32 2e 6f 72 61 63 6c 65 63 6c 6f 75 64 2e 63 6f 6d 22 3a 20 22 7b 5c 22 54 69 65 72 31 5c 22 3a 20 5b 36 30 36 31 5d 2c 20 5c 22 54 69 65 72 32 5c 22 3a 20 5b 36 31 35 32 2c 20 32 33 36 2c 20 34 39 31 35 5d 7d 22 2c 0d 0a 20 20 20 20 22 65 6c 65 61 72 6e 2e 72 75 6e 73 68 61 77 2e 61 63 2e 75 6b 22 3a 20 22 7b 5c 22 54 69 65 72 31 5c 22 3a 20 5b 37 36 37 30 2c 20 36 30 36 31 2c 20 38 38 34 35 5d 2c 20 5c 22 54 69 65 72 32 5c 22 3a 20 5b 38 38 31 32 2c 20 31 32 34 30 5d 7d 22 2c 0d 0a 20 20 20 20 22 65 6c 65 61 72 6e 69 6e 67 2e 6e 6f 6f 64 6c 65 6e 6f 77 2e 63 6f 2e 75 6b 22 3a 20 22 7b 5c 22 54 69 65 72 31 5c 22 3a 20 5b
                                                                                                                                                          Data Ascii: ier2\": [676, 1106, 6380]}", "elcg.fa.em2.oraclecloud.com": "{\"Tier1\": [6061], \"Tier2\": [6152, 236, 4915]}", "elearn.runshaw.ac.uk": "{\"Tier1\": [7670, 6061, 8845], \"Tier2\": [8812, 1240]}", "elearning.noodlenow.co.uk": "{\"Tier1\": [
                                                                                                                                                          2024-04-24 05:00:17 UTC16384INData Raw: 35 34 37 5d 7d 22 2c 0d 0a 20 20 20 20 22 67 34 73 79 65 74 69 2e 63 6f 67 6e 69 73 6f 66 74 2e 63 6c 6f 75 64 22 3a 20 22 7b 5c 22 54 69 65 72 31 5c 22 3a 20 5b 36 30 36 31 5d 2c 20 5c 22 54 69 65 72 32 5c 22 3a 20 5b 32 33 36 5d 7d 22 2c 0d 0a 20 20 20 20 22 67 61 64 67 65 74 73 62 6f 6f 6d 2e 6e 65 74 22 3a 20 22 7b 5c 22 54 69 65 72 31 5c 22 3a 20 5b 36 30 36 31 2c 20 38 34 30 35 5d 2c 20 5c 22 54 69 65 72 32 5c 22 3a 20 5b 38 35 37 35 2c 20 33 39 35 32 5d 7d 22 2c 0d 0a 20 20 20 20 22 67 61 6c 6c 65 72 69 65 73 2e 70 61 72 65 6e 74 73 64 6f 6d 65 2e 63 6f 6d 22 3a 20 22 7b 5c 22 54 69 65 72 31 5c 22 3a 20 5b 5d 2c 20 5c 22 54 69 65 72 32 5c 22 3a 20 5b 37 38 36 5d 7d 22 2c 0d 0a 20 20 20 20 22 67 61 6d 65 2e 67 72 61 6e 62 6c 75 65 66 61 6e 74 61 73
                                                                                                                                                          Data Ascii: 547]}", "g4syeti.cognisoft.cloud": "{\"Tier1\": [6061], \"Tier2\": [236]}", "gadgetsboom.net": "{\"Tier1\": [6061, 8405], \"Tier2\": [8575, 3952]}", "galleries.parentsdome.com": "{\"Tier1\": [], \"Tier2\": [786]}", "game.granbluefantas
                                                                                                                                                          2024-04-24 05:00:17 UTC16384INData Raw: 54 69 65 72 31 5c 22 3a 20 5b 35 36 38 5d 2c 20 5c 22 54 69 65 72 32 5c 22 3a 20 5b 39 36 37 33 2c 20 36 30 32 30 2c 20 35 36 38 5d 7d 22 2c 0d 0a 20 20 20 20 22 69 63 74 2e 68 61 74 74 6f 6e 61 63 61 64 65 6d 79 2e 6f 72 67 2e 75 6b 22 3a 20 22 7b 5c 22 54 69 65 72 31 5c 22 3a 20 5b 37 36 37 30 5d 2c 20 5c 22 54 69 65 72 32 5c 22 3a 20 5b 39 36 30 5d 7d 22 2c 0d 0a 20 20 20 20 22 69 63 74 70 6f 72 74 61 6c 2e 63 79 6d 72 75 2e 6e 68 73 2e 75 6b 22 3a 20 22 7b 5c 22 54 69 65 72 31 5c 22 3a 20 5b 31 34 38 2c 20 36 30 36 31 5d 2c 20 5c 22 54 69 65 72 32 5c 22 3a 20 5b 5d 7d 22 2c 0d 0a 20 20 20 20 22 69 64 2e 61 74 6c 61 73 73 69 61 6e 2e 63 6f 6d 22 3a 20 22 7b 5c 22 54 69 65 72 31 5c 22 3a 20 5b 36 30 36 31 2c 20 35 39 33 38 5d 2c 20 5c 22 54 69 65 72 32
                                                                                                                                                          Data Ascii: Tier1\": [568], \"Tier2\": [9673, 6020, 568]}", "ict.hattonacademy.org.uk": "{\"Tier1\": [7670], \"Tier2\": [960]}", "ictportal.cymru.nhs.uk": "{\"Tier1\": [148, 6061], \"Tier2\": []}", "id.atlassian.com": "{\"Tier1\": [6061, 5938], \"Tier2
                                                                                                                                                          2024-04-24 05:00:17 UTC16384INData Raw: 20 5b 37 36 37 30 5d 2c 20 5c 22 54 69 65 72 32 5c 22 3a 20 5b 36 31 38 33 2c 20 31 32 34 30 2c 20 33 35 30 33 5d 7d 22 2c 0d 0a 20 20 20 20 22 6c 65 64 72 61 70 74 69 2e 6e 65 74 22 3a 20 22 7b 5c 22 54 69 65 72 31 5c 22 3a 20 5b 36 30 36 31 2c 20 39 38 33 5d 2c 20 5c 22 54 69 65 72 32 5c 22 3a 20 5b 37 38 33 38 5d 7d 22 2c 0d 0a 20 20 20 20 22 6c 65 65 64 73 2e 63 64 70 73 6f 66 74 2e 63 6f 6d 22 3a 20 22 7b 5c 22 54 69 65 72 31 5c 22 3a 20 5b 38 34 30 35 2c 20 36 30 36 31 5d 2c 20 5c 22 54 69 65 72 32 5c 22 3a 20 5b 34 35 36 38 2c 20 35 39 32 2c 20 31 31 32 39 5d 7d 22 2c 0d 0a 20 20 20 20 22 6c 65 74 75 73 6b 6e 6f 77 2e 66 6f 63 75 73 76 69 73 69 6f 6e 2e 63 6f 6d 22 3a 20 22 7b 5c 22 54 69 65 72 31 5c 22 3a 20 5b 5d 2c 20 5c 22 54 69 65 72 32 5c 22
                                                                                                                                                          Data Ascii: [7670], \"Tier2\": [6183, 1240, 3503]}", "ledrapti.net": "{\"Tier1\": [6061, 983], \"Tier2\": [7838]}", "leeds.cdpsoft.com": "{\"Tier1\": [8405, 6061], \"Tier2\": [4568, 592, 1129]}", "letusknow.focusvision.com": "{\"Tier1\": [], \"Tier2\"
                                                                                                                                                          2024-04-24 05:00:17 UTC16384INData Raw: 3a 20 5b 36 30 36 31 2c 20 38 34 30 35 5d 2c 20 5c 22 54 69 65 72 32 5c 22 3a 20 5b 35 34 36 30 2c 20 33 37 39 2c 20 39 38 34 2c 20 35 34 30 31 2c 20 38 39 39 30 2c 20 36 31 30 31 5d 7d 22 2c 0d 0a 20 20 20 20 22 6d 64 78 2e 6d 72 6f 6f 6d 73 2e 6e 65 74 22 3a 20 22 7b 5c 22 54 69 65 72 31 5c 22 3a 20 5b 37 36 37 30 2c 20 35 39 33 38 5d 2c 20 5c 22 54 69 65 72 32 5c 22 3a 20 5b 38 39 39 38 2c 20 37 35 38 33 5d 7d 22 2c 0d 0a 20 20 20 20 22 6d 65 2e 73 75 6d 75 70 2e 63 6f 6d 22 3a 20 22 7b 5c 22 54 69 65 72 31 5c 22 3a 20 5b 36 30 36 31 2c 20 38 34 30 35 5d 2c 20 5c 22 54 69 65 72 32 5c 22 3a 20 5b 33 32 37 31 2c 20 33 33 38 37 5d 7d 22 2c 0d 0a 20 20 20 20 22 6d 65 64 2e 65 74 6f 72 6f 2e 63 6f 6d 22 3a 20 22 7b 5c 22 54 69 65 72 31 5c 22 3a 20 5b 38 34
                                                                                                                                                          Data Ascii: : [6061, 8405], \"Tier2\": [5460, 379, 984, 5401, 8990, 6101]}", "mdx.mrooms.net": "{\"Tier1\": [7670, 5938], \"Tier2\": [8998, 7583]}", "me.sumup.com": "{\"Tier1\": [6061, 8405], \"Tier2\": [3271, 3387]}", "med.etoro.com": "{\"Tier1\": [84


                                                                                                                                                          Statistics

                                                                                                                                                          CPU Usage

                                                                                                                                                          Click to jump to process

                                                                                                                                                          Memory Usage

                                                                                                                                                          Click to jump to process

                                                                                                                                                          High Level Behavior Distribution

                                                                                                                                                          Click to dive into process behavior distribution

                                                                                                                                                          Behavior

                                                                                                                                                          Click to jump to process

                                                                                                                                                          System Behavior

                                                                                                                                                          General

                                                                                                                                                          Target ID:0
                                                                                                                                                          Start time:06:57:09
                                                                                                                                                          Start date:24/04/2024
                                                                                                                                                          Path:C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLED.EXE
                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                          Commandline:"C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLED.EXE" /verb open "C:\Users\user\Desktop\T_AGM__1905.xml"
                                                                                                                                                          Imagebase:0xc0000
                                                                                                                                                          File size:225'176 bytes
                                                                                                                                                          MD5 hash:A2E6E2A1C125973A4967540FD08C9AF0
                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                          Reputation:moderate
                                                                                                                                                          Has exited:true

                                                                                                                                                          General

                                                                                                                                                          Target ID:3
                                                                                                                                                          Start time:06:57:11
                                                                                                                                                          Start date:24/04/2024
                                                                                                                                                          Path:C:\Program Files\Internet Explorer\iexplore.exe
                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                          Commandline:"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\user\Desktop\T_AGM__1905.xml
                                                                                                                                                          Imagebase:0x7ff6c0c20000
                                                                                                                                                          File size:834'512 bytes
                                                                                                                                                          MD5 hash:CFE2E6942AC1B72981B3105E22D3224E
                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                          Reputation:moderate
                                                                                                                                                          Has exited:false

                                                                                                                                                          General

                                                                                                                                                          Target ID:4
                                                                                                                                                          Start time:06:57:11
                                                                                                                                                          Start date:24/04/2024
                                                                                                                                                          Path:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                          Commandline:"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:7852 CREDAT:17410 /prefetch:2
                                                                                                                                                          Imagebase:0xaa0000
                                                                                                                                                          File size:828'368 bytes
                                                                                                                                                          MD5 hash:6F0F06D6AB125A99E43335427066A4A1
                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                          Reputation:moderate
                                                                                                                                                          Has exited:false

                                                                                                                                                          General

                                                                                                                                                          Target ID:5
                                                                                                                                                          Start time:06:57:11
                                                                                                                                                          Start date:24/04/2024
                                                                                                                                                          Path:C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exe
                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                          Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exe" --from-ie-to-edge=3 --ie-frame-hwnd=10458
                                                                                                                                                          Imagebase:0x7ff65d200000
                                                                                                                                                          File size:540'712 bytes
                                                                                                                                                          MD5 hash:89CF8972D683795DAB6901BC9456675D
                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                          Reputation:moderate
                                                                                                                                                          Has exited:true

                                                                                                                                                          General

                                                                                                                                                          Target ID:6
                                                                                                                                                          Start time:06:57:11
                                                                                                                                                          Start date:24/04/2024
                                                                                                                                                          Path:C:\Program Files (x86)\Java\jre-1.8\bin\ssvagent.exe
                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                          Commandline:"C:\PROGRA~2\Java\jre-1.8\bin\ssvagent.exe" -new
                                                                                                                                                          Imagebase:0xfa0000
                                                                                                                                                          File size:85'632 bytes
                                                                                                                                                          MD5 hash:F9A898A606E7F5A1CD7CFFA8079253A0
                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                          Reputation:moderate
                                                                                                                                                          Has exited:true

                                                                                                                                                          General

                                                                                                                                                          Target ID:7
                                                                                                                                                          Start time:06:57:12
                                                                                                                                                          Start date:24/04/2024
                                                                                                                                                          Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                          Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --from-ie-to-edge=3 --ie-frame-hwnd=10458
                                                                                                                                                          Imagebase:0x7ff6d8030000
                                                                                                                                                          File size:4'210'216 bytes
                                                                                                                                                          MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                          Reputation:moderate
                                                                                                                                                          Has exited:true

                                                                                                                                                          General

                                                                                                                                                          Target ID:9
                                                                                                                                                          Start time:06:57:12
                                                                                                                                                          Start date:24/04/2024
                                                                                                                                                          Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                          Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2176 --field-trial-handle=2088,i,3537742655539462717,4247494418498581012,262144 /prefetch:3
                                                                                                                                                          Imagebase:0x7ff6d8030000
                                                                                                                                                          File size:4'210'216 bytes
                                                                                                                                                          MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                          Reputation:moderate
                                                                                                                                                          Has exited:true

                                                                                                                                                          General

                                                                                                                                                          Target ID:10
                                                                                                                                                          Start time:06:57:12
                                                                                                                                                          Start date:24/04/2024
                                                                                                                                                          Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                          Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --from-ie-to-edge=3 --ie-frame-hwnd=10458 --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate
                                                                                                                                                          Imagebase:0x7ff6d8030000
                                                                                                                                                          File size:4'210'216 bytes
                                                                                                                                                          MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                          Reputation:moderate
                                                                                                                                                          Has exited:false

                                                                                                                                                          General

                                                                                                                                                          Target ID:11
                                                                                                                                                          Start time:06:57:13
                                                                                                                                                          Start date:24/04/2024
                                                                                                                                                          Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                          Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2248 --field-trial-handle=2092,i,14795131593982425154,17100190454917439701,262144 /prefetch:3
                                                                                                                                                          Imagebase:0x7ff6d8030000
                                                                                                                                                          File size:4'210'216 bytes
                                                                                                                                                          MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                          Reputation:moderate
                                                                                                                                                          Has exited:false

                                                                                                                                                          General

                                                                                                                                                          Target ID:14
                                                                                                                                                          Start time:06:57:17
                                                                                                                                                          Start date:24/04/2024
                                                                                                                                                          Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                          Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6236 --field-trial-handle=2092,i,14795131593982425154,17100190454917439701,262144 /prefetch:8
                                                                                                                                                          Imagebase:0x7ff6d8030000
                                                                                                                                                          File size:4'210'216 bytes
                                                                                                                                                          MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                          Reputation:moderate
                                                                                                                                                          Has exited:true

                                                                                                                                                          General

                                                                                                                                                          Target ID:20
                                                                                                                                                          Start time:07:00:13
                                                                                                                                                          Start date:24/04/2024
                                                                                                                                                          Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                          Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=3616 --field-trial-handle=2092,i,14795131593982425154,17100190454917439701,262144 /prefetch:8
                                                                                                                                                          Imagebase:0x7ff6d8030000
                                                                                                                                                          File size:4'210'216 bytes
                                                                                                                                                          MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                          Reputation:moderate
                                                                                                                                                          Has exited:true

                                                                                                                                                          Disassembly

                                                                                                                                                          No disassembly